CN103218561A - Tamper-proof method and device for protecting browser - Google Patents
Tamper-proof method and device for protecting browser Download PDFInfo
- Publication number
- CN103218561A CN103218561A CN2013100866122A CN201310086612A CN103218561A CN 103218561 A CN103218561 A CN 103218561A CN 2013100866122 A CN2013100866122 A CN 2013100866122A CN 201310086612 A CN201310086612 A CN 201310086612A CN 103218561 A CN103218561 A CN 103218561A
- Authority
- CN
- China
- Prior art keywords
- browser
- network address
- security procedure
- tamper resistant
- monitoring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a tamper-proof method and a tamper-proof device for protecting a browser, wherein the method comprises the following steps: extracting an access website of the browser; detecting whether the access website of the browser is a target website, if so, monitoring the browser process, and if not, continuously detecting the access website of the browser; monitoring the browser process, and judging whether a process for modifying the browser process exists; judging whether the process for modifying the browser process is a safe process or an unknown process, if the process is the safe process, allowing the process to modify the browser process, and if the process is the unknown process, preventing the process from modifying the browser process. The unknown process is prevented from modifying the browser process, viruses are prevented from modifying the browser process, and the browser process is protected.
Description
Technical field
The present invention relates to the computer security field, especially a kind of tamper resistant method and device of protecting browser.
Background technology
The fast development of ecommerce has brought huge business opportunity.The high speed development of brand-new consumption mode, people's security protection consciousness does not also catch up with development of science and technology.Therefore, need security protection software vendor, national network administrative authority, people's positive supervision could guarantee the sound development of network.Ecommerce need further develop, and needs to get rid of the hidden danger of fishing website and trojan horse.It is more and more with the user of wooden horse influence to be subjected to going fishing, and much is to browse the net purchase website by browser among these users, finishes transaction by browser.The nearly all operation steps of user is all carried out from browser, therefore protects the safe handling of browser just to become a great task.
For example, China's number of patent application 20111045617.2 discloses method and the device that webpage is distorted in a kind of identification.Its page that obtains by Web address field input URL with simulate by the comparison that links the page that the redirect mode obtains, judge whether according to comparative result whether Webpage is distorted.This mode is the mode of gaining mastery by striking only after the enemy has struck, and just can be found after webpage is distorted, if discovery is untimely, user's interests can be subjected to loss.This mode is unfavorable for preventing from the source entering of rogue program.
Distorted by virus when the net purchase for fear of user's browser, cause user's monetary loss, need prevent Virus, stop Virus to carry out browser and revise, need a kind of defence pattern of active from browser.
Summary of the invention
Purpose of the present invention overcomes the deficiencies in the prior art exactly, provides a kind of and can prevent the tamper resistant method and the device of the protection browser of unknown process modification browser process after entering the net purchase pattern.
In order to achieve the above object, adopt following technical scheme:
A kind of tamper resistant method of protecting browser may further comprise the steps:
Extract the visit network address of browser;
Whether the visit network address that detects browser is the target network address, if the monitoring browser process if not, continues to detect the visit network address of browser;
The monitoring browser process judges whether to exist the process of revising browser process;
Judge that the process of revising browser process is security procedure or unknown process,, allow described process to revise browser process,, stop described process to revise browser process if described process is unknown process if described process is a security procedure.
Further, described monitoring browser process judges whether to exist the process of revising browser process to comprise the internal memory of monitoring browser process, judges whether to exist the process of revising the browser process internal memory; Or the code of monitoring browser process, judge whether to exist remote thread implant operation at browser process.
Further, the target network address of described browser access comprises the net purchase network address.
Further, described judge described process whether be security procedure comprise the contrast of the security procedure in described process and process data storehouse, high in the clouds or with the security procedure contrast of local process database.
Further, described browser comprises the browser based on Trident, Gecko, Presto, Webkit, WebCore, KHTML kernel.
