CN109450619A - A kind of two-dimension code safe means of defence and system - Google Patents
A kind of two-dimension code safe means of defence and system Download PDFInfo
- Publication number
- CN109450619A CN109450619A CN201811165012.4A CN201811165012A CN109450619A CN 109450619 A CN109450619 A CN 109450619A CN 201811165012 A CN201811165012 A CN 201811165012A CN 109450619 A CN109450619 A CN 109450619A
- Authority
- CN
- China
- Prior art keywords
- dimensional code
- code
- value
- safety
- safe
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2119—Authenticating web pages, e.g. with suspicious links
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Virology (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to network securitys, it is desirable to provide a kind of two-dimension code safe means of defence and system.This kind of two-dimension code safe means of defence and system, are able to achieve: 1) to the generation of two dimensional code using the anti-fake certificate encrypted safely;2) in two dimensional code use process, security protection: L0 security level Scanning Detction, L1 security level Scanning Detction, L2 security level Scanning Detction, L3 security level Scanning Detction is carried out using following step.The two dimensional code that the present invention can be generated for different scenes different industries different modes provides the multi-level safety of various dimensions corresponding means, more convenient;And the present invention can carry out real-time security detection for large-scale two dimensional code.
Description
Technical field
The present invention relates to network safety filed, in particular to a kind of two-dimension code safe means of defence and system.
Background technique
Recently as the development of mobile Internet, this popular coding mode super on the mobile apparatus of two dimensional code, with
The advantages that data storage capacity is big, highly-safe, damage resistance is strong, at low cost, is widely used in all trades and professions.But conduct
The two dimensional code of information transport vehicle is also faced with stern challenge in the safety used.Two-dimension code safe thing in recent years
The safety accidents such as part take place frequently, and cause heavy economic losses to society, seriously threaten the safety of cyberspace.So for extensive
Two-dimension code safe detection technique becomes the preferred method for preventing two-dimension code safe accident, has higher researching value.
All respective program is internally integrated existing safety detection under normal circumstances, is unfavorable for promoting and be used, for
The detection of two dimensional code cannot be treated with a certain discrimination neatly according to usage scenario.There is no unified safety certification side for certification
Formula and authentication center.If a security centre can be done to the two dimensional code of scanning, the authentication center of the certificate of similar https, then
Progress security protection can be promoted to the extensive various dimensions situation of two dimensional code under very big situation.
Summary of the invention
It is a primary object of the present invention to overcome deficiency in the prior art, provide in a kind of daily two dimensional code use process
The method and system of safety monitoring and protection.In order to solve the above technical problems, solution of the invention is:
A kind of safety protecting method in two dimensional code use process is provided, specifically include the following steps:
Step (1): L0 security level Scanning Detction:
Whether detection two dimensional code has safe-guarding and anti-counterfeiting mark, and (safe-guarding and anti-counterfeiting mark refers to that two dimensional code when generating, is added two
Tie up the anti-fake parameter in code):
If two dimensional code has, safe-guarding and anti-counterfeiting is indicated and certification passes through, if X1Refer to anti-fake certificate marker gene, then X1Value be equal to
100;If the safety of two dimensional code is divided into C, C=X1=100, L0 security level is exported, that is, indicates that the two dimensional code is safe, end
For the detection of the two dimensional code;
If two dimensional code does not have safe-guarding and anti-counterfeiting to indicate or certification does not pass through, X1Equal to 0, C=X1=0, continue subsequent detection
Step;
Certification is taken out the anti-fake parameter on two dimensional code by referring to, i.e. appid and signature are inquired according to appid
The specific secret key key that user is arranged in this system, then by calculating MD5, (appid+key+ is except in the two dimensional code of anti-fake mark
Hold) it is whether equal with signature, pass through if equal;
Step (2): L1 security level Scanning Detction:
QR code content code is detected, whether scanning includes malicious script, dark chain and QR code content website url
