CN103500312A - Anti-flash method - Google Patents
Anti-flash method Download PDFInfo
- Publication number
- CN103500312A CN103500312A CN201310507201.6A CN201310507201A CN103500312A CN 103500312 A CN103500312 A CN 103500312A CN 201310507201 A CN201310507201 A CN 201310507201A CN 103500312 A CN103500312 A CN 103500312A
- Authority
- CN
- China
- Prior art keywords
- trace routine
- brush machine
- condition code
- kernel
- driven
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000004891 communication Methods 0.000 claims abstract description 6
- 238000012795 verification Methods 0.000 claims description 8
- 238000000605 extraction Methods 0.000 claims description 5
- 238000004321 preservation Methods 0.000 claims description 4
- 230000005856 abnormality Effects 0.000 claims description 3
- 230000002265 prevention Effects 0.000 claims 1
- 238000005516 engineering process Methods 0.000 abstract description 9
- 230000002159 abnormal effect Effects 0.000 abstract 1
- 238000005192 partition Methods 0.000 abstract 1
- 230000001680 brushing effect Effects 0.000 description 5
- 230000015572 biosynthetic process Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 231100000572 poisoning Toxicity 0.000 description 2
- 230000000607 poisoning effect Effects 0.000 description 2
- 238000000638 solvent extraction Methods 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an anti-flash method. The anti-flash method comprises the following steps that a feature code is extracted on a compiled system partition; the feature code is encoded and stored; a detection program is added in equipment software; a kernel driver is modified to be used for guaranteeing the legality of the detection program; after starting up, a program check system area is detected to be in communication with a kernel, if check fails or communication is abnormal, flashing is considered to be conducted, and normal using is stopped. The anti-flash method solves the reliability and safety problem of anti-flash, and the effectiveness of an anti-flash technology is guaranteed.
Description
Technical field
The invention belongs to field of computer technology, relate to a kind of anti-brush machine method, relate in particular to a kind of anti-brush machine method that can be used for Android equipment.
Background technology
Android (Chinese name Android) equipment comprises Android mobile phone, flat board, TV etc., under with " Android intelligent machine ", be called for short, the anti-brush machine technology of Android equipment refers to after the equipment that detects is by the brush machine, by stoping this equipment normal operation (as restart or make some key function inefficacy etc.), reach the purpose that stops the brush machine.Maximum characteristics of the present invention are to utilize kernel-driven to guarantee accurately to find whether Android system software is modified.
Android is the smart machine operating system of existing market share maximum, is based on the platform that Linux is dominated by Google and increases income, and it provides a set of complete Android intelligent machine solution.Current domestic all big enterprises have developed a large amount of Android intelligent machines, but a common problem of encountering is, mobile phone produce after middle channel business and end-retailer brush machine serious, bring thus a lot of software and hardware problems, safety problem, affect brand image concerning producer, increase after cost, loss value-added service income; Concerning the consumer, the user experiences and is destroyed by various advertisements, and telephone expenses are by illegal hidden discount, and privacy is invaded.
In order to introduce more clearly brush machine and principle of the present invention, the paper formation of the software systems of Android intelligent machine once, mainly comprise several parts as shown in table 1 here.
The formation of table 1 Android software of intelligent computer system
The thing that the brush machine is done, distorted system region (system.img) exactly, replaces or delete the preset content of producer, increases application or the background process of oneself.Because ordinary consumer can't be modified to system region, the person carries out the brush machine by this technological means at before sales exactly in batches illegally to brush the machine, thereby reaches the purpose sought private interests for a long time.
The peripheral driver that the drive part of inner core region has comprised equipment, the peripheral components difference that different equipment is used, drive also just difference, so this part content is that brush machine person can't revise and substitute.The present invention utilizes these characteristics just, adds the mechanism of inspection and verification at kernel-driven, and just effectively whether the detection of handset system region is tampered.Once find that system region is tampered, just stop the user normally to use (as restarting equipment or some key function of equipment was lost efficacy, as mobile phone can't be made a phone call), thereby reach the purpose of anti-brush machine.
Because Android system time that emerges is not long, very ripe and safe anti-brush machine technology not also at present.Rare principle of products is roughly as follows on the market at present:
1) the volume production software package is carried out to decompress(ion), software package comprises the each several part of enumerating in table 1;
2) revise rootfs (root file system) part of system region and inner core region, deposit therein enciphered message and add trace routine;
3) repack system region software and inner core region software;
4) after the start, newly-increased trace routine is carried out verification to system region, once find that system region is tampered restarts mobile phone.
