CN105610769B - Method, equipment and the system of anti-information leakage - Google Patents
Method, equipment and the system of anti-information leakage Download PDFInfo
- Publication number
- CN105610769B CN105610769B CN201410686593.1A CN201410686593A CN105610769B CN 105610769 B CN105610769 B CN 105610769B CN 201410686593 A CN201410686593 A CN 201410686593A CN 105610769 B CN105610769 B CN 105610769B
- Authority
- CN
- China
- Prior art keywords
- information
- application
- client
- related objective
- user equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The application provides method, equipment and the system of a kind of anti-information leakage, has the function of the anti-information leakage of explosion type, when meeting with attack, directly related objective information is destroyed in self-destruction, make attacker that can not continue to obtain related objective information, to avoid attacker from thering is time enough to crack target information, and then information is effectively prevent to be leaked.
Description
Technical field
This application involves communication and computer fields more particularly to a kind of method, equipment and the system of anti-information leakage.
Background technique
The client in user environment is a variety of despite the use of at present prevents reversible, and the method for anti-debugging prevents privacy of user from believing
Breath leakage, the anti-source code leakage of client and the main method for avoiding the important informations such as key from leaking are to pass through in the prior art:
1, Code obfuscation: the code of application being passed through and replaces variable, some identical variations of increase, the modes such as change sequence,
Make source code unreadable;
2, shell adding: the binary file of client is replaced, and is packaged, and some binary system protection are inserted directly into;
3, it encrypts: important content is prevented from directly exposing password by modes such as encryptions;
4, it anti-debug: is detected by starting the process mutually supervised using whether itself is debugged.
However, the method for the current anti-information leakage is mainly defensive approach, i.e., by increase the difficulty cracked come
Reduce a possibility that important informations such as the source code of client are intercepted and captured by attacker.However, defensive approach can not avoid letter completely
Breath leakage, as long as client, which stays in attacker's hand, the sufficiently long time, still can inevitably suffer from the life being cracked
Fortune, client save important information as key etc. can if be compromised away.
Summary of the invention
The purpose of the application is to provide method, equipment and the system of the anti-information leakage using Initiative Defense mode, can be with
The time that the related objective information of client is called by attacker is greatly reduced, and then avoids leakage of information.
In view of this, on the one hand the application provides a kind of method of anti-information leakage, wherein the described method includes:
It detects whether to need to start the anti-information leakage function of explosion type;
If it is required, then directly destroying related objective information.
Further, described to detect whether that needing to start the anti-information leakage function of explosion type includes:
Whether detection application is by malicious attack, if it is, needing to start the anti-information leakage function of explosion type;Or
Whether client where detecting the application newly installed is in suspicious list, if it is, it is anti-to need to start explosion type
Information leakage function.
Further, detection application whether by malicious attack include:
Detect whether the application is maliciously used;Or
Detect whether the application operates in hostile environments and be debugged;Or
Detect whether the application operates in hostile environments and by decompiling.
Preferably, whether the detection application is believed by malicious attack by the bottom of the client where obtaining the application
Breath, and according to the bottom-up information of the client where the application detection application whether by malicious attack.
Further, the bottom-up information of the client where the application includes:
The information for running storehouse, operating system, the method for operation and system mode of the client.
Preferably, directly destroying related objective information includes:
The related objective information is deleted using automatic more wheel encryption erasing modes.
Preferably, directly destroying related objective information includes:
It generates overlength key at random using random number, keeps the code of the application completely unreadable.
Preferably, after directly destroying related objective information, the method also includes:
Upload self-destruction information and relative clients end characteristic information.
Preferably, the method also includes:
Decide whether to sign related objective information again according to the self-destruction information, if it is deletes original related objective information
Corresponding server unpaired message, redistributes related objective information;
Relative clients end characteristic information is included in the suspicious list;And
Return to the suspicious list.
Further, relative clients end characteristic information includes international mobile subscriber identity, client identification module, visitor
One of family end Identity Code and private information Identity Code or combinations thereof.
Further, the related objective information includes applied cryptography key and user privacy information.
On the other hand the application also provides a kind of user equipment of anti-information leakage, wherein the user equipment includes:
First device needs to start the anti-information leakage function of explosion type to detect whether;
3rd device, to when needing to start the anti-information leakage function of explosion type, direct destruction related objective information.
Further, the first device detects whether that needing to start the anti-information leakage function of explosion type includes:
Whether detection application is by malicious attack, if it is, needing to start the anti-information leakage function of explosion type;Or
Whether client where detecting the application newly installed is in suspicious list, if it is, it is anti-to need to start explosion type
Information leakage function.