Safe condition in security vault;
Secure data in the security vault includes the scan data of security engine, tripartite manufacturer security vault data and user
The secure data of feedback;
If C=X1+λ1X2, X2Refer to certification safety coefficient, X2Value pass through it is true with the scanning result of QR code content code
It is fixed, and 0≤X2≤100;
If the value of C be not less than 100, export L1 security level, that is, indicate the two dimensional code be it is safe, terminate for this two
Tie up the detection of code;
If the value of C continues following detection step less than 100;
Step (3): L2 security level Scanning Detction:
Contrasting detection with security vault is carried out to QR code content, the ground for being included in the two dimensional code is inquired in security vault
The safe condition information that the history secure data of location and user feed back the domain name or ip;
If C=X1+λ1X2+λ2X3, X3Refer to history safety message packing factor, X3Value by contrasting detection result it is true
It is fixed, and 0≤X3≤100;
If the value of C is not less than 100, exporting L2 security level and safety recommendation, (safety recommendation refers to the two dimensional code at this
When system detects in the recent period, safety and the user feedback of the percent Y web portal security under L2 security level), that is, indicate this two
Dimension code is safe, detection of the end for the two dimensional code;
If the value of C continues following detection step less than 100;
Step (4): L3 security level Scanning Detction:
(using security engine) is measured in real time the content of two dimensional code;
If C=X1+λ1X2+λ2X3+λ3X4, X4Refer to that (security engine) sandbox executes the knot for accessing the website and scanning feedback
Fruit, X4Value determined by real-time detection result, and 0≤X4≤100;
If the value of C is not less than 100, exporting L3 security level and safety alarm, (safety alarm refers to the two dimensional code at this
Website real-time detection safety), that is, indicate that the two dimensional code is safe;
Divide the score value of C if the value of C less than 100, provides two-dimension code safe and prompt risky;
Wherein, λ1+λ2+λ3=1, and λ1:λ2:λ3=2:1:7.
In the present invention, in the step (2), safety coefficient X is authenticated2Value, by being swept with QR code content code
It retouches result to determine, X2Initial value 100 divides, X2Specific value method of determination are as follows:
If the link information that scanning two dimension jumps contains malicious script, X2=0 point, and return to high-risk safety alarm:
Contain malicious script;
If the link information that scanning two dimension jumps contains dark chain, each dark chain X2Subtract 20 point, and the police that endangers in returning
It accuses: including dark chain.
In the present invention, in the step (2), QR code content code is detected, if the QR code content website url is pacifying
Safe condition in full library is currently danger, and can return and prompt according to degree of danger: detecting this website in the present system has danger
Danger.
In the present invention, in the step (3), history safety message packing factor X3Value, pass through contrasting detection result
It determines, specifically:
It is calculated according to the time of degree of danger and generation inside historical record, X3Initial value 100 divides, and often finds primary
Dangerous historical record often has user feedback website danger, then deduction S, S=(1/D) × L × 10;
Wherein, the D is dangerous record time or user feedback time gap current time number of days;The L is danger
Degree (degree of danger of historical record or the degree of danger of user feedback), safe L=0, low danger L=1, middle danger L=2 are high
Endanger L=3.
In the present invention, in the step (4), if C=X1+λ1X2+λ2X3+λ3X4, refer to that (security engine) sandbox executes
It accesses the website and scans the result X of feedback4Value, X4Value by real-time detection result determine, specifically:
X4Initial value is 100 points, if one malicious script of discovery, X4Value be directly 0 and to feed back the two dimensional code website real-time
Detection contains malicious script;One dark chain of every discovery, then X4Deduction 20, and X4At most reduce to 0.
In the present invention, in the step (2), online api calls safety identification interface, and (i.e. tripartite's caller is in scanning two
QR code content is transmitted to this system detection two-dimension code safe situation when dimension digital content is also not carried out access), carry out L1
Security level Scanning Detction.
In the present invention, the secure data in the security vault is by the way of user's driving, according to the two of scanning input
The information of dimension code information and feedback can be corrected automatically.