A kind of tamper resistant device of protecting browser comprises: extraction module is used to extract the visit network address of browser; Detection module, whether the visit network address that is used to detect browser is the target network address, if the monitoring browser process if not, continues to detect the visit network address of browser; The target network address database is used to store the target network address; Monitor module is used for judging whether to exist the process of revising browser process by the monitoring browser process; Processing module is used to judge that the process of revising browser process is security procedure or unknown process, if described process is a security procedure, allows described process to revise browser process, if described process is unknown process, stops described process to revise browser process; Process data storehouse, high in the clouds or local process database are used for the information of storage security process.
Further, whether the visit network address that described detection module detects browser is consistent with default target network address, if consistent, then detection module notice monitor module monitors browser process.
Further, described monitor module comprises internal memory monitoring unit and code monitor unit, described internal memory monitoring unit is used to detect the internal memory of browser process, described code monitor unit is used to detect the code of browser process, whether described internal memory monitoring unit or code monitoring unit monitors deposit into the Cheng Xiugai browser process, if exist, then notification handler module is handled described process.
Further, described processing module contrasts the information of the security procedure of the information of described process and process data storehouse, high in the clouds or local process database, if the information of described process is identical with the information of the security procedure of process data storehouse, high in the clouds or local process database, then processing module judges that described process is a security procedure, the information of described process comprises the title of process, corresponding execute file and execute file place catalogue.
Further, described browser comprises the browser based on Trident, Gecko, Presto, Webkit, WebCore, KHTML kernel.
Compared with prior art, beneficial effect of the present invention is:
The present invention is after browser enters the net purchase pattern, and the defense mechanism of taking the initiative prevents unknown process or malicious process modification browser process.By Hook Mechanism monitoring browser process, detect the internal memory that whether exists unknown process to revise browser process or pass through the remote thread injecting codes, guarantee the browser operate as normal from two aspects, prevent that browser process is by the unknown or malicious process modification, safeguard user's safety, avoided user's property loss.The present invention is suitable for the browser that uses different kernels.
Description of drawings
Fig. 1 is the process flow diagram of the tamper resistant method of protection browser of the present invention;
Fig. 2 is the structural representation of the tamper resistant device of protection browser of the present invention.
Diagram: 1-extraction module; 2-detection module; 3-target network address database; 4-monitor module;
41-internal memory monitoring unit; 42-code monitor unit; 5-processing module; 6-local process database.
Embodiment
Describe the present invention in detail below in conjunction with accompanying drawing and specific implementation method, be used for explaining the present invention in schematic enforcement of the present invention and explanation, but not as a limitation of the invention.
See also Fig. 1, it is the process flow diagram that the present invention protects the tamper resistant method of browser.This method may further comprise the steps:
S10: the visit network address of extracting browser.
Particularly, after browser starts, detect the browse state of browser.After the user starts browser, the network address of record browser access.The network address of browser access can obtain in real time by system journal, also can directly obtain at accession page by the Web address field of browser.
S20: whether the visit network address that detects browser is the target network address, if the monitoring browser process if not, continues to detect the visit network address of browser.
Particularly, the target network address with default is identical to judge the visit network address of browser.When the visit network address of browser is identical with default target network address, begin to monitor browser process, prevent that browser process is modified.Described target network address is preferably the net purchase network address.If the webpage network address of browser access is the net purchase network address, then browser has entered the net purchase pattern.
S30: the monitoring browser process judges whether to exist the process of revising browser process.