Further, first device detection application whether by malicious attack include:
Detect whether the application is maliciously used;Or
Detect whether the application operates in hostile environments and be debugged;Or
Detect whether the application operates in hostile environments and by decompiling.
Preferably, whether the detection application is believed by malicious attack by the bottom of the client where obtaining the application
Breath, and according to the bottom-up information of the client where the application detection application whether by malicious attack.
Further, the bottom-up information of the client where the application includes:
The information for running storehouse, operating system, the method for operation and system mode of the client.
Preferably, the 3rd device directly destroys related objective information and includes:
The relevant information is deleted using automatic more wheel encryption erasing modes.
Preferably, the 3rd device directly destroys related objective information and includes:
It generates overlength key at random using random number, keeps the code of the application completely unreadable.
Preferably, the 3rd device is after directly destroying related objective information, further includes:
Upload self-destruction information and relative clients end characteristic information.
Further, relative clients end characteristic information includes international mobile subscriber identity, client identification module, visitor
One of family end Identity Code and private information Identity Code or combinations thereof.
Further, the related objective information includes applied cryptography key and user privacy information.
On the other hand the application also provides a kind of network equipment of anti-information leakage, wherein the network equipment includes:
Second device decides whether weight to receive the self-destruction information of user equipment upload, and according to the self-destruction information
Related objective information is signed, the corresponding server unpaired message of original related objective information is if it is deleted, redistributes correlation
Target information;
4th device, to receive the relative clients end characteristic information of user equipment upload, and by relative clients end feature
Information is included in suspicious list, and returns to the suspicious list.
Further, relative clients end characteristic information includes international mobile subscriber identity, client identification module, visitor
One of family end Identity Code and private information Identity Code or combinations thereof.
The application another further aspect also provides a kind of system of anti-information leakage, wherein the system comprises:
The user equipment and the network equipment.
In conclusion the method for herein described anti-information leakage, user equipment, the network equipment and by user equipment and
The system of network equipment composition has the function of the anti-information leakage of explosion type, and when meeting with attack, directly related objective is destroyed in self-destruction
Information makes attacker that can not continue to obtain related objective information, so that attacker is avoided to have time enough to crack target information,
And then information is effectively prevent to be leaked.
Further, the method for herein described anti-information leakage, user equipment, the network equipment and by user equipment and
The system of network equipment composition not only has the function of the anti-information leakage of explosion type, also has the function of subsequent processing, i.e., is directly selling
It ruins after related objective information, continues to upload and handle self-destruction information relevant to from situation is reported and relative clients end feature is believed
Breath to redistribute the related objective information between server end and client, and is established the suspicious new installation of list detection and is answered
With that whether information leakage may occur again, if occurring to start the anti-information leakage function of explosion type when information leakage is possible again
More attacker's information are collected simultaneously, to further information be effectively prevent to be leaked.
Detailed description of the invention
By reading a detailed description of non-restrictive embodiments in the light of the attached drawings below, the application's is other
Feature, objects and advantages will become more apparent upon:
Fig. 1 shows the method flow diagram of the anti-information leakage according to the application one aspect.
Fig. 2 shows the method flow diagrams of the anti-information leakage of one preferred embodiment of the application.
Fig. 3 is shown to be illustrated according to a kind of user equipment and the network equipment for anti-information leakage of the application another aspect
Figure.
The method that Fig. 4 shows the user equipment of one preferred embodiment of the application and anti-information leakage is realized in network equipment cooperation
Flow chart.
The same or similar appended drawing reference represents the same or similar component in attached drawing.
Specific embodiment
In a typical configuration of this application, terminal, the equipment of service network and trusted party include one or more
Processor (CPU), input/output interface, network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/or
The forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable medium
Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, magnetic tape disk storage or other magnetic storage devices or
Any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, computer
Readable medium does not include non-temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
Fig. 1 shows the method flow diagram of the anti-information leakage according to the application one aspect, and in conjunction with Fig. 1, the application is proposed
A kind of method of anti-information leakage includes:
Step S01: it detects whether to need to start the anti-information leakage function of explosion type;
Step S02: if it is required, then directly destroying related objective information.
The method of herein described anti-information leakage has the function of the anti-information leakage of explosion type, when meeting with attack, directly
Related objective information is destroyed in self-destruction, so that attacker be avoided to have the sufficiently long time to crack target information, and then effectively prevent letter
Breath is leaked.