A kind of storage equipment is provided, wherein being stored with a plurality of instruction, described instruction is suitable for being loaded and being executed by processor:
One, to the generation of two dimensional code using the anti-fake certificate encrypted safely;
Two, the safety protecting method in above-mentioned two dimensional code use process is realized.
A kind of two-dimension code safe guard system, including processor are provided, each instruction is adapted for carrying out;And storage equipment, it fits
In storing a plurality of instruction, described instruction is suitable for being loaded and being executed by processor:
One, to the generation of two dimensional code using the anti-fake certificate encrypted safely;
Two, the safety protecting method in above-mentioned two dimensional code use process is realized.
In the present invention, following any schemes can be selected using the anti-fake certificate encrypted safely to the generation of two dimensional code
It realizes;
1) whole encryption packaging is carried out to the original contents of two dimensional code, and stamps anti-false sign in packaging;
Anti-false sign can be the anti-false sign of only this system understanding, can also be with tripartite's voluntarily mark, while will identify
Mode uploads this system;There are many mark scheme, and the id of most basic two dimensional code can be used, and (id or tripartite in the present system is voluntarily
The id of design)+password+base64 (content)+timestamp, as anti-false sign, can also be used other advanced encryption algorithms come
It realizes;
2) adding anti-fake parameter behind QR code content, (implementation of similar https, forges into certification for this system
Center to carry out safety identification to two dimensional code online).
The principle of the present invention: the secure data accumulation by this system and the sandbox detection (two dimension to QR code content
It is the mode that sandbox operation be isolated and detects that code secure context is most like with the present invention, rough flow for after scanning input without
In next step, but scans content is sent to run in isolation sandbox and is detected, determine how to dispose according to result feedback) to two dimensional code
Carry out safety detection.
Compared with prior art, the beneficial effects of the present invention are:
1, the present invention can for different scenes different industries different modes generate two dimensional code, provide various dimensions at many levels
The corresponding means of safety, it is more convenient;And the present invention can carry out real-time security detection for large-scale two dimensional code.
2, the present invention is based on current web scanning techniques, while being compatible with accumulation and the user feedback number of self scanning recognition
According to protecting two dimensional code to pacify using optimal security solution under different scenes different industries by the way of policy follow
Entirely.
3, the present invention provides interface and develops popularization to tripartite manufacturer, and access is convenient, can facilitate popularization and use.
4, the present invention can carry out sustainable various dimensions upgrading to security vault.
5, two-dimension code safe authentication center is established through the invention, and specification two dimensional code uses.
Detailed description of the invention
Fig. 1 is flow chart of the invention.
Specific embodiment
Firstly the need of explanation, the present invention is a kind of application of computer technology.During realization of the invention, meeting
It is related to the application of multiple software function modules.It is applicant's understanding that such as to read over application documents, accurate understanding of the invention
After realization principle and goal of the invention, in the case where combining existing well-known technique, those skilled in the art can use completely
Its software programming technical ability grasped realizes the present invention.Category this scope that all the present patent application files refer to, applicant be not another
One enumerates.
Present invention is further described in detail with specific embodiment with reference to the accompanying drawing:
Be divided into two kinds of renovation schemes on big range for two-dimension code safe: first is the generation for two dimensional code
On do corresponding safe handling;Second is that security protection scanning is carried out in the use process for two dimensional code.Below for above two
Point is discussed respectively:
One, for the anti-fake certificate encrypted safely can be used when the generation of two dimensional code, there are two types of schemes for choosing herein
It selects.
Scheme 1: whole encryption packaging is carried out to the original contents of two dimensional code, it is anti-that only this system understanding is stamped in packaging
Voluntarily identification method is simultaneously uploaded this system, the convenient detection to two dimensional code simultaneously by mark by puppet mark or tripartite.What is used beats
There are many mark scheme, and id (id of id or tripartite's designed, designed in system)+password+base64 of most basic two dimensional code can be used
Other advanced encryption algorithms can also be used as anti-false sign to realize in (content)+timestamp.
Scheme 2: identifying QR code content followed by upper some anti-fake parameters, and the implementation of similar https incite somebody to action this
System forges into authentication center to carry out safety identification to two dimensional code online.
