CN102137297B - Data detection method based on digital set top box - Google Patents
Data detection method based on digital set top box Download PDFInfo
- Publication number
- CN102137297B CN102137297B CN 201010569374 CN201010569374A CN102137297B CN 102137297 B CN102137297 B CN 102137297B CN 201010569374 CN201010569374 CN 201010569374 CN 201010569374 A CN201010569374 A CN 201010569374A CN 102137297 B CN102137297 B CN 102137297B
- Authority
- CN
- China
- Prior art keywords
- data
- invasion
- header
- encapsulation
- top box
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The embodiment of the invention discloses a data detection method based on a digital set top box, comprising the steps of judging whether the digital television set top box is started or not, and initializing a buffer zone; establishing the progress of monitoring, and monitoring data on the triggering of an event; judging whether the data on the triggering of the event is legal or not according to monitored data, analyzing the data on the triggering of the event, and drawing keywords to carry out detection response; judging the type of the event according to the keywords, and according to a judgment result, encapsulating a masthead, the key information of which is adopted as a key detection type; and searching related information in a backup database according to the encapsulated masthead. According to the data detection method, a digital television platform with convenience, reliability and safety is provided, thereby facilitating a user to manage and search files, and simultaneously, proposing a scheme for safeguarding and guaranteeing the safety of a system.
Description
Technical field
The present invention relates to the digital television techniques field, be specifically related to a kind of data detection method based on top box of digital machine.
Background technology
In recent years, along with the development of science and technology, the internet has obtained very fast development, and over past ten years, many developed countries continue to drop into a large amount of manpower and financial resources and carry out study Internet, and have carried out widely international exchange activity.In research and communication process, have higher requirement about the fail safe of internet.People have still had more consistent view to the demand of Next Generation Internet with essential characteristic, and exactly " larger, faster, safer, more timely, more convenient, more can manage and more profitable " especially, is placed on significant position for fail safe.
Simultaneously, information security not only obtains the attention of height in the internet, along with virus, and the invasions such as hacker, information security has become a multi-field problems of concern.Along with the startup of China's integration of three networks, the system safety of top box of digital machine and user's personal information security have also caused widely to be paid close attention to.
Information security refers to that the data in hardware, software and the system thereof of information network are protected, and is not subjected to the former of accidental or malice thereby suffers to destroy, change, reveals, and system is reliably normally operation continuously, and information service is not interrupted.
Along with the development of technology and user's request, top box of digital machine need and available digital service increasing, this needs to strengthen digital set-top box system safety and user's personal information security indirectly.At present, the system safety field in top box of digital machine, also very software or the platform of shortage system defence.Lack Prevention-Security and intrusion detection, it is also very fragile to attack the top box of digital machine of processing.
Summary of the invention
The embodiment of the invention provides a kind of data monitoring method based on top box of digital machine, can guarantee the fail safe of top box of digital machine.
Accordingly, the embodiment of the invention provides a kind of data detection method based on top box of digital machine, comprising:
Judge whether digital TV set-top box opens, and the initialization buffering area;
Create monitor process, monitoring Event triggered data;
Whether the data decision event trigger data according to described monitoring is legal, and to the Event triggered data analysis, extracts keyword and detect response;
Trigger type according to the keyword decision event, and carry out the encapsulation of header according to judged result, the key message of described header is crucial type of detection;
Header according to encapsulation in the reserve database is retrieved relevant information.
Described establishment monitor process, monitoring Event triggered data comprise:
The triggering command that monitoring users sends, i.e. file search or invasion check, virus defense; Do not send any triggering command if listen to the user, then enter into the default conditions of system, open Initiative Defense and trigger.
Described unlatching Initiative Defense triggers and comprises:
In Initiative Defense triggered, whether the source of detecting data was network packet or system journal; Whether be the situation of other catch of exceptions perhaps, to prevent illegal data invasion top box of digital machine operating system.
Describedly trigger type according to the keyword decision event, and comprise according to the encapsulation that judged result is carried out header:
Judge that according to keyword described information is to belong to the invasion Data Detection, still belong to the file management retrieval source that the user triggers, then according to the result who judges it is carried out the encapsulation of header, the key message of this encapsulation header is crucial type of detection, even invasion data retrieval investigation or user's file management retrieval.