In the embodiment of the present application and the application it is described below described in related objective information include applied cryptography key,
The private informations such as user privacy information and other need information to be protected.In the particular embodiment, the related objective letter
Breath may include the source code of client, using the letter that can not be revealed with server end communication public key, private key, user password etc.
Breath.Those skilled in the art will be understood that the above-mentioned description to the related objective information is only for example, other are existing or modern
What is be likely to occur afterwards is such as applicable to the application, such as individual subscriber password, browser to the description of the related objective information
Cookie, mobile phone apply with the important informations such as Bank Account Number associated key, in addition, being protected by the requirement that maker or user set
Shield, require the relevant information that is not leaked can also as related objective information, should also be included in the application protection scope with
It is interior, and be incorporated herein by reference.
Fig. 2 shows the method flow diagrams of the anti-information leakage of one preferred embodiment of the application.In conjunction with Fig. 2, in step S11
In, it detects whether to need to start the anti-information leakage function of explosion type includes: whether detection application is new by malicious attack, or detection
Whether client where the application of installation is in suspicious list, when detecting using by malicious attack, or answering of newly installing of detection
With place client in suspicious list, then start the anti-information leakage function of explosion type, that is, enter step S12, then directly destroys
Related objective information.
In a preferred embodiment, the method for the anti-information leakage detects whether to need by the way of detecting automatically
Start the anti-information leakage function of explosion type, such as using when users use, the method is detected automatically using whether by malice
Attack, or newly install a certain in application, whether the method detects the application place client newly installed in suspicious name automatically
Dan Zhong.Automatically the mode detected, which is capable of providing constantly monitoring, may cause the malicious attack of information leakage, it is ensured that effectively prevent letter
Breath is leaked.
Certainly, detection mode is not restricted to this, and in other embodiments, the method for the anti-information leakage also can be used
Other modes detect whether to need to start the anti-information leakage function of explosion type, such as pass through transmission particular hint information or starting spy
Determine function, when detecting that the particular hint information is sent or specific function starts, then starts the anti-information of the starting explosion type
The method for revealing function, also within the thought range of the application.
Further, in the step S11, include: whether the detection application is maliciously made using by malicious attack
With, such as attacker usurps user account malice and steals userspersonal information etc.;Detect whether the application operates in malice ring
It is in border and debugged or by decompiling etc..
Those skilled in the art will be understood that it is above-mentioned the application is only for example by the description of malicious attack, other are existing
Or what is be likely to occur from now on by malicious attack be such as applicable to the application to the application, should also be included in the application and protect model
Within enclosing, and it is incorporated herein by reference.
In one preferred embodiment of the application, the detection of the step S11 can pass through the visitor where the acquisition application
The bottom-up information at family end, and can detecte whether the application is disliked according to the bottom-up information of the client where the application
Meaning attack.Wherein the bottom-up information includes operation storehouse, operating system, the method for operation and the system mode of the client
Information etc..
In step s 12, when needing to start the anti-information leakage function of explosion type, direct destruction related objective information.
In one preferred embodiment of the application, the method for related objective information is destroyed using automatic more wheel encryptions erasing side
Formula deletes the related objective information, makes attacker that can not find the related objective information, and then prevent information leakage.
In another preferred embodiment of the application, the method for destroying related objective information, which can also use, utilizes random number
It is random to generate overlength key, keep the code of the application completely unreadable.It can also be tried for some malicious attackers in attack
Figure restores deleted information, and the case where to obtain related objective information, the overlength key generated at random using random number is made brokenly
Translate period endless, be for attacker completely it is unreadable, be leaked so as to guarantee information to maintain complete secrecy not.
Those skilled in the art will be understood that the mode of above-mentioned destruction related objective information is only for example, other it is existing or
The mode for the destruction related objective information being likely to occur from now on is such as applicable to the application, should also be included in the application protection scope
Within, and be incorporated herein by reference.
After the step S12, the method also includes step S13: uploading self-destruction information and relative clients end feature
Information saves the correlation circumstance of self-destruction, attacks again to prevent subsequent identical attacker or identical application is led by malicious attack
The case where causing information leakage.
Thereafter, in step S14, step S15 and step S16, decide whether to sign related mesh again according to the self-destruction information
Information is marked, server unpaired message corresponding to original related objective information is if it is deleted, redistributes related objective letter
Breath;And relative clients end characteristic information is included in the suspicious list;Return to the suspicious list.
In one embodiment of the application, relative clients end characteristic information includes international mobile subscriber identity, client
One of identification module, client identity identification code and private information Identity Code or combinations thereof.