Two, the Scanning Detction processing of two dimensional code.
1, Scanning Detction is divided into following grade (advanced identification can be defaulted comprising rudimentary identification):
L0: basic detection is carried out for anti-fake mark.Suitable for commonly detecting, the two-dimension code safe for having anti-false sign is examined
It is high and fast to look into coefficient, does not work for the two dimensional code of not anti-false sign.
L1: the other detection of code level is carried out just for the identification content of two dimensional code, whether scanning includes malicious script, dark chain
Deng and amount very big place of less demanding suitable for security level.Quotient's voluntarily embedded code can be used herein, or online
Api calls this system identification interface safely.
L2: carrying out the comparative certification of security vault for QR code content, including two dimensional code history secure data, website url,
The secure data of website domain name, website ip, the accumulation such as blacklist white list compares identification.Secure data includes security engine herein
Scan data, tripartite manufacturer security vault data, secure data of user feedback etc. carries out comprehensive analysis identification, while providing peace
Congruent grade and suggestion.This can be used for the two dimensional code detection of ordinary circumstance, be suitable for majority of case.
For the explanation of the maintenance work of secure data: secure data main source three: this system security sweep engine
Scanning;The cooperation of tripartite security firm;Field feedback audit.By the way of user's driving, according to scanning input
The information of two-dimensional barcode information and feedback can be corrected automatically.
L3: being measured in real time for the content of two dimensional code, i.e., is carried out using security engine to QR code content online real
When Scanning Detction, while will test result as reference data and giving safety alarm.This scheme user requires pole to safety coefficient
High and relatively fewer usage amount situation.
2, as shown in Figure 1, specific scanning step is as follows:
Step (1): L0 security level Scanning Detction:
Whether detection two dimensional code has safe-guarding and anti-counterfeiting mark, and safe-guarding and anti-counterfeiting mark refers to: the two dimensional code of user is raw in this system
The generation of this system interface is transferred at or by api, anti-counterfeiting label can be added inside the parameter of two dimensional code when generating
The parameter shown.
Such as: http://www.example.com/index.html? param=123&appid=P1&signature
=P2, wherein p1 and p2 is exactly safe-guarding and anti-counterfeiting mark;P1 is account of the client in this system application, and signature is to pass through
Appid+ user stay in the specific secret key of system+except anti-fake mark url content MD5 value.This example is http: //
Www.example.com/index.html? param=123.
Basis detection for safe-guarding and anti-counterfeiting mark is specific as follows:
If two dimensional code has, safe-guarding and anti-counterfeiting is indicated and certification passes through, if X1Refer to anti-fake certificate marker gene, then X1Value be equal to
100;If the safety of two dimensional code is divided into C, C=X1=100, L0 security level is exported, that is, indicates that the two dimensional code is safe, end
For the detection of the two dimensional code.
Here certification is taken out the anti-fake parameter on two dimensional code by referring to, i.e. appid and signature, according to
The specific secret key key that appid inquiry user is arranged in this system, then by calculating MD5, (appid+key+ is except anti-fake mark
QR code content) it is whether equal with signature, pass through if equal.
If two dimensional code does not have safe-guarding and anti-counterfeiting mark, X1Equal to 0, C=X1=0, continue following detection step.
Step (2): L1 security level Scanning Detction:
QR code content code is detected, whether scanning includes malicious script, dark chain and QR code content website url at this
Safe condition in system library;
If C=X1+λ1X2, X2Refer to certification safety coefficient, X2Value and QR code content code scanning result relationship
Are as follows: X2Initial value 100 divides, if containing malicious script, direct C=0 divides and returns to high-risk safety alarm: containing malicious script;
In X if containing dark chain2Each dark chain subtracts 20 point on the basis of=100 points, and warning of endangering in statement in prompt: comprising dark
Chain;If url is currently danger in security vault, returns and prompt according to degree of danger: detecting this website in the present system
It is dangerous.
