CN104239792A - Cloud-based two-dimension code safety protecting method and device - Google Patents

Cloud-based two-dimension code safety protecting method and device Download PDF

Info

Publication number
CN104239792A
CN104239792A CN 201310249814 CN201310249814A CN104239792A CN 104239792 A CN104239792 A CN 104239792A CN 201310249814 CN201310249814 CN 201310249814 CN 201310249814 A CN201310249814 A CN 201310249814A CN 104239792 A CN104239792 A CN 104239792A
Authority
CN
China
Prior art keywords
dimensional code
step
cloud
module
information
Prior art date
Application number
CN 201310249814
Other languages
Chinese (zh)
Inventor
不公告发明人
Original Assignee
广州杰赛科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 广州杰赛科技股份有限公司 filed Critical 广州杰赛科技股份有限公司
Priority to CN 201310249814 priority Critical patent/CN104239792A/en
Publication of CN104239792A publication Critical patent/CN104239792A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links

Abstract

An embodiment of the invention provides a cloud-based two-dimension code safety protecting method and device. The method includes step A, scanning a two-dimension code; step B, decoding the two-dimension code, and acquiring two-dimension code information; step C, judging whether the two-dimension code information contains an internet access request or not; step D, checking safety of an address of the internet access request; step E, providing the two-dimension code to an application. By the cloud-based two-dimension code safety protecting method and device, a user is helped to recognize bad information in scanned information by monitoring and checking decoded information, so that harmful influence generated by the bad information is avoided, and safety and benefit of the user are protected.

Description

—种基于云的二维码安全防护方法及装置 - two-dimensional code security method and apparatus for cloud-based species

技术领域 FIELD

[0001] 本发明涉及信息安全防护领域,尤其是涉及对二维码恶意信息防护的方法和装置。 [0001] The present invention relates to information security, and in particular relates to a method and apparatus for the two-dimensional code malicious information protection.

背景技术 Background technique

[0002] 二维码(2-dimens1nal bar code),又称二维条码,最早起源于日本,原本是Denso Wave公司为了追踪汽车零部件而设计的一种条码。 [0002] two-dimensional code (2-dimens1nal bar code), also known as two-dimensional bar code, originated in Japan, was originally a barcode Denso Wave company in order to track auto parts and design. 通过用某种特定的几何图形按一定规律在平面(二维方向)分布的黑白相间的图形记录数据符号信息的;在代码编制上巧妙地利用构成计算机内部逻辑基础的比特流的概念,使用若干个与二进制相对应的几何形体来表示文字数值信息,通过图象输入设备或光电扫描设备自动识读以实现信息自动处理:它具有条码技术的一些共性:每种码制有其特定的字符集;每个字符占有一定的宽度;具有一定的校验功能等。 Black and white by treatment with a specific geometry according to certain rules in a planar (two-dimensional direction) of the distribution pattern of the recording data symbols; on Coding of clever use of internal logic form the basis of the concept of computer bitstream, several a binary geometry corresponding text numerical information represented by the image input device or optoelectronic scanning device automatically read information to implement the automatic processing: it has some common bar code technology: each code system has its specific character set ; each character occupies a certain width; checksum has a certain function. 同时还具有对不同行的信息自动识别功能、及处理图形旋转变化等特点。 It also has the function of automatic identification information different rows, and graphic processing and so rotation changes. 在许多种类的二维条码中,常用的码制有:Data Matrix, MaxiCode, Aztec, QRCode, Vericode, PDF417, Ultracode, Code 49, Code 16K 等,其中F*DF417 的码制公开已形成国际标准,我国也已制定了417码的国际标准。 In many types of two-dimensional bar code, common code system has: Data Matrix, MaxiCode, Aztec, QRCode, Vericode, PDF417, Ultracode, Code 49, Code 16K, etc., where F * DF417 code system has been disclosed in an international standard, China has also developed an international standard of 417 yards. TOF417在编码时有三种格式:扩展的字母数字压缩格式可容纳1850个字符;二进制/ASCII格式可容纳1108个字节;数字压缩格式可容纳2710个数字 There TOF417 when encoding three formats: an extended compression format alphanumeric characters can accommodate 1850; binary / ASCII format can hold 1108 bytes; digital compressed digital format with 2710

二维码具有高密度编码,信息容量大、编码范围广、容错能力强,具有纠错功能、译码可靠性高、可引入加密措施、成本低、易制作、持久耐用等特点,因此得到了各个领域的广泛应用,如:产品防伪/溯源、广告推送、网站链接、数据下载、商品交易、定位/导航、电子凭证、车辆管理等等领域。 Encoded two-dimensional code having a high density, large capacity of information, a wide range of encoding, fault-tolerant capability, an error correcting function, high-reliability decoding, encryption may be introduced, low cost, easy to manufacture, durable and so on, thus obtained widely used in various fields, such as: product security / traceability, advertising push, website links, download data, commodity trading, position / navigation, electronic documents, vehicle management and so on the field. 随着微信在移动终端越来越普及,微信的二维码扫一扫功能也越来越受到大家的青睐,某些年轻人甚至成为的“扫描控”,对不明来历的二维码也会顺手扫一扫,这将给用户带来一些不可预估的风险。 With the micro-channel is becoming increasingly popular in the mobile terminal, micro-channel two-dimensional code sweep the functions are more and more people of all ages, some even become young "Scan Control", the two-dimensional code of unknown origin will easily sweep swept away, giving the user some risks can not be estimated.

[0003] 据《2012年上半年全球手机安全报告》显示,2012年上半年查杀到手机恶意软件17676款,而其中二维码技术成为手机病毒、钓鱼网站传播的新渠道。 [0003] According to the "first half of 2012 the global mobile security report" shows that the first half of 2012 to killing mobile malware 17676 models, of which two-dimensional code technology as a new channel of mobile phone viruses, phishing sites spread. 扫描二维码有时候会刷出一条链接,提示下载软件,而有的软件可能藏有病毒。 Sometimes two-dimensional code scanning will brush out a link prompts to download software, and some software may harbor the virus. 其中一部分病毒下载安装后会对手机、平板电脑造成影响;还有部分病毒则是犯罪分子伪装成应用的吸费木马,一旦下载就会导致手机自动发送信息并扣取大量话费。 After which part of the virus will download and install the mobile phone, tablet impact; there are some viruses are criminals masquerading as smoking costs the application of the Trojan, once downloaded it will cause the phone to automatically send information and deducted a lot of calls. ,二维码本身不会携带病毒,但很多病毒软件可以利用二维码下载。 Two-dimensional code itself does not carry the virus, but a lot of virus software can take advantage of two-dimensional code download. 然而,很多手机目前都使用开放式的手机平台,如果下载了这样的病毒软件,就会'霸占'手机的短信发送接口,在用户不知道的情况下发送短信。 However, many mobile phones currently use an open mobile platform, so if you download a virus software, it will 'occupy' mobile phones to send text messages interface to send text messages without the user's knowledge. 这类短信往往都要扣除I元甚至10元的话费,手机话费就在用户懵懵懂懂之际快速流失,进了坏人的腰包。 Such messages often have to deduct I yuan or 10 yuan bill, phone bill would quickly be lost in the muddle user on the occasion, into the pockets of the bad guys.

[0004] 因此,随着二维码使用的普及和广泛,尤其是移动互联网技术的成熟和智能手机的普及,例如很多人手机都安装微信软件,通过该软件的扫一扫来扫描二维码添加联系人,或者安装一个二维码扫描软件,直接扫描二维码,部分人已经变成“扫描控”,见到任何二维码都扫描一下,从而加大了二维码中毒的风险,因此,二维码的安全防护形式日益严峻,迫切的需要一种机制能够识别和阻止有害信息通过二维码进行散播。 [0004] Thus, with the popularity and widespread use of two-dimensional code, in particular a mature popularity of smart phones and mobile Internet technology, many phones are installed, for example, micro-channel software to scan sweep by sweeping the two-dimensional code software add a contact, or install a two-dimensional code scanning software, scan directly dimensional code, some people have become "scan control" to see any two-dimensional code scanning all about, thus increasing the risk of poisoning two-dimensional code, Therefore, security in the form of two-dimensional code of increasingly serious, urgent need for a mechanism to identify and prevent harmful information spread through the two-dimensional code.