Those skilled in the art will be understood that the above-mentioned description to relative clients end characteristic information is only for example, other
It is existing or what is be likely to occur from now on is such as applicable to the application to the description of relative clients end characteristic information, such as browse
Device cookie, mobile phone apply with the important informations such as Bank Account Number associated key, should also be included within the application protection scope, and
It is incorporated herein by reference.
Fig. 3 is shown to be illustrated according to a kind of user equipment and the network equipment for anti-information leakage of the application another aspect
Figure, in conjunction with the method and Fig. 3 of above-mentioned anti-information leakage, a kind of on the other hand user that the application additionally provides anti-information leakage is set
Standby 1, the user equipment 1 includes:
First device 110 needs to start the anti-information leakage function of explosion type to detect whether;
3rd device 130, to when needing to start the anti-information leakage function of explosion type, direct destruction related objective letter
Breath;
In the specific embodiment of the application, the user equipment 1 be may be mounted in application, also mountable described
Using in the client at place.
In conjunction with the method for above-mentioned anti-information leakage, a kind of on the other hand network that the application additionally provides anti-information leakage is set
Standby 3, the network equipment 3 includes:
Second device 320 to receive the self-destruction information of user equipment upload, and decides whether according to the self-destruction information
Related objective information is signed again, is if it is deleted the corresponding server unpaired message of original related objective information, is redistributed phase
Close target information;
4th device 340, to receive the relative clients end characteristic information of user equipment upload, and relative clients end is special
Reference breath is included in suspicious list and returns to the suspicious list.
The method that Fig. 4 shows the user equipment of one preferred embodiment of the application and anti-information leakage is realized in network equipment cooperation
Flow chart.In conjunction with Fig. 3 and Fig. 4 and the user equipment 1 and the network equipment 3 of above-mentioned anti-information leakage, the application is further square
Face additionally provides a kind of system of anti-information leakage, and the system comprises the user equipmenies 1 and the network equipment 3.
The system of the anti-information leakage has the function of the anti-information leakage of explosion type, and when meeting with attack, directly related mesh is destroyed in self-destruction
Information is marked, so that attacker be avoided to have the sufficiently long time to crack target information, and then information is effectively prevent to be leaked.
The system flow of herein described anti-information leakage is described in detail in conjunction with Fig. 4.In the step s 21, user equipment 1 is examined
It surveys and whether needs to start the anti-information leakage function of explosion type, comprising: whether detection application is by malicious attack, or the new installation of detection
Application where client whether in suspicious list, when detecting using by malicious attack, or the application institute that detection is newly installed
In client in suspicious list, then start the anti-information leakage function of explosion type, that is, enter step S22, then user equipment 1 is direct
Destroy related objective information.Specifically, in the step S21, using by malicious attack include: the detection application whether by
Malice uses, such as attacker usurps user account malice and steals userspersonal information etc.;Detect whether the application operates in
It is in hostile environments and debugged or by decompiling etc..
Those skilled in the art will be understood that it is above-mentioned the application is only for example by the description of malicious attack, other are existing
Or what is be likely to occur from now on by malicious attack be such as applicable to the application to the application, should also be included in the application and protect model
Within enclosing, and it is incorporated herein by reference.
In one preferred embodiment of the application, the detection that the step S21 user equipment 1 carries out can be by described in acquisition
Using the bottom-up information of the client at place, and can detecte according to the bottom-up information of the client where the application described
Using whether by malicious attack.Wherein the bottom-up information includes the operation storehouse of the client, operating system, the method for operation
And information of system mode etc..
In step S23, when user equipment 1 needs to start the anti-information leakage function of explosion type, related mesh is directly destroyed
Mark information.
In one preferred embodiment of the application, user equipment 1 destroys the method for related objective information using automatic more wheels
Encryption erasing mode deletes the related objective information, makes attacker that can not find the related objective information, and then prevent
Information leakage.
In another preferred embodiment of the application, the method that user equipment 1 destroys related objective information can also be used
It generates overlength key at random using random number, keeps the code of the application completely unreadable.It is being attacked for some malicious attackers
It can also attempt to restore deleted information when hitting, the case where to obtain related objective information, be generated at random using random number super
Long key makes to decode period endless, for attacker be it is completely unreadable, so as to guarantee that information maintains complete secrecy not
It is leaked.
Those skilled in the art will be understood that the mode of above-mentioned destruction related objective information is only for example, other it is existing or
The mode for the destruction related objective information being likely to occur from now on is such as applicable to the application, should also be included in the application protection scope
Within, and be incorporated herein by reference.
