CN102137297A - Data detection method based on digital set top box - Google Patents
Data detection method based on digital set top box Download PDFInfo
- Publication number
- CN102137297A CN102137297A CN 201010569374 CN201010569374A CN102137297A CN 102137297 A CN102137297 A CN 102137297A CN 201010569374 CN201010569374 CN 201010569374 CN 201010569374 A CN201010569374 A CN 201010569374A CN 102137297 A CN102137297 A CN 102137297A
- Authority
- CN
- China
- Prior art keywords
- data
- top box
- invasion
- header
- encapsulation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a data detection method based on a digital set top box, comprising the steps of judging whether the digital television set top box is started or not, and initializing a buffer zone; establishing the progress of monitoring, and monitoring data on the triggering of an event; judging whether the data on the triggering of the event is legal or not according to monitored data, analyzing the data on the triggering of the event, and drawing keywords to carry out detection response; judging the type of the event according to the keywords, and according to a judgment result, encapsulating a masthead, the key information of which is adopted as a key detection type; and searching related information in a backup database according to the encapsulated masthead. According to the data detection method, a digital television platform with convenience, reliability and safety is provided, thereby facilitating a user to manage and search files, and simultaneously, proposing a scheme for safeguarding and guaranteeing the safety of a system.
Description
Technical field
The present invention relates to the digital television techniques field, be specifically related to a kind of Data Detection method based on top box of digital machine.
Background technology
In recent years, along with science and technology development, the internet has obtained very fast development, and over past ten years, many developed countries continue to drop into a large amount of manpower and financial resources and carry out study Internet, and have carried out international exchange activity widely.In research and communication process, have higher requirement about the fail safe of internet.People have still had more consistent view to the demand of Next Generation Internet with essential characteristic, and " bigger, faster, safer, more timely, more convenient, more can manage and more profitable " exactly especially, is placed on remarkable position for fail safe.
Simultaneously, information security not only obtains the attention of height in the internet, along with virus, and invasions such as hacker, information security has become the problem of a multi-field concern.Along with the startup of China's integration of three networks, the system safety of top box of digital machine and user's personal information security have also caused widely to be paid close attention to.
Information security is meant that the data in hardware, software and the system thereof of information network are protected, and is not subjected to the former of accidental or malice thereby suffers to destroy, change, reveals, and system is reliably operation normally continuously, and information service is not interrupted.
Along with the development of technology and user's request, top box of digital machine need and available digital service increasing, this needs to strengthen digital set-top box system safety and user's personal information security indirectly.At present, the system safety field in top box of digital machine, the also very software or the platform of shortage system defence.Lack Prevention-Security and intrusion detection, it is also very fragile to attack the top box of digital machine of handling.
Summary of the invention
The embodiment of the invention provides a kind of data monitoring method based on top box of digital machine, can guarantee the fail safe of top box of digital machine.
Accordingly, the embodiment of the invention provides a kind of Data Detection method based on top box of digital machine, comprising:
Judge whether digital TV set-top box opens, and the initialization buffering area;
Create monitor process, monitoring Event triggered data;
Whether the data decision event trigger data according to described monitoring is legal, and the Event triggered data are analyzed, and extracts keyword and detects response;
Trigger type according to the keyword decision event, and carry out the encapsulation of header according to judged result, the key message of described header is crucial type of detection;
Header according to encapsulation in the reserve database is retrieved relevant information.
Described establishment monitor process, monitoring Event triggered data comprise:
The triggering command that monitoring users sends, i.e. file search or invasion are checked, virus defense; Do not send any triggering command if listen to the user, then enter into the default conditions of system, opening initiatively, defence triggers.
Described unlatching initiatively defence triggering comprises:
In initiatively defence triggered, whether the source of detecting data was network packet or system journal; Whether be the situation of other catch of exceptions perhaps, to prevent illegal data invasion top box of digital machine operating system.
Describedly trigger type, and comprise according to the encapsulation that judged result is carried out header according to the keyword decision event:
Judge that according to keyword described information is to belong to the invasion Data Detection, still belong to the file management retrieval source that the user triggers, according to the result who judges it is carried out the encapsulation of header then, the key message of this encapsulation header is crucial type of detection, even invasion data retrieval investigation still is user's file management retrieval.
