CN106933556A - Method and device for opening driver - Google Patents

Method and device for opening driver Download PDF

Info

Publication number
CN106933556A
CN106933556A CN201511024611.0A CN201511024611A CN106933556A CN 106933556 A CN106933556 A CN 106933556A CN 201511024611 A CN201511024611 A CN 201511024611A CN 106933556 A CN106933556 A CN 106933556A
Authority
CN
China
Prior art keywords
data
target
algorithm
preset
file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201511024611.0A
Other languages
Chinese (zh)
Inventor
杨峰
潘建军
王云峰
苏文杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Baoqu Technology Co Ltd
Original Assignee
Beijing Kingsoft Internet Security Software Co Ltd
Zhuhai Juntian Electronic Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Kingsoft Internet Security Software Co Ltd, Zhuhai Juntian Electronic Technology Co Ltd filed Critical Beijing Kingsoft Internet Security Software Co Ltd
Priority to CN201511024611.0A priority Critical patent/CN106933556A/en
Publication of CN106933556A publication Critical patent/CN106933556A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4411Configuring for operating with peripheral devices; Loading of device drivers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses a method and a device for opening a driver, wherein the method comprises the following steps: processing a process file of a trust process of a target driver by a preset algorithm in advance to obtain first processing data; adding the first processing data into a range corresponding to a preset length of the head of the process file; when a target process wants to open the target driver, processing a process file of the target process by a preset algorithm to obtain second processing data; acquiring data in a range corresponding to a preset length of the head of the process file of the target process; judging whether the second processing data is the same as the obtained data; if so, the target process is represented as a trusted process of the target driver, and the target driver is opened. By applying the embodiment of the invention, the safety of the system is improved.

Description

The deployment method and device of a kind of driver
Technical field
The present invention relates to field of computer technology, the deployment method and device of more particularly to a kind of driver.
Background technology
Driver, generally refers to device driver (Device Driver), is that one kind can make meter The separate procedure of calculation machine and equipment communication.Equivalent to the interface of hardware, operating system only has by this interface, The work of hardware device could be controlled.In particular cases also refer to the application for operating in the software in system kernel layer Program.
In computer systems, then a process can operate this to drive by opening a driver The corresponding logic function of program treatment.When process opens driver, legitimacy can be carried out to process and tested Card.Under normal circumstances, can judge whether the process is to trust the process under catalogue, or the title for judging process Whether it is the process title specified;If it is, by checking, opening driver;Otherwise refusal is opened Driver.
But, above-mentioned verification mode is easy to be simulated by hacker, and such as hacker creates in the case where catalogue is trusted One process is created and the specified process of process title identical one, it is possible to by checking, is opened and is driven Program.Protection effect is poor, influences the security of system.
The content of the invention
The purpose of the embodiment of the present invention is the deployment method and device for providing a kind of driver, is to improve The security of system.
To reach above-mentioned purpose, the embodiment of the invention discloses a kind of deployment method of driver, the side Method includes:
For the process file of the trust process of target drives program, processed with preset algorithm in advance, obtained To the first processing data;
By first processing data addition in the corresponding scope of head preset length of the process file;
When target process is intended to open the target drives program, for the process file of the target process, Processed with preset algorithm, obtained second processing data;
Data in the corresponding scope of head preset length of the process file for obtaining the target process;
Judge whether the second processing data are identical with the data for being obtained;
If it is, representing the trust process that the target process is the target drives program, open described Target drives program.
Optionally, process file is processed with preset algorithm, obtains processing data, including:
The code segment data of process file is read, wherein, the code segment data is the data in code segment;
The code segment data for being read is encrypted using predetermined encryption algorithm, obtains encryption data;
The encryption data is calculated using the preset data digest algorithm, obtains processing data.
Optionally, the preset data digest algorithm is any one in following algorithm,
CRC algorithm, Message Digest 5, Secure Hash Algorithm, the verification of RACE raw integrities Message Digest 5.
Optionally, the length of first processing data is identical with the preset length;The second processing number According to length it is identical with the preset length.
To reach above-mentioned purpose, the embodiment of the invention discloses a kind of device for opening of driver, including: First processing module, add module, Second processing module, acquisition module, judge module and opening module, Wherein,
The first processing module, for the process file of the trust process for target drives program, in advance Processed with preset algorithm, obtained the first processing data;
The add module, for first processing data addition to be preset in the head of the process file In the corresponding scope of length;
The Second processing module, for when target process is intended to open the target drives program, for institute The process file of target process is stated, is processed with preset algorithm, obtain second processing data;
The acquisition module, it is corresponding for obtaining the head preset length of process file of the target process In the range of data;
The judge module, for judge the second processing data with it is described acquisition module obtain data be It is no identical;
The opening module, for being in the case of being, to open the mesh in the judge module judged result Mark driver, wherein, in the judge module judged result in the case of being, the expression target is entered Journey is the trust process of the target drives program.
Optionally, the first processing module, specifically for:
For the process file of the trust process of target drives program, the code segment data of the process file is read;
The code segment data of the process file of the trust process is encrypted using predetermined encryption algorithm, is obtained To the first encryption data;
First encryption data is calculated using the preset data digest algorithm, obtains the first treatment Data;
The Second processing module, specifically for:
When target process is intended to open the target drives program, for the process file of the target process, Read the code segment data of the process file;
The code segment data of the process file of the target process is encrypted using predetermined encryption algorithm, is obtained To and two encryption datas;
Second encryption data is calculated using the preset data digest algorithm, obtains second processing Data.
Optionally, the preset data digest algorithm is any one in following algorithm,
CRC algorithm, Message Digest 5, Secure Hash Algorithm, the verification of RACE raw integrities Message Digest 5.
Optionally, the length of first processing data is identical with the preset length;The second processing number According to length it is identical with the preset length.
As seen from the above technical solutions, the embodiment of the invention provides a kind of deployment method of driver And device, method includes:For the process file of the trust process of target drives program, in advance imputing in advance Method is processed, and obtains the first processing data;By first processing data addition in the process file In the corresponding scope of head preset length;When target process is intended to open the target drives program, for institute The process file of target process is stated, is processed with preset algorithm, obtain second processing data;Obtain described Data in the corresponding scope of head preset length of the process file of target process;Judge the second processing Whether data are identical with the data for being obtained;If it is, representing that the target process is the target drives The trust process of program, opens the target drives program.
The technical scheme provided using the embodiment of the present invention, in an identical manner to trusting process and mesh The process file of mark process is processed, and the processing data of the process file for trust process is added It is added in the corresponding scope of head preset length of the process file, from the process file of target process Data are obtained in the corresponding scope of head preset length, when the treatment of the process file for target process When data are identical with the data obtained from its corresponding scope of head preset length, target process is represented To trust process, then driver is opened.Assuming that the number for trusting process is M, preset length is N (N is the digit of 2 systems), then for the process file process treatment of target process, the treatment for obtaining Data must be 0 to 2N- 1 (totally 2NNumber) in one, then target process is the probability of trust process It is M/2N, it is not (2 to trust the probability of processN-M)/2N;And in the case where M is constant, with The increase of N, does not also increase therewith to trust the probability of process.Therefore and if only if target process for trust into Cheng Shi, could open driver.Even if hacker creates the process of target drives program to be opened, also very Difficulty makes the process file of created process by verification, so as to improve the security of system.
Certainly, implementing any product of the invention or method must be not necessarily required to while reaching above-described institute There is advantage.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to implementing Example or the accompanying drawing to be used needed for description of the prior art are briefly described, it should be apparent that, describe below In accompanying drawing be only some embodiments of the present invention, for those of ordinary skill in the art, do not paying On the premise of going out creative work, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of schematic flow sheet of the deployment method of driver provided in an embodiment of the present invention;
Fig. 2 is a kind of structural representation of the device for opening of driver provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clearly Chu, it is fully described by, it is clear that described embodiment is only a part of embodiment of the invention, rather than Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creation Property work under the premise of the every other embodiment that is obtained, belong to the scope of protection of the invention.
In order to solve prior art problem, the embodiment of the invention provides a kind of driver deployment method and Device.A kind of deployment method of driver provided in an embodiment of the present invention is described in detail first below.
Fig. 1 is a kind of schematic flow sheet of the deployment method of driver provided in an embodiment of the present invention, can be with Including:
S101:For the process file of the trust process of target drives program, in advance with preset algorithm at Reason, obtains the first processing data;
S102:First processing data is added into the corresponding model of head preset length in the process file In enclosing;
S103:When target process is intended to open the target drives program, for the process of the target process File, is processed with preset algorithm, obtains second processing data;
S104:Data in the corresponding scope of head preset length of the process file for obtaining the target process;
S105:Judge whether the second processing data are identical with the data for being obtained, if it is, performing S106;
Wherein, if the second processing data are identical with the data for being obtained, then it represents that target process is mesh Mark the trust process of driver.
S106:Open the target drives program.
Specifically, in actual applications, being processed process file with preset algorithm, processing data is obtained, The code segment data of process file can be read, wherein, the code segment data is the data in code segment; The code segment data for being read is encrypted using predetermined encryption algorithm, obtains encryption data;Using described Preset data digest algorithm is calculated the encryption data, obtains processing data.
Processed to process file process, it is necessary to obtain process file before obtaining processing data.Entered Journey file can obtain the routing information of process file, and process file is obtained according to routing information.
In actual applications, the length of the first above-mentioned processing data is identical with preset length, second processing number According to length it is also identical with preset length.
Exemplary, it is assumed that preset length is 128 (2 binary form), and target drives program name is A (hereinafter referred to as driver A), the process file that it trusts process x is x.exe, wherein, x.exe's Path is:C:\Windows\System32\x.exe.
Obtain the routing information of the process file x.exe of trust process x:C:\Windows\System32\x.exe; The routing information for obtaining file is prior art, and the present invention is not repeated it herein.
After the routing information of process file x.exe of trust process x is obtained, just name can be searched under the path The referred to as process file of x.exe;Obtain process file x.exe;During process file x.exe read into internal memory.
Specifically, in actual applications, process file is loaded into after internal memory, process file correspondence internal memory Included in 5 kinds of different data fields, commonly referred to as BSS sections, data segment, code segment, stack And heap, wherein,
BSS sections (bss segment):Typically refer to of the global variable of no initializtion in storage program Block region of memory.BSS is the abbreviation of English Block Started by Symbol.BSS sections belongs to static memory Distribution.
Data segment (data segment):Typically refer to of the initialized global variable in storage program Block region of memory.Data segment belongs to static memory distribution.
Code segment (code segment/text segment):Typically refer to for deposit program execution code one Block region of memory.The size of this subregion is before program operation just it has been determined that and region of memory is usual Belong to read-only.
Heap (heap):Typically refer to for depositing one piece of region of memory being dynamically allocated in process operation, it Size do not fix, can dynamically be expanded or reduced as.When process calls the function storage allocation such as malloc, Newly assigned internal memory is just added dynamically on heap (heap is expanded);When using function releasing memories such as free, The internal memory being released is removed (heap is contracted by) from heap.
Stack (stack):Stack typically refers to a piece of the local variable that user's storage program is created temporarily also known as storehouse Region of memory.
Therefore, it can be obtained from internal memory the data (code segment data) in the code segment of process file x.exe, Assuming that the code segment data for obtaining is 0101010101111100001010101.Using predetermined encryption algorithm to generation Code segment data 0101010101111100001010101 is encrypted, and obtains the first encryption data, it is assumed that obtain The first encryption data be 101010101010101.Wherein, the embodiment of the present invention is not carried out to AES Limit.
After the first encryption data 101010101010101 is obtained, using preset data digest algorithm to first Encryption data is calculated, and obtains the first processing data.
In actual applications, preset data digest algorithm can for CRC (Cyclic Redundancy Check, CRC) algorithm, the CRC algorithm can be CRC8, CRC16, CRC32.
In actual applications, preset data digest algorithm can also (Message-Digest, message be plucked for MD Will) algorithm, the MD algorithms can be MD2, MD4, MD5.
In actual applications, preset data digest algorithm can also for SHA (Secure Hash Algorithm, Secure Hash Algorithm) algorithm, the SHA algorithms can be SHA1, SHA256, SHA384, SHA512.
In actual applications, preset data digest algorithm can also be RIPEMD (RACE Integrity Primitives Evaluation Message Digest, RACE raw integrities verification message is made a summary) algorithm etc. Deng.
Assuming that the preset data digest algorithm for using is MD5 (Message Digest 5 version 5).Then add to first The result of calculation of ciphertext data 101010101010101 is:
EFD28A15E24BDCEBE49C899D16AED8B8 (16 systems are represented).
Then by EFD28A15E24BDCEBE49C899D16AED8B8 (16 systems are represented) additions in x.exe In head 16 bytes (128) corresponding scope of file.
As target process y driver A to be opened, the path letter of the process file of target process y is obtained Breath;The routing information of the process file according to target process y, obtains the process file of target process;Should Process file is loaded into internal memory, obtains the code segment data of the process file, and obtains process file head Data in 16, portion byte (128) corresponding scope, it is assumed that the data of the process file head of acquisition It is 3D2172418CE305C7D16D4B05597C6A59 (16 bytes);Using above-mentioned AES pair The code segment data of the process file is encrypted, and obtains the second encryption data;Encrypted to second using MD5 Data are calculated, and obtain second processing data, it is assumed that second processing data are: 87BE96790EA277C50F980CE4DF0B4412;Judge second processing data with the process text for obtaining The data of part head are differed, then it represents that target process y is non-trusted process, and driver A is not opened.
If obtained in head 16 bytes (128) corresponding scope of the process file of target process y Data be EFD28A15E24BDCEBE49C899D16AED8B8, enter by target process y The code segment data of journey file is encrypted and to being calculated using MD5 in the data after encryption, obtained Data also be EFD28A15E24BDCEBE49C899D16AED8B8, then processing data now with The data of acquisition are identical, represent that target process y is trust process, open driver A.Target now Process y is also trust process x.
Only in the case where target process is trust process, should could open driver A with the aforedescribed process.
It should be noted that above-mentioned (disappeared with driver A, trust process x, target process y and MD5 Breath digest algorithm version 5) as a example by illustrate, an instantiation only of the invention is not constituted to this hair Bright restriction.
Using embodiment illustrated in fig. 1 of the present invention, trust process and target process are entered in an identical manner Journey file is processed, and will be added in the process for the processing data of the process file of trust process In the corresponding scope of head preset length of file, from the default length of the head of the process file of target process Spend and data obtained in corresponding scope, when the process file for target process processing data with from its When the data obtained in the corresponding scope of head preset length are identical, expression target process is trust process, Then open driver.Assuming that the number for trusting process is M, preset length is that (N is 2 systems to N Digit), then for target process process file process process, the processing data for obtaining must be 0 To 2N- 1 (totally 2NNumber) in one, then target process be trust process probability be M/2N, Not for the probability of trust process is (2N-M)/2N;And in the case where M is constant, with the increase of N, Not for the probability of trust process also increases therewith.Therefore when and if only if target process is trust process, ability Open driver.Even if hacker creates the process of target drives program to be opened, it is also difficult to make to be created Process process file by verification, so as to improve the security of system.
Corresponding with above-mentioned embodiment of the method, the embodiment of the present invention also provides a kind of opening dress of driver Put.
Fig. 2 is a kind of structural representation of the device for opening of driver provided in an embodiment of the present invention, can be wrapped Include:First processing module 201, add module 202, Second processing module 203, acquisition module 204, judgement Module 205 and opening module 206, wherein,
First processing module 201, for the process file of the trust process for target drives program, in advance with Preset algorithm is processed, and obtains the first processing data;
Add module 202, the first processing data for the first processing module 201 to be obtained is added in institute State in the corresponding scope of head preset length of process file;
Second processing module 203, for when target process is intended to open the target drives program, for described The process file of target process, is processed with preset algorithm, obtains second processing data;
Obtain module 204, the corresponding model of head preset length of the process file for obtaining the target process Enclose interior data;
Judge module 205, for judging second processing data and acquisition module that Second processing module 203 is obtained Whether 204 data for obtaining are identical;
Module 206 is opened, for being in the case of being, to open the target in the judged result of judge module 205 Driver, wherein, it is in the case of being, to represent the target process in the judged result of judge module 205 The trust process of the target drives program.
In actual applications, the first processing module 201 described in the embodiment of the present invention, specifically can be used for:
For the process file of the trust process of target drives program, the code segment data of the process file is read;
The code segment data of the process file of the trust process is encrypted using predetermined encryption algorithm, is obtained To the first encryption data;
First encryption data is calculated using the preset data digest algorithm, obtains the first treatment Data;
Second processing module 203 described in the embodiment of the present invention, specifically can be used for:
When target process is intended to open the target drives program, for the process file of the target process, Read the code segment data of the process file;
The code segment data of the process file of the target process is encrypted using predetermined encryption algorithm, is obtained To and two encryption datas;
Second encryption data is calculated using the preset data digest algorithm, obtains second processing Data.
Wherein, the preset data digest algorithm is any one in following algorithm,
CRC algorithm, Message Digest 5, Secure Hash Algorithm, the verification of RACE raw integrities Message Digest 5.
Wherein, the length of first processing data is identical with the preset length;The second processing data Length it is identical with the preset length.
Using embodiment illustrated in fig. 2 of the present invention, in an identical manner to trust process and the process of target process File is processed, and will be literary in the process for the addition of the processing data of the process file of trust process In the corresponding scope of head preset length of part, from the head preset length of the process file of target process Data are obtained in corresponding scope, when the process file for target process processing data with from its head When the data obtained in the corresponding scope of portion's preset length are identical, expression target process is trust process, Then open driver.Assuming that the number for trusting process is M, preset length is that (N is 2 systems to N Digit), then the process file process for target process is processed, and the processing data for obtaining must be 0 to 2N-1 (totally 2NNumber) in one, then target process be trust process probability be M/2N, it is not trust The probability of process is (2N-M)/2N;And it is not trust with the increase of N in the case where M is constant The probability of process also increases therewith.Therefore when and if only if target process is trust process, driving could be opened Program.Even if hacker creates the process of target drives program to be opened, it is also difficult to make created process Process file passes through verification, so as to improve the security of system.
It should be noted that herein, such as first and second or the like relational terms be used merely to by One entity or operation make a distinction with another entity or operation, and not necessarily require or imply these There is any this actual relation or order between entity or operation.And, term " including ", "comprising" Or any other variant thereof is intended to cover non-exclusive inclusion, so that a series of mistake including key elements Journey, method, article or equipment not only include those key elements, but also other including being not expressly set out Key element, or it is this process, method, article or the intrinsic key element of equipment also to include.Do not having In the case of more limitations, the key element limited by sentence "including a ...", it is not excluded that wanted including described Also there is other identical element in process, method, article or the equipment of element.
Each embodiment in this specification is described by the way of correlation, identical phase between each embodiment As part mutually referring to what each embodiment was stressed is the difference with other embodiment. For especially for device embodiment, because it is substantially similar to embodiment of the method, so the comparing of description Simply, the relevent part can refer to the partial explaination of embodiments of method.
One of ordinary skill in the art will appreciate that realizing all or part of step in above method implementation method Program be can be by instruct the hardware of correlation to complete, described program can be stored in computer-readable In taking storage medium, storage medium designated herein, such as:ROM/RAM, magnetic disc, CD etc..
Presently preferred embodiments of the present invention is the foregoing is only, is not intended to limit the scope of the present invention. All any modification, equivalent substitution and improvements made within the spirit and principles in the present invention etc., are all contained in In protection scope of the present invention.

Claims (8)

1. a kind of deployment method of driver, it is characterised in that methods described includes:
For the process file of the trust process of target drives program, processed with preset algorithm in advance, obtained To the first processing data;
By first processing data addition in the corresponding scope of head preset length of the process file;
When target process is intended to open the target drives program, for the process file of the target process, Processed with preset algorithm, obtained second processing data;
Data in the corresponding scope of head preset length of the process file for obtaining the target process;
Judge whether the second processing data are identical with the data for being obtained;
If it is, representing the trust process that the target process is the target drives program, open described Target drives program.
2. method according to claim 1, it is characterised in that carried out to process file with preset algorithm Treatment, obtains processing data, including:
The code segment data of process file is read, wherein, the code segment data is the data in code segment;
The code segment data for being read is encrypted using predetermined encryption algorithm, obtains encryption data;
The encryption data is calculated using the preset data digest algorithm, obtains processing data.
3. method according to claim 2, it is characterised in that the preset data digest algorithm be with Any one in lower algorithm,
CRC algorithm, Message Digest 5, Secure Hash Algorithm, the verification of RACE raw integrities Message Digest 5.
4. the method according to claims 1 to 3 any one, it is characterised in that the first treatment number According to length it is identical with the preset length;The length of the second processing data is identical with the preset length.
5. a kind of driver device for opening, it is characterised in that including:First processing module, add module, Second processing module, acquisition module, judge module and opening module, wherein,
The first processing module, for the process file of the trust process for target drives program, in advance Processed with preset algorithm, obtained the first processing data;
The add module, for first processing data addition to be preset in the head of the process file In the corresponding scope of length;
The Second processing module, for when target process is intended to open the target drives program, for institute The process file of target process is stated, is processed with preset algorithm, obtain second processing data;
The acquisition module, it is corresponding for obtaining the head preset length of process file of the target process In the range of data;
The judge module, for judge the second processing data with it is described acquisition module obtain data be It is no identical;
The opening module, for being in the case of being, to open the mesh in the judge module judged result Mark driver, wherein, in the judge module judged result in the case of being, the expression target is entered Journey is the trust process of the target drives program.
6. device according to claim 5, it is characterised in that the first processing module, it is specific to use In:
For the process file of the trust process of target drives program, the code segment data of the process file is read;
The code segment data of the process file of the trust process is encrypted using predetermined encryption algorithm, is obtained To the first encryption data;
First encryption data is calculated using the preset data digest algorithm, obtains the first treatment Data;
The Second processing module, specifically for:
When target process is intended to open the target drives program, for the process file of the target process, Read the code segment data of the process file;
The code segment data of the process file of the target process is encrypted using predetermined encryption algorithm, is obtained To and two encryption datas;
Second encryption data is calculated using the preset data digest algorithm, obtains second processing Data.
7. device according to claim 6, it is characterised in that the preset data digest algorithm be with Any one in lower algorithm,
CRC algorithm, Message Digest 5, Secure Hash Algorithm, the verification of RACE raw integrities Message Digest 5.
8. the device according to claim 5 to 7 any one, it is characterised in that the first treatment number According to length it is identical with the preset length;The length of the second processing data is identical with the preset length.
CN201511024611.0A 2015-12-29 2015-12-29 Method and device for opening driver Pending CN106933556A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201511024611.0A CN106933556A (en) 2015-12-29 2015-12-29 Method and device for opening driver