After browser enters the net purchase pattern, the monitoring browser process.Know the state of browser process by prior art hook (HOOK) mechanism.Can revise internal memory by system function, revising in the internal memory process needs load driver.Driving the function that the inside hook has defense function,, then can find the modification action of process if there is the action of revising internal memory.Monitor that browser process mainly comprises the internal memory that whether exists process to revise browser process or at browser process by the remote thread injecting codes.The internal memory of described modification browser process refers to the internal memory of the dynamic assignment used by revise browser process the term of execution, changes the duty of browser process, influences the operate as normal of browser process.Describedly refer to inject new code by the remote thread injecting codes, make browser process have new functional module by remote thread at browser process.For example, browser process has the function of opening webpage, if inject new code, code forms the functional module that has record number of the account and password and be sent to distant place server, then the existing function of opening webpage of browser process has the function that writes down number of the account and password and be sent to distant place server again.
Before described process was injected fresh code at the internal memory of revising browser process or at browser process by remote thread, these actions produced corresponding message in windows operating system.If know that the internal memory of browser process is modified or, then have the process of revising browser process at browser process any message by the new two kinds of situations of code of remote thread injection by Hook Mechanism.
S40: judge that the process of revising browser process is security procedure or unknown process,, allow described process to revise browser process,, stop described process to revise browser process if described process is unknown process if described process is a security procedure.
Particularly, judge described process whether be security procedure pass through the contrast of the security procedure in described process and process data storehouse, high in the clouds or with the security procedure contrast of local process database.Store the information of security procedure in process data storehouse, described high in the clouds or the local process database.The information of described security procedure comprises the title of process, the execute file of process correspondence, information such as execute file place catalogue.If the title of described process, corresponding execute file, execute file place catalogue is all identical with the information of the security procedure stored in process data storehouse, high in the clouds or the local process database, judges that then described process is a security procedure.Allow described process to revise browser process.If the title of described process, corresponding execute file, execute file place catalogue all with process data storehouse, high in the clouds or local process database in the information of the security procedure stored inequality, judge that then described process is unknown process, stop described process to revise browser process.Stop to carry out the modification action by sending designated command browser kernel, to reach the purpose that stops described process to revise browser process.
The browser of present embodiment comprises the browser based on Trident, Gecko, Presto, Webkit, WebCore, KHTML kernel.Browser based on Trident, Gecko, Presto, Webkit, WebCore, KHTML kernel all is suitable for present embodiment.
Please refer to Fig. 2, it comprises: extraction module 1, detection module 2 for a kind of structural representation of the tamper resistant device of protection browser; target network address database 3, monitor module 4, internal memory monitoring unit 41; code monitor unit 42, processing module 5, local process database 6.
Extraction module 1 is used to extract the visit network address of browser.The visit network address obtains in real time from system journal, also can directly obtain at accession page by the Web address field of browser.Extraction module 1 has extracted the visit network address of browser, is sent to detection module 2.Detection module 2 receives the visit network address, and whether the visit network address that detects browser is the target network address.If the visit network address is the target network address, notice monitor module 4 monitoring browser process; If the visit network address is not the target network address, continue to detect the visit network address of browser.Described target network address is stored in target network address database 3, and the type of target network address can be set according to actual conditions.Detection module 2 is by the target network address in visit network address and the target network address database 3, if both are identical, then visiting network address is the target network address.Preferably, the intact target network address of controlling storage in the database 3 of described target is the net purchase network address.If the visit network address of browser is identical with net purchase network address in the target network address database 3, then browser enters the net purchase pattern, sends a message to monitor module 4, and monitor module 4 begins to monitor browser process.
Described browser comprises the browser based on Trident, Gecko, Presto, Webkit, WebCore, KHTML kernel.
Further, the information of described processing module 5 by described process and the information contrast of the security procedure in process data storehouse, high in the clouds judge whether described process is security procedure.The renewal speed in process data storehouse, high in the clouds is faster than this locality, judges that the speed of unknown process is faster, and accuracy is higher.
More than the technical scheme that the embodiment of the invention provided is described in detail, used specific case herein the principle and the embodiment of the embodiment of the invention are set forth, the explanation of above embodiment only is applicable to the principle that helps to understand the embodiment of the invention; Simultaneously, for one of ordinary skill in the art, according to the embodiment of the invention, the part that on embodiment and range of application, all can change, in sum, this description should not be construed as limitation of the present invention.