Described in the reserve database header retrieval relevant information according to encapsulation comprise:
If header is the user management file retrieval of encapsulation, then detect the reserve database and can retrieve according to the keyword that detects the file that respond module provides, this keyword will be retrieved as the key that detects the reserve database;
If header is the Search Requirement of the data invasion of encapsulation, then the data of this invasion of retrieval from detect the reserve database if these invasion data exist, are then dispatched out the associated description of these invasion data from detect the reserve data in detecting the reserve database; Simultaneously, from database, dispatch out the solution of these invasion data in the scheduling, this method is returned to the response detection module, carry out this method module by respond module then, these invasion data are put out the safety of protection system.
The present invention contrasts prior art following beneficial effect: the environment that a convenience file management and system safety ground can be provided for the operating system of top box of digital machine.Data Detection scheme based on top box of digital machine is a platform that a convenience, reliability, fail safe are provided, user's file management and retrieval have been made things convenient for, simultaneously, the fail safe of system is proposed the scheme of defence and assurance, the security performance of very high widely system and user's information security are not stolen, and make the user relievedly personal information to be stored on the modem top box and the guarantee of account number safety is provided for user's the business transaction based on top box of digital machine.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, to do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below, apparently, accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the Data Detection method flow diagram based on top box of digital machine in the embodiment of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making all other embodiment that obtained under the creative work prerequisite.
The invention will be further described below in conjunction with drawings and Examples.
Fig. 1 shows the Data Detection method flow diagram based on top box of digital machine of the present invention, comprises as follows:
S101: judge whether digital TV set-top box opens, and the initialization buffering area;
Behind the top box of digital machine starting up, at first be system initialization, random start Data Detection scheme platform then.Based on the data monitoring scheme platform of top box of digital machine behind random start, continue platform after initialization, allow system ready simultaneously for user's demand, wait at any time to send out.
S102: create monitor process, monitoring Event triggered data;
Behind Data Detection scheme platform initialization based on top box of digital machine; platform begins to protect top box of digital machine; under default situations, be selected in top box of digital machine is carried out intrusion prevention; this moment, the Data Source of acquiescence was network packet or system journal, and its triggering mode is system's automatic defense triggering mode.
Its workflow is as follows:
After initialization is finished, enter the triggering state of waiting for based on the Data Detection scheme platform of top box of digital machine.Create based on the Data Detection scheme platform of top box of digital machine and wait for that triggering process, this process be responsible for the triggering command of waiting for that the user sends, i.e. file search or invasion inspection, virus defense etc. this moment.If this moment, the user did not send any triggering command, then then enter into the default conditions of system intelligently based on top box of digital machine detection scheme platform, promptly opening initiatively, defence triggers.
In initiatively defence triggered, the source of detecting data based on the Data Detection scheme platform of top box of digital machine was network packet and system journal, also has the situation of other catch of exceptions, to prevent illegal data invasion top box of digital machine operating system.
At this moment, create monitor process based on the Data Detection scheme platform of top box of digital machine.
Its process function statement is as follows:
listenThread(int?fd,Mes?message,int?type,int?origin,threadpd)();
typedef?struct{
char?massge[40];
int?I;
thread?pd;
}Mes;
S103: whether the data decision event trigger data according to described monitoring is legal, and the Event triggered data are analyzed, and extracts keyword and detects response
The abnormal conditions of this process AM automatic monitoring network packet and system journal, all do not have the calling party of authority all can cause the triggering work of Event triggered module, and the data of unauthorized access are examined, and confirm whether be the invasion data.If, then enter the work of treatment of next round through being confirmed to be illegal invasion data after the audit.In addition, when system takes place when unusual, the process that can cause is equally monitored the response of module, starts the work of Event triggered module subsequently, detects, and this is examined unusually.When audit, judge the source of this process earlier, then its data are resolved, the check system daily record determines whether this process is illegal, if, then continue to check by monitor process and pass the information that preserve the progress information of coming and msu message structure the inside, it is carried out the detection of system and checks, if be confirmed to be illegal invasion, then the processing of these invasion data is sent to the analysis of invasion data of next round and invasion time by processing.
If after initialization based on the Data Detection scheme platform of top box of digital machine, the user has imported triggering mode, promptly need search file, then can cause user's trigger event, should trigger then and can activate Event triggered, after Event triggered is judged this triggering type, being confirmed to be the user triggers, sending instruction then, require user's trigger module to send the relevant information of the file that needs query search, can be keyword, the various relevant information of descriptor or the like, can be character string, also can be numeral, also can be that both have concurrently.