After the step S22, in step s 13: user equipment 1 to the network equipment 3 upload self-destruction information and
Relative clients end characteristic information is attacked or identical again with saving the correlation circumstance of self-destruction to prevent subsequent identical attacker
The case where using information leakage is caused by malicious attack.
Thereafter, in step S24, step S25 and step S16, the network equipment 3 decides whether weight according to the self-destruction information
Related objective information is signed, server unpaired message corresponding to original related objective information is if it is deleted, redistributes phase
Close target information;And relative clients end characteristic information is included in the suspicious list;Thereafter, the network equipment 3 to
The user equipment 1 returns to the suspicious list.By continuing to upload and handling self-destruction information relevant to from situation is reported and phase
Client features information is closed, to redistribute the related objective information between server end and client, and establishes suspicious name
It is single to detect whether new installation application occur information leakage again, if occurring to start explosion type when information leakage is possible again
Anti- information leakage function is collected simultaneously more attacker's information, to further information be effectively prevent to be leaked.
In the application specific embodiment, relative clients end characteristic information include international mobile subscriber identity,
One of client identification module, client identity identification code and private information Identity Code or combinations thereof.
Those skilled in the art will be understood that the above-mentioned description to relative clients end characteristic information is only for example, other
It is existing or what is be likely to occur from now on is such as applicable to the application to the description of relative clients end characteristic information, such as browse
Device cookie, mobile phone apply with the important informations such as Bank Account Number associated key, should also be included within the application protection scope, and
It is incorporated herein by reference.
Below in conjunction with several specific Application Examples further illustrate anti-information leakage described herein method and
System.
In a specific Application Example, the system of the anti-information leakage is set in an application, and user will apply
Client is installed on to carry out in use, the bottom that the system detection of anti-information leakage passes through the client where obtaining the application
Information is to the application by malicious attack.When a certain malicious user installs the application and attempts to carry out debugging or decompiling to application
When with important information in being applied, the system detection of anti-information leakage is then able to detect that malicious attack, starting immediately from
The quick-fried anti-information leakage function of formula, deleting the important information in application using much more automatic wheel encryption erasing modes, (important information includes
Such as applied cryptography key and other information etc. that cannot be revealed), or directly overlength key is generated at random using random number, make
The code of the application is completely unreadable, so that malicious user is not carried out debugging or decompiling to application again, and then can not obtain
Corresponding important information.After completing self-destruction, the system of the Tempest also uploads to the characteristic information at relative clients end
(characteristic information at relative clients end includes such as international mobile subscriber identity, client identification module, client for server-side preservation
One of Identity Code and private information Identity Code or combinations thereof etc.), server-side stores suspicious list, when the evil
When meaning user attempts to download the application again to attack, server-side by that can identify the evil according to suspicious list in advance
Anticipate user, further collects the information of malicious attack, and can be optionally if necessary to directly utilizing Tempest
System reveals the important information of newly downloaded application in advance, to prevent important information to face the risk being leaked.
In another specific Application Example, the system of herein described Tempest is installed in application, anti-letter
Breath leakage system detection monitor at any time it is described application and its place client, when in the client in hostile environments, example
As malicious code, Malware to this application carry out malicious attack, it is intended to steal important information, then the system of anti-information leakage with
Start the anti-information leakage function of explosion type, the important information deleted in application using automatic more wheel encryption erasing modes is (important
Information includes such as applied cryptography key, user privacy information and other information that cannot be revealed), or directly using random
Number is random to generate overlength key, keeps the code of the application completely unreadable, debug malicious user can not to application again
Or decompiling, and then corresponding important information can not be obtained.After completing self-destruction, the system of the Tempest is also by related visitor
The characteristic information at family end uploads to server-side preservation, and (characteristic information at relative clients end includes that such as international mobile subscriber identifies
One of code, client identification module, client identity identification code and private information Identity Code or combinations thereof etc.), clothes
End of being engaged in stores suspicious list, when the user of the client attempt to download again this in application, server-side according to the suspicious list
It can identify the client in advance, the system of anti-information leakage carries out emphasis detection to the environment of the client, when detecting visitor
It, then can be optionally if necessary to shifting to an earlier date again to the important information of newly downloaded application when family end is still in hostile environments
Self-destruction, to prevent important information to face the risk being leaked.
In other examples, for being mounted with that certain mobile phone or computer with Tempest systematic difference lose
Or be stolen, user can start anti-information leakage system by sending the modes such as short message, mail, and the mobile phone or electricity are destroyed in self-destruction
Important information in brain maliciously steals important information to prevent other people, causes information leakage.
