Background technology
Android (Chinese name Android) equipment includes Android phone, tablet, TV etc., under with " Android intelligent machine " letter
Claim, the anti-flash technology of Android device refers to after detecting equipment by brush machine, by preventing equipment normal work (such as weight
Open or make certain key function failures etc.), achieve the purpose that prevent brush machine.The maximum feature of the present invention is true using kernel-driven
Definitely really find whether Android system software is changed.
Android is the maximum smart machine operating system of existing market share, is dominated simultaneously by Google based on Linux
The platform increased income, it provides the Android intelligent machine solution of complete set.All big enterprises of the country have developed at present
A large amount of Android intelligent machine is gone out, but the common problem encountered is middle channel quotient and terminal after mobile phone is produced
Retailer's brush machine is serious, thus brings many software and hardware problems, safety problem, brand image is influenced for producer, increase is sold
Cost afterwards, loss value-added service income;User experience is destroyed by various advertisements for consumer, and telephone expenses are hidden by illegal hidden discount
Private is invaded.
Brush machine and the principle of the present invention are introduced in order to clearer, introduces the software system of Android intelligent machine first here
The composition of system includes mainly several parts as shown in Table 1.
The composition of 1 Android software of intelligent computer system of table
The thing that brush machine is done exactly distorts system area (system.img), replaces or to delete producer preset
Content increases oneself application or background process.Since ordinary consumer can not modify to system area, illegal brush machine person is just
It is that brush machine is carried out in before sales batch by this technological means, to achieve the purpose that seek private interests for a long time.
The drive part of inner core region contains the peripheral driver of equipment, and the peripheral components used in different equipment are different, drives
It is dynamic also just different, therefore to be brush machine person can not change and substitute this partial content.The present invention exactly utilizes this feature, inside
The mechanism for checking and verifying is added in core driving, so that it may effectively to detect whether cell phone system area is tampered.Once it was found that system
Area is tampered, just prevent user normal use (such as restarting equipment or certain key functions of equipment is made to fail, such as allow mobile phone without
Method is made a phone call), to achieve the purpose that anti-flash.
Since Android system emerges, the time is not long, and there is presently no highly developed and safe anti-flash technologies.At present
On the market rare principle of products approximately as:
1) volume production software package is decompressed, software package includes each section enumerated in table 1;
2) rootfs (root file system) part of system area and inner core region is changed, store encryption information wherein and is added
Enter to detect program;
3) system area software and inner core region software are repacked;
4) the detection program increased newly after being switched on verifies system area, restarts hand if finding that system area is tampered
Machine.
The existing most important problem of anti-flash scheme is safety deficiency, it is easy to be cracked and failed by brush machine person.
Can be with reference table 1, existing scheme stores encrypted information and is placed on system area or rootfs, but this two parts is
It can be changed by brush machine person, or even replace completely.That is brush machine person can be changeed back you to the change of this part
(the detection program for such as deleting your addition), or even replacement system area and rootfs completely, you can achieve the purpose that brush machine.This is all right
The process that robber commits theft is shot than having put a high definition DV video cameras at home, as a result robber directly together takes DV away.
In view of this, nowadays there is an urgent need to design a kind of new anti-flash system, to overcome existing anti-flash scheme
Drawbacks described above.
Invention content
The technical problem to be solved by the present invention is to:A kind of anti-flash method is provided, can solve the reliability of anti-flash with
Safety issue, it is ensured that the validity of anti-flash technology.
In order to solve the above technical problems, the present invention adopts the following technical scheme that:
A kind of anti-flash method, described method includes following steps:
Step S11, a condition code of extraction system subregion;
Step S12, it is preserved after described document information being encrypted;
Step S13, detection program is added in device software and is used for check system area;Kernel-driven is changed simultaneously, is used for
With detection interprogram communication, it is ensured that detect the legitimacy of program;
Step S14, program and kernel-driven communication are detected after booting;Program is detected simultaneously using the feature code check preserved
System area;
Once step S15, communication failure or verification failure, then it is assumed that by brush machine, prevent user's normal use.
The beneficial effects of the present invention are:Anti-flash method proposed by the present invention solves the reliability and peace of anti-flash
Full sex chromosome mosaicism, it is ensured that the validity of anti-flash technology.And anti-flash itself can guarantee that value-added service is taken in for producer, safeguard
Brand image reduces after cost;The possibility for reducing user's poisoning for consumer, reduces user and is maliciously deducted fees
Possibility, reduce unnecessary harassing of advertisement etc..
