CN104036201A - Application-layer file hiding method on Windows operating system - Google Patents
Application-layer file hiding method on Windows operating system Download PDFInfo
- Publication number
- CN104036201A CN104036201A CN201410286953.9A CN201410286953A CN104036201A CN 104036201 A CN104036201 A CN 104036201A CN 201410286953 A CN201410286953 A CN 201410286953A CN 104036201 A CN104036201 A CN 104036201A
- Authority
- CN
- China
- Prior art keywords
- file
- operating system
- hiding
- sector
- sector number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/80—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The invention discloses an application-layer file hiding method on the Windows operating system and belongs to the field of information security. The method is on the basis of an application layer, the system kernel is not involved, and only a client program runs in a master of a file to be hidden. Two modules, namely a file hiding module and a file reading module, are adopted. The file hiding module is used for hiding files in a file storage medium on the basis of an FAT 32 or NTFS file system, the hidden files are independent to the operating system and system partitions. The file reading module is used for recovering the hidden files to the operating system and displaying the files. By the aid of the method, lightweight files can be hidden on the Windows platform, operability is high, and security of information can be improved greatly, and integrity of the information can be protected.
Description
Technical field
The invention belongs to information security field, be specifically related to a kind of application layer file hiding method under Windows operating system.The file hiding of the lightweight under a kind of Windows operating system is mainly provided, makes file there is higher security and data integrity.The technology relating to mainly contains: under windows platform, direct control disk sector is carried out hiding of file and reads technology.
Background technology
Along with the development of internet, computing machine day by day universal, the information of transmitting in network presents explosive growth, meanwhile, the quantity of computer virus also grows with each passing day, and harm is also increasing, adds that Internet's is day by day perfect, online becomes a part for computer user's daily life, but online hacker's wildness further threatens again safety and normal use of computer user's data.At present, because the damnous example that is stolen of file on computing machine can be found everywhere.
For the protection of information, traditional mode is to adopt encryption technology, file is proceeded to encrypt.Encryption technology and concrete operating system independent, be decrypted when use, thereby reach the object of protected file.But encryption technology has certain limitation, its encryption strength depends on adopted cryptographic algorithm and key strength, once and forget and recover very difficult by key.And encryption can not prevent that file is stolen, once be stolen, just there is decrypted risk.
The mode that also has a kind of file hiding is hiding of characteristic based on file system itself, and this mode is main relevant to file system, instead of depends on moved operating system.For new technology file system, in patent " file hiding method (application number: 03118546.0) " based on NTFS disk file system structure, a kind of method of carrying out file hiding by data stream is proposed.But this method needs copied files to arrive in the middle of stream, and be limited in new technology file system, limitation is larger.
A kind of method of wanting the index record that hidden file is corresponding of directly deleting in file index of mentioning in patent " lightweight file hidden method under new technology file system (application number: CN200910045412.6) ", can hide any file, and efficiency is not affected by file size.But the method is not considered the situation that data are capped, after file record is deleted, the corresponding positions of $ Bitmap meta file can not be flagged as and not use, hiding data before later file will cover.
Patent " realize under Windows system the method for utilizing disk to hide sector protected data (application number: 02155511.7) " is hidden file by hard disk HPA, and the method, by creating disk HPA, manages to realize hiding of file to HPA.But it is larger that this method relies on HPA system, and may need existing subregion to change, operation inconvenience.
Summary of the invention
For the shortcoming of above-mentioned prior art, the object of the invention is to propose a kind of file hiding method based on Windows operating system, by the utilization to disk partition gap and disk reserve sector, realization is hidden specified file, solves data file security and integrity issue.
For addressing the above problem, the present invention adopts following technical scheme:
An application layer file hiding method under Windows operating system, the method for reading data that comprises data-hiding method and recover for hiding data, wherein, the concrete steps of described file hiding method are:
Disk partition table under step a1, traversal Windows operating system, finds the start sector number of each subregion and finishes sector number, finds the sector number of sector, disk end.
Step a2, the partition information finding according to the first step, calculate utilizable subregion gap and available sector, end.
Scattered the utilized sector that step a3, tissue get, forms complete a utilized space.Step a4, initialization is carried out in the space obtaining in the 3rd step, corresponding data structures is set, the relevant information of minute book small files system.
Step a5, file that will be hiding are saved in the middle of corresponding space after by corresponding regular compress-encrypt, log file relevant information.
The method for reading data recovering for hiding data specifically comprises the steps:
Step b1: the disk partition table under traversal Windows operating system, find the start sector number of each subregion and finish sector number, find the sector number of sector, disk end.
Step b2: the partition information finding according to the first step, calculates the sector number at the system head place of this small files system.
Step b3: according to the sector number at this small files system place obtaining in second step, read relevant information, obtain the relevant information of the file in space.
Step b4: according to the fileinfo obtaining in the 3rd step, specified file is read, deciphering is saved in the middle of operating system after decompressing.
