CN105930720A - Method and system for implementing human-computer interaction with device security - Google Patents

Method and system for implementing human-computer interaction with device security Download PDF

Info

Publication number
CN105930720A
CN105930720A CN201610291325.9A CN201610291325A CN105930720A CN 105930720 A CN105930720 A CN 105930720A CN 201610291325 A CN201610291325 A CN 201610291325A CN 105930720 A CN105930720 A CN 105930720A
Authority
CN
China
Prior art keywords
identity
response
application
sensitive
api
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610291325.9A
Other languages
Chinese (zh)
Inventor
孙国峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Yuanxin Science and Technology Co Ltd
Original Assignee
Beijing Yuanxin Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Yuanxin Science and Technology Co Ltd filed Critical Beijing Yuanxin Science and Technology Co Ltd
Priority to CN201610291325.9A priority Critical patent/CN105930720A/en
Publication of CN105930720A publication Critical patent/CN105930720A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

The present application discloses a method and system for implementing human-computer interaction with device security. The method comprises monitoring call of an graphics application programming interface (API) by a device application; in response to capture the monitored call of the graphics API, comparing an incoming parameter of the graphics API with a preset sensitive rule base content; in response to partial content of a sensitive rule base contained in the incoming parameter, checking an identity signature of the application; and in response to the failed identity signature, terminating the execution of the call or sending an operable warning message to a user. According to the method and system disclosed by the present invention, fraud actions of malicious applications can be prevented, or a warning is issued for potential risks so as to reduce the risk of malicious attacks.

Description

A kind of method and system realized with the safe man-machine interaction of equipment
Technical field
The application relates to electricity digital data processing field, particularly relates to a kind of realization and the safe man-machine interaction of equipment Method and system.
Background technology
The development advanced by leaps and bounds along with mobile software development, application on the mobile apparatus becomes increasingly complex, very It is required for time many creating the human-computer interaction interface being responsible for, for user's input information, and output feedback letter Breath is to user.Wherein, many times user's input on interface includes user with the output on interface Identity information, account information, password, password etc. is the most sensitive and important for the security of user Data.For example, paying by mails under environment, user to input the poles such as the account of oneself, card number and password For sensitive data.And in payment process, application also can show such as account information, account on interface The data highstrung to user such as remaining sum, addresses of items of mail, phone number, home address.
During mutual, application scenarios is the most complicated, and the data class related to is the most, the sensitivity of data Degree is the highest, occurs the risk attacked the biggest.
Attack pattern based on human-computer interaction interface common are:
A) malicious application creates fraudulent human-computer interaction interface, in real world devices, is covered in conjunction by force The top of method application, i.e. at the less coordinate of Z-direction, so that user takes for the boundary of malicious application Face is created by valid application.Certainly malicious application can also create fraudulence when valid application does not start Human-computer interaction interface.User's input results on the interface that malicious application creates will be cut by malicious application Obtain.User's input can be transmitted to valid application by malicious application, then self is hidden or directly exits, Thus reach the effect of similar man-in-the-middle attack;
B) input of user need the interrupt processing function by touch screen just can be converted to application program can The data processed.Malicious code can change interrupt vector by certain technological means, thus complete to The intercepting of family input.The most such as fingerprint collecting, iris capturing etc. have same problem, if interrupting ringing Function is answered not to be effectively protected, then it cannot be guaranteed that the safety of data;
C) by the real-time monitoring to drawing function system call entry, the diagram parameter that user is incoming is intercepted and captured;
D) by the attack to drawing buffer district, intercept and capture buffer contents, obtained by the identification in later stage and use Family secret data etc..
Reveal phone number and home address, substantial amounts of refuse messages or fraudulent call may be faced, and if Reveal account, password, then likely result in serious property loss.The demand of secure interface is the most day by day Highlight.
Along with the use of ARM TrustZone security solution is increasingly extensive, increasing application starts The so-called secure interface scheme realized based on above-mentioned security solution is used to realize the man-machine interaction of oneself Interface.Use secure interface scheme, it is ensured that it is under trusted computation environment that application creates the process at interface Carry out, or by certain encryption or verification scheme protected, and ensure this interface display at Z axis top, one Determine to alleviate in degree by the possibility of malicious attack.
But, can not be fully solved by creating false human-computer interaction interface based on secure interface scheme, enter The means that row fraudulence is attacked, because it belongs to social engineering category.The man machine interface of valid application is once Being identified by malicious application, the latter still can create has fraudulent false interface, misleads user. Although by the protection in the Z of display buffer, malicious application cannot simply cover the people of valid application Above machine interface, but it still can be by induction user so that it is input sensitive information wherein.Such as, Then one malicious application can select eject the man machine interface of oneself suitable opportunity by hiding on backstage, By epigamic word and pattern so that user takes for this interface and created by another valid application, And operate on the surface.Control is accessed owing to malicious application is not attempted to carry out any routine that triggers Action, thus without the attention causing system.
Summary of the invention
An object of the application is to provide a kind of and equipment man-machine interaction method and system, and it can stop evil The deceptive practices of meaning application, or potential risks are sounded a warning, to reduce malicious application (attack) Risk.
An object of the application is realized by a kind of method realized with the safe man-machine interaction of equipment, and the method includes:
Drawing application programming interface API is called by monitoring device application;
In response to capturing the calling of drawing API of monitoring, by the incoming parameter of drawing API with pre-set Sensitive pattern storehouse content compare;
Comprise the partial content in described sensitive pattern storehouse in response to described incoming parameter, verify the body of described application Part signature;
In response to identity signature sign test failure, the execution called described in termination or send exercisable to user Warning message.
An object of the application is also realized by a kind of system realized with the safe man-machine interaction of equipment, and this system includes:
Monitoring module, calls drawing application programming interface API for monitoring device application;
Comparing module, in response to capturing the calling of drawing API of monitoring, incoming by drawing API Parameter is compared with the sensitive pattern storehouse content pre-set;
Signature verification module, for comprising the partial content in described sensitive pattern storehouse in response to described incoming parameter, Verify the identity signature of described application;
Call execution module, in response to identity signature sign test failure, the execution called described in termination or Exercisable warning message is sent to user.
In the present invention, term " sensitive " refers to relevant with equipment use and/or user information safety.Such as, Sensitive information such as account, password, phone number etc..
For the developer of malicious application, two kinds of methods are had to create the fraudulence interface of falseness: to use GUI Storehouse API shows word identical with valid application on a user interface, or has more the literary composition of trick property Word, reaches the purpose of deception;Use drawing API directly using the interface bitmap of valid application as false interface Background, only create input control thereon.
The inventive method or system are by being monitored above-mentioned two group interfaces in real time, thus work as and occur attempting to show Show specific sensitive character string, or when drawing the image being consistent with the sensitive interface bitmap characteristic recorded, The identity of application is verified, thus stops the deceptive practices of malicious application, or potential risks are carried Go out warning, to lower the risk of this attack.
The inventive method or system can apply to any operating system needs to realize the software of man machine interface or Service, by the real-time monitoring to drawing interface, detects potential man machine interface fraud.Main should Include but not limited to by scene: E-Payment, authentication and system are arranged.
Accompanying drawing explanation
The present invention will be below with reference to accompanying drawing and combine preferred embodiment and illustrate more completely.
Fig. 1 is the flow chart of the embodiment according to the inventive method.
Fig. 2 is the flow chart of another embodiment according to the inventive method.
Fig. 3 is the structural representation of the embodiment according to present system.
Fig. 4 is the structural representation of another embodiment according to present system.
For clarity, the figure that these accompanying drawings are schematically and simplify, they only give for understanding this The necessary details of invention, and omit other details.
Detailed description of the invention
By detailed description given below, the scope of application of the present invention will be apparent to.But, it should reason Solving, while detailed description and object lesson show the preferred embodiment of the present invention, they are only for illustration purpose Be given.
Fig. 1 shows the embodiment for realizing the method with the safe man-machine interaction of equipment according to the present invention Flow chart, the method is with common Linux and derivative operating system thereof for reference to platform, aforementioned operation System runs on the CPU of x86 framework, has the windows system of the X Windows structure of standard.Should Method starts from step S10, and the Selinux in activation system accesses to protect such as system break vector table etc. Important kernel resources is not arbitrarily accessed;Set up sensitive character string and/or sensitive bitmap rule base, will be specific Character string or image add monitoring rules data base, and this storehouse has local cache version.In an embodiment, rule Then storehouse has long-range updating ability.Sensitive character string such as pass word, " password ", " Alipay " etc., The bitmap etc. of the login payment interface of sensitive bitmap such as Alipay.Afterwards, process and proceed to step S20, make With Selinux, revise its configuration file, i.e. access vector AVC to be similar to draw title bar, Rendering text label, input frame default value is set and using bitmap as the drawing API such as background of a form That calls calls, and triggers Selinux readjustment.Above-mentioned rule is not limited in the non-prompting region at interface and shows Character or picture, one character introduction Alipay using method of such as one interface display, will not trigger these rule Forbidding then.Afterwards, in step S30, drawing API is called by monitoring device application.Afterwards, in step Rapid S40, when user calls a certain monitored drawing API, this drawing API Calls is caught by Selinux Obtaining, the incoming content of parameter of operating system drawing API is audited by the call back function of Selinux.Examination & verification Mode is for carrying out retrieving comparison according to type and rule base content by content of parameter.If in incoming parameter also Without any sensitive content, do not coincide with the arbitrary specific bit generation comparison in rule base, then examination & verification is passed through, Process proceeds to step S80, and drawing API calls normal execution.
About the comparison of image, having a lot of available method, the more commonly used is perception hash algorithm.Common Perception hash algorithm have aHash, pHash and dHash.Wherein the ultimate principle of aHash is as follows:
1) minification: the quickest way removing high frequency and details is to reduce picture, and picture is narrowed down to 8 × 8 Size, 64 pixels altogether.Do not keep aspect ratio, only need to be become the square of 8 × 8.This Sample just can compare the picture of arbitrary size, abandons different size, picture difference that ratio is brought.
2) color is simplified: the little picture of 8 × 8 is converted into gray level image.
3) meansigma methods is calculated: calculate the average gray of all 64 pixels.
4) gray scale of compared pixels: by the gray scale of each pixel, compare with meansigma methods.More than or etc. In meansigma methods, it is designated as 1;Less than meansigma methods, it is designated as 0.
5) hash value is calculated: by the comparative result of previous step, combine, just constitute one 64 Integer, here it is the fingerprint of this pictures.
The ultimate principle of above-mentioned three kinds of algorithms is close, but present invention preferably employs dHash algorithm, because it is held concurrently There is advantage fastest, that efficiency is high.Its rudimentary algorithm is as follows:
1) picture is reduced: be retracted to the size of 9 × 8, a total of 72 pixels.
2) it is converted into gray-scale map: the picture after scaling is converted into the gray-scale map on 256 rank.
3) difference value is calculated: dHash algorithm works between adjacent pixels, the most often between 9 pixels of row Create 8 different differences, altogether 8 row, then create 64 difference value.
4) fingerprint is obtained: if brighter on the right of the pixel ratio on the left side, be then recorded as 1, be otherwise 0.
If incoming parameter comprising sensitive content or coincideing with the arbitrary specific bit in rule base, then locate Reason proceeds to step S50, triggers the further veritification to caller identity.In an embodiment, to caller Identity signing certificate carry out sign test.Such as authentication failed, it is determined that for abnormal conditions, process and proceed to step S60, refusal caller is asked or sends the manipulable warning message of user.If certificate verifies successfully, Then process and proceed to step S70, check that the developer whether rule is applied caller has special wanting further Ask, such as: any other software that " Alipay " cannot be paid for outside precious client software shows, Otherwise it is assumed that be potential fraud.If application identity and rule require not correspond, then process and proceed to Step S60, refusal caller request;Otherwise, process and proceed to step S80, according to normal process logic, Carry out interface drafting.
Said method passes through real-time monitoring system drawing API (application programming interface), for attempting to show Showing have epigamic word potentially, and show calling of inducing feature graph image, it is right to trigger The mechanism of the real-time authentication of application identity.This mechanism is primarily directed to malicious application, by creating fraudulence people Machine interface, induction user inputs sensitive information, thus illegally intercepts and captures, stores that the most remotely to send these sensitive A kind of mean of defense of the attack means of information.
Fig. 2 shows the flow chart of another embodiment of the inventive method, and the method for this embodiment is applied to tool There is built-in TrustZone safety approach (credible execution environment is provided), use Android as operation system The mobility device of system.In an embodiment, credible execution environment may be used without integrated platform safe processor The AMD processor of PSP is implemented.Specifically, the method for this embodiment starts from step S10 ', in system In enable SEAndroid access control mechanisms, to ensure that system is called vector table and is not tampered with;Set up sensitivity Character string and sensitive bitmap rule base, this storehouse has local cache version, and has long-range updating ability. In step S20 ', use SEAndroid, revise its configuration file, i.e. access vector AVC to class It is similar to draw title bar, rendering text label, arrange input frame default value and using bitmap as a form The calling of the drawing API Calls such as background, trigger SEAndroid readjustment.Afterwards, in step S30 ', prison Drawing API is called by the application of control equipment.Afterwards, in step S40 ', call a certain monitored user During drawing API, this drawing API Calls is captured by SEAndroid, and the readjustment of SEAndroid is right In Android ccf layer, the incoming content of parameter of drawing API is audited.If incoming parameter there is no Any sensitive content, does not coincide with the arbitrary specific bit generation comparison in rule base, then examination & verification is passed through, Process proceeds to step S80 '.
If incoming parameter comprising sensitive content or coincideing with the arbitrary specific bit in rule base, then locate Reason proceeds to step S50 ', trigger the further veritification to caller identity.In an embodiment, to caller Identity signing certificate carry out sign test.Such as authentication failed, it is determined that for abnormal conditions, process and proceed to step S60 ', refusal caller is asked or sends the manipulable warning message of user.If certificate verifies successfully, Then process and proceed to step S70 ', check that the developer whether rule is applied caller has special wanting further Ask.If application identity and rule require not correspond, then process and proceed to step S60 ', refusal caller please Ask;Otherwise, process proceeds to step S80 '.
In step S80 ', drawing manager passes through TrustZone secured user interface customer interface, will draw Request is sent to TrustZone credible execution environment.Afterwards, process and proceed to step S90 ', credible execution Drawing application corresponding in environment, according to the content of request, draws and fills drawing buffer district, finally show Display device surface in equipment.
Secure interface based on TrustZone ensure that this drafting action will not be maliciously tampered, and also will not There is the possibility that malice or false UI are capped in Z-direction, therefore can ensure that plotting motion and display are slow Rush the safety in district.
Fig. 3 schematically shows the system for realization and the safe man-machine interaction of equipment according to the present invention One embodiment, this system includes monitoring module 10, applies drawing application programming interface for monitoring device API calls;Comparing module 20, is used for calling in response to the drawing API capturing monitoring, will draw The incoming parameter of API is compared with the sensitive pattern storehouse content pre-set;Signature verification module 30, uses In comprising the partial content in described sensitive pattern storehouse in response to described incoming parameter, verify the identity of described application Signature;Call execution module 40, for failed in response to identity signature sign test, the execution called described in termination Or send exercisable warning message to user.
Fig. 4 schematically shows the system for realization and the safe man-machine interaction of equipment according to the present invention Another embodiment, the system of this embodiment, in addition to all modules including system shown in Figure 3, also includes: Identity checks module 50, in response to identity signature sign test success, checking whether the identity of described application accords with Close the appointment identity in described sensitive pattern storehouse;Wherein said execution module of calling is additionally operable to answer in response to described Identity do not correspond with described appointment identity, the execution called described in termination;Drawing request sending module 60, For meeting described appointment identity in response to identity signature sign test success or the identity in response to described application, will Drawing request is sent to credible execution environment;Drafting module 70, for making correspondence in credible execution environment Drawing buffer district is drawn and filled to application of drawing according to the described content drawing request, and shows at described equipment Display surface.
Unless explicitly stated otherwise, singulative " ", " being somebody's turn to do " as used herein all include plural reference (i.e. There is the meaning of " at least ").It will be further understood that terminology used herein " has ", " include " and/or " comprising " show to there are described feature, step, operation, element and/or parts, But do not preclude the presence or addition of other features one or more, step, operation, element, parts and/or its group Close.Term "and/or" includes any and all of one or more relevant item enumerated as used in this Combination.Unless explicitly stated otherwise, the step of any method disclosed herein need not be accurately according to disclosed order Perform.
Some preferred embodiments are in explanation made above, it should be emphasized, however, that the present invention not office It is limited to these embodiments, but can realize with the alternate manner in the range of present subject matter.

Claims (10)

1. the method realized with the safe man-machine interaction of equipment, it is characterised in that described method includes:
Drawing application programming interface API is called by monitoring device application;
In response to capturing the calling of drawing API of monitoring, by the incoming parameter of drawing API with pre-set Sensitive pattern storehouse content compare;
Comprise the partial content in described sensitive pattern storehouse in response to described incoming parameter, verify the body of described application Part signature;
In response to the signature sign test failure of described identity, the execution called described in termination or send can grasp to user The warning message made.
Method the most according to claim 1, it is characterised in that described method also includes:
In response to the signature sign test success of described identity, check whether the identity of described application meets described sensitive rule The then appointment identity in storehouse;
Identity in response to described application does not corresponds with described appointment identity, the execution called described in termination.
Method the most according to claim 1 and 2, it is characterised in that described method also includes:
Described appointment identity is met in response to identity signature sign test success or the identity in response to described application, will Drawing request is sent to credible execution environment;
Application of drawing corresponding in credible execution environment is drawn according to the described content drawing request and fills drawing Relief area, and show the display surface at described equipment.
Method the most according to claim 1 and 2, it is characterised in that described sensitive pattern storehouse content bag Include at least one sensitive character string and/or at least one sensitive interface bitmap characteristic.
Method the most according to claim 1 and 2, it is characterised in that the tune of the drawing API of monitoring With including one of the following or multiple: draw title bar, rendering text label, arrange input frame default value and incite somebody to action Bitmap is as the background of a form.
Method the most according to claim 3, it is characterised in that described credible execution environment uses and props up The AMD processor of the arm processor or integrated platform safe processor PSP of holding TrustZone is implemented.
7. the system realized with the safe man-machine interaction of equipment, it is characterised in that described system includes:
Monitoring module, calls drawing application programming interface API for monitoring device application;
Comparing module, in response to capturing the calling of drawing API of monitoring, incoming by drawing API Parameter is compared with the sensitive pattern storehouse content pre-set;
Signature verification module, for comprising the partial content in described sensitive pattern storehouse in response to described incoming parameter, Verify the identity signature of described application;
Call execution module, in response to identity signature sign test failure, the execution called described in termination or Exercisable warning message is sent to user.
System the most according to claim 7, it is characterised in that described system also includes:
Whether identity checks module, in response to identity signature sign test success, checking the identity of described application Meet the appointment identity in described sensitive pattern storehouse;
Wherein said execution module of calling is additionally operable to the identity in response to described application and described appointment identity not phase Accord with, the execution called described in termination.
9. according to the system described in claim 7 or 8, it is characterised in that described system also includes:
Drawing request sending module, in response to identity signature sign test success or the body in response to described application Part meets described appointment identity, and drawing request is sent to credible execution environment;
Drafting module, for making application of drawing corresponding in credible execution environment according to described request of drawing Drawing buffer district is drawn and filled to content, and shows the display surface at described equipment.
10. according to the system described in claim 7 or 8, it is characterised in that described sensitive pattern storehouse content Including at least one sensitive character string and/or at least one sensitive interface bitmap characteristic.
CN201610291325.9A 2016-05-05 2016-05-05 Method and system for implementing human-computer interaction with device security Pending CN105930720A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610291325.9A CN105930720A (en) 2016-05-05 2016-05-05 Method and system for implementing human-computer interaction with device security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610291325.9A CN105930720A (en) 2016-05-05 2016-05-05 Method and system for implementing human-computer interaction with device security

Publications (1)

Publication Number Publication Date
CN105930720A true CN105930720A (en) 2016-09-07

Family

ID=56835117

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610291325.9A Pending CN105930720A (en) 2016-05-05 2016-05-05 Method and system for implementing human-computer interaction with device security

Country Status (1)

Country Link
CN (1) CN105930720A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101408917A (en) * 2008-10-22 2009-04-15 厦门市美亚柏科资讯科技有限公司 Method and system for detecting application program behavior legality
CN104091125A (en) * 2014-07-18 2014-10-08 北京奇虎科技有限公司 Floating window processing method and device
CN104182687A (en) * 2014-08-01 2014-12-03 北京奇虎科技有限公司 Security detecting method and security detecting device for mobile terminal input window
CN104361281A (en) * 2014-11-17 2015-02-18 西安电子科技大学 Method for solving phishing attack of Android platform
CN104809413A (en) * 2015-05-13 2015-07-29 上海瓶钵信息科技有限公司 Trusted user interface framework of mobile platform based on TrustZone
CN105095751A (en) * 2014-05-07 2015-11-25 中兴软创科技股份有限公司 Method for detecting malicious phishing application for Android platform
WO2016008414A1 (en) * 2014-07-18 2016-01-21 广州金山网络科技有限公司 Security determination method and device for activity of android system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101408917A (en) * 2008-10-22 2009-04-15 厦门市美亚柏科资讯科技有限公司 Method and system for detecting application program behavior legality
CN105095751A (en) * 2014-05-07 2015-11-25 中兴软创科技股份有限公司 Method for detecting malicious phishing application for Android platform
CN104091125A (en) * 2014-07-18 2014-10-08 北京奇虎科技有限公司 Floating window processing method and device
WO2016008414A1 (en) * 2014-07-18 2016-01-21 广州金山网络科技有限公司 Security determination method and device for activity of android system
CN104182687A (en) * 2014-08-01 2014-12-03 北京奇虎科技有限公司 Security detecting method and security detecting device for mobile terminal input window
CN104361281A (en) * 2014-11-17 2015-02-18 西安电子科技大学 Method for solving phishing attack of Android platform
CN104809413A (en) * 2015-05-13 2015-07-29 上海瓶钵信息科技有限公司 Trusted user interface framework of mobile platform based on TrustZone

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
廖义奎: "《Cortex-A9多核嵌入式系统设计》", 30 September 2014 *

Similar Documents

Publication Publication Date Title
JP5674622B2 (en) Security measures for target images displayed in non-secure domains
CN105260663B (en) A kind of safe storage service system and method based on TrustZone technologies
US9317701B2 (en) Security methods and systems
EP2831801B1 (en) Display authentication
CN106575334A (en) Accessing a secured software application
Jo et al. Security analysis and improvement of fingerprint authentication for smartphones
US11074372B2 (en) Smartphone or tablet having a secure display
CN108027853B (en) Multi-user strong authentication token
JP2019510316A (en) Method and device for providing account linking and service processing
CN106650514A (en) Secure input system and method based on TrustZone technology
CN102222292B (en) Mobile phone payment protection method
CN101222334B (en) Cipher token safety authentication method adopting picture interference
CN108694329B (en) Mobile intelligent terminal security event credible recording system and method based on combination of software and hardware
JP2001508892A (en) Method and safety system for handling safety critical activities
US20150172310A1 (en) Method and system to identify key logging activities
AlJarrah et al. Maintaining user interface integrity on Android
CN105912945A (en) Safety reinforcing device and operation method of operating system
WO2011098242A2 (en) System security process method and properties of human authorization mechanism
CN105930720A (en) Method and system for implementing human-computer interaction with device security
CN112041840B (en) Authentication apparatus
CN114006721B (en) E-mail risk detection method and system
Alalayah Pattern Image based Dynamic Framework for Security in Web Application
EP4231178A1 (en) Synthetic biometrics for user privacy
Memon et al. Anti phishing for mid-range mobile phones
GB2421093A (en) Trusted user interface

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20160907

RJ01 Rejection of invention patent application after publication