Described in the reserve database header retrieval relevant information according to encapsulation comprise:
If header is the user management file retrieval of encapsulation, then detect the reserve database and can retrieve according to the keyword that detects the file that respond module provides, this keyword will be retrieved as the key that detects the reserve database;
If header is the Search Requirement of the data invasion of encapsulation, then the data of this invasion of retrieval from detect the reserve database if these invasion data exist, are then dispatched out the associated description of these invasion data from detect the reserve data in detecting the reserve database; Simultaneously, from database, dispatch out the solution of these invasion data in the scheduling, the method is returned to the response detection module, then carry out the method module by respond module, these invasion data are put out the safety of protection system.
The present invention contrasts prior art following beneficial effect: the environment that a convenience file management and system safety ground can be provided for the operating system of top box of digital machine.Data Detection scheme based on top box of digital machine is a platform that a convenience, reliability, fail safe are provided, user's file management and retrieval have been made things convenient for, simultaneously, Security of the system is proposed the scheme of defence and assurance, very high widely security of system performance and user's information security is not stolen, so that the user can be stored in personal information relievedly on the modem top box and the guarantee of account number safety is provided for user's the business transaction based on top box of digital machine.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, the below will do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art, apparently, accompanying drawing in the following describes only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the data detection method flow chart based on top box of digital machine in the embodiment of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making all other embodiment that obtain under the creative work prerequisite.
The invention will be further described below in conjunction with drawings and Examples.
Fig. 1 shows the data detection method flow chart based on top box of digital machine of the present invention, comprises as follows:
S101: judge whether digital TV set-top box opens, and the initialization buffering area;
Digital set top box boot at first is system initialization after starting, then random start Data Detection scheme platform.Based on the data monitoring scheme platform of top box of digital machine behind random start, continue platform after initialization, allow simultaneously system ready for user's demand, wait at any time to send out.
S102: create monitor process, monitoring Event triggered data;
Behind the Data Detection scheme platform initialization based on top box of digital machine; platform begins to protect top box of digital machine; under default situations, be selected in top box of digital machine is carried out intrusion prevention; this moment, the Data Source of acquiescence was network packet or system journal, and its triggering mode is system's automatic defense triggering mode.
Its workflow is as follows:
After initialization is finished, the state to be triggered such as enter based on the Data Detection scheme platform of top box of digital machine.This moment is based on the processes to be triggered such as Data Detection scheme platform establishment of top box of digital machine, and this process is responsible for the triggering command of waiting for that the user sends, i.e. file search or invasion inspection, virus defense etc.If this moment, the user did not send any triggering command, then then enter into intelligently the default conditions of system based on top box of digital machine detection scheme platform, namely open Initiative Defense and trigger.
In Initiative Defense triggers, be network packet and system journal based on the source of the Data Detection scheme detection of platform data of top box of digital machine, also have the situation of other catch of exceptions, to prevent illegal data invasion top box of digital machine operating system.
At this moment, the Data Detection scheme platform based on top box of digital machine creates monitor process.
Its process function statement is as follows:
listenThread(int?fd,Mes?message,int?type,int?origin,threadpd)();
typedef?struct{
char?massge[40];
int?I;
thread?pd;
}Mes;
S103: whether the data decision event trigger data according to described monitoring is legal, and to the Event triggered data analysis, extracts keyword and detect response
The abnormal conditions of this process AM automatic monitoring network packet and system journal, all do not have the calling party of authority all can cause the triggering work of Event triggered module, and the data of unauthorized access are examined, and are confirmed whether it is the invasion data.If through being confirmed to be illegal invasion data after the audit, then enter the work for the treatment of of next round.In addition, when system's abnormal, the process that can cause is equally monitored the response of module, starts subsequently the work of Event triggered module, detects, and this is examined unusually.When audit, judge first the source of this process, then its data are resolved, the check system daily record determines whether this process is illegal, if, then continue to check by monitor process and pass the information that preserve the progress information of coming and msu message structure the inside, it is carried out the detection of system and checks, if be confirmed to be illegal invasion, then the processing of these invasion data is sent to the analysis of invasion data of next round and invasion time by processing.
If after the initialization based on the Data Detection scheme platform of top box of digital machine, the user has inputted triggering mode, namely need search file, then can cause user's trigger event, then should trigger and to activate Event triggered, after Event triggered is judged this triggering type, being confirmed to be the user triggers, then sending instruction, require user's trigger module to send the relevant information of the file that needs query search, can be keyword, the various relevant information of descriptor etc., can be character string, also can be numeral, also can be that both have concurrently.
After the Event triggered module is received triggering, can originate to judge to be the triggering of any type according to the trigger event that receives, if the user triggers, then require further document retrieval information, wait for that user's trigger module sends over coordinate indexing information, and start simultaneously follow-up relative program module, and enter document retrieval positive sequence and wait the state sent out, accelerate the speed of system.
If the triggering of exception catching, network packet or system journal, then the Event triggered module just can judge it is that intrusion event triggers, and then just creates trace daemon, and this Event triggered source is followed the tracks of, seek out the details of this event, so that follow-up processing to be provided.
Obtain triggering in the Event triggered module, and to its judgement, after the information that obtains being correlated with, then the relevant data message that obtains is sent to data analysis module, in this module, it has shielded the triggering type of system, saves lower resource and is used for carrying out the data that Event triggered sends over all strength it is analyzed.
S104: trigger type according to the keyword decision event, and carry out the encapsulation of header according to judged result, the key message of described header is crucial type of detection
In data analysis module, this module is to data analysis, then judge whether the trigger data that sends over from intrusion event really belongs to the invasion data, because the judgement in Event triggered stage is preliminary, to further analyze at data analysis module, in order to avoid erroneous judgement, because be to need to revise system information in some data sometimes, but he is legal, so during this time the Event triggered module has judged that it is the invasion data, but in fact not so there has been data analysis module just can further detect, to analyze, it is carried out the audit of information, detect, judge, thereby avoided erroneous judgement, so that the result is more correct, provide smoothness and the fail safe of system's operation.
If being the user, the Event triggered that data analysis module receives triggers, data start detection respond module so, require simultaneously the Event triggered module to send the relevant information of the file that will search for, then by analysis, the key message of user's input is analyzed encapsulation, packing, extract keyword, and then keyword is sent to the detection respond module, carry out the document retrieval work of next round.
Detect respond module after receiving the information that is sent by data analysis, detection module can be judged according to the information that receives, this information is to belong to the invasion Data Detection, still belong to the file management retrieval source that the user triggers, then according to the result who judges it is carried out the encapsulation of header, the key message of this encapsulation header is crucial type of detection, even invasion data retrieval investigation or user's file management retrieval.
S105: the header according to encapsulation in the reserve database is retrieved relevant information.
After encapsulation header, detect respond module and send message to detecting the reserve database, retrieve relevant information by database.If header is the user management file retrieval of encapsulation, then detect the reserve database and can retrieve according to the keyword that detects the file that respond module provides, this keyword will be retrieved as the key that detects the reserve database.After detection reserve database module retrieves this document, just information relevant or that the user needs is returned to the detection respond module, they carry out the result for retrieval communication on upper strata.Then detect respond module and send to follow-up bottom module according to the file-related information that detects the reserve database retrieval again.All bottom modules and the information exchange between the upper layer module all are to have the respond module of detection to carry out, and never allow bottom user direct control database, in order to avoid cause the confusion of data, be that database has been revised in certain bottom application, but database has little time to upgrade, another bottom is used the preservation information of the data of inquiring about at once this document, and the result can cause actual information to be modified, but the result before the result that inquiry is returned revises really.Provide interface to bottom by the upper strata like this, to the method that the operation of database is undertaken by the intermediate layer, provide greatly robustness and the Security of the system of system.
In detecting the reserve database, Search Requirement for user management file, after detecting data from detection reserve database, for guaranteeing the accuracy of system, detect the reserve database file fileinfo that searches is returned to the response detection module, then respond detection module and carry out that contrast with this information with from the information that lower floor's data analysis module sends over, then make intelligent decision, audit is reached a conclusion, this information fileinfo whether user need to retrieve, if, then will pack from the associated documents information that detects the file that the reserve database sends over, then with Packet Generation to lower floor, feed back to the user by lower floor again, thus this document regulatory requirement of completing user.
In detecting the reserve database; if the Search Requirement of data invasion; then from detect the reserve database, retrieve the data of this invasion; if these invasion data exist in detecting the reserve database; then from detect the reserve data, dispatch out the associated description of these invasion data; simultaneously; from database, dispatch out the solution of these invasion data in the scheduling; the method is returned to the response detection module; then carry out the method module by respond module; these invasion data are put out the safety of protection system.If should the invasion data in detecting the reserve database, not have relevant information, then should invade data and carry out close intelligently description, then, this information is made tracking, and will intelligent descriptor and the tracking structure of invasion data be inserted in the database, the information updating of momentarily returning according to following feedback detects the reserve database, at last, the emergent treatment system of reporting system, these invasion data that do not detect in database are processed, thereby the assurance security of system provides the fail safe of user profile.
