CN105868623A - Permission detection method and terminal equipment - Google Patents
Permission detection method and terminal equipment Download PDFInfo
- Publication number
- CN105868623A CN105868623A CN201510784171.2A CN201510784171A CN105868623A CN 105868623 A CN105868623 A CN 105868623A CN 201510784171 A CN201510784171 A CN 201510784171A CN 105868623 A CN105868623 A CN 105868623A
- Authority
- CN
- China
- Prior art keywords
- application program
- fingerprint
- terminal unit
- authority
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
Abstract
The invention provides a permission detection method, which comprises the following steps: terminal equipment obtains an application program which prepares to be operated at present; the terminal equipment judges whether the application program is a pre-determined application program or not; if the application program is the pre-determined application program, the terminal equipment judges whether the fingerprint of the application program is the same with the fingerprint of the pre-determined application program or not; and if the fingerprint of the application program is the same with the fingerprint of the pre-determined application program, the terminal equipment operates the application program. The permission detection method can effectively detect the implanted application program which can cause users to obtain a higher permission, and the disguised application program which can illegally improve the user permission, and therefore, the safety of user information is guaranteed.
Description
Technical field
The present invention relates to detection technique field, particularly relate to detection method and the terminal unit of a kind of authority.
Background technology
Current phone has become as the digital assistants of people, and user can carry out a lot of thing with mobile phone, including
The such operation user the highest to safety requirements of Mobile banking also can be carried out on mobile phone.Therefore mobile phone
(one of System Privileges, root is the super administrator account in system to root, and this account has
The sovereign power of whole system, all objects he can operate, a lot of hackers are at intrusion system
Time, will be privilege-escalation to root authority) authority caused the concern of hacker, as long as they
Obtain root authority and just can control this mobile phone, thus the data of user are caused safely great prestige
The side of body.
For the problems referred to above, prior art proposes a kind of detection scheme, i.e. judges whether system is planted
(Switch user, switches user, for allowing a domestic consumer to have entered the program " su " of privilege-escalation
Switch to power user or other users, and the authority of switched user can be had temporarily).Detection method has
The most several:
1, judge whether that the program named with " su " is being run;
2, whether detection " su " program is being run;
During realizing the present invention, inventor finds prior art, and at least there are the following problems:
When the name changing of " su " program, or in " su " program, add rubbish code, or by " su "
Program is implanted in the existing program operationally with ROOT authority, by sending commands to described program
During " su " program of operation, above-mentioned detection method all cannot be carried out effectively detecting.
Summary of the invention
The present invention provides the detection method of a kind of authority, according to obtaining the current application program preparing and running,
And judge whether described application program is predetermined application program, if it is, it is described to continue judgement
The fingerprint of application program is the most identical with the fingerprint of predetermined described application program, if the most identical,
Described terminal unit runs described application program, and which kind of puppet is the program the most illegally promoting user right carry out
Dress is the present invention can effectively detect, it is ensured that the safety of user profile.
The present invention provides the detection method of a kind of authority, described method to include:
Terminal unit obtains the current application program preparing and running;
Described terminal unit judges whether described application program is predetermined application program;
If it is, described terminal unit judges the fingerprint of described application program and predetermined described application journey
The fingerprint of sequence is the most identical;
If identical, described terminal unit runs described application program.
It is preassembled that described predetermined application program belongs to described terminal unit, and needs ratio normal
The application program that the higher authority of user right could perform;
Described authority more higher than normal users authority is for allowing user control described terminal according to self-demand
Equipment is so that user reaches arbitrarily to operate the authority of described terminal unit.
Described fingerprint is to carry out calculated according to preset algorithm to the information in described application program;
Wherein, described fingerprint is one to one with the information in described application program.
The fingerprint of predetermined described application program is stored in described terminal unit the storage that can not be modified
In space;
Described terminal unit judges the fingerprint of described application program and the fingerprint of predetermined described application program
The most identical, particularly as follows:
The fingerprint of the described application program obtained is sent to described memory space by described terminal unit;
Described terminal unit judges that in described memory space the fingerprint of described application program is the most true with described
The fingerprint of fixed described application program is the most identical.
Terminal unit obtains the current application program preparing and running, particularly as follows:
Described terminal unit judges currently whether establish new process;
If established, described in the acquisition of described terminal unit, carry out the application program preparing to run of correspondence.
A kind of terminal unit, described equipment includes:
Acquisition module, for obtaining the current application program preparing and running;
First judge module, is used for judging whether described application program is predetermined application program;
Second judge module, if predetermined application program, for judging described application program
Fingerprint is the most identical with the fingerprint of predetermined described application program;
Run module, if identical with the fingerprint of predetermined described application program, be used for running described answering
Use program.
It is preassembled that described predetermined application program belongs to described terminal unit, and needs ratio normal
The application program that the higher authority of user right could perform;
Described authority more higher than normal users authority is for allowing user control described terminal according to self-demand
Equipment is so that user reaches arbitrarily to operate the authority of described terminal unit.
Described fingerprint is to carry out calculated according to preset algorithm to the information in described application program;
Wherein, described fingerprint is one to one with the information in described application program.
The fingerprint of predetermined described application program is stored in described terminal unit the storage that can not be modified
In space;
Described second judge module, specifically for:
The fingerprint of the described application program obtained is sent to described memory space;
The fingerprint of described application program and described predetermined described application is judged in described memory space
The fingerprint of program is the most identical.
Described acquisition module, specifically for:
Judge currently whether establish new process;
If established, obtain the application program preparing to run that described process is corresponding.
The present invention is according to obtaining the current application program preparing and running, and judges that whether described application program is
Predetermined application program, if it is, continue the fingerprint judging described application program with predetermined
The fingerprint of described application program the most identical, if the most identical, described terminal unit runs described application
Program, what the present invention either implanted can allow user the obtains application program of higher authority, or illegally
Which kind of camouflage present invention is the program of lifting user right carry out can effectively be detected, it is ensured that user
The safety of information.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to reality
Execute the required accompanying drawing used in example or description of the prior art to be briefly described, it should be apparent that under,
Accompanying drawing during face describes is some embodiments of the present invention, for those of ordinary skill in the art,
On the premise of not paying creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the detection method flow chart of a kind of authority in the embodiment of the present invention;
Fig. 2 is the structural representation of a kind of terminal unit in the embodiment of the present invention.
Detailed description of the invention
For making the purpose of the embodiment of the present invention, technical scheme and advantage clearer, below in conjunction with this
Accompanying drawing in bright embodiment, is clearly and completely described the technical scheme in the embodiment of the present invention,
Obviously, described embodiment is a part of embodiment of the present invention rather than whole embodiments.Based on
Embodiment in the present invention, those of ordinary skill in the art are obtained under not making creative work premise
The every other embodiment obtained, broadly falls into the scope of protection of the invention.
In order to prevent hacker from the program promoting authority carried out camouflage to hide detection, and then obtain user's
Safety information, the present invention proposes a kind of authority detection method, concrete as it is shown in figure 1, described method can
To comprise the following steps:
Step 101, terminal unit obtains the current application program preparing and running.
Terminal unit obtains the current application program preparing and running, particularly as follows:
Described terminal unit judges currently whether establish new process;
If established, described in the acquisition of described terminal unit, carry out the application program preparing to run of correspondence.
Concrete, first have to carry out new entering for described program when described terminal unit runs a certain program
Journey, therefore, the most described terminal judges has new process to set up, if established it is necessary to obtain
Program corresponding to described newly-established process, thus can obtain the program that be there is a need to run, if
Newly-established process program to be run is an up the program of user right, or comprises and promote user right
Program can obtain, and then will not miss the illegal program promoting user right.
Owing to some program promoting authority is to run in special process, therefore can also when obtaining
Obtaining the application program in described special processing, the program correspondence i.e. obtaining lifting user right is ongoing
Application program, the concrete application program obtained in which kind of process can determine according to practical situation.
Step 102, described terminal unit judges whether described application program is predetermined application program,
If it is, perform step 103, if it is not, then stop described application program, and notify described end
The holder of end equipment.
It is preassembled that described predetermined application program belongs to described terminal unit, and needs ratio normal
The application program that the higher authority of user right could perform;
Described authority more higher than normal users authority is for allowing user control described terminal according to self-demand
Equipment is so that user reaches arbitrarily to operate the authority of described terminal unit.
Concrete, described terminal unit in predetermined application program, user can be obtained higher
The program of authority, and preassembled when dispatching from the factory for described terminal unit, this program is for the safety of user
It is safe for information, can run.The authority of normal users is to run or use some to apply,
As: open game application, and use described game application, user security information can not be obtained, also
Any operation to terminal unit can not be realized, such as: some the fixing ginseng in amendment terminal unit system
Number, or the safety information etc. of the terminal unit user of record eventually, and more higher authority than normal users authority
Refer to can some preset parameter of terminal unit arbitrarily be revised, or obtain terminal unit record at end
The safety information of user, run a certain application in predetermined application program in described terminal unit
User can be allowed to obtain the described corresponding authority of application, if the authority of described application is can be in amendment system
Some parameter, then now user obtain amendment system parameters authority.User can be allowed running
When obtaining the program of higher authority, described user is taken as the manager of described terminal unit, and now user gathers around
The highest weight having described terminal unit limits, and described terminal unit can be carried out by user by this highest weight limit
Arbitrary operation.
Hacker obtains the method for the safety information of user can two kinds: 1, by run terminal unit eventually in
The preassembled program that user can be allowed to obtain higher authority;2, implant permissible eventually at described terminal unit
Obtain the program of higher authority.Can be stoped by step 102 and obtain user security information by the second
Method, by step 102 judge described application program be whether hacker implant can obtain use
After the program of the higher authority in family, need determine whether run described terminal unit in preassembled can
Whether pretended with the program allowing user obtain higher authority.
Step 103, described terminal unit judges the fingerprint of described application program and predetermined described application
The fingerprint of program is the most identical, if identical, then perform step 104, runs if it is different, then stop
Described application program, and report to the holder of described terminal unit.
Described fingerprint is to carry out calculated according to preset algorithm to the information in described application program;
Wherein, described fingerprint is one to one with the information in described application program.
The fingerprint of predetermined described application program is stored in described terminal unit the storage that can not be modified
In space;
Described terminal unit judges the fingerprint of described application program and the fingerprint of predetermined described application program
The most identical, particularly as follows:
The fingerprint of the described application program obtained is sent to described memory space by described terminal unit;
Described terminal unit judges that in described memory space the fingerprint of described application program is the most true with described
The fingerprint of fixed described application program is the most identical.
Concrete, described terminal unit be had more Gao Quan by can be allowed user by installing in advance before dispatching from the factory
The application program of limit, and fingerprint corresponding for described application program is stored in and can not be revised by any user
Memory space in, described fingerprint is according to the content information meter in described application program by preset algorithm
Obtaining, described algorithm in advance can be MD5 (Message-Digest Algorithm 5, information
Digest algorithm 5), naturally it is also possible to for other algorithms, the present invention can be determined not by preset algorithm
With the different fingerprints that application program is corresponding, the most all contents that can allow different application determine difference
The algorithm of fingerprint belong to protection scope of the present invention, owing to described fingerprint is according in application program
Content obtains, and therefore, predetermined in hacker is to described terminal unit user can be allowed to obtain more
After the application program of high authority pretends, such as: revise application name, add in the application
Rubbish code, it is added with beneficially hacker in the application and controls the program etc. of described terminal unit, described
Content in application program all can occur to change accordingly, further, through MD5 algorithm to described
The fingerprint that content in application program obtains when calculating can change, now, if run is
The predetermined application program that user can be allowed to obtain higher authority, then this application program with deposit in advance
The fingerprint of the described application program of storage is different, therefore, and can be by hacker to described by step 103
Journey after the predetermined application program that user can be allowed to obtain higher authority pretends in terminal unit
Sequence detects.
When fingerprint is detected, can the application program currently run is sent to described can not be by
Detect, in case carrying out in the space that can be modifiable by the user in the memory space of any user amendment
During detection, the described fingerprint prestored, by malicious modification, the invention aims to prevent fingerprint from existing
The fingerprint prestored when contrasting is by malice, and the most all being prevented from when contrasting maliciously is repaiied
The method changing the fingerprint prestored belongs to protection scope of the present invention.
Wherein, owing to fingerprint is that the information in application program determines, therefore, in fingerprint and application program
Content be relation one to one.
Step 104, described terminal unit runs described application program.
The present invention is according to obtaining the current application program preparing and running, and judges that whether described application program is
Predetermined application program, if it is, continue the fingerprint judging described application program with predetermined
The fingerprint of described application program the most identical, if the most identical, described terminal unit runs described application
Program, what the present invention either implanted can allow user the obtains application program of higher authority, or illegally
Which kind of camouflage present invention is the program of lifting user right carry out can effectively be detected, it is ensured that user
The safety of information.
In order to the technological thought of the application is expanded on further, in conjunction with concrete application scenarios, to the application
Technical scheme illustrate, concrete, when described terminal unit is smart mobile phone, the behaviour of described mobile phone
It is Android Android (operating system of a kind of intelligent terminal) system, wherein, described mobile phone as system
In prestored a program that user can be allowed to obtain higher authority, and the fingerprint of described program is deposited
At trustzone, (a kind of secure file system, described system can not be broken, and storage in storage
Can not be modified in the content of file system) in, and hew out in trustzone and exclusively carry out
The TA (trust application, trusted application) of MD5 value detection, wherein said fingerprint is logical
Cross the MD5 value that MD5 algorithm obtains according to the content in the program prestored.
From the perspective of kernel (a kind of operating system nucleus), any program goes for root and (is
The one of system authority, having ROOT is super administrator's account in system, and the account has whole system
The supreme power of system) a kind of method of authority: go out one newly by process fork with root authority
Process then call by exec system in new process and run new procedures, the most all use that can allow
Family has in process all subprocess in a special processing of root authority to be run, wherein, and described spy
Different process is to run the process of root authority specially.
Described mobile phone is Checkpointing in the system of exec is called, and whether detects new procedures to be performed
Preassembled program in mobile phone, if it is, described mobile phone by the title of described program and is calculated by MD5
The MD5 value that method obtains according to the content in described program is sent collectively to trustzone, in trustzone
TA determine whether there is the title identical with described program name, if it does, represent that described program is
Prestore, then continue detection MD5 value the most identical, if it does not, represent that described program is not
Mobile phone prestores, is the most implanted, need to terminate running described program.
When needs continuation detection MD5 value is the most identical, described mobile phone is continued by the TA in truezone
Continue and compare the described journey prestored in the MD5 value and truezone obtained according to the content in described program
MD5 value corresponding to sequence title is the most identical, if identical, then it represents that the described program of operation would be to deposit in advance
Store up in mobile phone, and be not modified, it is believable program, now, described mobile phone continues fortune
The described program of row, if it is not the same, represent that described program is not the program prestored in mobile phone, described
Program is modified, therefore, incredible program during the described program of operation, need to stop it to run,
And by test results report to user.
Conceive based on the application as said method, the invention allows for a kind of terminal unit, such as figure
Described in 2, this device end includes:
Acquisition module 21, for obtaining the current application program preparing and running;
First judge module 22, is used for judging whether described application program is predetermined application program;
Second judge module 23, if predetermined application program, is used for judging described application program
Fingerprint the most identical with the fingerprint of predetermined described application program;
Run module 24, if identical with the fingerprint of predetermined described application program, be used for running described
Application program.
It is preassembled that described predetermined application program belongs to described terminal unit, and needs ratio normal
The application program that the higher authority of user right could perform;
Described authority more higher than normal users authority is for allowing user control described terminal according to self-demand
Equipment is so that user reaches arbitrarily to operate the authority of described terminal unit.
Described fingerprint is to carry out calculated according to preset algorithm to the information in described application program;
Wherein, described fingerprint is one to one with the information in described application program.
The fingerprint of predetermined described application program is stored in described terminal unit the storage that can not be modified
In space;
Described second judge module, specifically for:
The fingerprint of the described application program obtained is sent to described memory space;
The fingerprint of described application program and described predetermined described application is judged in described memory space
The fingerprint of program is the most identical.
Described acquisition module, specifically for:
Judge currently whether establish new process;
If established, obtain the application program preparing to run that described process is corresponding.
The present invention is according to obtaining the current application program preparing and running, and judges that whether described application program is
Predetermined application program, if it is, continue the fingerprint judging described application program with predetermined
The fingerprint of described application program the most identical, if the most identical, described terminal unit runs described application
Program, what the present invention either implanted can allow user the obtains application program of higher authority, or illegally
Which kind of camouflage present invention is the program of lifting user right carry out can effectively be detected, it is ensured that user
The safety of information.
One of ordinary skill in the art will appreciate that: realize all or part of step of above-mentioned each method embodiment
Suddenly can be completed by the hardware that programmed instruction is relevant.Aforesaid program can be stored in a computer can
Read in storage medium.This program upon execution, performs to include the step of above-mentioned each method embodiment;And
Aforesaid storage medium includes: ROM, RAM, magnetic disc or CD etc. are various can store program code
Medium.
Device embodiment described above is only schematically, the list wherein illustrated as separating component
Unit can be or may not be physically separate, and the parts shown as unit can be or also
Can not be physical location, i.e. may be located at a place, or at least two network can also be distributed to
On unit.Some or all of module therein can be selected according to the actual needs to realize the present embodiment
The purpose of scheme.Those of ordinary skill in the art are not in the case of paying performing creative labour, the most permissible
Understand and implement.
Last it is noted that various embodiments above is only in order to illustrate technical scheme, rather than right
It limits;Although the present invention being described in detail with reference to foregoing embodiments, this area common
Skilled artisans appreciate that the technical scheme described in foregoing embodiments still can be modified by it,
Or the most some or all of technical characteristic is carried out equivalent;And these amendments or replacement, and
The essence not making appropriate technical solution departs from the scope of various embodiments of the present invention technical scheme.
Claims (10)
1. the detection method of an authority, it is characterised in that described method includes:
Terminal unit obtains the current application program preparing and running;
Described terminal unit judges whether described application program is predetermined application program;
If it is, described terminal unit judges the fingerprint of described application program and predetermined described application journey
The fingerprint of sequence is the most identical;
If identical, described terminal unit runs described application program.
2. method as claimed in claim 1, it is characterised in that described predetermined application program belongs to
Described terminal unit is preassembled, and need that authority more higher than normal users authority could perform should
Use program;
Described authority more higher than normal users authority is for allowing user control described terminal according to self-demand
Equipment is so that user reaches arbitrarily to operate the authority of described terminal unit.
3. method as claimed in claim 1, it is characterised in that described fingerprint is to institute according to preset algorithm
The information in application program of stating carries out calculated;
Wherein, described fingerprint is one to one with the information in described application program.
4. method as claimed in claim 1, it is characterised in that the fingerprint of predetermined described application program
It is stored in described terminal unit in the memory space that can not be modified;
Described terminal unit judges the fingerprint of described application program and the fingerprint of predetermined described application program
The most identical, particularly as follows:
The fingerprint of the described application program obtained is sent to described memory space by described terminal unit;
Described terminal unit judges that in described memory space the fingerprint of described application program is the most true with described
The fingerprint of fixed described application program is the most identical.
5. method as claimed in claim 1, it is characterised in that terminal unit obtains what current preparation ran
Application program, particularly as follows:
Described terminal unit judges currently whether establish new process;
If established, described in the acquisition of described terminal unit, carry out the application program preparing to run of correspondence.
6. a terminal unit, it is characterised in that described equipment includes:
Acquisition module, for obtaining the current application program preparing and running;
First judge module, is used for judging whether described application program is predetermined application program;
Second judge module, if predetermined application program, for judging described application program
Fingerprint is the most identical with the fingerprint of predetermined described application program;
Run module, if identical with the fingerprint of predetermined described application program, be used for running described answering
Use program.
7. equipment as claimed in claim 6, it is characterised in that described predetermined application program belongs to
Described terminal unit is preassembled, and need that authority more higher than normal users authority could perform should
Use program;
Described authority more higher than normal users authority is for allowing user control described terminal according to self-demand
Equipment is so that user reaches arbitrarily to operate the authority of described terminal unit.
8. equipment as claimed in claim 6, it is characterised in that described fingerprint is to institute according to preset algorithm
The information in application program of stating carries out calculated;
Wherein, described fingerprint is one to one with the information in described application program.
9. equipment as claimed in claim 6, it is characterised in that the fingerprint of predetermined described application program
It is stored in described terminal unit in the memory space that can not be modified;
Described second judge module, specifically for:
The fingerprint of the described application program obtained is sent to described memory space;
The fingerprint of described application program and described predetermined described application is judged in described memory space
The fingerprint of program is the most identical.
10. equipment as claimed in claim 6, it is characterised in that described acquisition module, specifically for:
Judge currently whether establish new process;
If established, obtain the application program preparing to run that described process is corresponding.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510784171.2A CN105868623A (en) | 2015-11-13 | 2015-11-13 | Permission detection method and terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510784171.2A CN105868623A (en) | 2015-11-13 | 2015-11-13 | Permission detection method and terminal equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105868623A true CN105868623A (en) | 2016-08-17 |
Family
ID=56624349
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510784171.2A Pending CN105868623A (en) | 2015-11-13 | 2015-11-13 | Permission detection method and terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105868623A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070283162A1 (en) * | 2004-12-13 | 2007-12-06 | Masao Nonaka | Unauthorized Device Detection Device, Unauthorized Device Detection System, Unauthorized Device Detection Method, Program, Recording Medium, and Device Information Update Method |
| CN102004879A (en) * | 2010-11-22 | 2011-04-06 | 北京北信源软件股份有限公司 | Method for identifying credible progress |
| CN103514397A (en) * | 2013-09-29 | 2014-01-15 | 西安酷派软件科技有限公司 | Server, terminal and authority management and permission method |
| CN104660606A (en) * | 2015-03-05 | 2015-05-27 | 中南大学 | Method for remotely monitoring safety of application program |
-
2015
- 2015-11-13 CN CN201510784171.2A patent/CN105868623A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070283162A1 (en) * | 2004-12-13 | 2007-12-06 | Masao Nonaka | Unauthorized Device Detection Device, Unauthorized Device Detection System, Unauthorized Device Detection Method, Program, Recording Medium, and Device Information Update Method |
| CN102004879A (en) * | 2010-11-22 | 2011-04-06 | 北京北信源软件股份有限公司 | Method for identifying credible progress |
| CN103514397A (en) * | 2013-09-29 | 2014-01-15 | 西安酷派软件科技有限公司 | Server, terminal and authority management and permission method |
| CN104660606A (en) * | 2015-03-05 | 2015-05-27 | 中南大学 | Method for remotely monitoring safety of application program |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106991324B (en) | Malicious code tracking and identifying method based on memory protection type monitoring | |
| US20090193211A1 (en) | Software authentication for computer systems | |
| KR20190067542A (en) | Computing apparatus and method thereof robust to encryption exploit | |
| US10826919B2 (en) | Methods and cloud-based systems for protecting devices from malwares | |
| CN110233817B (en) | Container safety system based on cloud computing | |
| CN102110213B (en) | Detection of hidden object in computer system | |
| CN107851159B (en) | Control configuration data storage | |
| CN102208004B (en) | Method for controlling software behavior based on least privilege principle | |
| JP2019527877A (en) | Automatic distribution of PLC virtual patches and security context | |
| CN111400723A (en) | TEE extension-based operating system kernel mandatory access control method and system | |
| KR20160110276A (en) | Method and apparatus for generating Dynamic Secure Module | |
| CN107818028A (en) | A kind of computer data backup and restoring method | |
| CN106997435A (en) | A kind of method of operating system security prevention and control, apparatus and system | |
| CN109347876A (en) | A kind of safety defense method and relevant apparatus | |
| KR101436404B1 (en) | User authenticating method and apparatus | |
| CN108197468A (en) | A kind of Intranet attack intelligent protection system of mobile memory medium | |
| CN105868623A (en) | Permission detection method and terminal equipment | |
| CN104462989A (en) | Method and system for installing application program between multiple systems and terminal | |
| CN111159714B (en) | Method and system for verifying credibility of main body in operation in access control | |
| CN106022105B (en) | A kind of command processing method and device | |
| KR20190038018A (en) | Apparatus for defending of unauthorized change of program and method for the same | |
| CN108846281A (en) | Root authority acquisition methods, device, terminal device and storage medium | |
| CN108377242A (en) | A kind of computer network security detection method | |
| CN113836529A (en) | Process detection method, device, storage medium and computer equipment | |
| CN112817833A (en) | Method and device for monitoring database |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160817 |
|
| WD01 | Invention patent application deemed withdrawn after publication |