发明内容 SUMMARY

[0005] 本发明实施例提出一种基于云的二维码安全防护方法,步骤A,扫描二维码;步骤B,解码所述二维码并获取二维码信息;步骤C,判断所述二维码信息是否包含上网请求;步骤D,对上网请求地址的安全性进行审核;步骤E,提供所述二维码到应用。 [0005] Example proposed two-dimensional code security method of the present invention, cloud-based, step A, two-dimensional code scan; procedure B, decoding the two-dimensional code and acquires the two-dimensional code information; step C, and determining the QR code contains access request; procedure D, the Internet security audit request address; step E, to provide the two-dimensional code to the application.

[0006] 更进一步,所述步骤A和步骤B中,所述二维码为相关联的N个二维码,所述二维码信息是N个二维码解码信息拼接结果,其中N > 2。 [0006] Still further, the step A and step B, the two-dimensional code is associated with the N-dimensional code, the two-dimensional code information is the N-dimensional code information decoded image mosaic, where N> 2.

[0007] 更进一步,所述步骤B后还包括步骤F,将步骤B中获得的二维码信息锁定,不允许更改。 [0007] Still further, after the said step B further comprises the step of F., Obtained in Step B QR code locked from change.

[0008] 更进一步,所述步骤C中判断所述二维码信息不包含上网请求,跳转到步骤E。 [0008] Still further, in the step C determines said two-dimensional code information does not include the Internet request, proceeds to step E.

[0009] 更进一步,所述步骤D中,通过云端对上网请求地址的安全性进行审核,返回审核结果。 [0009] Still further, the step D, the Internet security audit request address by cloud returns audit results.

[0010] 本发明还提供一种应用前述方法的基于云的二维码安全防护装置。 [0010] The present invention also provides a method of application of the safety device of the two-dimensional code based on the cloud.

[0011] 更进一步,包括控制模块,扫描模块,解码模块,存储模块,判断模块和通信模块;所述控制模块提供全局控制,由所述扫描模块对二维码进行扫描,所述解码模块对扫描结果进行解码获得二维码信息,存储到所述存储模块中,所述判断模块判断所述二维码信息是否需要进行审核,所述通信模块将需要审核的所述二维码信息发送出去,并接收审核结果,返回到所述控制模块。 [0011] Still further, it comprises a control module, a scanning module, a decoding module, a storage module, a determination module and a communication module; global control of the control module, the two-dimensional code is scanned by the scanning module, the decoding module scanning result obtained by decoding the QR code, into the storage module, the judging module determines whether the QR code needs to be reviewed, the two-dimensional code information of the communication module is sent to review and receives the audit result is returned to the control module.

[0012] 更进一步,所述通信模块与云端通信,并由云端对所述二维码信息审核,返回审核结果。 [0012] Still further, the communication module with the cloud, the cloud by the QR code audit, the audit results returned.

[0013] 本发明实施例提供的基于云的二维码安全防护方法及装置,通过对解码信息进行监控和审核,帮助用户识别扫描信息中的不良信息,从而避免了这些不良信息产生有害影响,对用户的安全和利益起到防护作用。 [0013] The present invention provides a two-dimensional code security cloud-based method and apparatus, by monitoring the decoding information and audit information to help the user identify bad scan information, thereby avoiding the harmful effects of these harmful information, the user's security and interests play a protective role.

附图说明 BRIEF DESCRIPTION

[0014] 图1展示基于云的二维码安全防护方法流程图; [0014] FIG. 1 shows a flowchart of the two-dimensional code cloud-based security method;

图2展示基于云的二维码安全防护装置结构图。 2 shows a two-dimensional code based on the safety guard structure of FIG cloud.