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201511024611.0A CN106933556A (en) 2015-12-29 2015-12-29 Method and device for opening driver

Publications (1)

Publication Number Publication Date
CN106933556A true CN106933556A (en) 2017-07-07

Family

ID=59441219

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201511024611.0A Pending CN106933556A (en) 2015-12-29 2015-12-29 Method and device for opening driver

Country Status (1)

Country Link
CN (1) CN106933556A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100122343A1 (en) * 2008-09-12 2010-05-13 Anup Ghosh Distributed Sensor for Detecting Malicious Software
CN102222194A (en) * 2011-07-14 2011-10-19 哈尔滨工业大学 Module and method for LINUX host computing environment safety protection
CN102509049A (en) * 2011-11-14 2012-06-20 任子行网络技术股份有限公司 Program validity verification method and system
CN102737172A (en) * 2011-04-13 2012-10-17 腾讯科技(深圳)有限公司 Method and device for verifying process file during driving
CN104408365A (en) * 2014-12-17 2015-03-11 中国人民解放军国防科学技术大学 Progress authentication method based on password

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100122343A1 (en) * 2008-09-12 2010-05-13 Anup Ghosh Distributed Sensor for Detecting Malicious Software
CN102737172A (en) * 2011-04-13 2012-10-17 腾讯科技(深圳)有限公司 Method and device for verifying process file during driving
CN102222194A (en) * 2011-07-14 2011-10-19 哈尔滨工业大学 Module and method for LINUX host computing environment safety protection
CN102509049A (en) * 2011-11-14 2012-06-20 任子行网络技术股份有限公司 Program validity verification method and system
CN104408365A (en) * 2014-12-17 2015-03-11 中国人民解放军国防科学技术大学 Progress authentication method based on password

Similar Documents

Publication Publication Date Title
EP2634959B1 (en) Method and Apparatus for Incremental Code Signing
US9680707B2 (en) Automated change approval
US7739516B2 (en) Import address table verification
JP2008537224A (en) Safe starting method and system
CN106161336A (en) A kind of information updating method, Apparatus and system
US20080010686A1 (en) Confidential Information Processing Device
CN109960903A (en) A kind of method, apparatus, electronic equipment and storage medium that application is reinforced
CN111191195A (en) Method and device for protecting APK
EP3385878B1 (en) Symbolic execution on a hardware security module
CN106599629A (en) Strengthening method and apparatus for Android application program
CN112231702B (en) Application protection method, device, equipment and medium
CN108399319A (en) Source code guard method, application server and computer readable storage medium
CN106897587A (en) The method and apparatus of reinforcement application, loading reinforcement application
CN113946375A (en) Rapid and safe starting method and device of embedded system and electronic equipment
US7065680B2 (en) Method and a system for evaluating the reliability of a program in an electronic device, and an electronic device
CN109255232A (en) A kind of method for loading software and software loading apparatus
CN110443039A (en) Detection method, device and the electronic equipment of plug-in security
US11210413B2 (en) Authentication of files
CN106778227A (en) Applied program processing method, application program launching method and device
CN106933556A (en) Method and device for opening driver
CN116235174A (en) Apparatus and method for performing encryption algorithm
CN112580015A (en) Processing system including trust anchor computing instrument and corresponding method
CN109614793A (en) Generation, loading method and the device of whitelist file
CN108595981A (en) The method for encrypting Android system
CN117411644B (en) Digital signature verification method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20181217

Address after: Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province

Applicant after: Zhuhai Leopard Technology Co.,Ltd.

Address before: 519070, six level 601F, 10 main building, science and technology road, Tangjia Bay Town, Zhuhai, Guangdong.

Applicant before: Zhuhai Juntian Electronic Technology Co.,Ltd.

Applicant before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170707