The existing topmost problem of anti-brush machine scheme is the security deficiency, is easy to cracked by the machine person of brush and lost efficacy.
Can reference table 1, the information that existing scheme is deposited encryption is to be placed on system region or rootfs, but these two parts can, by brush machine person change, be replaced even fully.That is to say that brush machine person can change back (trace routine of adding as deleted you) you to the change of this part, replacement system district and rootfs even fully, can reach the purpose of brush machine.This takes like having put individual high definition DV video camera at home the process that the robber commits theft, and the robber has directly taken DV away together as a result.
In view of this, nowadays in the urgent need to designing a kind of new anti-brush machine system, in order to overcome the above-mentioned defect of existing anti-brush machine scheme.
Summary of the invention
Technical matters to be solved by this invention is: a kind of anti-brush machine method is provided, can solves the reliability and security problem of anti-brush machine, guarantee anti-validity of brushing machine technology.
For solving the problems of the technologies described above, the present invention adopts following technical scheme:
A kind of anti-brush machine method, described method comprises the steps:
A condition code of step S11, extraction system subregion;
Step S12, described condition code is encrypted to rear preservation;
Step S13, in device software, add trace routine for the check system district; Revise kernel-driven simultaneously, for communicating by letter with trace routine, guarantee the legitimacy of trace routine;
After step S14, start, trace routine is communicated by letter with kernel-driven; The condition code check system district that the trace routine utilization is preserved simultaneously;
Once step S15 communication failure or verification failure, think by the brush machine, stops the user normally to use.
Beneficial effect of the present invention is: the anti-brush machine method that the present invention proposes, solved the reliability and security problem of anti-brush machine, and guarantee anti-validity of brushing machine technology.And the anti-machine of brushing itself can guarantee the value-added service income concerning producer, safeguard brand image, reduce after cost; Reduce the poisoning possibility of user concerning the consumer, reduced the possibility that the user is maliciously deducted fees, reduced unnecessary harassing of advertisement etc.
The accompanying drawing explanation
Fig. 1 is the process flow diagram before this anti-brush machine embodiment of the method is dispatched from the factory.
Fig. 2 is the process flow diagram after this anti-brush machine embodiment of the method is dispatched from the factory.
Embodiment
Describe the preferred embodiments of the present invention in detail below in conjunction with accompanying drawing.
Embodiment mono-
The present invention mainly has been to provide a kind of safe and reliable anti-brush machine method, solves existing anti-brush machine Product Safety poor, the problem that reliability is low.Core concept of the present invention is to utilize kernel-driven to be revised and alternative characteristics by brush machine person, adds testing mechanism in kernel-driven, once find that system region is modified, equipment can't be worked, thereby reaches the purpose that stops the brush machine.
Due to the brush machine, the person can't revise and replace kernel-driven, and method adds testing mechanism exactly in kernel-driven the most intuitively, and concrete implementation step is as follows:
The condition code of step S11, extraction system subregion, such as using CRC;
Step S12, this CRC code is encrypted, is saved in kernel;
Step S13, add proving program in kernel, for scanning system subregion after start and calculate CRC;
Step S14, the condition code of preserving in deciphering 12 in kernel;
Step S15, contrast conting condition code out and the condition code decrypted; If both equate, think not by the brush machine; If not etc., think by the brush machine, stop the user normally to use, such as pointing out the user and restarting.
Above-mentioned implementation method security is very high, but, because the condition code after encrypting is kept at kernel, detection and computation process are all also to complete at kernel-driven, thus the trouble of implementing, and also dirigibility is good not.Such as the file of system partitioning has changed, the newly-generated new kernel of duplicate removal, this was unnecessary originally.
Consider based on this point, do following optimization on flow process:
Step S21, the trace routine that the condition code after encrypting is reached the system region verification are kept at system partitioning;
Step S22, modification kernel-driven, make it to communicate by letter with trace routine, guarantees the legitimacy of trace routine itself;
After step S23, start, kernel-driven and trace routine communicate, once communication abnormality think and to be stoped the user normally to use by the brush machine;
Step S24, trace routine check system district, once verification failure think and to be stoped normally and to use by the brush machine;
Refer to Fig. 1, Fig. 2, the concrete scheme of the present embodiment comprises: the step before dispatching from the factory and dispatch from the factory after step.