After the Event triggered module is received triggering, can originate to judge it is the triggering of any type according to the trigger event that receives, if the user triggers, then require further document retrieval information, wait for that user's trigger module sends over coordinate indexing information, and start follow-up relative program module simultaneously, and enter document retrieval positive sequence and wait the state sent out, accelerate the speed of system.
If the triggering of exception catching, network packet or system journal, then the Event triggered module just can judge it is that intrusion event triggers, and just creates trace daemon then, and this Event triggered source is followed the tracks of, seek out the details of this incident, so that follow-up processing to be provided.
Obtain triggering in the Event triggered module, and to its judgement, after the information that obtains being correlated with, then the relevant data message that obtains is sent to data analysis module, in this module, it has shielded the triggering type of system, saves resource down and is used for carrying out the data that Event triggered sends over all strength it is analyzed.
S104: trigger type according to the keyword decision event, and carry out the encapsulation of header according to judged result, the key message of described header is crucial type of detection
In data analysis module, this module is analyzed data, judge then whether the trigger data that sends over from intrusion event really belongs to the invasion data, because the judgement in Event triggered stage is preliminary, to further analyze at data analysis module, in order to avoid erroneous judgement, because in some data sometimes is to need to revise system information, but he is legal, so during this time the Event triggered module has judged that it is the invasion data, but in fact not, to analyze so there has been data analysis module just can further detect, it is carried out the audit of information, detect, judge, thereby avoided erroneous judgement, made the result more correct, the smoothness and the fail safe of system's operation are provided.
If being the user, the Event triggered that data analysis module receives triggers, data start detection respond module so, require the Event triggered module to send the relevant information of the file that will search for simultaneously, then by analysis, the key message of user's input is analyzed encapsulation, packing, extract keyword, and then keyword is sent to the detection respond module, carry out the document retrieval work of next round.
Detect respond module after receiving the information that sends by data analysis, detection module can be judged according to the information that receives, this information is to belong to the invasion Data Detection, still belong to the file management retrieval source that the user triggers, according to the result who judges it is carried out the encapsulation of header then, the key message of this encapsulation header is crucial type of detection, even invasion data retrieval investigation still is user's file management retrieval.
S105: the header according to encapsulation in the reserve database is retrieved relevant information.
After encapsulation header, detect respond module and send message to detecting the reserve database, retrieve relevant information by database.If header is the user management file retrieval of encapsulation, then detect the reserve database and can retrieve according to the keyword that detects the file that respond module provides, this keyword will be retrieved as the key that detects the reserve database.After detection reserve database module retrieves this document, just information relevant or that the user needs is returned to the detection respond module, they carry out the result for retrieval communication on upper strata.Detect respond module then and send to follow-up bottom module according to the file-related information that detects the reserve database retrieval again.All bottom modules and the information exchange between the upper layer module all are to have the respond module of detection to carry out, and never allow bottom user direct control database, in order to avoid cause the confusion of data, be that database has been revised in certain bottom application, but database has little time to upgrade, another bottom is used the preservation information of the data of inquiring about this document at once, and the result can cause actual information to be modified, but the result before the result that inquiry is returned revises really.Provide interface to bottom by the upper strata like this,, provide the robustness of system and the fail safe of system greatly the method that the operation of database is undertaken by the intermediate layer.
In detecting the reserve database, Search Requirement for user management file, after detecting data from detection reserve database, for guaranteeing the accuracy of system, detect the reserve database file fileinfo that searches is returned to the response detection module, respond detection module then and carry out that contrast with this information with from the information that lower floor's data analysis module sends over, make intelligent decision then, audit is reached a conclusion, whether this information is the fileinfo that the user need retrieve, if, then will pack from the associated documents information that detects the file that the reserve database sends over, then packet is sent to lower floor, feed back to the user by lower floor again, thereby finish this document regulatory requirement of user.
In detecting the reserve database; if the Search Requirement of data invasion; then from detect the reserve database, retrieve the data of this invasion; if these invasion data exist in detecting the reserve database; then from detect the reserve data, dispatch out the associated description of these invasion data; simultaneously; from database, dispatch out the solution of these invasion data in the scheduling; this method is returned to the response detection module; carry out this method module by respond module then; these invasion data are put out the safety of protection system.If should the invasion data in detecting the reserve database, not have relevant information, then should invade data and carry out close description intelligently, then, this information is made tracking, and will the intelligent descriptor and the tracking structure of invasion data be inserted in the database, the information updating of returning according to following feedback momentarily detects the reserve database, at last, the emergent treatment system of reporting system, in database, there are not detected invasion data to handle to this, thereby the safety of the system of assurance provides safety of user information.