If the value of C be not less than 100, export L1 security level, that is, indicate the two dimensional code be it is safe, terminate for this two
Tie up the detection of code.
If the value of C continues following detection step less than 100.
Step (3): L2 security level Scanning Detction:
Contrasting detection with security vault is carried out to QR code content.
If C=X1+λ1X2+λ2X3, X3Refer to history safety message packing factor, according to the degree of danger inside historical record
It is calculated with the time of generation, X3Initial value is 100,.Often find a subsidiary risk historical record then deduction S, the score value meter of deduction S
Calculating rule is S=(1/D) × L × 10;;Wherein, D is the time number of days of dangerous recording distance today, and L is degree of danger, safe L
=0, low danger L=1, middle danger L=2, high-risk L=3.Often there are user feedback website danger then deduction N, the score value of deduction N
Computation rule is N=L × 1/100+L × 2/100+ ...+L × 99/100+L;Wherein, L is the degree of danger of user feedback, safety
L=0, low danger L=1, middle danger L=2, high-risk L=3.X3Minimum 0 point, highest 100 is divided.
If the value of C is not less than 100, exports L2 security level and the two dimensional code and detected in the recent period in this system in L2 safety etc.
The lower safety of grade and the user feedback of the percent Y web portal security, that is, indicate the two dimensional code be it is safe, terminate to be directed to the two dimension
The detection of code.
If the value of C continues following detection step less than 100.
Step (4): L3 security level Scanning Detction:
It is measured in real time using content of the security engine to two dimensional code.
If C=X1+λ1X2+λ2X3+λ3X4, X4Refer to user security feedback factor, X4Value and real-time detection result relationship
Are as follows: X4Initial value is 100 points, if one malicious script of discovery, the value of C are directly 0 and feed back the two dimensional code website real-time detection
Contain malicious script;One dark chain of every discovery, then X4Deduction 20, at most reduces to 0.
If the value of C is not less than 100, L3 security level and the two dimensional code are exported in this website real-time detection safety, i.e. table
Show that the two dimensional code is safe;
If the value of C less than 100, provides score value and prompts risky;
Wherein, λ1+λ2+λ3=1, and λ1:λ2:λ3=2:1:7.
3, there is following explanation with criterion for comprehensively considering for security level:
Whether the impact factor of two dimensional code value-at-risk has 4, has respectively: having anti-fake certificate mark, QR code content current
Safe condition, QR code content history safe condition (security sweep and tripartite manufacturer library), field feedback.To this 4 because
Son carries out degree of safety marking respectively, then calculates weighted sum, obtains the final value-at-risk in website, formula is as follows:
C=X1+λ1X2+λ2X3+λ3X4
Wherein C is final safety, and using bonus point system, 100 points the above are safety.Wherein X1Whether refer to has anti-counterfeiting label
Will has and authenticates by being exactly 100 points, is not exactly 0 point.X2Refer to the safe condition score value of the two dimensional code in current library.X3It is
Refer to two dimensional code history safety records score value, X4Refer to the safety value of user feedback.λ1+λ2+λ3=1 specific gravity is 2:1:7.
Finally it should be noted that the above enumerated are only specific embodiments of the present invention.It is clear that the invention is not restricted to
Above embodiments can also have many variations.Those skilled in the art can directly lead from present disclosure
Out or all deformations for associating, it is considered as protection scope of the present invention.
Claims (10)
1. the safety protecting method in a kind of two dimensional code use process, which is characterized in that specifically include the following steps:
Step (1): L0 security level Scanning Detction:
Whether detection two dimensional code has safe-guarding and anti-counterfeiting mark:
If two dimensional code has, safe-guarding and anti-counterfeiting is indicated and certification passes through, if X1Refer to anti-fake certificate marker gene, then X1Value be equal to 100;
If the safety of two dimensional code is divided into C, C=X1=100, export L0 security level, that is, indicate the two dimensional code be it is safe, terminate to be directed to
The detection of the two dimensional code;
If two dimensional code does not have safe-guarding and anti-counterfeiting to indicate or certification does not pass through, X1Equal to 0, C=X1=0, continue subsequent detection step
Suddenly;
Step (2): L1 security level Scanning Detction:
QR code content code is detected, whether scanning is being pacified comprising malicious script, dark chain and the QR code content website url
Safe condition in full library;
Secure data in the security vault includes the scan data of security engine, tripartite manufacturer security vault data and user feedback
Secure data;
If C=X1+λ1X2, X2Refer to certification safety coefficient, X2Value by being determined with the scanning result of QR code content code, and
0≤X2≤100;
If the value of C be not less than 100, export L1 security level, that is, indicate the two dimensional code be it is safe, terminate be directed to the two dimensional code
Detection;
If the value of C continues following detection step less than 100;
Step (3): L2 security level Scanning Detction:
Contrasting detection with security vault is carried out to QR code content, the address for being included in the two dimensional code is inquired in security vault
The safe condition information that history secure data and user feed back the domain name or ip;
If C=X1+λ1X2+λ2X3, X3Refer to history safety message packing factor, X3Value determined by contrasting detection result, and 0
≤X3≤100;
If the value of C is not less than 100, L2 security level and safety recommendation are exported, that is, indicates that the two dimensional code is safe, end needle
Detection to the two dimensional code;
If the value of C continues following detection step less than 100;
Step (4): L3 security level Scanning Detction:
The content of two dimensional code is measured in real time;
If C=X1+λ1X2+λ2X3+λ3X4, X4Refer to sandbox execute access the website and scan feedback as a result, X4Value pass through reality
When testing result determine, and 0≤X4≤100;
If the value of C is not less than 100, L3 security level and safety alarm are exported, that is, indicates that the two dimensional code is safe;
Divide the score value of C if the value of C less than 100, provides two-dimension code safe and prompt risky;
Wherein, λ1+λ2+λ3=1, and λ1:λ2:λ3=2:1:7.
2. the safety protecting method in a kind of two dimensional code use process according to claim 1, which is characterized in that the step
Suddenly in (2), safety coefficient X is authenticated2Value, by being determined with the scanning result of QR code content code, X2Initial value 100 divides, X2
Specific value method of determination are as follows:
If the link information that scanning two dimension jumps contains malicious script, X2=0 point, and return to high-risk safety alarm: containing evil
Meaning script;
If the link information that scanning two dimension jumps contains dark chain, each dark chain X2Subtract 20 point, and warning of endangering in returning: packet
Containing dark chain.
3. the safety protecting method in a kind of two dimensional code use process according to claim 1, which is characterized in that the step
Suddenly in (2), QR code content code is detected, if safe condition of the QR code content website url in security vault is currently danger
Danger, can return and prompt according to degree of danger: it is dangerous to detect this website in the present system.
4. the safety protecting method in a kind of two dimensional code use process according to claim 1, which is characterized in that the step
Suddenly in (3), history safety message packing factor X3Value, by contrasting detection result determine, specifically:
It is calculated according to the time of degree of danger and generation inside historical record, X3Initial value 100 divides, and often finds a subsidiary risk
Historical record often has user feedback website danger, then deduction S, S=(1/D) × L × 10;
Wherein, the D is dangerous record time or user feedback time gap current time number of days;The L is degree of danger,
Safe L=0, low danger L=1, middle danger L=2, high-risk L=3.
5. the safety protecting method in a kind of two dimensional code use process according to claim 1, which is characterized in that the step
Suddenly in (4), if C=X1+λ1X2+λ2X3+λ3X4, refer to that sandbox executes the result X for accessing the website and scanning feedback4Value, X4's
Value is determining by real-time detection result, specifically:
X4Initial value is 100 points, if one malicious script of discovery, X4Value be directly 0 and feed back the two dimensional code website real-time detection
Contain malicious script;One dark chain of every discovery, then X4Deduction 20, and X4At most reduce to 0.
6. the safety protecting method in a kind of two dimensional code use process according to claim 1, which is characterized in that the step
Suddenly in (2), online api calls safety identification interface, carries out L1 security level Scanning Detction.
