CN109033820A - User rs credentials guard method, device and equipment - Google Patents
User rs credentials guard method, device and equipment Download PDFInfo
- Publication number
- CN109033820A CN109033820A CN201810701188.0A CN201810701188A CN109033820A CN 109033820 A CN109033820 A CN 109033820A CN 201810701188 A CN201810701188 A CN 201810701188A CN 109033820 A CN109033820 A CN 109033820A
- Authority
- CN
- China
- Prior art keywords
- user
- credentials
- reading process
- safety detection
- detection result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/031—Protect user input by software means
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The present invention provides a kind of user rs credentials guard method, device and equipment, wherein this method comprises: being read out when monitor user rs credentials, obtains reading process;Safety detection is carried out to the reading process, obtains safety detection result;Security protection processing is carried out to the user rs credentials according to safety detection result.The protection to user rs credentials may be implemented in technical solution provided by the invention, reduces threat suffered by the property and terminal security of user.
Description
Technical field
The present invention relates to field of computer technology more particularly to a kind of user rs credentials guard methods, device and equipment.
Background technique
Authority management is the function that Windows is provided, in Windows system, when user inputs user for the first time
When name and password are to access certain server, these access authoritys can be stored in local by the authority manager of Windows,
When accessing the server again in this way, windows, which will make a spontaneous offer to help, completes the verification process of authority, with user-friendly.
However, Microsoft is there is no excessive protection is done to the user rs credentials locally saved, some rogue programs can in this way
With the interface provided by Microsoft, these authoritys are directly read, steal use, the property and terminal security to user are brought seriously
It threatens.
Summary of the invention
In view of this, the present invention provides a kind of user rs credentials guard method, device and equipment, for carrying out to user rs credentials
Security protection.
To achieve the goals above, in a first aspect, the embodiment of the present invention provides a kind of user rs credentials guard method, comprising:
It is read out when monitoring user rs credentials, obtains reading process;
Safety detection is carried out to the reading process, obtains safety detection result;
Security protection processing is carried out to the user rs credentials according to safety detection result.
By being read out monitoring user rs credentials, reading process is obtained;Safety detection, root are carried out to the process of reading
Security protection processing is carried out to user rs credentials according to safety detection result, the protection to user rs credentials may be implemented, reduce user
Property and terminal security suffered by threat.
As a kind of optional embodiment of the embodiment of the present invention, it is read out described when monitoring user rs credentials, obtains
Before the process of reading, the method also includes;
Monitor preset application programming interface api function;
When monitor any one api function in the preset api function it is called when, determine the user rs credentials
It is read.
By monitoring preset api function, it can timely find the operation for reading user rs credentials, improve user rs credentials
Safety.
As a kind of optional embodiment of the embodiment of the present invention, the preset api function includes: that reading process is being read
Take all api functions that can be called when the user rs credentials.
It can be improved in this way and read the comprehensive of process detection, and then improve the safety of user rs credentials.
As a kind of optional embodiment of the embodiment of the present invention, the preset api function includes: that authority collection enumerates letter
Number, domain authority function reading and best authority collection search function.
It is described that safety detection is carried out to the reading process as a kind of optional embodiment of the embodiment of the present invention,
Obtain safety detection result, comprising:
Extract the characteristic information of the reading process;
The reading process is matched with the characteristic information in preset black and white lists;
The safety detection result is determined according to matching result.
Safety detection is carried out by using feature matching method, the standard of reading process safety detection result can be improved
True property.
As a kind of optional embodiment of the embodiment of the present invention, it is described according to safety detection result to the user with
According to progress security protection processing, comprising:
When the safety detection result indicates that the reading process is risk process, indicating risk information is exported, and
It prompts the user whether to prevent the reading process;
When receiving the instruction of the prevention reading process of user, prevent the reading process continue to read user with
According to.
In above embodiment, instruction determines how processing reading process depending on the user's operation, can be in protection user
While authority, user experience is improved.
As a kind of optional embodiment of the embodiment of the present invention, the method also includes:
Pop-up provides the interface of overall killing, whether carries out overall killing to system for selection by the user.
Interface by providing overall killing is selected for user, can preferably be protected comprehensively to system, and improve
User experience.
Second aspect, the embodiment of the present invention provide a kind of user rs credentials protective device, comprising:
Module is obtained, is read out for user rs credentials ought to be monitored, reading process is obtained;
Detection module, the reading process for obtaining to the acquisition module carry out safety detection, obtain safety inspection
Survey result;
Processing module, the safety detection result for being detected according to detection module carry out safety to the user rs credentials
Protective treatment.
As a kind of optional embodiment of the embodiment of the present invention, described device further includes;
Monitoring module, for monitoring preset application programming interface api function;When monitoring the preset API
When any one api function in function is called, determine that the user rs credentials are read.
As a kind of optional embodiment of the embodiment of the present invention, the preset api function includes: that reading process is being read
Take all api functions that can be called when the user rs credentials.
As a kind of optional embodiment of the embodiment of the present invention, the preset api function includes: that authority collection enumerates letter
Number, domain authority function reading and best authority collection search function.
As a kind of optional embodiment of the embodiment of the present invention, the detection module is specifically used for:
Extract the characteristic information for the reading process that the acquisition module obtains;
The reading process is matched with the characteristic information in preset black and white lists;
The safety detection result is determined according to matching result.
As a kind of optional embodiment of the embodiment of the present invention, described device further include: cue module, the processing mould
Block is specifically used for:
When the safety detection result that the detection module detects indicates that the reading process is risk process, instruction
The cue module exports indicating risk information, and prompts the user whether to prevent the reading process;
When receiving the instruction of the prevention reading process of user, prevent the reading process continue to read user with
According to.
As a kind of optional embodiment of the embodiment of the present invention, the cue module is also used to:
Pop-up provides the interface of overall killing, whether carries out overall killing to system for selection by the user.
Device provided by each possible embodiment of above-mentioned second aspect and above-mentioned second aspect, its advantages
It may refer to beneficial effect brought by each possible embodiment of above-mentioned first aspect and first aspect, it is no longer superfluous herein
It states.
The third aspect, the embodiment of the present invention provide a kind of user rs credentials protection equipment, comprising: memory and processor are deposited
Reservoir is for storing computer program;Processor is for executing above-mentioned first aspect or first aspect when calling computer program
Any embodiment described in method.
Equipment provided by each possible embodiment of the above-mentioned third aspect and the above-mentioned third aspect, its advantages
It may refer to beneficial effect brought by each possible embodiment of above-mentioned first aspect and first aspect, it is no longer superfluous herein
It states.
Fourth aspect, the embodiment of the present invention provide a kind of computer readable storage medium, are stored thereon with computer program,
Method described in any embodiment of above-mentioned first aspect or first aspect is realized when computer program is executed by processor.
Computer-readable storage provided by each possible embodiment of above-mentioned fourth aspect and above-mentioned fourth aspect
Medium, its advantages may refer to brought by each possible embodiment of above-mentioned first aspect and first aspect beneficial to effect
Fruit, details are not described herein.
Detailed description of the invention
Fig. 1 is the flow diagram of user rs credentials guard method provided in an embodiment of the present invention;
Fig. 2 is a kind of prompting interface schematic diagram provided in an embodiment of the present invention;
Fig. 3 is the structural schematic diagram of user rs credentials protective device provided in an embodiment of the present invention;
Fig. 4 is the structural schematic diagram that user rs credentials provided in an embodiment of the present invention protect equipment.
Specific embodiment
The information preservations such as the username and password that Windows authority manager inputs when can be by user access server exist
It is local, to access the verification process for being automatically performed authority when the server again.It is stored in what the authority of ontology was generally shown
Inside have: the information such as station address, username and password.