To sum up, the present invention has following beneficial effect: the environment that a convenience file management and system safety ground can be provided for the operating system of top box of digital machine.Data Detection scheme based on top box of digital machine is a platform that a convenience, reliability, fail safe are provided, user's file management and retrieval have been made things convenient for, simultaneously, the fail safe of system is proposed the scheme of defence and assurance, the security performance of very high widely system and user's information security are not stolen, and make the user relievedly personal information to be stored on the modem top box and the guarantee of account number safety is provided for user's the business transaction based on top box of digital machine.。
Need to prove, contents such as the information interaction between said system and intrasystem each unit, implementation since with the inventive method embodiment based on same design, particular content can repeat no more referring to the narration among the inventive method embodiment herein.
One of ordinary skill in the art will appreciate that all or part of step in the whole bag of tricks of the foregoing description is to instruct relevant hardware to finish by program, this program can be stored in the computer-readable recording medium, storage medium can comprise: read-only memory (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), disk or CD etc.
More than to a kind of Data Detection method that the embodiment of the invention provided based on top box of digital machine, used specific case herein principle of the present invention and execution mode are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to thought of the present invention, the part that all can change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (5)
1. the Data Detection method based on top box of digital machine is characterized in that, comprises;
Judge whether digital TV set-top box opens, and the initialization buffering area;
Create monitor process, monitoring Event triggered data;
Whether the data decision event trigger data according to described monitoring is legal, and the Event triggered data are analyzed, and extracts keyword and detects response;
Trigger type according to the keyword decision event, and carry out the encapsulation of header according to judged result, the key message of described header is crucial type of detection;
Header according to encapsulation in the reserve database is retrieved relevant information.
2. the Data Detection method based on top box of digital machine as claimed in claim 1 is characterized in that, described establishment monitor process, and monitoring Event triggered data comprise:
The triggering command that monitoring users sends, i.e. file search or invasion are checked, virus defense; Do not send any triggering command if listen to the user, then enter into the default conditions of system, opening initiatively, defence triggers.
3. the Data Detection method based on top box of digital machine as claimed in claim 2 is characterized in that, described unlatching initiatively defence triggering comprises:
In initiatively defence triggered, whether the source of detecting data was network packet or system journal; Whether be the situation of other catch of exceptions perhaps, to prevent illegal data invasion top box of digital machine operating system.
4. the Data Detection method based on top box of digital machine as claimed in claim 1 is characterized in that, describedly triggers type according to the keyword decision event, and comprises according to the encapsulation that judged result is carried out header:
Judge that according to keyword described information is to belong to the invasion Data Detection, still belong to the file management retrieval source that the user triggers, according to the result who judges it is carried out the encapsulation of header then, the key message of this encapsulation header is crucial type of detection, even invasion data retrieval investigation still is user's file management retrieval.
5. the Data Detection method based on top box of digital machine as claimed in claim 4 is characterized in that, described in the reserve database header retrieval relevant information according to encapsulation comprise:
If header is the user management file retrieval of encapsulation, then detect the reserve database and can retrieve according to the keyword that detects the file that respond module provides, this keyword will be retrieved as the key that detects the reserve database;
If header is the Search Requirement of the data invasion of encapsulation, then the data of this invasion of retrieval from detect the reserve database if these invasion data exist, are then dispatched out the associated description of these invasion data from detect the reserve data in detecting the reserve database; Simultaneously, from database, dispatch out the solution of these invasion data in the scheduling, this method is returned to the response detection module, carry out this method module by respond module then, these invasion data are put out the safety of protection system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010569374 CN102137297B (en) | 2010-11-30 | 2010-11-30 | Data detection method based on digital set top box |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010569374 CN102137297B (en) | 2010-11-30 | 2010-11-30 | Data detection method based on digital set top box |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102137297A true CN102137297A (en) | 2011-07-27 |