Further, all operations are all to complete under application layer, do not relate to the kernel operations of system.
Further, the hiding of file is that the file that belongs to Windows operating system is originally independent of to operating system and system partitioning, and fileinfo is saved in to other places, and the data in its file are also kept in the middle of hard disk.
Further, the core that file hiding and file read is all the utilization to subregion gap and reserve sector above disk, preserved therein the distribution in utilized space and the fileinfo of preservation in this small files system, can be from storage medium direct reading out data.
Further, operating system destroyed or reinstall and subregion reformatting after, as long as no carrying out subregion again, relevant information in this small files system can be not destroyed, still be kept in the middle of disk, still can be complete by client-side program read the file of having preserved.
Further, the thought of this patent hidden file is not destroy under the prerequisite of existing operating system and file system, by the utilization of disk partition gap and reserve sector being reached to the object of hidden file, hide and read all and bring in complete operation by special client, reaching the thought of file hiding object with this.
Compared with prior art, this method has following advantage:
Hidden file operation and operating system independent, even refitting system or format subregion, as long as no subregion is adjusted, hiding file can not be capped, and can ensure to greatest extent the integrality of file.
Hidden file operation and file system are irrelevant, and no matter the file layout of subregion is NTFS or FAT32, can not affect the hiding of file.
Hiding file and operating system are relatively independent, and except using special client-side program, other approach cannot be found the existence of hidden file, more cannot obtain the file after compress-encrypt.Improve greatly the security of hidden file.
Brief description of the drawings
Fig. 1 is file hiding process flow diagram;
Fig. 2 is that file reads process flow diagram.
Embodiment
Below in conjunction with the drawings and the specific embodiments, this method is further described.
Application layer file hiding method under this Windows is divided into two modules, and data are hidden module and data read module.
1. the hiding module concrete operation step of data is:
[1]: the disk partition table under traversal Windows operating system, find the start sector number of each subregion and finish sector number, calculate the sector number of sector, disk end (reserve sector fan) by disk total bytes.
[2]: the partition information finding according to the first step and disk end sector auxiliary information, calculate the end position of each subregion to the sector auxiliary information between the reference position of next subregion, and the end position of last subregion is to the sector auxiliary information at disk end, obtains this programme utilizable subregion gap and available sector, end information.
[3]: scattered the utilized sector that gets of tissue, by it is carried out to mapping management, forms a continuous complete space that utilizes in logic.
[4]: initialization is carried out in the space obtaining in the 3rd step, corresponding data structures is set, the free space of the small files system of minute book conceptual design, free space, the relevant informations such as file distribution.
[5]: file that will be hiding is saved in the middle of corresponding free space according to the order of inverted order after by compress-encrypt, in file system head log file title, size, the information such as position are revised available sector quantity, the information such as quantity of documents simultaneously.
2. the concrete steps of method for reading data are:
[1]: the disk partition table under traversal Windows operating system, find the start sector number of each subregion and finish sector number, calculate the sector number of sector, disk end by disk total bytes.
[2]: the partition information finding according to the first step, obtain the sector number of sector, disk end, according to the small files system of this programme design, the sector at disk end is exactly the sector at the system head place of the small files system of this programme design.
[3]: according to the sector number at this small files system place obtaining in second step, file reading system related information, obtains the available sector in space, the relevant informations such as file.
[4]: according to the fileinfo obtaining in the 3rd step, specified file is read, after then decompressing by deciphering, be saved in the middle of operating system.
Claims (3)
1. the application layer file hiding method under Windows operating system, is characterized in that, the method for reading data that comprises data-hiding method and recover for hiding data, and wherein, the concrete steps of described file hiding method are:
Step a1: the disk partition table under traversal Windows operating system, find the start sector number of each subregion and finish sector number, find the sector number of sector, disk end;
Step a2: the partition information finding according to step a1, calculates utilizable subregion gap and available sector, end;
Step a3: scattered the utilized sector that tissue gets, forms complete a utilized space;
Step a4: initialization is carried out in the space obtaining in step a3, corresponding data structures is set, the relevant information of minute book small files system;
Step a5: file that will be hiding is saved in the middle of corresponding space after by corresponding regular compress-encrypt, log file relevant information;
The concrete steps of method for reading data are:
Step b1: the disk partition table under traversal Windows operating system, find the start sector number of each subregion and finish sector number, find the sector number of sector, disk end;
Step b2: the partition information finding according to step b1, calculates the sector number at the system head place of the small files system of this programme design;
Step b3: according to the sector number at this small files system place obtaining in step b2, read relevant information, obtain the relevant information of the file in space;
Step b4: according to the fileinfo obtaining in step b3, specified file is read, deciphering is saved in the middle of operating system after decompressing.
2. according to the application layer file hiding method below a kind of Windows operating system described in claim 1, it is characterized in that: all operations are all to complete under application layer, do not relate to the kernel operations of system.