As shown in Figure 1, before dispatching from the factory, described method specifically comprises:
The condition code in step S101, extraction system district;
Step S102, condition code is encrypted to rear preservation;
Step S103, at system region, add trace routine, for the scanning system district, and the condition code of contrast after encrypting;
Step S104, add checking routine at kernel-driven, for guaranteeing the legitimacy of trace routine;
Step S105, generation volume production software;
Step S106, be burnt to mobile phone, dispatch from the factory.
As shown in Figure 2, after dispatching from the factory, described method specifically comprises:
Step S201, start;
Step S202, kernel-driven and trace routine are communicated by letter, if communication failure think by the brush machine stops the user normally to use;
The condition code check system district that step S203, trace routine utilization preserve, if verification failure think by the brush machine stops the user normally to use;
Core of the present invention is to utilize linux kernel to drive can't be revised and alternative characteristics by brush machine person, adds verification scheme in kernel, a kind of method that safety is provided and has utilized reliably kernel to stop Android system software to be modified.Specific embodiment can be directly in kernel-driven, to complete all verifying works; Can kernel-driven be also that trace routine itself is not placed on kernel-driven for guaranteeing the legitimacy of trace routine.
In sum, the anti-brush machine method that the present invention proposes, solved the reliability and security problem of anti-brush machine, guarantees anti-validity of brushing machine technology.And the anti-machine of brushing itself can guarantee the value-added service income concerning producer, safeguard brand image, reduce after cost; Reduce the poisoning possibility of user concerning the consumer, reduced the possibility that the user is maliciously deducted fees, reduced unnecessary harassing of advertisement etc.
Here description of the invention and application is illustrative, not wants by scope restriction of the present invention in the above-described embodiments.Here the distortion of disclosed embodiment and change is possible, and for those those of ordinary skill in the art, the various parts of the replacement of embodiment and equivalence are known.Those skilled in the art are noted that in the situation that do not break away from spirit of the present invention or essential characteristic, and the present invention can be with other form, structure, layout, ratio, and realizes with other assembly, material and parts.In the situation that do not break away from the scope of the invention and spirit, can carry out other distortion and change to disclosed embodiment here.
Claims (2)
1. an anti-brush machine method, is characterized in that, described method comprises the steps:
A condition code of step S11, extraction system subregion;
Step S12, described condition code is encrypted to rear preservation;
Step S13, add trace routine in device software; Revise kernel-driven simultaneously and communicate by letter with trace routine, for guaranteeing the legitimacy of trace routine itself;
After step S14, start, kernel-driven and trace routine communicate, once communication abnormality is thought and to be stoped normally and to use by the brush machine; The condition code check system district that simultaneously trace routine utilization is preserved, once the verification failure is thought and to be stoped normally and to use by the brush machine;
2. anti-brush machine method according to claim 1 is characterized in that:
Before dispatching from the factory, described method specifically comprises:
The condition code in step S101, extraction system district;
Step S102, condition code is encrypted to rear preservation;
Step S103, add trace routine in device software, for the scanning system district, the condition code after contrast is encrypted;
Step S104, at kernel-driven, add checking routine, communicate by letter for the trace routine with 103, guarantee that trace routine is not tampered;
Step S105, generate final volume production software;
Step S106, be burnt to equipment, dispatch from the factory;
After dispatching from the factory, described method specifically comprises:
Step S201, start;
Step S202, kernel-driven and trace routine are communicated by letter, once note abnormalities think by the brush machine, stop the user normally to use;
Step S203, trace routine recalculate the system region condition code, and and the condition code of preserving do contrast, if compare unsuccessfully think by the brush machine, the prevention user normally uses.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310507201.6A CN103500312B (en) | 2013-10-24 | 2013-10-24 | A kind of anti-flash method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310507201.6A CN103500312B (en) | 2013-10-24 | 2013-10-24 | A kind of anti-flash method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103500312A true CN103500312A (en) | 2014-01-08 |