| CN102137297B CN102137297B (en) | 2013-04-24 |
Family
ID=44296936
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201010569374 Active CN102137297B (en) | 2010-11-30 | 2010-11-30 | Data detection method based on digital set top box |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102137297B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932465A (en) * | 2012-11-08 | 2013-02-13 | 北京工商大学 | Method for monitoring user interaction characteristics of efficient smart phone |
| CN103024540A (en) * | 2012-12-17 | 2013-04-03 | 四川长虹电器股份有限公司 | Method for collecting network activation information of intelligent television |
| CN111294618A (en) * | 2020-03-12 | 2020-06-16 | 周光普 | System and method for monitoring data security of broadcast television |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101068210A (en) * | 2007-06-20 | 2007-11-07 | 中兴通讯股份有限公司 | Multimedia data transmitting method |
| EP1919194A2 (en) * | 2006-08-28 | 2008-05-07 | Samsung Electronics Co., Ltd. | Wireless set-top box, wireless display apparatus, wireless video system, and control method thereof |
| CN101754044A (en) * | 2008-12-08 | 2010-06-23 | 深圳创维数字技术股份有限公司 | Set top box analysis meter and system and method for remote analysis of set top box |
-
2010
- 2010-11-30 CN CN 201010569374 patent/CN102137297B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1919194A2 (en) * | 2006-08-28 | 2008-05-07 | Samsung Electronics Co., Ltd. | Wireless set-top box, wireless display apparatus, wireless video system, and control method thereof |
| CN101068210A (en) * | 2007-06-20 | 2007-11-07 | 中兴通讯股份有限公司 | Multimedia data transmitting method |
| CN101754044A (en) * | 2008-12-08 | 2010-06-23 | 深圳创维数字技术股份有限公司 | Set top box analysis meter and system and method for remote analysis of set top box |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932465A (en) * | 2012-11-08 | 2013-02-13 | 北京工商大学 | Method for monitoring user interaction characteristics of efficient smart phone |
| CN102932465B (en) * | 2012-11-08 | 2015-06-10 | 北京工商大学 | Method for monitoring user interaction characteristics of efficient smart phone |
| CN103024540A (en) * | 2012-12-17 | 2013-04-03 | 四川长虹电器股份有限公司 | Method for collecting network activation information of intelligent television |
| CN111294618A (en) * | 2020-03-12 | 2020-06-16 | 周光普 | System and method for monitoring data security of broadcast television |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102137297B (en) | 2013-04-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109325351B (en) | Security hole automatic verification system based on public testing platform | |
| US8397292B2 (en) | Method and device for online secure logging-on | |
| CN100401224C (en) | Computer anti-virus protection system and method | |
| Lanzi et al. | Accessminer: using system-centric models for malware protection | |
| US7870612B2 (en) | Antivirus protection system and method for computers | |
| CN110391937B (en) | Internet of things honey net system based on SOAP service simulation | |
| CN103294950B (en) | A kind of high-power secret information stealing malicious code detecting method based on backward tracing and system | |
| CN103391216A (en) | Alarm and blocking method for illegal external connections | |
| CN111726364B (en) | Host intrusion prevention method, system and related device | |
| CN103401845B (en) | A kind of detection method of website safety, device | |
| CN103428186A (en) | Method and device for detecting phishing website | |
| CN102739774B (en) | Method and system for obtaining evidence under cloud computing environment | |
| CN103473501B (en) | A kind of Malware method for tracing based on cloud security | |
| CN104463569A (en) | Secure connection payment method and device | |
| US20240007498A1 (en) | Apparatus for providing mail security service using hierarchical architecture based on security level and operation method therefor | |
| CN102708309A (en) | Automatic malicious code analysis method and system | |
| CN100557545C (en) | A kind of method of distinguishing the harmful program behavior | |
| WO2008098519A1 (en) | A computer protection method based on a program behavior analysis | |
| CN106228067A (en) | Malicious code dynamic testing method and device | |
| CN111191243A (en) | Vulnerability detection method and device and storage medium | |
| CN102137297B (en) | Data detection method based on digital set top box | |
| CN108694329B (en) | Mobile intelligent terminal security event credible recording system and method based on combination of software and hardware | |
| US20240015182A1 (en) | Device for providing protective service against email security-based zero-day url attack and method for operating same | |
| CN116049822A (en) | Application program supervision method, system, electronic device and storage medium | |
| Mohsin et al. | Intelligent security cycle: A rule based run time malicious code detection technique for SOAP messages |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| DD01 | Delivery of document by public notice |
Addressee: Guangdong Xinghai Digital Home Industry Technology Research Institute Co., Ltd. Document name: Notification to Pay the Fees |
|
| DD01 | Delivery of document by public notice |