In conclusion the method for herein described anti-information leakage, user equipment, the network equipment and by user equipment and
The system of network equipment composition has the function of the anti-information leakage of explosion type, and when meeting with attack, directly related objective is destroyed in self-destruction
Information makes attacker that can not continue to obtain related objective information, so that attacker is avoided to have time enough to crack target information,
And then information is effectively prevent to be leaked.
Further, the method for herein described anti-information leakage, user equipment, the network equipment and by user equipment and
The system of network equipment composition not only has the function of the anti-information leakage of explosion type, also has the function of subsequent processing, i.e., is directly selling
It ruins after related objective information, continues to upload and handle self-destruction information relevant to from situation is reported and relative clients end feature is believed
Breath to redistribute the related objective information between server end and client, and is established the suspicious new installation of list detection and is answered
With that whether information leakage may occur again, if occurring to start the anti-information leakage function of explosion type when information leakage is possible again
More attacker's information are collected simultaneously, to further information be effectively prevent to be leaked.
Obviously, those skilled in the art can carry out various modification and variations without departing from the essence of the application to the application
Mind and range.In this way, if these modifications and variations of the application belong to the range of the claim of this application and its equivalent technologies
Within, then the application is also intended to include these modifications and variations.
It should be noted that the application can be carried out in the assembly of software and/or software and hardware, for example, can adopt
With specific integrated circuit (ASIC), general purpose computer or any other realized similar to hardware device.In one embodiment
In, the software program of the application can be executed to implement the above steps or functions by processor.Similarly, the application
Software program (including relevant data structure) can be stored in computer readable recording medium, for example, RAM memory,
Magnetic or optical driver or floppy disc and similar devices.In addition, hardware can be used to realize in some steps or function of the application, example
Such as, as the circuit cooperated with processor thereby executing each step or function.
In addition, a part of the application can be applied to computer program product, such as computer program instructions, when its quilt
When computer executes, by the operation of the computer, it can call or provide according to the present processes and/or technical solution.
And the program instruction of the present processes is called, it is possibly stored in fixed or moveable recording medium, and/or pass through
Broadcast or the data flow in other signal-bearing mediums and transmitted, and/or be stored according to described program instruction operation
In the working storage of computer equipment.Here, including a device according to one embodiment of the application, which includes using
Memory in storage computer program instructions and processor for executing program instructions, wherein when the computer program refers to
When enabling by processor execution, method and/or skill of the device operation based on aforementioned multiple embodiments according to the application are triggered
Art scheme.
It is obvious to a person skilled in the art that the application is not limited to the details of above-mentioned exemplary embodiment, Er Qie
In the case where without departing substantially from spirit herein or essential characteristic, the application can be realized in other specific forms.Therefore, no matter
From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and scope of the present application is by appended power
Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims
Variation is included in the application.Any reference signs in the claims should not be construed as limiting the involved claims.This
Outside, it is clear that one word of " comprising " does not exclude other units or steps, and odd number is not excluded for plural number.That states in device claim is multiple
Unit or device can also be implemented through software or hardware by a unit or device.The first, the second equal words are used to table
Show title, and does not indicate any particular order.
Claims (21)
1. a kind of method of anti-information leakage, wherein the described method includes:
It detects whether to need to start the anti-information leakage function of explosion type;
If it is required, then directly destroying related objective information;
Wherein, after directly destroying related objective information, the method also includes:
Upload self-destruction information and relative clients end characteristic information;
Wherein, the method also includes:
Decide whether to sign related objective information again according to the self-destruction information, it is right if it is to delete original related objective information institute
The server unpaired message answered, redistributes related objective information;
Relative clients end characteristic information is included in suspicious list;And
Return to the suspicious list.
2. the method for claim 1, wherein described detect whether to need to start the anti-information leakage function packet of explosion type
It includes:
Whether detection application is by malicious attack, if it is, needing to start the anti-information leakage function of explosion type;Or
Whether client is in suspicious list where detecting the application newly installed, if it is, needing to start the anti-information of explosion type
Reveal function.
3. method according to claim 2, wherein detection application whether by malicious attack include:
Detect whether the application is maliciously used;Or
Detect whether the application operates in hostile environments and be debugged;Or
Detect whether the application operates in hostile environments and by decompiling.
4. method according to claim 2, wherein whether the detection application is described using institute by obtaining by malicious attack
Client bottom-up information, and according to the bottom-up information of the client where the application detection it is described application whether disliked
Meaning attack.
5. method as claimed in claim 4, wherein the bottom-up information of the client where the application includes:
The information for running storehouse, operating system, the method for operation and system mode of the client.
