Summary of the invention
The embodiment of the present invention provides a kind of malicious process detection method, device, electronic equipment and storage medium, for solving
It is difficult to the technical issues of process is controlled by Malware, the safety of electronic equipment can be improved.
First aspect of the embodiment of the present invention provides a kind of malicious process detection method, comprising:
When detecting target process starting, the corresponding process file path of the target process is obtained from memory;
The corresponding process file of the target process is loaded according to the process file path, it can to obtain target
Executable PE the file information is transplanted, the target PE the file information includes target program database PDB file;
Obtain the target PDB file path of the target PDB file;
If the target PDB file path meets default interception rule, the target process is prevented to continue to start.
In conjunction with the embodiment of the present invention in a first aspect, first aspect of the embodiment of the present invention the first possible implementation
In, the target PDB file path for obtaining the target PDB file, comprising:
The file structure of the target PE the file information is analyzed, to obtain the corresponding virtual address of the target process;
The corresponding target PDB file path is obtained from the virtual address.
In conjunction with the possible implementation of the first of first aspect of the embodiment of the present invention or first aspect, implement in the present invention
In second of possible implementation of example first aspect, the method also includes:
The corresponding PE the file information of each dangerous process in predetermined multiple dangerous processes is obtained, to obtain multiple PE
The file information, every PE the file information include PDB file;
The file path of the corresponding PDB file of every PE the file information in the multiple PE the file information is obtained, to obtain
Multiple PDB file paths;
The multiple PDB file path is analyzed, to obtain the default interception rule.
In conjunction with second of possible implementation of first aspect of the embodiment of the present invention, in first aspect of the embodiment of the present invention
The third possible implementation in, the multiple PDB file path of the analysis is regular to obtain default interceptions,
Include:
Determine the corresponding target process type of the target process;
The dangerous process that process type is the target process type is chosen from the multiple dangerous process, it is more to obtain
A dangerous process of reference;
It is divided with reference to each in dangerous process with reference to the corresponding PDB file path of dangerous process to the multiple, with
Obtain multiple reference information collection;
The multiple reference information collection is analyzed, to obtain the default interception rule.
In conjunction with first aspect of the embodiment of the present invention, the first possible implementation, second of possible implementation or
The third possible implementation, in the 4th kind of possible implementation of first aspect of the embodiment of the present invention, the method
Further include:
The corresponding multiple characteristic informations of the target PDB file are determined according to the target PDB file path;
Object of attack is determined according to the multiple characteristic information, and based on the multiple characteristic information to the target process
Corresponding target program is repaired.
Second aspect of the embodiment of the present invention provides a kind of malicious process detection device, comprising:
Processing unit, for detect target process starting when, obtained from memory the target process it is corresponding into
Journey file path;The corresponding process file of the target process is loaded according to the process file path, to obtain mesh
Marking portable can be performed PE the file information, and the target PE the file information includes target program database PDB file;Described in acquisition
The target PDB file path of target PDB file;
Execution unit prevents the target program pair if meeting default interception rule for the file destination information
The target process starting answered.
In conjunction with second aspect of the embodiment of the present invention, in the first possible implementation of second aspect of the embodiment of the present invention
In, in terms of the target PDB file path for obtaining the target PDB file, the processing unit is specifically used for analysis institute
The file structure of target PE the file information is stated, to obtain the corresponding virtual address of the target process;From the virtual address
Obtain the corresponding target PDB file path.
In conjunction with the possible implementation of the first of second aspect of the embodiment of the present invention or second aspect, implement in the present invention
In second of possible implementation of example second aspect, the processing unit is also used to obtain predetermined multiple default danger
The corresponding PE the file information of each default dangerous process in dangerous process, to obtain multiple PE the file informations, every PE the file information
Including PDB file;The file path of the corresponding PDB file of every PE the file information in the multiple PE the file information is obtained, with
Obtain multiple PDB file paths;The multiple PDB file path is analyzed, to obtain the default interception rule.
In conjunction with second of possible implementation of second aspect of the embodiment of the present invention, in second aspect of the embodiment of the present invention
The third possible implementation in, it is regular to obtain default interceptions in the multiple PDB file path of the analysis
Aspect, the processing unit are specifically used for determining the corresponding target process type of the target process;From the multiple default danger
The default dangerous process that process type is the target process type is chosen in dangerous process, it is multiple with reference to dangerous process to obtain;
It is divided with reference to each in dangerous process with reference to the corresponding PDB file path of dangerous process to the multiple, it is multiple to obtain
Reference information collection;The multiple reference information collection is analyzed, to obtain the default interception rule.
In conjunction with second aspect of the embodiment of the present invention, the first possible implementation, second of possible implementation or
The third possible implementation, after the prevention target process continues starting, the processing unit is also used to root
The corresponding multiple characteristic informations of the target PDB file are determined according to the target PDB file path;Believed according to the multiple feature
It ceases and determines object of attack, and the corresponding target program of the target process is repaired based on the multiple characteristic information.
The third aspect of the embodiment of the present invention provide a kind of electronic equipment, comprising: shell, processor, memory, circuit board and
Power circuit, wherein circuit board is placed in the space interior that shell surrounds, and processor and memory setting are on circuit boards;Electricity
Source circuit, for each circuit or the device power supply for electronic equipment;Memory is for storing executable program code;Processor
Program corresponding with executable program code is run by reading the executable program code stored in memory, for holding
The malicious process detection method that row first aspect of the embodiment of the present invention provides.
Fourth aspect of the embodiment of the present invention provides a kind of non-transitorycomputer readable storage medium, wherein the storage
Medium realizes that first aspect of the embodiment of the present invention mentions for storing computer program, when the computer program is executed by processor
The malicious process detection method of confession.
The 5th aspect of the embodiment of the present invention provides a kind of application program, wherein the application program for holding at runtime
A kind of malicious process detection method that row first aspect of the embodiment of the present invention provides.
In the embodiment of the present invention, when detecting target process starting, it is corresponding that the target process is obtained from memory
Process file path loads the corresponding process file of the target process according to the process file path, to obtain
PE the file information can be performed in target portable, and the target PE the file information includes target program database PDB file, obtains institute
The target PDB file path of target PDB file is stated, if the target PDB file path meets default interception rule, prevents institute
Target process is stated to continue to start.In this way, the PDB file path identification process that will not generally modify when based on process file publication is
It is no to be modified by Malware, if so, preventing the target process from continuing to start, to improve the safety of electronic equipment.
Description and claims of this specification and term " first " in the attached drawing, " second " and " third " etc. are
For distinguishing different objects, it is not use to describe a particular order.In addition, term " includes " and " having " and their any changes
Shape, it is intended that cover and non-exclusive include.Such as contain the process, method of a series of steps or units, system, product or
Equipment is not limited to listed step or unit, but optionally further comprising the step of not listing or unit or optional
Ground further includes the other step or units intrinsic for these process, methods, product or equipment.
Referenced herein " embodiment " is it is meant that a particular feature, structure, or characteristic described can wrap in conjunction with the embodiments
Containing at least one embodiment of the present invention.Each position in the description occur the phrase might not each mean it is identical
Embodiment, nor the independent or alternative embodiment with other embodiments mutual exclusion.Those skilled in the art explicitly and
Implicitly understand, embodiment described herein can be combined with other embodiments.
Electronic equipment described in the embodiment of the present invention may include smart phone (such as Android phone), tablet computer,
Palm PC, laptop, mobile internet device (Mobile Internet Devices, MID) or wearable device
It is only citing Deng, above equipment, and it is non exhaustive, including but not limited to above-mentioned electronic equipment.
In order to facilitate understanding, the word designed in the embodiment of the present invention is explained first:
Process (Process) is program in computer about the primary operation activity on certain data acquisition system, be system into
The basic unit of row Resource Distribution and Schedule is the basis of operating system configuration.In computer structure of the early stage towards process design
In structure, process is the basic execution entity of program;In computer configuation of the present age towards threaded design, process is the appearance of thread
Device.Program is the description of instruction, data and its organizational form, and process is the entity of program.
(Portable Executable, PE) file: the program in Microsoft's Windows operating system can be performed in portable
File (may be to be performed indirectly, such as dynamic link library (Dynamic Link Library, DLL) file).
Dll file: in systems, many application programs are not a complete executable file, they are divided into
Some relatively independent dynamic link libraries, i.e. dll file.When executing some program, corresponding dll file will be adjusted
With each DLL realizes different software functions.Tester can write new dll file and allow target program load and execution.
Program data base (program database, PDB) file: being the Integrated Development Environment software provided using Microsoft
The symbol file for debugging that (Microsoft Visual studio, VS) is generated, in store Debugging message.PE file is deposited
Storage is usually with the presence of program data base (Program Database, PDB) document form.The in store application program two of PDB file
The debugging and project status information of binary file, have recorded all variables, the relative position of main information table and size, these tables
It can be reserved for resource, importing, export, reorientation, debugging, thread-local storage and The Component Object Model (Component Object
Model, COM) operation when for information about.Debugging message can help tuner to analyze the interior layout of debugged program, work as journey
When sequence recompilates, Debugging message can correctly reflect the modification of variable and function, can be to program using these information
Debugging configuration carry out increment link.
And Debugging message is equally generated in the operational process of the corresponding application program of Malware, i.e., there is also PDB file,
And the PDB file is difficult to modify, therefore analyzes the PDB file, facilitates the further analysis to malice sample and provides
Clue.
The embodiment of the present invention provides a kind of malicious process detection method, device, electronic equipment and storage medium, for solving
It is difficult to the technical issues of process is controlled by Malware, the safety of electronic equipment can be improved.
Referring to Fig. 1, Fig. 1 is a kind of flow diagram of malicious process detection method provided in an embodiment of the present invention.Its
In, which is suitable for the electronic equipments such as mobile phone, tablet computer.As shown in Figure 1, the malicious process detection side
Method may comprise steps of.
S101, detect target process starting when, the corresponding process file road of the target process is obtained from memory
Diameter.
In this application, target process can be the corresponding process of operating system of electronic equipment, is also possible to electronics and sets
Corresponding process of standby middle installation application etc..Starting method of the application for detecting target process without limitation, can be detected one
A enabled instruction, the enabled instruction include the identification information of the target process, also include the corresponding file path of the target process
Deng.Wherein, identification information is for determining the process of starting, and file path is for searching the corresponding process file of the target process.
S102, the corresponding process file of the target process is loaded according to the process file path, to obtain
PE the file information can be performed in target portable, and the target PE the file information includes target program database PDB file.
After determining process file path, the corresponding process text of target process can be obtained according to the process file path
Part, and the process file is loaded, PE the file information can be performed to obtain target portable.
In this application, PE file may include program data base PDB file, dll file, executable file EXE, COM text
Part, object type extension component (Object Linking and Embedding (OLE) Control Extension, OCX) text
Part etc..Target PE the file information includes above-mentioned a variety of file respective file information etc., it is not limited here.
S103, the target PDB file path for obtaining the target PDB file.
In this application, target PDB file path is the store path of target PDB file, and target PDB file path exists
When process is issued, it would not change, and other contents can change with operating status.In this way, the application is according to target
PDB file path is identified, if target PDB file path meets default interception rule, target process is prevented to continue to open
Dynamic, otherwise, target process continues to start.
The application is described to obtain in a kind of possible embodiment for how to obtain target PDB file path without limitation
Take the target PDB file path of the target PDB file, comprising: the file structure of the target PE the file information is analyzed, with
To the corresponding virtual address of the target process;The corresponding target PDB file path is obtained from the virtual address.
Since target PE file is executable file, code has certain regularity, in a kind of possible embodiment,
The file structure of the analysis target PE the file information, to obtain the corresponding virtual address of the target process, comprising: root
The target PE the file information is parsed according to pre-set shell script, obtains the virtual address.In this way, according to
The rule of PDB file generated shell script parses target PE the file information, to obtain target PDB file path.
It is appreciated that in this application, it is corresponding to obtain target process first to analyze the file structure of target PE the file information
Virtual address, corresponding target PDB file path is then obtained from virtual address, in this way, according to target PE file believe
Virtual address in breath obtains target PDB file path, improves determining accuracy.
In the embodiment of the present application, it can also obtain the File header information of target PDB file, check all records, Ge Geji
The information such as offset address, length, attribute, the mark of record, it is not limited here.
If S104, the target PDB file path meet default interception rule, the target process is prevented to continue to open
It is dynamic.
The application intercepts rule without limitation for default, can be the naming rule of file or variable name, is also possible to
The safety of store path can also be the relevance etc. between file identification and target program.
In a kind of possible embodiment, the method also includes: it obtains each in predetermined multiple dangerous processes
The corresponding PE the file information of dangerous process, to obtain multiple PE the file informations, every PE the file information includes PDB file;It obtains
The file path of the corresponding PDB file of every PE the file information in the multiple PE the file information, to obtain multiple PDB files road
Diameter;The multiple PDB file path is analyzed, to obtain the default interception rule.
Wherein, dangerous process is in electronic equipment by the dangerous process of tool of safety verification determination or to electricity
Sub- equipment generates dangerous process, for safety verification method without limitation, periodic scanning can be carried out by security software,
Can every time software starting when or installation software after carry out security sweep etc..
Multiple PE the file informations are the file information of the corresponding PE file of each dangerous process in multiple dangerous processes, wherein
It include PDB file, the i.e. Debugging message of the process in each PE the file information.
It is appreciated that obtaining the corresponding PE the file information of each dangerous process in multiple dangerous processes first to obtain multiple PE
Then the file information obtains the corresponding file path of each PE the file information to obtain multiple PDB file paths, to analyze
Multiple PDB file paths determine the rule of the corresponding PDB file path of dangerous process, to obtain default interception rule.In this way, according to
Default interception rule is determined according to the corresponding PDB file path of fixed danger process, convenient for the accuracy of raising detection.
The application obtains default interception rule without limitation for how to analyze PDB file path, in a kind of possible reality
Apply in example, the multiple PDB file path of the analysis, it is regular to obtain default interceptions, comprising: determine the target into
The corresponding target process type of journey;The danger that process type is the target process type is chosen from the multiple dangerous process
Process, it is multiple with reference to dangerous process to obtain;To the multiple with reference to each with reference to the corresponding PDB of dangerous process in dangerous process
File path is divided, to obtain multiple reference information collection;The multiple reference information collection is analyzed, is blocked with obtaining described preset
Cut rule.
It is appreciated that first determining the corresponding target process type of target process, then process is chosen from multiple dangerous processes
Type is that the dangerous process of target process type is multiple with reference to dangerous process to obtain, then, for multiple with reference to dangerous process
Corresponding PDB file path is divided, and can be divided according to the region in file path, in this way, analysis is multiple with reference to letter
Breath collection is to obtain default interception rule.That is, being drawn for the corresponding PDB file path process of same type of target process
Point, improve the accuracy for determining detection target program.
In the malicious process detection method described in Fig. 1, when detecting target process starting, institute is obtained from memory
The corresponding process file path of target process is stated, according to the process file path by the corresponding process file of the target process
It is loaded to obtain target portable and PE the file information can be performed, the target PE the file information includes target program database
PDB file obtains the target PDB file path of the target PDB file, if the target PDB file path meets default block
Cut rule then prevents the target process from continuing to start.In this way, the PDB text that will not be generally modified when based on process file publication
Whether part Path Recognition process is modified by Malware, if so, preventing the target process from continuing to start, to improve electronics
The safety of equipment.
It is consistent with the embodiment of Fig. 1, referring to Fig. 2, Fig. 2 is another malicious process detection provided in an embodiment of the present invention
The flow chart of method.Wherein, which is suitable for the electronic equipments such as mobile phone, tablet computer.As shown in Fig. 2, the evil
Meaning process detection method may comprise steps of.
S201, detect target process starting when, the corresponding process file road of the target process is obtained from memory
Diameter.
S202, the corresponding process file of the target process is loaded according to the process file path, to obtain
PE the file information can be performed in target portable, and the target PE the file information includes target program database PDB file.
S203, the target PDB file path for obtaining the target PDB file.
If S204, the target PDB file path meet default interception rule, the target process is prevented to continue to open
It is dynamic.
Wherein, step S201~S204 can refer to step S101~S104, and details are not described herein.
S205, the corresponding multiple characteristic informations of the target PDB file are determined according to the target PDB file path.
Wherein, multiple characteristic informations include the corresponding national information of target PDB file path, attacker ID, attack project
Title, filename of PDB file etc. are used for the information of identified attacks object, it is not limited here.The application is for determining feature
The method of information without limitation, can also be matched according to target PDB file path with presetting database, the multiple to obtain
Characteristic information, wherein presetting database includes country identification code, the character string style library of known attack person ID, known attack item
Character string style library of mesh title etc., the filename of PDB file can by the last one in target PDB file path " " and after
Sew the intermediate information of name " .pdb " to be determined.
S206, object of attack is determined according to the multiple characteristic information, and based on the multiple characteristic information to the mesh
The corresponding target program of mark process is repaired.
Wherein, multiple characteristic informations can obtain the information of object of attack, to determine object of attack for the information.This
Outside, the corresponding program of process or process that can also attack further directed to multiple characteristic informations it is repaired, such as: according to
The corresponding hazard types of characteristic information are repaired, and can also be repaired etc. according to restorative procedure corresponding with object of attack,
This is without limitation.In this way, can further improve the safety of electronic equipment after repairing target program.
In the malicious process detection method described in Fig. 2, when detecting target process starting, institute is obtained from memory
The corresponding process file path of target process is stated, according to the process file path by the corresponding process file of the target process
It is loaded to obtain target portable and PE the file information can be performed, the target PE the file information includes target program database
PDB file obtains the target PDB file path of the target PDB file, if the target PDB file path meets default block
Cut rule then prevents the target process from continuing to start.In this way, the PDB text that will not be generally modified when based on process file publication
Whether part Path Recognition process is modified by Malware, if so, the target process is prevented to continue to start, improves electronic equipment
Safety.Then, then for target PDB file path determine the corresponding multiple characteristic informations of target PDB file, thus according to
Multiple characteristic informations determine object of attack, that is, determine object of attack, in order to avoid attacking process again, and are believed based on the multiple feature
Breath repairs the corresponding target program of the target process, to further improve the safety of electronic equipment.
It is consistent with the embodiment of Fig. 1 and Fig. 2, referring to Fig. 3, Fig. 3 is a kind of malicious process provided in an embodiment of the present invention
The structure chart of detection device.Wherein, which can be set in the electronic equipments such as mobile phone, tablet computer,
As shown in figure 3, the malicious process detection device 300 includes:
Processing unit 301 is used to that it is corresponding to obtain the target process from memory when detecting target process starting
Process file path;The corresponding process file of the target process is loaded according to the process file path, to obtain
PE the file information can be performed in target portable, and the target PE the file information includes target program database PDB file;Obtain institute
State the target PDB file path of target PDB file;
If execution unit 302 meets default interception rule for the file destination information, the target program is prevented
Corresponding target process starting.
In a kind of possible embodiment, in terms of the target PDB file path for obtaining the target PDB file,
The processing unit 301 is specifically used for analyzing the file structure of the target PE the file information, to obtain the target process pair
The virtual address answered;The corresponding target PDB file path is obtained from the virtual address.
In a kind of possible embodiment, the processing unit 301 is also used to obtain predetermined multiple default danger
The corresponding PE the file information of each default dangerous process in process, to obtain multiple PE the file informations, every PE the file information packet
Include PDB file;The file path of the corresponding PDB file of every PE the file information in the multiple PE the file information is obtained, with
To multiple PDB file paths;The multiple PDB file path is analyzed, to obtain the default interception rule.
In a kind of possible embodiment, in the multiple PDB file path of analysis, to obtain the default interception
Regular aspect, the processing unit 301 are specifically used for determining the corresponding target process type of the target process;From the multiple
The default dangerous process that process type is the target process type is chosen in default danger process, it is multiple with reference to dangerous to obtain
Process;It is divided with reference to each in dangerous process with reference to the corresponding PDB file path of dangerous process to the multiple, to obtain
Multiple reference information collection;The multiple reference information collection is analyzed, to obtain the default interception rule.
In a kind of possible embodiment, after the prevention target process continues starting, the processing unit
301 are also used to determine the corresponding multiple characteristic informations of the target PDB file according to the target PDB file path;According to institute
It states multiple characteristic informations and determines object of attack, and based on the multiple characteristic information to the corresponding target program of the target process
It is repaired.
In the malicious process detection device described in Fig. 3, when detecting target process starting, institute is obtained from memory
The corresponding process file path of target process is stated, according to the process file path by the corresponding process file of the target process
It is loaded, PE the file information can be performed to obtain target portable, the target PE the file information includes target program data
Library PDB file obtains the target PDB file path of the target PDB file, presets if the target PDB file path meets
Rule is intercepted, then the target process is prevented to continue to start.In this way, the PDB that will not be generally modified when based on process file publication
Whether file path identification process is modified by Malware, if so, preventing the target process from continuing to start, to improve electricity
The safety of sub- equipment.
It is consistent with the embodiment of Fig. 1 and Fig. 2, referring to Fig. 4, Fig. 4 is a kind of electronic equipment disclosed by the embodiments of the present invention.
Wherein, electronic equipment can be mobile phone, tablet computer etc..As shown in figure 4, the electronic equipment may include shell 401, processor
402, memory 403, circuit board 404 and power circuit 405, wherein circuit board 404 is placed in the space interior that shell surrounds,
Processor 402 and memory 403 are arranged on circuit board 404;Power circuit 405, for for electronic equipment each circuit or
Device power supply;Memory 403 is for storing executable program code;Processor 402 can by what is stored in reading memory 403
Program code is executed to run program corresponding with executable program code, for executing following steps:
When detecting target process starting, the corresponding process file path of the target process is obtained from memory;
The corresponding process file of the target process is loaded according to the process file path, it can to obtain target
Executable PE the file information is transplanted, the target PE the file information includes target program database PDB file;
Obtain the target PDB file path of the target PDB file;
If the target PDB file path meets default interception rule, the target process is prevented to continue to start.
As a kind of possible embodiment, in the file path side target PDB for obtaining the target PDB file
Face, the processor 402 are specifically used for executing following operation:
The file structure of the target PE the file information is analyzed, to obtain the corresponding virtual address of the target process;
The corresponding target PDB file path is obtained from the virtual address.
As a kind of possible embodiment, the processor 402 is also used to execute following operation:
The corresponding PE the file information of each dangerous process in predetermined multiple dangerous processes is obtained, to obtain multiple PE
The file information, every PE the file information include PDB file;
The file path of the corresponding PDB file of every PE the file information in the multiple PE the file information is obtained, to obtain
Multiple PDB file paths;
The multiple PDB file path is analyzed, to obtain the default interception rule.
As a kind of possible embodiment, it in the multiple PDB file path of analysis, is blocked with obtaining described preset
In terms of cut rule, the processor 402 is specifically used for executing following operation:
Determine the corresponding target process type of the target process;
The dangerous process that process type is the target process type is chosen from the multiple dangerous process, it is more to obtain
A dangerous process of reference;
It is divided with reference to each in dangerous process with reference to the corresponding PDB file path of dangerous process to the multiple, with
Obtain multiple reference information collection;
The multiple reference information collection is analyzed, to obtain the default interception rule.
As a kind of possible embodiment, after the prevention target process continues starting, the processor
402 are also used to execute following operation:
The corresponding multiple characteristic informations of the target PDB file are determined according to the target PDB file path;
Object of attack is determined according to the multiple characteristic information, and based on the multiple characteristic information to the target process
Corresponding target program is repaired.
In the electronic equipment described in Fig. 4, detect target process starting when, obtained from memory the target into
The corresponding process file path of journey is added the corresponding process file of the target process according to the process file path
It carries, PE the file information can be performed to obtain target portable, the target PE the file information includes target program database PDB text
Part obtains the target PDB file path of the target PDB file, if the target PDB file path meets default intercept and advises
Then, then the target process is prevented to continue to start.In this way, the PDB file road that will not be generally modified when based on process file publication
Whether diameter identification process is modified by Malware, if so, preventing the target process from continuing to start, to improve electronic equipment
Safety.
A kind of non-transitorycomputer readable storage medium is provided in one embodiment, is stored thereon with computer journey
Sequence, wherein the malicious process detection method as shown in Fig. 1 or Fig. 2 embodiment is realized when the computer program is executed by processor.
A kind of application program is provided in one embodiment, and the application program for executing such as Fig. 1 or Fig. 2 at runtime
Malicious process detection method shown in embodiment.
Those of ordinary skill in the art will appreciate that all or part of the steps in the various methods of above-described embodiment is can
It is completed with instructing relevant hardware by program, which can be stored in a computer readable storage medium, storage
Medium may include: flash disk, read-only memory (Read-Only Memory, ROM), random access device (Random Access
Memory, RAM), disk or CD etc..
It is provided for the embodiments of the invention malicious process detection method, device and electronic equipment above and has carried out detailed Jie
It continues, used herein a specific example illustrates the principle and implementation of the invention, and the explanation of above embodiments is only
It is to be used to help understand method and its core concept of the invention;At the same time, for those skilled in the art, according to this hair
Bright thought, there will be changes in the specific implementation manner and application range, in conclusion the content of the present specification should not manage
Solution is limitation of the present invention.