To sum up, the present invention has following beneficial effect: the environment that a convenience file management and system safety ground can be provided for the operating system of top box of digital machine.Data Detection scheme based on top box of digital machine is a platform that a convenience, reliability, fail safe are provided, user's file management and retrieval have been made things convenient for, simultaneously, Security of the system is proposed the scheme of defence and assurance, very high widely security of system performance and user's information security is not stolen, so that the user can be stored in personal information relievedly on the modem top box and the guarantee of account number safety is provided for user's the business transaction based on top box of digital machine.。
Need to prove, the contents such as the information interaction between said system and intrasystem each unit, implementation since with the inventive method embodiment based on same design, particular content can referring to the narration among the inventive method embodiment, repeat no more herein.
One of ordinary skill in the art will appreciate that all or part of step in the whole bag of tricks of above-described embodiment is to come the relevant hardware of instruction finish by program, this program can be stored in the computer-readable recording medium, storage medium can comprise: read-only memory (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), disk or CD etc.
More than a kind of data detection method based on top box of digital machine that the embodiment of the invention is provided, used specific case herein principle of the present invention and execution mode are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (5)
1. the data detection method based on top box of digital machine is characterized in that, comprising:
Judge whether digital TV set-top box opens, and the initialization buffering area;
Create monitor process, monitoring Event triggered data;
Whether the data decision event trigger data according to described monitoring is legal, and to the Event triggered data analysis, extracts keyword and detect response;
Trigger type according to the keyword decision event, and carry out the encapsulation of header according to judged result, the key message of described header is crucial type of detection;
Header according to encapsulation in the reserve database is retrieved relevant information;
Wherein: describedly trigger type according to the keyword decision event, and comprise according to the encapsulation that judged result is carried out header:
Judge that according to keyword described information is to belong to the invasion Data Detection, still belong to the file management retrieval source that the user triggers, then according to the result who judges it is carried out the encapsulation of header, the key message of this encapsulation header is crucial type of detection, invasion data retrieval investigation user's file management retrieval;
Wherein: described in the reserve database header retrieval relevant information according to encapsulation comprise:
If header is the user management file retrieval of encapsulation, then detect the reserve database and can retrieve according to the keyword that detects the file that respond module provides, this keyword will be retrieved as the key that detects the reserve database;
If header is the Search Requirement of the data invasion of encapsulation, then the data of this invasion of retrieval from detect the reserve database if these invasion data exist, are then dispatched out the associated description of these invasion data from detect the reserve data in detecting the reserve database; Simultaneously, from database, dispatch out the solution of these invasion data in the scheduling, the method is returned to the response detection module, then carry out the method module by respond module, these invasion data are put out the safety of protection system.
2. the data detection method based on top box of digital machine as claimed in claim 1 is characterized in that, described establishment monitor process, and monitoring Event triggered data comprise:
The triggering command that monitoring users sends, i.e. file search or invasion check, virus defense; Do not send any triggering command if listen to the user, then enter into the default conditions of system, open Initiative Defense and trigger.
3. the data detection method based on top box of digital machine as claimed in claim 2 is characterized in that, described unlatching Initiative Defense triggers and comprises:
In Initiative Defense triggered, whether the source of detecting data was network packet or system journal; Whether be the situation of other catch of exceptions perhaps, to prevent illegal data invasion top box of digital machine operating system.
4. the data detection method based on top box of digital machine as claimed in claim 1 is characterized in that, describedly triggers type according to the keyword decision event, and comprises according to the encapsulation that judged result is carried out header:
Judge that according to keyword described information is to belong to the invasion Data Detection, still belong to the file management retrieval source that the user triggers, then according to the result who judges it is carried out the encapsulation of header, the key message of this encapsulation header is crucial type of detection, invasion data retrieval investigation user's file management retrieval.