| CN103500312B CN103500312B (en) | 2018-09-18 |
Family
ID=49865519
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310507201.6A Active CN103500312B (en) | 2013-10-24 | 2013-10-24 | A kind of anti-flash method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103500312B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110162308A (en) * | 2019-05-27 | 2019-08-23 | 湖南快乐阳光互动娱乐传媒有限公司 | A kind of method and system of intelligent terminal illegal |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102270287A (en) * | 2011-07-13 | 2011-12-07 | 中国人民解放军海军计算技术研究所 | Trusted software base providing active security service |
| CN102332070A (en) * | 2011-09-30 | 2012-01-25 | 中国人民解放军海军计算技术研究所 | Trust chain transfer method for trusted computing platform |
| CN102722669A (en) * | 2012-05-28 | 2012-10-10 | 清华大学 | Completeness verification method of operating system |
| CN103237118A (en) * | 2013-03-26 | 2013-08-07 | 东莞宇龙通信科技有限公司 | Mobile terminal startup method and system, and mobile terminal |
-
2013
- 2013-10-24 CN CN201310507201.6A patent/CN103500312B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102270287A (en) * | 2011-07-13 | 2011-12-07 | 中国人民解放军海军计算技术研究所 | Trusted software base providing active security service |
| CN102332070A (en) * | 2011-09-30 | 2012-01-25 | 中国人民解放军海军计算技术研究所 | Trust chain transfer method for trusted computing platform |
| CN102722669A (en) * | 2012-05-28 | 2012-10-10 | 清华大学 | Completeness verification method of operating system |
| CN103237118A (en) * | 2013-03-26 | 2013-08-07 | 东莞宇龙通信科技有限公司 | Mobile terminal startup method and system, and mobile terminal |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110162308A (en) * | 2019-05-27 | 2019-08-23 | 湖南快乐阳光互动娱乐传媒有限公司 | A kind of method and system of intelligent terminal illegal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103500312B (en) | 2018-09-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10972264B2 (en) | Method for realizing network electronic identity identification information protection based on key dispersion calculation | |
| CN105468478A (en) | Recovery method and apparatus for business data after application crash | |
| CN109558261B (en) | Method and system for acquiring abnormal log of wearable device | |
| CN104199654A (en) | Open platform calling method and device | |
| CN103294950A (en) | High-power secret information stealing malicious code detection method and system based on backward tracing | |
| CN101511083B (en) | Authentication method and terminal for telecom smart card | |
| CN107590396B (en) | Data processing method and device, storage medium and electronic equipment | |
| CN105933318A (en) | Data secret-keeping method, device and system | |
| CN104199657A (en) | Call method and device for open platform | |
| CN106775602A (en) | A kind of code dissemination method and device | |
| CN107465504A (en) | A kind of method and device for improving key safety | |
| CN102196317A (en) | Set-top box protection method and set-top box | |
| CN107066346A (en) | A kind of data back up method, data reconstruction method and device | |
| CN106559386A (en) | A kind of authentication method and device | |
| CN107948973B (en) | Equipment fingerprint generation method applied to IOS (input/output system) for security risk control | |
| CN112100689B (en) | Trusted data processing method, device and equipment | |
| CN108256351B (en) | File processing method and device, storage medium and terminal | |
| CN104579684B (en) | A kind of SM2 checking algorithms suitable for distribution network data | |
| CN111970122B (en) | Official APP identification method, mobile terminal and application server | |
| CN103500312A (en) | Anti-flash method | |
| CN110890979B (en) | Automatic deployment method, device, equipment and medium for fort machine | |
| CN111199007A (en) | Configuration method based on Web page, data encryption method and device | |
| CN110855753A (en) | Bank operation system, method and server | |
| CN109450643B (en) | Signature verification method realized on Android platform based on native service | |
| CN103795531A (en) | Secret key authentication method based on two-dimension code and system thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200212 Address after: 210000 No.18, Pusi Road, Jiangbei new district, Nanjing City, Jiangsu Province Patentee after: Nanjing Zhuowang Information Technology Co., Ltd Address before: 200233 Shanghai City, Xuhui District Road No. 680 Guiping Caohejing Innovation Center building 33, Room 806 Co-patentee before: Wang Fei Patentee before: Wang Zhihai |
|
| DD01 | Delivery of document by public notice | ||
| DD01 | Delivery of document by public notice |
Addressee: Wang Zhihai Document name: Notice of conformity |