And the interface that some rogue programs can be provided by Microsoft, directly read these authoritys.Windows XP and with
System afterwards, attacker generally can directly acquire user rs credentials by the following two kinds mode: the first, it is enumerated by authority collection
Function (CredEnumerate) enumerates the associated all authoritys of current account;Second, pass through domain authority function reading
(CredReadDomainCredentials), the associated domain authority of current account is read.Windows Vista and later it is
System, attacker can search for from authority manager by best authority collection search function (CredFindBestCredential) and
Current login sessions association and the general authority collection for being best suitable for specified target resource.
After rogue program usurps these authoritys, it is possible to carry out some illegal operations or extort user, thus can be to use
The property and terminal security at family, which are brought, to be seriously threatened.
In order to solve the above-mentioned technical problem, the embodiment of the present invention provides a kind of user rs credentials guard method, device and equipment,
Mainly by being read out monitoring user rs credentials, reading process is obtained;Safety detection is carried out to the process of reading, according to peace
Full property testing result, which carries out security protection processing to user rs credentials, reduces the property of user to realize the protection to user rs credentials
With threat suffered by terminal security.
With reference to the accompanying drawing, the embodiment of the present invention is described.
Fig. 1 is the flow diagram of user rs credentials guard method provided in an embodiment of the present invention, the executing subject of this method
It can be user rs credentials protective device or equipment.As shown in Figure 1, method provided in this embodiment may include steps of:
S101, it is read out when monitoring user rs credentials, obtains reading process.
In the present embodiment, in order to protect user rs credentials, the read operation of user rs credentials is monitored.It is implementing
When, preset application programming interface (Application Programming Interface, API) function can be monitored;
When monitor any one api function in preset api function it is called when, determine that user rs credentials are read.
Wherein, preset api function includes: all api functions that reading process can be called when reading user rs credentials.Tool
Body, preset api function may include: authority collection enumeration function (CredEnumerate), domain authority function reading
(CredReadDomainCredentials) and best authority collection search function (CredFindBestCredential).Wherein,
CredEnumerate function includes: again specifically CredEnumerateA function and CredEnumerateW function,
CredReadDomainCredentials function specifically includes: CredReadDomainCredentialsA function and
CredReadDomainCredentialsW function, CredFindBestCredential function specifically include
CredFindBestCredentialA function and CredFindBestCredentialW function.
When monitor in above-mentioned preset api function any one it is called when, obtain the reading for reading user rs credentials
Process, it is, obtaining the process for calling above-mentioned api function.
S102, safety detection is carried out to the process of reading, obtains safety detection result.
Specifically, wooden horse killing engine can be called to detect the safety of the reading process after getting reading process,
It determines that this inserts reading process whether after safety by safety detection result, then determines how to handle the reading behaviour of the reading process
Make.
In specific detection, the characteristic information of reading process can be first extracted;Process and preset black and white name will be read again
Characteristic information in list is matched;Then safety detection result is determined according to matching result.
Wherein, the characteristic information for reading process may include the title of reading process, message digest algorithm (Message
Digest Algorithm 5, MD5) value, size, content, signature and version information etc..
It can store the characteristic information of risk process in black and white lists, also can store the characteristic information of security procedure, also
The characteristic information of risk process and security procedure can be stored simultaneously, this is not specially limited in the present embodiment.
It, can be according to a spy when being matched the characteristic information for the process that reads with the characteristic information in black and white lists
Reference breath (such as signature) is matched, can also using multiple characteristic informations (such as: title, MD5 value, signature and version) into
Row matching;When being matched using multiple characteristic informations, it can be multiple characteristic informations and all match expression successful match,
The characteristic information that can be preset quantity in multiple characteristic informations matches i.e. expression successful match, specifically can be according to practical need
It was determined that the present embodiment is not specially limited this.
For storing the characteristic information of risk process in black and white lists, when successful match, indicates current and read user
The reading process of authority is risk process;When matching unsuccessful, indicates that the reading process of user rs credentials is security procedure, that is, pacify
Full property testing result can indicate that reading process is risk process or security procedure.
S103, security protection processing is carried out to user rs credentials according to safety detection result.