6. the method as described in any one of claims 1 to 5, wherein directly destroying related objective information includes:
The related objective information is deleted using automatic more wheel encryption erasing modes.
7. method the invention according to any one of claims 2 to 5, wherein directly destroying related objective information includes:
It generates overlength key at random using random number, keeps the code of the application completely unreadable.
8. the method for claim 1, wherein relative clients end characteristic information includes international mobile subscriber identification
One of code, client identification module, client identity identification code and private information Identity Code or combinations thereof.
9. the method for claim 1, wherein the related objective information includes applied cryptography key and privacy of user letter
Breath.
10. a kind of user equipment of anti-information leakage, wherein the user equipment includes:
First device needs to start the anti-information leakage function of explosion type to detect whether;
3rd device, to when needing to start the anti-information leakage function of explosion type, direct destruction related objective information;
The 3rd device is after directly destroying related objective information, further includes:
Upload self-destruction information and relative clients end characteristic information;
Wherein, the network equipment of anti-information leakage receives the self-destruction information that user equipment uploads, and is determined according to the self-destruction information
It is fixed whether to sign related objective information again, the corresponding server unpaired message of original related objective information is if it is deleted, again
Distribute related objective information;The network equipment of anti-information leakage receives the relative clients end characteristic information that user equipment uploads, and
Relative clients end characteristic information is included in suspicious list, and returns to the suspicious list.
11. user equipment as claimed in claim 10, wherein the first device detects whether to need to start the anti-letter of explosion type
Breath reveals function
Whether detection application is by malicious attack, if it is, needing to start the anti-information leakage function of explosion type;Or
Whether client is in suspicious list where detecting the application newly installed, if it is, needing to start the anti-information of explosion type
Reveal function.
12. user equipment as claimed in claim 11, wherein whether the first device detection application is by malicious attack packet
It includes:
Detect whether the application is maliciously used;Or
Detect whether the application operates in hostile environments and be debugged;Or
Detect whether the application operates in hostile environments and by decompiling.
13. user equipment as claimed in claim 11, wherein whether the detection application is passed through described in acquisition by malicious attack
It is using the bottom-up information of the client at place, and according to the bottom-up information of the client where the application detection application
It is no by malicious attack.
14. user equipment as claimed in claim 13, wherein the bottom-up information of the client where the application includes:
The information for running storehouse, operating system, the method for operation and system mode of the client.
15. the user equipment as described in any one of claim 10 to 14, wherein the 3rd device directly destroys related mesh
Marking information includes:
The relevant information is deleted using automatic more wheel encryption erasing modes.
16. the user equipment as described in any one of claim 11 to 14, wherein the 3rd device directly destroys related mesh
Marking information includes:
It generates overlength key at random using random number, keeps the code of the application completely unreadable.
17. user equipment as claimed in claim 10, wherein relative clients end characteristic information includes international mobile subscriber
One of identification code, client identification module, client identity identification code and private information Identity Code or combinations thereof.
18. user equipment as claimed in claim 10, wherein the related objective Information application cryptographic key and privacy of user
Information.
19. a kind of network equipment of anti-information leakage, wherein the network equipment includes:
Second device to receive the self-destruction information of user equipment upload, and decides whether to sign phase again according to the self-destruction information
Target information is closed, the corresponding server unpaired message of original related objective information is if it is deleted, redistributes related objective
Information;
4th device, to receive the relative clients end characteristic information of user equipment upload, and by relative clients end characteristic information
It is included in suspicious list, and returns to the suspicious list.
20. the network equipment as claimed in claim 19, wherein relative clients end characteristic information includes international mobile subscriber
One of identification code, client identification module, client identity identification code and private information Identity Code or combinations thereof.