Claims (10)
1. a tamper resistant method of protecting browser is characterized in that, may further comprise the steps:
Extract the visit network address of browser;
Whether the visit network address that detects browser is the target network address, if the monitoring browser process if not, continues to detect the visit network address of browser;
The monitoring browser process judges whether to exist the process of revising browser process;
Judge that the process of revising browser process is security procedure or unknown process,, allow described process to revise browser process,, stop described process to revise browser process if described process is unknown process if described process is a security procedure.
2. the tamper resistant method of protection browser according to claim 1, it is characterized in that: described monitoring browser process, judge whether to exist the process of revising browser process to comprise the internal memory of monitoring browser process, judge whether to exist the process of revising the browser process internal memory; Or the code of monitoring browser process, judge whether to exist remote thread implant operation at browser process.
3. the tamper resistant method of protection browser according to claim 1 is characterized in that: the target network address of described browser access comprises the net purchase network address.
4. the tamper resistant method of protection browser according to claim 1 is characterized in that: described judge described process whether be security procedure comprise the contrast of the security procedure in described process and process data storehouse, high in the clouds or with the security procedure contrast of local process database.
5. the tamper resistant method of protection browser according to claim 1 is characterized in that: described browser comprises the browser based on Trident, Gecko, Presto, Webkit, WebCore, KHTML kernel.
6. a tamper resistant device of protecting browser is characterized in that, comprising:
Extraction module is used to extract the visit network address of browser;
Detection module, whether the visit network address that is used to detect browser is the target network address, if the monitoring browser process if not, continues to detect the visit network address of browser;
The target network address database is used to store the target network address;
Monitor module is used to monitor browser process, judges whether to exist the process of revising browser process;
Processing module is used to judge that the process of revising browser process is security procedure or unknown process, if described process is a security procedure, allows described process to revise browser process, if described process is unknown process, stops described process to revise browser process;
Process data storehouse, high in the clouds or local process database are used for the information of storage security process.
7. the tamper resistant device of protection browser according to claim 6 is characterized in that: described detection module detects browser-Ruo unanimity, and then detection module notice monitor module monitors browser process.
8. the tamper resistant device of protection browser according to claim 6; it is characterized in that: described monitor module comprises internal memory monitoring unit and code monitor unit; described internal memory monitoring unit is used to detect the internal memory of browser process; described code monitor unit is used to detect the code of browser process; whether described internal memory monitoring unit or code monitoring unit monitors deposit into the Cheng Xiugai browser process; if exist, then notification handler module is handled described process.
9. the tamper resistant device of protection browser according to claim 6; it is characterized in that: described processing module contrasts the information of the security procedure of the information of described process and process data storehouse, high in the clouds or local process database; if the information of described process is identical with the information of the security procedure of process data storehouse, high in the clouds or local process database; then processing module judges that described process is a security procedure; the information of described process comprises the title of process, corresponding execute file and execute file place catalogue.