After obtaining safety detection result, so that it may carry out security protection to user rs credentials according to safety detection result
Processing.
Specifically, reading process can be prevented to continue when safety detection result instruction reading process is risk process
User rs credentials are read, or indicating risk information can also be exported, and prompt the user whether to prevent reading process;Receiving use
When the instruction of the prevention reading process at family, reading process is prevented to continue to read user rs credentials, so as in the same of protection user rs credentials
When, promote user experience.
It when being prompted, can be prompted by the way of pop-up, can also be prompted, can also be used using voice mode
Pop-up adds the other modes such as voice to prompt.Fig. 2 is a kind of prompting interface schematic diagram provided in an embodiment of the present invention, as shown in Fig. 2,
A kind of interface schematic diagram of pop-up is illustratively shown in figure, can show indicating risk information in pop-up, such as can wrap
Include title: " having program obtaining your account number cipher, it is proposed that prevent " and specific suggestion content: " account number cipher is by suspicious journey
Sequence is read, and be may result in the relevant content of your account and is falsely used and stolen, cause damages to you, actively awards if not you
Power is established and is prevented ".Wherein, it can also include the relevant information of reading process in specific suggestion content, such as can show: " can
Doubt program: C Trojan.exe ".The option of operation of prevention reading process is prompted the user whether in pop-up together, such as:
" permission " and " prevention ";In order to facilitate user's use, it is also an option that one of option of operation does not receive as preset time
" prevention " to the default selection of user operation instruction, such as in figure can show the remaining selection time in option of operation.Bullet
It can also show that other improve the information of user experience in window, such as: the pop-up upper right corner can show close button "×", supply
User clicks to close pop-up, and the present embodiment is without limitation.
In the present embodiment, when safety detection result instruction reading process is risk process, illustrate that there are wind in system
Dangerous file can provide the interface of overall killing at this time with pop-up, whether carry out overall killing to system for selection by the user, with
Just preferably system is protected.
Wherein, the interface of overall killing can merge display in above-mentioned pop-up shown in Fig. 2, can also increase by one newly
Pop-up show that specific implementation the present embodiment is not specially limited.
When user selects the interface of overall killing, equipment will call each killing engine to be scanned whole drives.
User rs credentials guard method provided in this embodiment is obtained and is read by being read out monitoring user rs credentials
Process;Safety detection is carried out to the process of reading, security protection processing is carried out to user rs credentials according to safety detection result, it can
To realize the protection to user rs credentials, threat suffered by the property and terminal security of user is reduced.
Fig. 3 is the structural schematic diagram of user rs credentials protective device provided in an embodiment of the present invention, as shown in figure 3, this implementation
Example provide device include:
Module 110 is obtained, is read out for user rs credentials ought to be monitored, reading process is obtained;
Detection module 120 obtains safety for carrying out safety detection to the reading process for obtaining the acquisition of module 110
Testing result;
Processing module 130, the safety detection result for being detected according to detection module 120 pacify user rs credentials
Full protection processing.
As a kind of optional embodiment of the embodiment of the present invention, device further includes;
Monitoring module 140, for monitoring preset application programming interface api function;When monitoring preset API letter
When any one api function in number is called, determine that user rs credentials are read.
As a kind of optional embodiment of the embodiment of the present invention, preset api function includes: that reading process is reading use
All api functions that can be called when the authority of family.
As a kind of optional embodiment of the embodiment of the present invention, preset api function include: authority collection enumeration function,
Domain authority function reading and best authority collection search function.
As a kind of optional embodiment of the embodiment of the present invention, detection module 120 is specifically used for:
Extract the characteristic information for obtaining the reading process that module 110 obtains;
Reading process is matched with the characteristic information in preset black and white lists;
Safety detection result is determined according to matching result.
As a kind of optional embodiment of the embodiment of the present invention, device further include: cue module 150, processing module 130
It is specifically used for:
When the safety detection result instruction reading process that detection module 120 detects is risk process, instruction prompt
Module 150 exports indicating risk information, and prompts the user whether to prevent reading process;
When receiving the instruction of prevention reading process of user, reading process is prevented to continue to read user rs credentials.
As a kind of optional embodiment of the embodiment of the present invention, cue module 150 is also used to:
Pop-up provides the interface of overall killing, whether carries out overall killing to system for selection by the user.
User rs credentials protective device provided in an embodiment of the present invention can be individual equipment, also can integrate user with
According in protection equipment, the present embodiment is not specially limited this.
User rs credentials protective device provided in this embodiment can execute above method embodiment, realize philosophy and technique
Effect is similar, and details are not described herein again.
Fig. 4 is the structural schematic diagram that user rs credentials provided in an embodiment of the present invention protect equipment, as shown in figure 4, this implementation
The user rs credentials protection equipment that example provides includes: memory 210 and processor 220, and memory 210 is for storing computer journey
Sequence;Processor 220 is used to execute method described in above method embodiment when calling computer program.
User rs credentials protection equipment provided in this embodiment can execute above method embodiment, realize philosophy and technique
Effect is similar, and details are not described herein again.
The embodiment of the present invention also provides a kind of computer readable storage medium, is stored thereon with computer program, computer
Method described in above method embodiment is realized when program is executed by processor.
It will be understood by those skilled in the art that embodiments herein can provide as the production of method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or implementation combining software and hardware aspects can be used in the application
The form of example.Moreover, can be used can in the computer that one or more wherein includes computer usable program code by the application
With the form for the computer program product implemented on storage medium.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
In a typical configuration, calculating equipment includes one or more processors (CPU), input/output interface, net
Network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/
Or the forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable Jie
The example of matter.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including element
There is also other identical elements in process, method, commodity or equipment.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to
So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into
Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution
The range of scheme.
Claims (10)
1. a kind of user rs credentials guard method characterized by comprising
It is read out when monitoring user rs credentials, obtains reading process;
Safety detection is carried out to the reading process, obtains safety detection result;
Security protection processing is carried out to the user rs credentials according to safety detection result.
2. being obtained the method according to claim 1, wherein being read out described when monitoring user rs credentials
Before reading process, the method also includes;
Monitor preset application programming interface api function;
When monitor any one api function in the preset api function it is called when, determine that the user rs credentials are read
It takes.
3. according to the method described in claim 2, it is characterized in that, the preset api function includes: that reading process is being read
All api functions that can be called when the user rs credentials.
4. according to the method described in claim 3, it is characterized in that, the preset api function includes: that authority collection enumerates letter
Number, domain authority function reading and best authority collection search function.
5. being obtained the method according to claim 1, wherein described carry out safety detection to the reading process
To safety detection result, comprising:
Extract the characteristic information of the reading process;
The reading process is matched with the characteristic information in preset black and white lists;
The safety detection result is determined according to matching result.
6. method according to claim 1-5, which is characterized in that it is described according to safety detection result to described
User rs credentials carry out security protection processing, comprising:
When the safety detection result indicates that the reading process is risk process, indicating risk information is exported, and prompt
Whether user prevents the reading process;
When receiving the instruction of the prevention reading process of user, the reading process is prevented to continue to read user rs credentials.
7. according to the method described in claim 6, it is characterized in that, the method also includes:
Pop-up provides the interface of overall killing, whether carries out overall killing to system for selection by the user.
8. a kind of user rs credentials protective device characterized by comprising
Module is obtained, is read out for user rs credentials ought to be monitored, reading process is obtained;
Detection module obtains safety detection result for carrying out safety detection to the reading process;
Processing module, for carrying out security protection processing to the user rs credentials according to safety detection result.
9. a kind of user rs credentials protect equipment characterized by comprising memory and processor, the memory is for storing
Computer program;The processor is used to executed when calling the computer program as claim 1-7 is described in any item
Method.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program
The method according to claim 1 to 7 is realized when being executed by processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810701188.0A CN109033820A (en) | 2018-06-29 | 2018-06-29 | User rs credentials guard method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810701188.0A CN109033820A (en) | 2018-06-29 | 2018-06-29 | User rs credentials guard method, device and equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109033820A true CN109033820A (en) | 2018-12-18 |
Family
ID=65521019
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810701188.0A Pending CN109033820A (en) | 2018-06-29 | 2018-06-29 | User rs credentials guard method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109033820A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113536307A (en) * | 2021-06-10 | 2021-10-22 | 安徽安恒数智信息技术有限公司 | Identification method and system of credential scanning process |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101408917A (en) * | 2008-10-22 | 2009-04-15 | 厦门市美亚柏科资讯科技有限公司 | Method and system for detecting application program behavior legality |
| CN103679035A (en) * | 2012-09-24 | 2014-03-26 | 腾讯科技(深圳)有限公司 | Safety detection method and device |
| CN104156661A (en) * | 2014-07-26 | 2014-11-19 | 珠海市君天电子科技有限公司 | Device and method for preventing account passwords from being tampered |
| US20150319183A1 (en) * | 2009-04-22 | 2015-11-05 | Trusted Knight Corporation | System and method for protecting against point of sale malware using memory scraping |
-
2018
- 2018-06-29 CN CN201810701188.0A patent/CN109033820A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101408917A (en) * | 2008-10-22 | 2009-04-15 | 厦门市美亚柏科资讯科技有限公司 | Method and system for detecting application program behavior legality |
| US20150319183A1 (en) * | 2009-04-22 | 2015-11-05 | Trusted Knight Corporation | System and method for protecting against point of sale malware using memory scraping |
| CN103679035A (en) * | 2012-09-24 | 2014-03-26 | 腾讯科技(深圳)有限公司 | Safety detection method and device |
| CN104156661A (en) * | 2014-07-26 | 2014-11-19 | 珠海市君天电子科技有限公司 | Device and method for preventing account passwords from being tampered |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113536307A (en) * | 2021-06-10 | 2021-10-22 | 安徽安恒数智信息技术有限公司 | Identification method and system of credential scanning process |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11126716B2 (en) | System security method and apparatus | |
| JP6703616B2 (en) | System and method for detecting security threats | |
| CN106156619B (en) | Application security protection method and device | |
| CN112487383B (en) | Computer system for guaranteeing information security and control method thereof | |
| WO2016015680A1 (en) | Security detection method and security detection apparatus for mobile terminal input window | |
| WO2015124018A1 (en) | Method and apparatus for application access based on intelligent terminal device | |
| CN110933104B (en) | Malicious command detection method, device, equipment and medium | |
| US20210234877A1 (en) | Proactively protecting service endpoints based on deep learning of user location and access patterns | |
| CN105303107A (en) | Abnormal process detection method and apparatus | |
| CN110245495B (en) | BIOS checking method, configuration method, device and system | |
| CN105930726B (en) | A kind of processing method and user terminal of malicious operation behavior | |
| DK2767922T3 (en) | Password Verification System | |
| US9152790B1 (en) | Systems and methods for detecting fraudulent software applications that generate misleading notifications | |
| CN106844097A (en) | A kind of means of defence and device for malice encryption software | |
| CN104915594B (en) | Application program operation method and device | |
| CN106603230B (en) | A kind of DRM key saves, read method and preservation, reads system | |
| CN111767537A (en) | Tamper verification method of application program based on IOS (operating system) and related equipment | |
| WO2016197827A1 (en) | Method and apparatus for processing malicious bundled software | |
| CN109033820A (en) | User rs credentials guard method, device and equipment | |
| CN114417326A (en) | Abnormality detection method, abnormality detection device, electronic apparatus, and storage medium | |
| CN110020531A (en) | Internet of things equipment risk checking method and device | |
| US8375460B2 (en) | Electronic device and method of protecting software | |
| CN106991307A (en) | Using time slot scrambling and device | |
| CN108197475B (en) | Malicious so module detection method and related device | |
| CN108959937A (en) | Plug-in unit processing method, device and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181218 |