具体实施方式 Detailed ways

[0015] 下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,本发明实例在附图中示出,尽管将结合这些实施例来描述本发明,应该理解其并非要将本发明限制为这些实施例。 [0015] The present invention in conjunction with the following drawings in the embodiments, the technical solutions in the embodiments of the present invention will be clearly and fully described, examples of the present invention is illustrated in the drawings, although the embodiments described in conjunction with these embodiments of the present invention , it should be understood that it is not want to limit the invention to these embodiments. 相反,本发明意欲覆盖可包括在所附权利要求所限定的精神和范围内的替换、修改和等效形式。 In contrast, the present invention is intended to cover may comprise alternatives, modifications and equivalents of the appended claims within the spirit and scope defined. 另外,在对本发明实施例的以下详述中,提出了很多具体细节以使本发明得到彻底理解。 In the following detailed description of embodiments of the present invention, numerous specific details are provided to give a thorough understanding of the present invention. 然而,本领域普通技术人员将认识到,没有这些具体细节也可实施本发明。 However, one of ordinary skill in the art will recognize, may be practiced without these specific details embodiment of the present invention. 在其它实例中,为了不必要地模糊本发明的方面,未详细描述公知的方法、过程、部件和电路。 In other instances, in order not to unnecessarily obscure aspects of the invention, not described in detail well-known methods, procedures, components and circuits.

以下详细描述的一些部分是按照过程、步骤、逻辑块、处理及对可在计算机存储器上执行的数据位的操作的其它符号表示来提出的。 Some portions of the detailed description of the following in accordance with the process steps, logic blocks, processing and other symbolic representations of operations on data bits that can be performed on computer memory representation proposed. 这些描述和表示是数据处理领域的技术人员所使用的、为了将其工作的实质最有效地传达给该领域其它技术人员的手段。 These descriptions and representations are the data processing arts used in the art, to the substance of their work most effectively convey the means to others skilled in the art. 这里,过程、计算机执行的步骤、逻辑块、进程等通常设想为导致期望结果的步骤或指令的自洽序列。 Here, processes, computer executed step, logic block, process, etc. is generally conceived to be a self-consistent sequence of steps or instructions leading to a desired result. 所述步骤是需要对物理量的物理操纵的步骤。 The steps are those requiring physical manipulations of physical quantities. 通常,尽管不必要,这些量采用能够在计算机系统中存储、传递、组合、比较或另外操纵的电或磁信号的形式。 Typically, though not necessarily, these quantities take capable of storing, in a computer system transferred, combined, compared, or form additional manipulation of electrical or magnetic signals. 已经证明,主要是为了公共使用的原因,将这些信号称作位、值、元素、符号、字符、项目、数字等有时是方便的。 It has proven, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, characters, terms, numbers, and other convenient at times.

然而,应牢记的是,所有这些和相似的术语应与适当的物理量相关联并且仅仅是适用于这些量的方便标记。 However, it should be borne in mind that all of these and similar terms should be associated with the appropriate physical quantities and are merely applied to these quantities convenient labels. 除非特别指明,否则如以下描述中所显而易见的,应理解在整个本发明中,讨论所用的术语,如“关联”或“识别”或“再现”或“需要”或“确定”或“重复”或“执行”或“检测”或“引导”等,指的是电子系统或类似电子计算设备的动作和过程,其将电子设备的寄存器和存储器内的表示为物理(电子)量的数据操纵和变换成电子设备存储器或寄存器或者其它这样的信息存储、传输或显示设备内的类似地表示为物理量的其它数据。 Unless otherwise specified, as in the following description be apparent, it should be appreciated that throughout the present invention, discussion, the term, such as "association" or "identification" or "playback" or "required" or "determining" or "repeat" or "execute" or "detecting" or "guide" and the like, it refers to an electronic system, or similar action and processes of an electronic computing device, which data manipulation represented within the register and the memory of the electronic device as physical (electronic) quantities and into the electronic device memories or registers or other such information storage, transmission or display other data similarly represented as physical quantities within the device.

图1说明根据本发明的各种例示性实施例的基于云的二维码安全防护方法流程图。 1 illustrates a flowchart of the two-dimensional code based on cloud security method in accordance with various embodiments of the present invention are illustrated embodiment.