10. according to the tamper resistant device of the described protection browser of claim 6, it is characterized in that: described browser comprises the browser based on Trident, Gecko, Presto, Webkit, WebCore, KHTML kernel.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310086612.2A CN103218561B (en) | 2013-03-18 | 2013-03-18 | Tamper-proof method and device for protecting browser |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310086612.2A CN103218561B (en) | 2013-03-18 | 2013-03-18 | Tamper-proof method and device for protecting browser |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103218561A true CN103218561A (en) | 2013-07-24 |
| CN103218561B CN103218561B (en) | 2016-04-06 |
Family
ID=48816338
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310086612.2A Active CN103218561B (en) | 2013-03-18 | 2013-03-18 | Tamper-proof method and device for protecting browser |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103218561B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104539584A (en) * | 2014-12-05 | 2015-04-22 | 北京奇虎科技有限公司 | Anti-injection method for browser, browser client and device |
| CN104536981A (en) * | 2014-12-05 | 2015-04-22 | 北京奇虎科技有限公司 | Browser safety achieving method, browser client-side and device |
| CN104601543A (en) * | 2014-12-05 | 2015-05-06 | 百度在线网络技术(北京)有限公司 | Method and system for identifying software tampered browser home page |
| WO2015078264A1 (en) * | 2013-11-26 | 2015-06-04 | 腾讯科技(深圳)有限公司 | Safety protection method and device, and terminal |
| CN104732144A (en) * | 2015-04-01 | 2015-06-24 | 河海大学 | Pseudo-protocol-based remote code injecting loophole detecting method |
| CN104850789A (en) * | 2015-04-01 | 2015-08-19 | 河海大学 | Remote code injection vulnerability detection method based on Web browser helper object |
| CN106775601A (en) * | 2015-11-19 | 2017-05-31 | 珠海市君天电子科技有限公司 | Method and device for determining connection state of mobile equipment |
| CN107273743A (en) * | 2017-07-03 | 2017-10-20 | 西安新路网络科技有限公司 | A kind of method for preventing Remote thread injecting, device and electronic equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100100927A1 (en) * | 2008-10-20 | 2010-04-22 | International Business Machines Corporation | Systems and methods for protecting web based applications from cross site request forgery attacks |
| CN101902481A (en) * | 2010-08-10 | 2010-12-01 | 厦门市美亚柏科信息股份有限公司 | Real-time monitoring method and device for webpage Trojan horse |
| CN101909018A (en) * | 2009-06-05 | 2010-12-08 | 潘晓丰 | Method and system for returning to instant messaging group according to webpage browsed by user |
| CN102164138A (en) * | 2011-04-18 | 2011-08-24 | 奇智软件(北京)有限公司 | Method for ensuring network security of user and client |
| CN102594934A (en) * | 2011-12-30 | 2012-07-18 | 奇智软件(北京)有限公司 | Method and device for identifying hijacked website |
-
2013
- 2013-03-18 CN CN201310086612.2A patent/CN103218561B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100100927A1 (en) * | 2008-10-20 | 2010-04-22 | International Business Machines Corporation | Systems and methods for protecting web based applications from cross site request forgery attacks |
| CN101909018A (en) * | 2009-06-05 | 2010-12-08 | 潘晓丰 | Method and system for returning to instant messaging group according to webpage browsed by user |
| CN101902481A (en) * | 2010-08-10 | 2010-12-01 | 厦门市美亚柏科信息股份有限公司 | Real-time monitoring method and device for webpage Trojan horse |
| CN102164138A (en) * | 2011-04-18 | 2011-08-24 | 奇智软件(北京)有限公司 | Method for ensuring network security of user and client |
| CN102594934A (en) * | 2011-12-30 | 2012-07-18 | 奇智软件(北京)有限公司 | Method and device for identifying hijacked website |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015078264A1 (en) * | 2013-11-26 | 2015-06-04 | 腾讯科技(深圳)有限公司 | Safety protection method and device, and terminal |
| WO2016086767A1 (en) * | 2014-12-05 | 2016-06-09 | 北京奇虎科技有限公司 | Method, browser client, and device for achieving browser security |
| CN104601543A (en) * | 2014-12-05 | 2015-05-06 | 百度在线网络技术(北京)有限公司 | Method and system for identifying software tampered browser home page |
| CN104536981A (en) * | 2014-12-05 | 2015-04-22 | 北京奇虎科技有限公司 | Browser safety achieving method, browser client-side and device |
| CN104539584A (en) * | 2014-12-05 | 2015-04-22 | 北京奇虎科技有限公司 | Anti-injection method for browser, browser client and device |
| CN104536981B (en) * | 2014-12-05 | 2018-01-16 | 北京奇虎科技有限公司 | Realize method, browser client and the device of secure browser |