21. a kind of system of anti-information leakage, wherein the system comprises:
User equipment as described in any one of claim 10 to 18 and the network equipment as described in claim 19 or 20.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410686593.1A CN105610769B (en) | 2014-11-25 | 2014-11-25 | Method, equipment and the system of anti-information leakage |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410686593.1A CN105610769B (en) | 2014-11-25 | 2014-11-25 | Method, equipment and the system of anti-information leakage |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105610769A CN105610769A (en) | 2016-05-25 |
| CN105610769B true CN105610769B (en) | 2019-07-05 |
Family
ID=55990309
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410686593.1A Active CN105610769B (en) | 2014-11-25 | 2014-11-25 | Method, equipment and the system of anti-information leakage |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105610769B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101052190A (en) * | 2007-05-14 | 2007-10-10 | 华为技术有限公司 | Anti-theft method for mobile terminal and anti-theft mobile terminal |
| US7926752B2 (en) * | 2005-09-09 | 2011-04-19 | Fuji Xerox Co., Ltd. | Recording medium destruction and discarding system, recording medium destruction and discarding method, recording medium destruction and discarding apparatus, recording medium management apparatus, and recording medium management system |
| CN202150070U (en) * | 2010-12-14 | 2012-02-22 | 深圳市中成汇实业有限公司 | Personal on-line transaction terminal |
| CN202759505U (en) * | 2012-07-22 | 2013-02-27 | 上海达赛数码科技有限公司 | Intelligent mobile terminal having encryption and destruct functions |
| CN103942293A (en) * | 2014-04-11 | 2014-07-23 | 立德高科(北京)数码科技有限责任公司 | Self-destroying protection method based on malicious invasion of file system and device thereof |
| CN104052652A (en) * | 2014-06-19 | 2014-09-17 | 北京奇虎科技有限公司 | Method, client side, system and electronic device for automatically deleting message |
| CN104158978A (en) * | 2014-08-27 | 2014-11-19 | 北京数字天域科技股份有限公司 | Method and device for automatically deleting information |
-
2014
- 2014-11-25 CN CN201410686593.1A patent/CN105610769B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7926752B2 (en) * | 2005-09-09 | 2011-04-19 | Fuji Xerox Co., Ltd. | Recording medium destruction and discarding system, recording medium destruction and discarding method, recording medium destruction and discarding apparatus, recording medium management apparatus, and recording medium management system |
| CN101052190A (en) * | 2007-05-14 | 2007-10-10 | 华为技术有限公司 | Anti-theft method for mobile terminal and anti-theft mobile terminal |
| CN202150070U (en) * | 2010-12-14 | 2012-02-22 | 深圳市中成汇实业有限公司 | Personal on-line transaction terminal |
| CN202759505U (en) * | 2012-07-22 | 2013-02-27 | 上海达赛数码科技有限公司 | Intelligent mobile terminal having encryption and destruct functions |
| CN103942293A (en) * | 2014-04-11 | 2014-07-23 | 立德高科(北京)数码科技有限责任公司 | Self-destroying protection method based on malicious invasion of file system and device thereof |
| CN104052652A (en) * | 2014-06-19 | 2014-09-17 | 北京奇虎科技有限公司 | Method, client side, system and electronic device for automatically deleting message |
| CN104158978A (en) * | 2014-08-27 | 2014-11-19 | 北京数字天域科技股份有限公司 | Method and device for automatically deleting information |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105610769A (en) | 2016-05-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Shafiq et al. | The Rise of “Internet of Things”: Review and Open Research Issues Related to Detection and Prevention of IoT‐Based Security Attacks | |
| CN110324146B (en) | Mitigation of offline ciphertext-only attacks | |
| Wang et al. | Smartphone security challenges | |
| US20170034189A1 (en) | Remediating ransomware | |
| La Polla et al. | A survey on security for mobile devices | |
| Abdul Kadir et al. | Android botnets: What urls are telling us | |
| Jiang et al. | Android malware | |
| Nadji et al. | Automated remote repair for mobile malware | |
| Chen et al. | Simple and effective method for detecting abnormal internet behaviors of mobile devices | |
| Riccardi et al. | Titans’ revenge: Detecting Zeus via its own flaws | |
| Al-Qershi et al. | Android vs. iOS: The security battle | |
| JP2019057167A (en) | Computer program, device and determining method | |
| Anwar et al. | Android botnets: a serious threat to android devices. | |
| BalaGanesh et al. | Smart devices threats, vulnerabilities and malware detection approaches: a survey | |
| Wang et al. | On the feasibility of {Large-Scale} infections of {iOS} devices | |
| Keijzer | The new generation of ransomware: an in depth study of Ransomware-as-a-Service | |
| CN106453398B (en) | A kind of data encryption system and method | |
| Gangula et al. | Survey on mobile computing security | |
| Mohata et al. | Mobile malware detection techniques | |
| Hyun et al. | Design and Analysis of Push Notification‐Based Malware on Android | |
| CN105610769B (en) | Method, equipment and the system of anti-information leakage | |
| US11876788B2 (en) | Mobile device system and method for preventing network signal interception and hacking | |
| Khan et al. | A malicious attacks and defense techniques on android-based smartphone platform | |
| Luo et al. | Towards hierarchical security framework for smartphones | |
| Azam et al. | Security source code analysis of applications in Android OS |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |