CN106657022A - Linux network access control method and device - Google Patents
Linux network access control method and device Download PDFInfo
- Publication number
- CN106657022A CN106657022A CN201611053014.5A CN201611053014A CN106657022A CN 106657022 A CN106657022 A CN 106657022A CN 201611053014 A CN201611053014 A CN 201611053014A CN 106657022 A CN106657022 A CN 106657022A
- Authority
- CN
- China
- Prior art keywords
- function
- network access
- network
- application program
- access control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
Abstract
The invention provides a Linux network access control method and device. The method includes receiving an operation command of an application program and obtaining a logo of the application program; loading a preset hijacking function database and a dynamic database; operating the application program and identifying a network access function in the application program; looking up in the hijacking function database according to the operation function and the logo of the application program, wherein the hijacking function database includes the correspondence relationship between the network access function as well as the logo of the application program and a hijacking function; operating the hijacking function if the hijacking function corresponding to the network access function and the logo of the application program and judging whether to call the network access function in the dynamic database or not according to the operation result of the hijacking function. According to the invention, control of network access can be realized in a Linux system aiming at different application programs, so that network access control flexibility is improved.
Description
Technical field
The present invention relates to field of information security technology, more particularly to a kind of Linux method for network access control and device.
Background technology
With the popularization and development of the Internet, applications, various unsafe factors present in internet are also more and more, especially
How it controls the access to external network in the catenet of internal network is provided with, it is ensured that the safety of internal network, is
The important topic of field of information security technology.At present, the method for carrying out NS software commonly used under Linux includes
Iptables and netfilter.If linux system is connected to the server or proxy server of internet, iptables has
Beneficial to more preferable control IP packet filtrations and firewall configuration on linux system.Iptables components are a kind of instruments,
Referred to as user's space, it makes insertion, modification and the rule that removes in packet filtration table become easy;Netfilter components
Referred to as kernel spacing, is a part for kernel, is made up of some packet filtration tables, and these tables are used for control information comprising kernel
The rule set that packet filtering is processed.The method of the existing NS software under linux system, it is right to be substantially based on
The secondary development of iptables and packaging, based on network five-tuple (protocol number, source IP, source port, purpose IP and destination interface),
And it is uniformly controlled network access for the program of all use linux systems, it is impossible to for application program to linux system net
Network is accessed and is controlled.
The content of the invention
Based on this, it is necessary to for the problem that application program is controlled to linux system network access cannot be directed to, carry
For a kind of Linux method for network access control, methods described includes:
The operation order of application program is received, and obtains the mark of application program;
The default abduction function library of loading and dynamic base;
Run the application program and recognize the network access function in the application program;
Function library, the abduction function library are kidnapped according to the identifier lookup of the handling function and the application program
Including the corresponding relation between the network access function, the mark of the application program and abduction function, if finding and institute
The corresponding abduction function of the mark of network access function and the application program is stated, then runs the abduction function, and according to institute
The operation result for stating abduction function judges whether to call the network access function in the dynamic base.
Wherein in one embodiment, the absolute path for kidnapping function library is stored in stage door file.
Wherein in one embodiment, described in the operation result according to the abduction function judges whether to forbid to perform
Network access function, including:
Obtain the network information in the network access function;
According to the network information, external service program is called, and sentenced according to the operation result of the external service program
It is disconnected whether to forbid performing the network access function.
It is described to call external service program wherein in one embodiment, including:
Search default controlling network storehouse;
It is described that external service program is called according to the network information, and tied according to the operation of the external service program
Fruit judges whether to forbid performing the network access function, including:
According to the network information, default controlling network storehouse is searched, if the lookup result in default controlling network storehouse is
Forbid performing the network access function, then do not perform the network access function;
If the lookup result in default controlling network storehouse is called described dynamic to be not prohibited by performing the network access function
Network access function in state storehouse.
Wherein in one embodiment, methods described also includes:
If the lookup result in default controlling network storehouse is to be not prohibited by performing the network access function and the monitoring net
Network access function, then call the network access function in the dynamic base, and the network access function is monitored.
Linux method for network access control provided by the present invention, can be directed to different application journeys in linux system
Sequence kidnaps the network access function of the application program, and judges whether to visit network according to the operation result of the abduction function
Ask and be controlled, improve the flexibility of NS software.
Wherein in one embodiment, Linux method for network access control provided by the present invention can be by outside clothes
Business program is defined and safeguards to the application program that is controlled of needs, there is provided flexible for linux system net
The control that network is accessed.
The present invention also provides a kind of Linux network access control devices, including:
Application program receiver module, for receiving the operation order of application program, and obtains the mark of application program;
Function load-on module, for loading default abduction function library and dynamic base;
Function identification module, for running the application program and recognizing the network access function in the application program;
Access control module, for kidnapping function according to the identifier lookup of the handling function and the application program
Storehouse, the abduction function library includes the network access function, the mark of the application program and kidnaps the correspondence between function
Relation, if finding abduction function corresponding with the mark of the network access function and the application program, operation is described
Function is kidnapped, and judges whether to call the network access function in the dynamic base according to the operation result of the abduction function.
Wherein in one embodiment, function load-on module, for loading default abduction function library, and the abduction letter
The absolute path in number storehouse is stored in stage door file.
Wherein in one embodiment, the access control module, including:
Network information acquiring unit, for obtaining the network access function in the network information;
Access control unit, for according to the network information, calling external service program, and according to the external service
The operation result of program judges whether to forbid performing the network access function.
It is described to call external service program wherein in one embodiment, including search default controlling network storehouse;It is described
Access control unit, for according to the network information, searching default controlling network storehouse, if default controlling network storehouse is looked into
Result is looked for forbid performing the network access function, does not then perform the network access function;If default controlling network storehouse
Lookup result to be not prohibited by performing the network access function, then call the network access function in the dynamic base.
Wherein in one embodiment, the access control unit, if being additionally operable to the lookup knot in default controlling network storehouse
Fruit then calls the network in the dynamic base to be not prohibited by performing the network access function and monitoring the network access function
Access function, and the network access function is monitored.
Linux network access control devices provided by the present invention, can be directed to different application journeys in linux system
Sequence kidnaps the network access function of the application program, and judges whether to visit network according to the operation result of the abduction function
Ask and be controlled, improve the flexibility of NS software.Wherein in one embodiment, Linux nets provided by the present invention
Network access control apparatus can pass through external service program and the application program that needs are controlled is defined and is safeguarded, there is provided
The flexible control for linux system network access.
Description of the drawings
Fig. 1 is the flow chart of the Linux method for network access control in one embodiment;
Fig. 2 is the position view that storehouse is kidnapped in the Linux method for network access control in one embodiment;
Fig. 3 is the flow chart of the Linux method for network access control in another embodiment;
Fig. 4 is the flow chart of the Linux method for network access control in another embodiment;
Fig. 5 is the structure chart of the Linux network access control devices in one embodiment;
Fig. 6 is the structure chart of the Linux network access control devices in another embodiment.
Specific embodiment
Fig. 1 is the flow chart of the Linux method for network access control in one embodiment, an enforcement as shown in Figure 1
Linux method for network access control in example, including:
Step S100, receives the operation order of application program, and obtains the mark of application program.
Specifically, the mark of the application program refers to the mark for distinguishing different application, or distinguishes different answering
With any one in the mark of the feature of program, including programs categories, title, the version number of application program.
Step S200, loads default abduction function library and dynamic base.
Specifically, the default abduction function library, including open series of functions, close functions, create series letters
Number, read functions, write functions, socket operation series functions (socket, listen, bind, connect, send,
Recieve etc.), kill functions etc..
System loads first the abduction function library, reloads dynamic base, i.e., conventional C storehouses.
As shown in Fig. 2 the abduction storehouse that the present embodiment is provided, after loading in linux system position.As shown in Fig. 2
Under user application layer, kidnap warehouse compartment in dynamic base closer to user application layer position, with represent kidnap storehouse in abduction
Function is preferentially called, and such as kidnaps in storehouse and kidnaps function without corresponding, then call the function in dynamic base.In Fig. 2, storehouse is kidnapped
With the kernel portion that dynamic base is all connected to Linux bottoms.Repeat no more.
Step S300, runs the application program and recognizes the network access function in the application program.
Specifically, run after the application program, the networking access function in program is identified, when recognizing network
During access function, that is, carry out subsequent step S400.
Step S400, kidnaps function library according to the identifier lookup of the handling function and the application program, described
Kidnapping function library includes the network access function, the mark of the application program and kidnaps the corresponding relation between function, if
Abduction function corresponding with the mark of the network access function and the application program is found, then runs the abduction letter
Number, and judge whether to call the network access function in the dynamic base according to the operation result of the abduction function.
Specifically, the function library of kidnapping is corresponding between the network access function and the mark and abduction function
Relation, the abduction function includes forbidding running the network access function.For example, when the network for setting certain application program A
When access function open is to need to be prohibited, the network access function open of application program A is kidnapped in function library described,
Correspondence result is to forbid the network access function open of application program A.
When kidnapping function library according to the network access function and the identifier lookup, when the network access function
With the mark in the abduction function library, when existing with the corresponding relation between function is kidnapped, the net of the application program
Network access function needs to be held as a hostage, and while the network access function in calling dynamic base, runs the application program and net
The corresponding abduction function of network access function, and according to the operation result of the abduction function, judge whether to the application program
Network access function be controlled.The operation result for kidnapping function, also including operation external service program etc., according to outer
The operation result of portion's service routine is judged.If the operation result for kidnapping function is to forbid performing the network access letter
Number, then never call the network access function in the dynamic base;If it is described kidnap function operation result for be not prohibited by execution institute
Network access function is stated, then calls the network access function in the dynamic base.
Wherein in one embodiment, if do not find it is right with the mark of the network access function and the application program
The abduction function answered, then call the network access function in the dynamic base.
Specifically, when the network access function and the mark are in the abduction function library, do not exist and kidnap letter
During corresponding relation between number, i.e. search not then in the abduction function library, run the network access in the dynamic base
Function.
The Linux method for network access control that the present embodiment is provided, can be directed to different applications in linux system
Program kidnaps the network access function of the application program, and is judged whether to network according to the operation result of the abduction function
Access is controlled, and improves the flexibility of NS software.Wherein in one embodiment, described abduction function library, absolutely
During stage door file is stored in path, i.e. be stored in/etc/ld.so.preload files in.
The Linux method for network access control that the present embodiment is provided, is stored in described abduction function library backstage and enters
In mouth file, it is ensured that the abduction function library is added prior to dynamic base, the net for being directed to different application is further improved
The efficiency of network access control.
Fig. 3 is the flow chart of the Linux method for network access control in another embodiment, is the method stream shown in Fig. 2
The specific embodiment of step S400 in journey, method for network access control as shown in Figure 3, including:
Step S410, obtains the network information in the network access function.
Specifically, the network information in the network access function, including network source IP address, network purpose IP ground are obtained
The information such as location, the network port.
Step S420, according to the network information, search default controlling network storehouse, if default controlling network storehouse is looked into
Result is looked for forbid performing the network access function, does not then perform the network access function;If default controlling network storehouse
Lookup result to be not prohibited by performing the network access function, then call the network access function in the dynamic base.
Specifically, the default controlling network storehouse, can be the controlling network storehouse of white list property, or black name
The controlling network storehouse of unisexuality matter, can select according to actual needs.
By described controlling network storehouse, it is possible to achieve for specific application program and the specific difference for accessing network
Combined situation, is respectively controlled, and when such as carrying out network access for application program A, forbids it to access network 1 and network 2, but
It is not prohibited by it and accesses network 3 and network 4.
The present embodiment provides the result whether being controlled to the network access function of application program, when the result for being given is
When needing to be controlled, control can be realized by way of calling external program.
The Linux method for network access control that the present embodiment is provided, can be directed to different application programs, using outside
Service routine, is selectively controlled the network access of the application program as needed, improves NS software
Flexibility and specific aim.
Fig. 4 is the flow chart of the Linux method for network access control in another embodiment;Fig. 4 is the method shown in Fig. 2
Another specific embodiment of step S400 in flow process, method for network access control as shown in Figure 4, including:
Step S410, obtains the network information in the network access function.
Specifically, the network information in the network access function, including network source IP address, network purpose IP ground are obtained
The information such as location, the network port.
Step S420 ', according to the network information, default controlling network storehouse is searched, if default controlling network storehouse
Lookup result is to be not prohibited by performing the network access function and monitoring the network access function, then in calling the dynamic base
Network access function, and the network access function is monitored
Specifically, by described controlling network storehouse, it is possible to achieve for specific application program and specific access
The various combination situation of network, while being respectively controlled, the present embodiment provides the network access letter being controlled to needs
While the judgement that number is controlled, network access daily record is recorded, it is not necessary to which calling external program records network access daily record.
The Linux method for network access control that the present embodiment is provided, can be directed to different application programs, using outside
Service routine, is selectively controlled the network access of the application program as needed, and record access access log,
Improve flexibility and the specific aim of NS software.
Fig. 5 be one embodiment in Linux network access control devices structure chart, Linux networks as shown in Figure 5
Access control apparatus, including:
Application program receiver module 100, for receiving the operation order of application program, and obtains the mark of application program;
Function load-on module 200, for loading default abduction function library and dynamic base;
Function identification module 300, for running the application program and recognizing the network access letter in the application program
Number;
Access control module 400, for for according to the identifier lookup of the handling function and the application program
Kidnap function library, the abduction function library include the network access function, the mark of the application program and kidnap function it
Between corresponding relation, if finding abduction function corresponding with the mark of the network access function and the application program,
Judge whether to call the network access function in the dynamic base according to the operation result of the abduction function;If being additionally operable to not look into
Abduction function corresponding with the mark of the network access function and the application program is found, then in calling the dynamic base
Network access function.
The Linux network access control devices that the present embodiment the present embodiment is provided, can be in linux system for not
Same application program kidnaps the network access function of the application program, and is according to the operation result judgement of the abduction function
It is no that network access is controlled, improve the flexibility of NS software.
Fig. 6 is the structure chart of the Linux network access control devices in another embodiment, Linux nets as shown in Figure 6
Network access control apparatus, including:
Network information acquiring unit 410, for obtaining the network access function in the network information,
Access control unit 420, for being used for according to the network information, calls external service program, and according to described
The operation result of external service program judges whether to forbid performing the network access function;It is described to call external service program,
Including the default controlling network storehouse of lookup;For according to the network information, default controlling network storehouse being searched, if default control
The lookup result of network library processed does not then perform the network access function to forbid performing the network access function;If default
Controlling network storehouse lookup result to be not prohibited by performing the network access function, then call the network in the dynamic base to visit
Ask function;If being additionally operable to the lookup result in default controlling network storehouse to be not prohibited by performing the network access function and monitoring institute
Network access function is stated, then calls the network access function in the dynamic base, and the network access function is monitored.
The Linux network access control devices that the present embodiment is provided, can be directed to different application programs, using outside
Service routine, is selectively controlled the network access of the application program as needed, and records network access daily record,
Improve flexibility and the specific aim of NS software.
Embodiment described above only expresses the several embodiments of the present invention, and its description is more concrete and detailed, but and
Therefore the restriction to the scope of the claims of the present invention can not be interpreted as.It should be pointed out that for one of ordinary skill in the art
For, without departing from the inventive concept of the premise, some deformations and improvement can also be made, these belong to the guarantor of the present invention
Shield scope.Therefore, the protection domain of patent of the present invention should be defined by claims.
Claims (10)
1. a kind of Linux method for network access control, it is characterised in that methods described includes:
The operation order of application program is received, and obtains the mark of application program;
The default abduction function library of loading and dynamic base;
Run the application program and recognize the network access function in the application program;
Function library is kidnapped according to the identifier lookup of the handling function and the application program, the abduction function library includes
Corresponding relation between the network access function, the mark of the application program and abduction function, if finding and the net
The corresponding abduction function of mark of network access function and the application program, then run the abduction function, and according to the misfortune
The operation result for holding function judges whether to call the network access function in the dynamic base.
2. Linux method for network access control according to claim 1, it is characterised in that:
The absolute path for kidnapping function library is stored in stage door file.
3. Linux method for network access control according to claim 1, it is characterised in that described according to the abduction letter
Several operation results judges whether to forbid performing the network access function, including:
Obtain the network information in the network access function;
According to the network information, external service program is called, and be according to the judgement of the operation result of the external service program
It is no to forbid performing the network access function.
4. Linux method for network access control according to claim 3, it is characterised in that described to call external service journey
Sequence, including:
Search default controlling network storehouse;
It is described that external service program is called according to the network information, and sentenced according to the operation result of the external service program
It is disconnected whether to forbid performing the network access function, including:
According to the network information, default controlling network storehouse is searched, if the lookup result in default controlling network storehouse is to forbid
The network access function is performed, does not then perform the network access function;
If the lookup result in default controlling network storehouse calls the dynamic base to be not prohibited by performing the network access function
In network access function.
5. Linux method for network access control according to claim 4, it is characterised in that methods described also includes:
If the lookup result in default controlling network storehouse is visited to be not prohibited by performing the network access function and monitoring the network
Function is asked, then calls the network access function in the dynamic base, and the network access function is monitored.
6. a kind of Linux network access control devices, it is characterised in that include:
Application program receiver module, for receiving the operation order of application program, and obtains the mark of application program;
Function load-on module, for loading default abduction function library and dynamic base;
Function identification module, for running the application program and recognizing the network access function in the application program;
Access control module, for kidnapping function library according to the identifier lookup of the handling function and the application program,
The function library of kidnapping includes the network access function, the mark of the application program and kidnaps the correspondence pass between function
System, if finding abduction function corresponding with the mark of the network access function and the application program, runs the misfortune
Function is held, and judges whether to call the network access function in the dynamic base according to the operation result of the abduction function.
7. Linux network access control devices according to claim 6, it is characterised in that:
The function load-on module, is additionally operable to load default abduction function library, and the absolute path for kidnapping function library is protected
In there is stage door file.
8. Linux network access control devices according to claim 6, it is characterised in that the access control module, bag
Include:
Network information acquiring unit, for obtaining the network access function in the network information;
Access control unit, for according to the network information, calling external service program, and according to the external service program
Operation result judge whether to forbid performing the network access function.
9. Linux network access control devices according to claim 8, it is characterised in that:
It is described to call external service program, including search default controlling network storehouse;The access control unit, for according to institute
The network information is stated, default controlling network storehouse is searched, if the lookup result in default controlling network storehouse is to forbid performing the net
Network access function, then do not perform the network access function;If the lookup result in default controlling network storehouse is to be not prohibited by performing
The network access function, then call the network access function in the dynamic base.
10. Linux network access control devices according to claim 9, it is characterised in that:
The access control unit, if being additionally operable to the lookup result in default controlling network storehouse to be not prohibited by performing the network visit
Ask function and monitor the network access function, then call the network access function in the dynamic base, and the network is visited
Ask that function is monitored.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611053014.5A CN106657022B (en) | 2016-11-24 | 2016-11-24 | Linux method for network access control and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611053014.5A CN106657022B (en) | 2016-11-24 | 2016-11-24 | Linux method for network access control and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106657022A true CN106657022A (en) | 2017-05-10 |
CN106657022B CN106657022B (en) | 2019-08-30 |
Family
ID=58811966
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611053014.5A Active CN106657022B (en) | 2016-11-24 | 2016-11-24 | Linux method for network access control and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106657022B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109067793A (en) * | 2018-09-25 | 2018-12-21 | 郑州云海信息技术有限公司 | A kind of method that realizing security protection, equipment and storage medium |
CN112565284A (en) * | 2020-12-14 | 2021-03-26 | 北京梆梆安全科技有限公司 | Access control method and device for components in application program and electronic equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7325251B1 (en) * | 2003-12-16 | 2008-01-29 | Symantec Corporation | Method and system to prevent peer-to-peer (P2P) worms |
CN101847121A (en) * | 2010-05-07 | 2010-09-29 | 北京大学 | Method for discovering software vulnerabilities |
CN105550584A (en) * | 2015-12-31 | 2016-05-04 | 北京工业大学 | RBAC based malicious program interception and processing method in Android platform |
CN105607986A (en) * | 2015-01-06 | 2016-05-25 | 北京志翔科技股份有限公司 | Acquisition method and device of user behavior log data |
-
2016
- 2016-11-24 CN CN201611053014.5A patent/CN106657022B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7325251B1 (en) * | 2003-12-16 | 2008-01-29 | Symantec Corporation | Method and system to prevent peer-to-peer (P2P) worms |
CN101847121A (en) * | 2010-05-07 | 2010-09-29 | 北京大学 | Method for discovering software vulnerabilities |
CN105607986A (en) * | 2015-01-06 | 2016-05-25 | 北京志翔科技股份有限公司 | Acquisition method and device of user behavior log data |
CN105550584A (en) * | 2015-12-31 | 2016-05-04 | 北京工业大学 | RBAC based malicious program interception and processing method in Android platform |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109067793A (en) * | 2018-09-25 | 2018-12-21 | 郑州云海信息技术有限公司 | A kind of method that realizing security protection, equipment and storage medium |
CN112565284A (en) * | 2020-12-14 | 2021-03-26 | 北京梆梆安全科技有限公司 | Access control method and device for components in application program and electronic equipment |
CN112565284B (en) * | 2020-12-14 | 2022-10-21 | 北京梆梆安全科技有限公司 | Access control method and device for components in application program and electronic equipment |
Also Published As
Publication number | Publication date |
---|---|
CN106657022B (en) | 2019-08-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10212134B2 (en) | Centralized management and enforcement of online privacy policies | |
US8316446B1 (en) | Methods and apparatus for blocking unwanted software downloads | |
US8233388B2 (en) | System and method for controlling and tracking network content flow | |
CN102932329B (en) | A kind of method, device and client device that the behavior of program is tackled | |
CN103559446B (en) | Dynamic virus detection method and device for equipment based on Android system | |
CN109818937A (en) | For the control method of Android permission, device and storage medium, electronic device | |
US8844028B1 (en) | Arrangement and methods for performing malicious data detection and information leakage prevention | |
CN103136472A (en) | Method and mobile device of stopping application program to steal privacy | |
JPWO2006103743A1 (en) | Communication control device and communication control system | |
US20090300748A1 (en) | Rule combination in a firewall | |
US7620988B1 (en) | Protocol identification by heuristic content analysis | |
CN106657022A (en) | Linux network access control method and device | |
CN111970233B (en) | Analysis and identification method for network violation external connection scene | |
CN109388963A (en) | A kind of mobile terminal user's private data means of defence and device | |
CN106557694B (en) | Linux file operation monitoring method and device | |
CN107623634A (en) | Service traffics method for routing and its system and mobile electronic device | |
CN106649036B (en) | Linux network access monitoring method and device | |
CN108234484B (en) | Computer readable storage medium for tracing Trojan horse source and Trojan horse source tracing system applying same | |
Zungur et al. | Borderpatrol: Securing byod using fine-grained contextual information | |
CN109784051A (en) | Protecting information safety method, device and equipment | |
CN102769696B (en) | System and method for displaying harassing calls | |
CN102438023B (en) | Method and device for detecting malicious remote procedure call (RPC) behaviors | |
CN109981573B (en) | Security event response method and device | |
CN106778235A (en) | Linux file operation control method and device | |
CN107247901A (en) | Linux functions kidnap method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 100190 Zhongguancun street, Haidian District, Beijing, No. 22, A1305, 13 Applicant after: Beijing net an Technology Limited by Share Ltd Address before: 100190 Beijing City, Haidian District Zhongguancun street, No. 22, building 1301 Applicant before: Beijing Rising Information Technology Co., Ltd |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |