A kind of anti-brush machine method
Technical field
The invention belongs to field of computer technology, relate to a kind of anti-brush machine method, relate in particular to a kind of anti-brush machine method that can be used for Android equipment.
Background technology
Android (Chinese name Android) equipment comprises Android mobile phone, flat board, TV etc., under with " Android intelligent machine ", be called for short, the anti-brush machine technology of Android equipment refers to after the equipment that detects is by the brush machine, by stoping this equipment normal operation (as restart or make some key function inefficacy etc.), reach the purpose that stops the brush machine.Maximum characteristics of the present invention are to utilize kernel-driven to guarantee accurately to find whether Android system software is modified.
Android is the smart machine operating system of existing market share maximum, is based on the platform that Linux is dominated by Google and increases income, and it provides a set of complete Android intelligent machine solution.Current domestic all big enterprises have developed a large amount of Android intelligent machines, but a common problem of encountering is, mobile phone produce after middle channel business and end-retailer brush machine serious, bring thus a lot of software and hardware problems, safety problem, affect brand image concerning producer, increase after cost, loss value-added service income; Concerning the consumer, the user experiences and is destroyed by various advertisements, and telephone expenses are by illegal hidden discount, and privacy is invaded.
In order to introduce more clearly brush machine and principle of the present invention, the paper formation of the software systems of Android intelligent machine once, mainly comprise several parts as shown in table 1 here.
The formation of table 1 Android software of intelligent computer system
The thing that the brush machine is done, distorted system region (system.img) exactly, replaces or delete the preset content of producer, increases application or the background process of oneself.Because ordinary consumer can't be modified to system region, the person carries out the brush machine by this technological means at before sales exactly in batches illegally to brush the machine, thereby reaches the purpose sought private interests for a long time.
The peripheral driver that the drive part of inner core region has comprised equipment, the peripheral components difference that different equipment is used, drive also just difference, so this part content is that brush machine person can't revise and substitute.The present invention utilizes these characteristics just, adds the mechanism of inspection and verification at kernel-driven, and just effectively whether the detection of handset system region is tampered.Once find that system region is tampered, just stop the user normally to use (as restarting equipment or some key function of equipment was lost efficacy, as mobile phone can't be made a phone call), thereby reach the purpose of anti-brush machine.
Because Android system time that emerges is not long, very ripe and safe anti-brush machine technology not also at present.Rare principle of products is roughly as follows on the market at present:
1) the volume production software package is carried out to decompress(ion), software package comprises the each several part of enumerating in table 1;
2) revise rootfs (root file system) part of system region and inner core region, deposit therein enciphered message and add trace routine;
3) repack system region software and inner core region software;
4) after the start, newly-increased trace routine is carried out verification to system region, once find that system region is tampered restarts mobile phone.
The existing topmost problem of anti-brush machine scheme is the security deficiency, is easy to cracked by the machine person of brush and lost efficacy.
Can reference table 1, the information that existing scheme is deposited encryption is to be placed on system region or rootfs, but these two parts can, by brush machine person change, be replaced even fully.That is to say that brush machine person can change back (trace routine of adding as deleted you) you to the change of this part, replacement system district and rootfs even fully, can reach the purpose of brush machine.This takes like having put individual high definition DV video camera at home the process that the robber commits theft, and the robber has directly taken DV away together as a result.
In view of this, nowadays in the urgent need to designing a kind of new anti-brush machine system, in order to overcome the above-mentioned defect of existing anti-brush machine scheme.
Summary of the invention
Technical matters to be solved by this invention is: a kind of anti-brush machine method is provided, can solves the reliability and security problem of anti-brush machine, guarantee anti-validity of brushing machine technology.
For solving the problems of the technologies described above, the present invention adopts following technical scheme:
A kind of anti-brush machine method, described method comprises the steps:
A condition code of step S11, extraction system subregion;
Step S12, described condition code is encrypted to rear preservation;
Step S13, in device software, add trace routine for the check system district; Revise kernel-driven simultaneously, for communicating by letter with trace routine, guarantee the legitimacy of trace routine;
After step S14, start, trace routine is communicated by letter with kernel-driven; The condition code check system district that the trace routine utilization is preserved simultaneously;
Once step S15 communication failure or verification failure, think by the brush machine, stops the user normally to use.
Beneficial effect of the present invention is: the anti-brush machine method that the present invention proposes, solved the reliability and security problem of anti-brush machine, and guarantee anti-validity of brushing machine technology.And the anti-machine of brushing itself can guarantee the value-added service income concerning producer, safeguard brand image, reduce after cost; Reduce the poisoning possibility of user concerning the consumer, reduced the possibility that the user is maliciously deducted fees, reduced unnecessary harassing of advertisement etc.
The accompanying drawing explanation
Fig. 1 is the process flow diagram before this anti-brush machine embodiment of the method is dispatched from the factory.
Fig. 2 is the process flow diagram after this anti-brush machine embodiment of the method is dispatched from the factory.
Embodiment
Describe the preferred embodiments of the present invention in detail below in conjunction with accompanying drawing.
Embodiment mono-
The present invention mainly has been to provide a kind of safe and reliable anti-brush machine method, solves existing anti-brush machine Product Safety poor, the problem that reliability is low.Core concept of the present invention is to utilize kernel-driven to be revised and alternative characteristics by brush machine person, adds testing mechanism in kernel-driven, once find that system region is modified, equipment can't be worked, thereby reaches the purpose that stops the brush machine.
Due to the brush machine, the person can't revise and replace kernel-driven, and method adds testing mechanism exactly in kernel-driven the most intuitively, and concrete implementation step is as follows:
The condition code of step S11, extraction system subregion, such as using CRC;
Step S12, this CRC code is encrypted, is saved in kernel;
Step S13, add proving program in kernel, for scanning system subregion after start and calculate CRC;
Step S14, the condition code of preserving in deciphering 12 in kernel;
Step S15, contrast conting condition code out and the condition code decrypted; If both equate, think not by the brush machine; If not etc., think by the brush machine, stop the user normally to use, such as pointing out the user and restarting.
Above-mentioned implementation method security is very high, but, because the condition code after encrypting is kept at kernel, detection and computation process are all also to complete at kernel-driven, thus the trouble of implementing, and also dirigibility is good not.Such as the file of system partitioning has changed, the newly-generated new kernel of duplicate removal, this was unnecessary originally.
Consider based on this point, do following optimization on flow process:
Step S21, the trace routine that the condition code after encrypting is reached the system region verification are kept at system partitioning;
Step S22, modification kernel-driven, make it to communicate by letter with trace routine, guarantees the legitimacy of trace routine itself;
After step S23, start, kernel-driven and trace routine communicate, once communication abnormality think and to be stoped the user normally to use by the brush machine;
Step S24, trace routine check system district, once verification failure think and to be stoped normally and to use by the brush machine;
Refer to Fig. 1, Fig. 2, the concrete scheme of the present embodiment comprises: the step before dispatching from the factory and dispatch from the factory after step.
As shown in Figure 1, before dispatching from the factory, described method specifically comprises:
The condition code in step S101, extraction system district;
Step S102, condition code is encrypted to rear preservation;
Step S103, at system region, add trace routine, for the scanning system district, and the condition code of contrast after encrypting;
Step S104, add checking routine at kernel-driven, for guaranteeing the legitimacy of trace routine;
Step S105, generation volume production software;
Step S106, be burnt to mobile phone, dispatch from the factory.
As shown in Figure 2, after dispatching from the factory, described method specifically comprises:
Step S201, start;
Step S202, kernel-driven and trace routine are communicated by letter, if communication failure think by the brush machine stops the user normally to use;
The condition code check system district that step S203, trace routine utilization preserve, if verification failure think by the brush machine stops the user normally to use;
Core of the present invention is to utilize linux kernel to drive can't be revised and alternative characteristics by brush machine person, adds verification scheme in kernel, a kind of method that safety is provided and has utilized reliably kernel to stop Android system software to be modified.Specific embodiment can be directly in kernel-driven, to complete all verifying works; Can kernel-driven be also that trace routine itself is not placed on kernel-driven for guaranteeing the legitimacy of trace routine.
In sum, the anti-brush machine method that the present invention proposes, solved the reliability and security problem of anti-brush machine, guarantees anti-validity of brushing machine technology.And the anti-machine of brushing itself can guarantee the value-added service income concerning producer, safeguard brand image, reduce after cost; Reduce the poisoning possibility of user concerning the consumer, reduced the possibility that the user is maliciously deducted fees, reduced unnecessary harassing of advertisement etc.
Here description of the invention and application is illustrative, not wants by scope restriction of the present invention in the above-described embodiments.Here the distortion of disclosed embodiment and change is possible, and for those those of ordinary skill in the art, the various parts of the replacement of embodiment and equivalence are known.Those skilled in the art are noted that in the situation that do not break away from spirit of the present invention or essential characteristic, and the present invention can be with other form, structure, layout, ratio, and realizes with other assembly, material and parts.In the situation that do not break away from the scope of the invention and spirit, can carry out other distortion and change to disclosed embodiment here.