[0016] 图1中,用户扫描外界存在的二维码图像101,例如使用手机的摄像头,配合相应的扫描软件,即可进行扫描;扫描软件对扫描到的图像进行解码102,获取该二维码图像所包含的二维码信息,更进一步,对所获取的二维码信息进行锁定,不允许更改。 [0016] FIG. 1, the user scans the presence of external dimensional code image 101, for example using a camera phone, with the corresponding scanning software can scan; scanning software to scan the image is decoded 102 to acquire the two-dimensional code contained in the image two-dimensional code information, and further, two-dimensional code information acquired were locked from change.

[0017] 更进一步,步骤101和102可以对多个相互关联的二维码图像进行扫描、解码和信息拼接,以获得更大数据量的信息,例如,某一数据包含的内容在单张二维码图像中无法完全包含,即采用多幅二维码图像进行存储,如二维码图像A、B,因此,二维码图像A、B为相互关联的二维码图像,包含特定的拼接关系和组合信息。 [0017] Still further, steps 101 and 102 can be scanned, and decode information for splicing a plurality of two-dimensional code image interrelated to obtain a larger amount of data information, e.g., data included in the contents of a single two-dimensional code the image can not be fully contained, i.e., using the plurality of two-dimensional code image is stored as two-dimensional code images a, B, therefore, the two-dimensional code images a, B for the two-dimensional code image interrelated, and includes a specific relationship between splice combined information. 用户在使用扫描装置扫描二维码图像A时,会弹出提示,需要继续扫描二维码B来完成解码,当用户继续扫描二维码B时,对两次扫描的结果进行拼接,获得最终的二维码信息。 When the user using a scanning means for scanning the two-dimensional code images A, you will be prompted the need to continue scanning the two-dimensional code B to complete the decoding, when the user continues to scan the two-dimensional code B, the results of two scans is spliced ​​to obtain a final two-dimensional code information.

[0018] 判断二维码信息中是否包含上网请求103,如果是进入步骤104,如果否,跳转到步骤106。 [0018] determines whether the QR code included in the access request 103, if proceeds to step 104, if NO, proceeds to step 106. 由于二维码本身并不能直接产生危害,而是通过嵌入登录网络请求,访问或者下载恶意代码来实现危害,因此,对二维码信息的上网请求进行判定。 As the two-dimensional code itself does not have a direct harm, but to realize the harm by embedding network logon request, access or download malicious code, therefore, to request access two-dimensional code information is determined.

[0019] 对上网请求地址的安全性进行审核104,二维码信息的上网请求的访问地址是重要的安全防护线索,可以通过对上网请求地址进行安全甄别来进行安全防护,该甄别可以在云端进行,有云端提供数据服务,例如与在库数据比较判定上网请求地址是否有危害,或者在云端进行登录试验,测试是否存在安全风险。 [0019] the security of the Internet address of the request for review 104, Internet access address requested two-dimensional code information is an important safety protection clues can be carried out by security on the Internet address requests for security screening, the screening may be in the clouds carried out, there is the cloud to provide data services, such as in a library with Internet data comparison to determine whether the request addresses hazards, or log test in the clouds, to test whether there is a security risk.

[0020] 在步骤104中,还包括上网请求地址是一个下载地址,即,该二维码信息中包含一个数据下载要求。 [0020] In step 104, further comprising the Internet address request is a download address, i.e., the two-dimensional code information includes a data download request. 该中要求也要通过云端的安全检测,甄别所下载的数据是否是一个恶意程序。 The safety testing required to go through the clouds, if the screening data is downloaded a malicious program.

[0021] 判断上网请求地址是否安全,如果是,则进入到步骤106,如果否则进入到步骤107。 [0021] It is determined whether the access request address security, if so, the process proceeds to step 106, if otherwise, proceeds to step 107.

[0022] 提供二维码信息到应用106,将通过安全审核的二维码信息发到应用中,以完成相应的功能。 [0022] The two-dimensional code provides information to the application 106, the application will be sent to the two-dimensional code by a security audit information, to perform the corresponding function.