Embodiment one
Mainly there is provided a kind of safe and reliable anti-flash methods by the present invention, solve existing anti-flash Product Safety
Difference, the low problem of reliability.Core of the invention thought be using kernel-driven can not by brush machine person change and substitute the characteristics of,
Testing mechanism is added in kernel-driven, once finding that system area is changed, equipment is made to can not work normally, is prevented to reach
The purpose of brush machine.
Due to brush machine, person can not change and replace kernel-driven, and most intuitive method is exactly that detection is added in kernel-driven
Mechanism, specific implementation step are as follows:
Step S11, the condition code of extraction system subregion, for example use CRC;
Step S12, the CRC code is encrypted, is saved in kernel;
Step S13, proving program is added in kernel, for scanning system subregion after powering and calculates CRC;
Step S14, the condition code preserved in decryption 12 in kernel;
Step S15, the condition code that contrast conting comes out and the condition code decrypted;If the two is equal, then it is assumed that do not have
Have by brush machine;If differed, then it is assumed that by brush machine, prevent user's normal use, for example prompt user and restart.
Above-mentioned implementation method safety is very high, but since encrypted condition code is stored in kernel, detection and calculating process
Also all it is to be completed in kernel-driven, it is achieved that trouble of getting up, and flexibility is not good enough.For example the file of system partitioning occurs
Change, to go to regenerate new kernel, this was unnecessary originally.
Based on this consideration, following optimization is done in flow:
Step S21, it is stored in system partitioning encrypted condition code and to the detection program of system area verification;
Step S22, kernel-driven is changed, is allowed to and detection interprogram communication, it is ensured that the legitimacy of detection program itself;
Step S23, kernel-driven and detection program are communicated after booting, are thought if communication abnormality by brush machine,
Prevent user's normal use;
Step S24, program ver-ify system area is detected, thinks to prevent normal use by brush machine if verifying failure;
It please refers to Fig.1, Fig. 2, the concrete scheme of the present embodiment includes:The step after step and manufacture before manufacture.
As shown in Figure 1, before manufacture, the method specifically includes:
Step S101, the condition code in extraction system area;
Step S102, it is preserved after condition code being encrypted;
Step S103, detection program is added in system area, is used for scanning system area, and compare encrypted condition code;
Step S104, checking routine is added in kernel-driven, the legitimacy for ensuring detection program;
Step S105, volume production software is generated;
Step S106, it is burnt to mobile phone, is dispatched from the factory.
As shown in Fig. 2, after manufacture, the method specifically includes:
Step S201, it is switched on;
Step S202, kernel-driven and detection interprogram communication are thought, by brush machine, to prevent user normal if communication failure
It uses;
Step S203, detection program is thought if verifying failure by brush machine using the condition code check system area preserved,
Prevent user's normal use;
Core of the invention is the characteristics of can not being changed and be substituted by brush machine person using linux kernel driving, in kernel
Verification scheme is added, provides a kind of safety and the reliable method changed using kernel prevention Android system software.Specifically
Embodiment can be that all verifying works are directly completed in kernel-driven;Can also kernel-driven be only intended to ensure to examine
The legitimacy of ranging sequence, detection program itself are not placed on kernel-driven.
In conclusion anti-flash method proposed by the present invention, solves the problems, such as the reliability and security of anti-flash, it is ensured that
The validity of anti-flash technology.And anti-flash itself can guarantee that value-added service is taken in, and safeguards brand image for producer, reduce
After cost;The possibility for reducing user's poisoning for consumer, reduces the possibility that user is maliciously deducted fees, reduces
Unnecessary harassing of advertisement etc..
Description and application of the invention herein are illustrative, is not wishing to limit the scope of the invention to above-described embodiment
In.The deformation and change of embodiments disclosed herein are possible, real for those skilled in the art
The replacement and equivalent various parts for applying example are well known.It should be appreciated by the person skilled in the art that not departing from the present invention
Spirit or essential characteristics in the case of, the present invention can in other forms, structure, arrangement, ratio, and with other components,
Material and component are realized.Without departing from the scope and spirit of the present invention, can to embodiments disclosed herein into
The other deformations of row and change.