3. according to the application layer file hiding method below a kind of Windows operating system described in claim 1, it is characterized in that: adopt disk read-write technology, by the direct control to sector, originally the file that belongs to Windows operating system is independent of to operating system and system partitioning is stored in other place, data in its file remain in hard disk, realize hiding of file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410286953.9A CN104036201A (en) | 2014-06-25 | 2014-06-25 | Application-layer file hiding method on Windows operating system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410286953.9A CN104036201A (en) | 2014-06-25 | 2014-06-25 | Application-layer file hiding method on Windows operating system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104036201A true CN104036201A (en) | 2014-09-10 |
Family
ID=51466968
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410286953.9A Pending CN104036201A (en) | 2014-06-25 | 2014-06-25 | Application-layer file hiding method on Windows operating system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104036201A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104408377A (en) * | 2014-10-29 | 2015-03-11 | 北京锐安科技有限公司 | Evidence data hidden storage method and device |
| CN104504345A (en) * | 2014-12-20 | 2015-04-08 | 无敌科技(西安)有限公司 | Device and method for hiding documents to be protected of card in universal documentation system |
| CN106909855A (en) * | 2017-03-24 | 2017-06-30 | 腾讯科技(深圳)有限公司 | File hiding method and device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1506853A (en) * | 2002-12-09 | 2004-06-23 | 联想(北京)有限公司 | Method of utilizing hidden hard disc sector in protecting data under Windows system |
| CN103544443A (en) * | 2013-10-28 | 2014-01-29 | 电子科技大学 | Application layer file hiding method under NTFS file system |
-
2014
- 2014-06-25 CN CN201410286953.9A patent/CN104036201A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1506853A (en) * | 2002-12-09 | 2004-06-23 | 联想(北京)有限公司 | Method of utilizing hidden hard disc sector in protecting data under Windows system |
| CN103544443A (en) * | 2013-10-28 | 2014-01-29 | 电子科技大学 | Application layer file hiding method under NTFS file system |
Non-Patent Citations (1)
| Title |
|---|
| 蔡风华: "基于FAT32文件系统的文件隐藏研究与实现", 《华中科技大学硕士学位论文》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104408377A (en) * | 2014-10-29 | 2015-03-11 | 北京锐安科技有限公司 | Evidence data hidden storage method and device |
| CN104504345A (en) * | 2014-12-20 | 2015-04-08 | 无敌科技(西安)有限公司 | Device and method for hiding documents to be protected of card in universal documentation system |
| CN106909855A (en) * | 2017-03-24 | 2017-06-30 | 腾讯科技(深圳)有限公司 | File hiding method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7949693B1 (en) | Log-structured host data storage | |
| CN101854392B (en) | Personal data management method based on cloud computing environment | |
| US10742633B2 (en) | Method and system for securing data | |
| TWI507891B (en) | Electronic device, cloud storage system for managing cloud storage spaces, method and computer program product thereof | |
| CN101408916B (en) | Internet software internet privacy protection method | |
| US20110314534A1 (en) | Secured Execution Environments and Methods | |
| US8495392B1 (en) | Systems and methods for securely deduplicating data owned by multiple entities | |
| US10007809B1 (en) | Fine-grained self-shredding data in a secure communication ecosystem | |
| US11249672B2 (en) | Low-cost backup and edge caching using unused disk blocks | |
| US20110264925A1 (en) | Securing data on a self-encrypting storage device | |
| US8219766B1 (en) | Systems and methods for identifying the presence of sensitive data in backups | |
| CN101082883A (en) | Storage apparatus having multiple layer encrypting protection | |
| US20140129848A1 (en) | Method and Apparatus for Writing and Reading Hard Disk Data | |
| CN104239820A (en) | Secure storage device | |
| WO2012050563A1 (en) | Managing shared data using a virtual machine | |
| CN104036201A (en) | Application-layer file hiding method on Windows operating system | |
| US20180225179A1 (en) | Encrypted data chunks | |
| CN103544443A (en) | Application layer file hiding method under NTFS file system | |
| EP2998903B1 (en) | System and method for robust full-drive encryption | |
| CN103379133A (en) | Safe and reliable cloud storage system | |
| US9767306B2 (en) | Secured data storage on a hard drive | |
| CN104463510A (en) | Finance management system | |
| CN104123371A (en) | Transparent Windows kernel file filtering method based on hierarchical file system | |
| CN103745170A (en) | Processing method and device for disk data | |
| Srinivasan et al. | HIDEINSIDE—A novel randomized & encrypted antiforensic information hiding |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Zhang Xiaosong Inventor after: Niu Weina Inventor after: Li Jie Inventor after: Wang Junfeng Inventor after: Wang Biao Inventor before: Zhang Xiaosong Inventor before: Xiang Qi Inventor before: Niu Weina Inventor before: Li Jie Inventor before: Chen Ruidong Inventor before: Wang Dong Inventor before: Li Jinshuan Inventor before: Ji Fengyu Inventor before: Xu Yunqing Inventor before: Bao Kai |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140910 |