[0023] 提示用户有安全风险107,将未通过安全审核的二维码信息向用户提醒,以便于用户选择不使用该二维码信息。 [0023] 107 prompts the user to a security risk, it will not pass the security audit of the two-dimensional code information to remind the user to opt out of this two-dimensional code information to the user.

[0024] 图2说明根据本发明的各种例示性实施例的基于云的二维码安全防护装置结构图。 [0024] Figure 2 illustrates a two-dimensional code security configuration diagram of a cloud-based device shown in accordance with various embodiments of the present invention.

[0025] 该所述基于云的二维码安全防护装置包括: [0025] The safety device of the two-dimensional code based on said cloud comprising:

控制模块201,负责提供装置的全局控制,如中央控制器CPU等能提供运算和指令操作的硬件,目前在大多数移动装置中均装备有CPU,例如手机中,一些手机厂商已经推出了具有4核运算核心的安卓手机。 The control module 201 is responsible for providing global control means, such as a central controller such as a CPU and provides arithmetic hardware instruction operation, present in most mobile devices are equipped with a CPU, such as mobile phones, some mobile phone manufacturers have introduced having 4 core computing core Android phones.

[0026] 扫描模块202,用于对二维码进行扫描,如手机中的摄像头即可作为扫描硬件,智能手机中也可以安装扫描软件,用于驱动手机配置的摄像头实现扫描动作,获取二维码的扫描图像。 [0026] The scanning module 202 configured to scan the two-dimensional code, such as a camera phone can be used as scanning hardware, smartphone scanning software can be installed, a configuration of a mobile phone camera driver implemented scan operation, acquires the two-dimensional scanning the image code.

[0027] 解码模块203,用于对扫描图像进行解码,获取二维码信息。 [0027] The decoding module 203 for decoding the scanned image to acquire two-dimensional code information. 在手机上安装的扫描软件即可实现解码模块的功能,在获取扫描图像后,根据二维码的编码规律,逆向解码获取二维码信息。 Mounting on the phone software to implement the functions of the scanning decoding module, after obtaining the scanned image, two-dimensional code according to the coding law, the reverse decoding information acquiring two-dimensional code.

[0028] 在结构上,扫描模块202和解码模块203可以是一体的,如智能手机上安装的扫描软件可以实现扫描和解码的功能,在构成上,可以根据需要划分为硬件和软件,如摄像头和扫描解码软件等,上述本领域一般技术人员是能够理解并根据需要进行选择设置的,且目前二维码扫描中通用的结构也是这样的。 [0028] Structurally, the scanning module 202 and a decoding module 203 may be integral, as installed on the smartphone scanning software can scan and decoding functions in the composition, may need to be divided into hardware and software, such as a camera scanning and decoding software above those of ordinary skill in the art is able to understand and be selected according to desired settings, and the current scan two-dimensional code is such a common structure.

[0029] 存储模块204,用于存储解码模块203获得的二维码信息,便于下一步的操作。 [0029] The storage module 204 for storing the two-dimensional code information obtained by the decoding module 203, to facilitate the next step. 存储模块204可以是计算机领域中通用的存储介质。 Storage module 204 may be a computer storage media common in the art.

[0030] 判断模块205,用于判断二维码信息中是否包含上网请求,如果有,则需要进行审核。 [0030] The judging module 205, configured to judge whether the access request comprising a two-dimensional code information, if any, need to be reviewed.

[0031] 通信模块206,用于将需要审核的二维码信息发送出去,并接收返回的审核结果。 [0031] The communication module 206, a two-dimensional code information is sent to review and audit the results returned by the receiver. 通信模块206可以是基于GSM、GPRS、WIF1、3G等无线通信方式的通信模块。 The communication module 206 may be a communication module based on GSM, GPRS, WIF1,3G wireless communication method.