5. the data detection method based on top box of digital machine as claimed in claim 4 is characterized in that, described in the reserve database header retrieval relevant information according to encapsulation comprise:
If header is the user management file retrieval of encapsulation, then detect the reserve database and can retrieve according to the keyword that detects the file that respond module provides, this keyword will be retrieved as the key that detects the reserve database;
If header is the Search Requirement of the data invasion of encapsulation, then the data of this invasion of retrieval from detect the reserve database if these invasion data exist, are then dispatched out the associated description of these invasion data from detect the reserve data in detecting the reserve database; Simultaneously, from database, dispatch out the solution of these invasion data in the scheduling, the method is returned to the response detection module, then carry out the method module by respond module, these invasion data are put out the safety of protection system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010569374 CN102137297B (en) | 2010-11-30 | 2010-11-30 | Data detection method based on digital set top box |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010569374 CN102137297B (en) | 2010-11-30 | 2010-11-30 | Data detection method based on digital set top box |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102137297A CN102137297A (en) | 2011-07-27 |
| CN102137297B true CN102137297B (en) | 2013-04-24 |
Family
ID=44296936
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201010569374 Active CN102137297B (en) | 2010-11-30 | 2010-11-30 | Data detection method based on digital set top box |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102137297B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932465B (en) * | 2012-11-08 | 2015-06-10 | 北京工商大学 | Method for monitoring user interaction characteristics of efficient smart phone |
| CN103024540A (en) * | 2012-12-17 | 2013-04-03 | 四川长虹电器股份有限公司 | Method for collecting network activation information of intelligent television |
| CN111294618B (en) * | 2020-03-12 | 2022-04-01 | 周光普 | System and method for monitoring data security of broadcast television |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101068210A (en) * | 2007-06-20 | 2007-11-07 | 中兴通讯股份有限公司 | Multimedia data transmitting method |
| EP1919194A2 (en) * | 2006-08-28 | 2008-05-07 | Samsung Electronics Co., Ltd. | Wireless set-top box, wireless display apparatus, wireless video system, and control method thereof |
| CN101754044A (en) * | 2008-12-08 | 2010-06-23 | 深圳创维数字技术股份有限公司 | Set top box analysis meter and system and method for remote analysis of set top box |
-
2010
- 2010-11-30 CN CN 201010569374 patent/CN102137297B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1919194A2 (en) * | 2006-08-28 | 2008-05-07 | Samsung Electronics Co., Ltd. | Wireless set-top box, wireless display apparatus, wireless video system, and control method thereof |
| CN101068210A (en) * | 2007-06-20 | 2007-11-07 | 中兴通讯股份有限公司 | Multimedia data transmitting method |
| CN101754044A (en) * | 2008-12-08 | 2010-06-23 | 深圳创维数字技术股份有限公司 | Set top box analysis meter and system and method for remote analysis of set top box |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102137297A (en) | 2011-07-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109325351B (en) | Security hole automatic verification system based on public testing platform | |
| US8397292B2 (en) | Method and device for online secure logging-on | |
| CN100401224C (en) | Computer anti-virus protection system and method | |
| US7870612B2 (en) | Antivirus protection system and method for computers | |
| CN102314561B (en) | Automatic analysis method and system of malicious codes based on API (application program interface) HOOK | |
| US8453244B2 (en) | Server, user device and malware detection method thereof | |
| CN107688743B (en) | Malicious program detection and analysis method and system | |
| CN103473501B (en) | A kind of Malware method for tracing based on cloud security | |
| CN102739774B (en) | Method and system for obtaining evidence under cloud computing environment | |
| CN103401845B (en) | A kind of detection method of website safety, device | |
| CN111726364B (en) | Host intrusion prevention method, system and related device | |
| CN103294950A (en) | High-power secret information stealing malicious code detection method and system based on backward tracing | |
| CN103428186A (en) | Method and device for detecting phishing website | |
| CN102708309A (en) | Automatic malicious code analysis method and system | |
| CN105488397A (en) | Situation-based ROP attack detection system and method | |
| CN106228067A (en) | Malicious code dynamic testing method and device | |
| CN100557545C (en) | A kind of method of distinguishing the harmful program behavior | |
| CN111191243A (en) | Vulnerability detection method and device and storage medium | |
| US20200336498A1 (en) | Method and apparatus for detecting hidden link in website | |
| CN102137297B (en) | Data detection method based on digital set top box | |
| CN103218561A (en) | Tamper-proof method and device for protecting browser | |
| CN111524007A (en) | Embedded intrusion detection method and device for intelligent contract | |
| EP2728472B1 (en) | User terminal, reliability management server, and method and program for preventing unauthorized remote operation | |
| CN108694329B (en) | Mobile intelligent terminal security event credible recording system and method based on combination of software and hardware | |
| CN116049822A (en) | Application program supervision method, system, electronic device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| DD01 | Delivery of document by public notice |
Addressee: Guangdong Xinghai Digital Home Industry Technology Research Institute Co., Ltd. Document name: Notification to Pay the Fees |
|
| DD01 | Delivery of document by public notice |