| CN104539584B (en) * | 2014-12-05 | 2018-01-19 | 北京奇虎科技有限公司 | The anti-method for implanting of browser, browser client and device |
| CN104732144A (en) * | 2015-04-01 | 2015-06-24 | 河海大学 | Pseudo-protocol-based remote code injecting loophole detecting method |
| CN104850789A (en) * | 2015-04-01 | 2015-08-19 | 河海大学 | Remote code injection vulnerability detection method based on Web browser helper object |
| CN104732144B (en) * | 2015-04-01 | 2017-06-23 | 河海大学 | A kind of remote code injection loophole detection method based on pseudo- agreement |
| CN104850789B (en) * | 2015-04-01 | 2017-10-27 | 河海大学 | A kind of remote code injection loophole detection method based on Web browser helpful object |
| CN106775601A (en) * | 2015-11-19 | 2017-05-31 | 珠海市君天电子科技有限公司 | Method and device for determining connection state of mobile equipment |
| CN107273743A (en) * | 2017-07-03 | 2017-10-20 | 西安新路网络科技有限公司 | A kind of method for preventing Remote thread injecting, device and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103218561B (en) | 2016-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103218561B (en) | Tamper-proof method and device for protecting browser | |
| US8789178B2 (en) | Method for detecting malicious javascript | |
| CN103617395B (en) | Method, device and system for intercepting advertisement programs based on cloud security | |
| US11882134B2 (en) | Stateful rule generation for behavior based threat detection | |
| CN103368957B (en) | Method and system that web page access behavior is processed, client, server | |
| Xue et al. | Detection and classification of malicious JavaScript via attack behavior modelling | |
| CN104766011A (en) | Sandbox detection alarming method and system based on main engine characteristic | |
| CN102902909A (en) | System and method for preventing file from being tampered | |
| CN102930205A (en) | Monitoring unit and method | |
| CN103473501B (en) | A kind of Malware method for tracing based on cloud security | |
| CN102932329A (en) | Method and device for intercepting behaviors of program, and client equipment | |
| CN101826139A (en) | Method and device for detecting Trojan in non-executable file | |
| CN101902481B (en) | Real-time monitoring method and device for webpage Trojan horse | |
| CN111191243B (en) | Vulnerability detection method, vulnerability detection device and storage medium | |
| Zhao et al. | A feature extraction method of hybrid gram for malicious behavior based on machine learning | |
| US20190294803A1 (en) | Evaluation device, security product evaluation method, and computer readable medium | |
| CN101093531B (en) | Method for raising security of computer software | |
| CN102999721A (en) | Program processing method and system | |
| Baldin | Best practices for fighting the fileless threat | |
| US20200050763A1 (en) | Game engine-based computer security | |
| CN103679024A (en) | Virus treating method and device | |
| Kono et al. | An unknown malware detection using execution registry access | |
| US20150007324A1 (en) | System and method for antivirus protection | |
| Stavrou et al. | Keep your friends close: the necessity for updating an anomaly sensor with legitimate environment changes | |
| Bilar et al. | Using a novel behavioral stimuli-response framework to defend against adversarial cyberspace participants |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 519070 Guangdong city of Zhuhai Province town Harbour Road Technology Road No. 10 building six layer 601F Co-patentee after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Co-patentee after: Beijing Cheetah Mobile Technology Co.,Ltd. Co-patentee after: Beijing Cheetah Network Technology Co.,Ltd. Address before: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8 Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd. Co-patentee before: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd. Co-patentee before: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20191122 Address after: Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province Patentee after: Zhuhai Leopard Technology Co.,Ltd. Address before: 519070, No. 10, main building, No. six, science Road, Harbour Road, Tang Wan Town, Guangdong, Zhuhai, 601F Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd. Co-patentee before: Beijing Cheetah Mobile Technology Co.,Ltd. Co-patentee before: Beijing Cheetah Network Technology Co.,Ltd. |