[0032] 控制模块201实现对装置中所述模块的全局控制,由扫描模块202对二维码图像进行扫描,然后由解码模块203对扫描结果进行解码,获取二维码信息,存储到存储模块204中,判断模块205判断二维码信息中是否包含有上网请求,如果有则通过通信模块206将二维码信息发送出去进行审核,返回审核结构到控制模块。 [0032] The control module 201 to achieve the overall control of the apparatus in the module, the two-dimensional code is scanned by the image scanning module 202 pairs, and then decoded by the decoding module 203 pairs of scan results, obtaining a two-dimensional code information stored in the memory module 204, the determining module 205 determines whether the QR code request includes the Internet, if the 206 sent via the communication module QR code audit, the audit structure to return to the control module.

[0033] 以上所述是本发明的优选实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本发明原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也视为本发明的保护范围。 [0033] The above embodiment is a preferred embodiment of the present invention, it should be noted that those of ordinary skill in the art who, without departing from the principles of the present invention, can make various improvements and modifications, such modifications and retouch protection scope of the present invention.

Claims (8)

1.一种基于云的二维码安全防护方法,其特征在于,步骤A,扫描二维码;步骤B,解码所述二维码并获取二维码信息;步骤C,判断所述二维码信息是否包含上网请求;步骤D,对上网请求地址的安全性进行审核;步骤E,提供所述二维码到应用。 1. A two-dimensional code cloud-based security method, wherein the step A, two-dimensional code scan; procedure B, decoding the two-dimensional code and acquires the two-dimensional code information; step C, and determining whether the two-dimensional code information contains access request; procedure D, the Internet security audit request address; step E, to provide the two-dimensional code to the application.
2.如权利要求1所述的基于云的二维码安全防护方法,其特征在于,所述步骤A和步骤B中,所述二维码为相关联的N个二维码,所述二维码信息是N个二维码解码信息拼接结果,其中N彡2。 Claim 2. The two-dimensional code 1 cloud-based security method, wherein said step A and step B, the two-dimensional code is associated with the N-dimensional code, the two the N-dimensional code information is a two-dimensional code information decoded image mosaic, where N San 2.
3.如权利要求1所述的基于云的二维码安全防护方法,其特征在于,所述步骤B后还包括步骤F,将步骤B中获得的二维码信息锁定,不允许更改。 Cloud-dimensional code based security method, wherein the 1, after the said step B further comprises the step of F., Obtained in Step B QR code locked from change claim.
4.如权利要求1所述的基于云的二维码安全防护方法,其特征在于,所述步骤C中判断所述二维码信息不包含上网请求,跳转到步骤E。 4. The two-dimensional code 1, cloud-based security method, wherein, in the step C determines said two-dimensional code information does not include the Internet request, claim jumps to step E.
5.如权利要求1所述的基于云的二维码安全防护方法,其特征在于,所述步骤D中,通过云端对上网请求地址的安全性进行审核,返回审核结果。 The two-dimensional code based cloud security according to claim 1, wherein the step D, the Internet security audit request address by cloud returns audit results.
6.一种应用如权利要求1至5项中任意一项方法的基于云的二维码安全防护装置。 Safety device dimensional code A cloud-based application method as claimed in any one of claims 1 to 5 in.
7.如权利要求6所述的基于云的二维码安全防护装置,其特征在于,包括控制模块,扫描模块,解码模块,存储模块,判断模块和通信模块;所述控制模块提供全局控制,由所述扫描模块对二维码进行扫描,所述解码模块对扫描结果进行解码获得二维码信息,存储到所述存储模块中,所述判断模块判断所述二维码信息是否需要进行审核,所述通信模块将需要审核的所述二维码信息发送出去,并返回审核结果。 As claimed in claim 6 based on said two-dimensional code cloud security guards, characterized in that it comprises a control module, a scanning module, a decoding module, a storage module, a determination module and a communication module; global control of the control module, two-dimensional code is scanned by the scanning module, the scan results to the decoding module decoding a two-dimensional code information, stored in said storage module, the judging module determines whether the QR code needs to be reviewed the two-dimensional code information of the communication module is sent to review and audit results returned.
8.如权利要求7所述的基于云的二维码安全防护装置,其特征在于,所述通信模块与云端通信,并由云端对所述二维码信息审核,返回审核结果。 Two-dimensional code cloud based safety devices according to claim 7, wherein said communication module with the cloud, the cloud by the QR code audit, the audit results returned.
CN 201310249814 2013-06-21 2013-06-21 Cloud-based two-dimension code safety protecting method and device CN104239792A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201310249814 CN104239792A (en) 2013-06-21 2013-06-21 Cloud-based two-dimension code safety protecting method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201310249814 CN104239792A (en) 2013-06-21 2013-06-21 Cloud-based two-dimension code safety protecting method and device

Publications (1)

Publication Number Publication Date
CN104239792A true CN104239792A (en) 2014-12-24

Family

ID=52227834

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201310249814 CN104239792A (en) 2013-06-21 2013-06-21 Cloud-based two-dimension code safety protecting method and device

Country Status (1)

Country Link
CN (1) CN104239792A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015180664A1 (en) * 2014-05-28 2015-12-03 Tencent Technology (Shenzhen) Company Limited Method and system for detecting security of network access based on barcode information

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102202051A (en) * 2011-04-07 2011-09-28 华南农业大学 Credible two-dimensional code system and application method thereof
CN102819723A (en) * 2011-12-26 2012-12-12 哈尔滨安天科技股份有限公司 Method and system for detecting malicious two-dimension codes
CN102880850A (en) * 2012-09-19 2013-01-16 腾讯科技(深圳)有限公司 Batch scanning method of two-dimensional codes, and scanning equipment
CN103166972A (en) * 2013-03-25 2013-06-19 北京奇虎科技有限公司 Safety website access system, and equipment and method for same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102202051A (en) * 2011-04-07 2011-09-28 华南农业大学 Credible two-dimensional code system and application method thereof
CN102819723A (en) * 2011-12-26 2012-12-12 哈尔滨安天科技股份有限公司 Method and system for detecting malicious two-dimension codes
CN102880850A (en) * 2012-09-19 2013-01-16 腾讯科技(深圳)有限公司 Batch scanning method of two-dimensional codes, and scanning equipment
CN103166972A (en) * 2013-03-25 2013-06-19 北京奇虎科技有限公司 Safety website access system, and equipment and method for same

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015180664A1 (en) * 2014-05-28 2015-12-03 Tencent Technology (Shenzhen) Company Limited Method and system for detecting security of network access based on barcode information

Similar Documents

Publication Publication Date Title
US6907396B1 (en) Detecting computer viruses or malicious software by patching instructions into an emulator
US8918882B2 (en) Quantifying the risks of applications for mobile devices
US20150264065A1 (en) Sensitive data tracking using dynamic taint analysis
Xing et al. Upgrading your android, elevating my malware: Privilege escalation through mobile os updating
US20130185798A1 (en) Identifying software execution behavior
US8782792B1 (en) Systems and methods for detecting malware on mobile platforms
US20100235913A1 (en) Proactive Exploit Detection
Andronio et al. Heldroid: Dissecting and detecting mobile ransomware
US9230099B1 (en) Systems and methods for combining static and dynamic code analysis
Jin et al. Code injection attacks on html5-based mobile apps: Characterization, detection and mitigation
WO2011156652A1 (en) System and method for analyzing malicious code using a static analyzer
Hoffmann et al. Slicing droids: program slicing for smali code
EP2115653A1 (en) File conversion in restricted process
WO2006009081A1 (en) Application execution device and application execution device application execution method
JP2008257735A (en) Protected function calling
US8479188B2 (en) Binary code change vulnerability prioritization
WO2014121714A1 (en) Notification-bar message processing method, device and system
US20110191848A1 (en) Preventing malicious just-in-time spraying attacks
JP2016526730A (en) Process evaluation for the malware detection in a virtual machine
WO2015124018A1 (en) Method and apparatus for application access based on intelligent terminal device
US20110321016A1 (en) Injection context based static analysis of computer software applications
WO2014121713A1 (en) Url interception processing method, device and system
US20130227521A1 (en) Validation of applications for graphics processing unit
KR20130132863A (en) Security through opcode randomization
US9619650B2 (en) Method and device for identifying virus APK

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
WD01