7. the safety protecting method in a kind of two dimensional code use process according to claim 1, which is characterized in that the peace
Secure data in full library, can be automatic according to the information of the two-dimensional barcode information of scanning input and feedback by the way of user's driving
Amendment.
8. a kind of storage equipment, wherein being stored with a plurality of instruction, described instruction is suitable for being loaded and being executed by processor:
One, to the generation of two dimensional code using the anti-fake certificate encrypted safely;
Two, the safety protecting method in two dimensional code use process described in claim 1 to 7 any one is realized.
9. a kind of two-dimension code safe guard system, including processor, are adapted for carrying out each instruction;And storage equipment, it is suitable for storage
A plurality of instruction, described instruction are suitable for being loaded and being executed by processor:
One, to the generation of two dimensional code using the anti-fake certificate encrypted safely;
Two, the safety protecting method in two dimensional code use process described in claim 1 to 7 any one is realized.
10. a kind of two-dimension code safe guard system according to claim 9, which is characterized in that adopted to the generation of two dimensional code
The anti-fake certificate encrypted with safety can select following any schemes to realize;
1) whole encryption packaging is carried out to the original contents of two dimensional code, and stamps anti-false sign in packaging;
2) add anti-fake parameter behind QR code content.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811165012.4A CN109450619B (en) | 2018-10-07 | 2018-10-07 | Two-dimensional code safety protection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811165012.4A CN109450619B (en) | 2018-10-07 | 2018-10-07 | Two-dimensional code safety protection method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109450619A true CN109450619A (en) | 2019-03-08 |
| CN109450619B CN109450619B (en) | 2022-08-19 |
Family
ID=65544772
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811165012.4A Active CN109450619B (en) | 2018-10-07 | 2018-10-07 | Two-dimensional code safety protection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109450619B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110689337A (en) * | 2019-08-20 | 2020-01-14 | 哈尔滨学院 | Intelligent prompting method and system based on QR Code two-dimensional Code |
| CN110827041A (en) * | 2019-11-04 | 2020-02-21 | 广州布珞科技有限公司 | Anti-counterfeiting tracing method, system, medium and equipment |
| CN112448881A (en) * | 2019-09-03 | 2021-03-05 | 阿里巴巴集团控股有限公司 | Anti-counterfeiting method and device for electronic mail and anti-counterfeiting method and device for communication message |
| CN113903256A (en) * | 2021-09-27 | 2022-01-07 | 国网河南省电力公司长葛市供电公司 | Pole number plate with two-dimensional identification data information for power transmission and distribution line |
| CN115002685A (en) * | 2022-07-14 | 2022-09-02 | 深圳市利诺威科技有限公司 | Method and system for transmitting image data |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103647779A (en) * | 2013-12-16 | 2014-03-19 | 北京奇虎科技有限公司 | Method and device for detecting fishing fraud information through two-dimensional code |
| CN104766166A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Grade-protection-oriented information system security compliance check method |
| CN105718792A (en) * | 2015-08-13 | 2016-06-29 | 哈尔滨安天科技股份有限公司 | Sandbox based two-dimensional code detection method and system |
| CN205722587U (en) * | 2016-06-15 | 2016-11-23 | 山东泰宝防伪技术产品有限公司 | 2 D code information safety line coloured layering paper anti-counterfeiting mark |
| CN106599759A (en) * | 2016-12-22 | 2017-04-26 | 广东小天才科技有限公司 | Terminal information processing method and device |
| CN107423793A (en) * | 2017-04-28 | 2017-12-01 | 南京邮电大学 | A kind of Quick Response Code generation identification technology of new type of safe |
-
2018
- 2018-10-07 CN CN201811165012.4A patent/CN109450619B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103647779A (en) * | 2013-12-16 | 2014-03-19 | 北京奇虎科技有限公司 | Method and device for detecting fishing fraud information through two-dimensional code |
| CN104766166A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Grade-protection-oriented information system security compliance check method |
| CN105718792A (en) * | 2015-08-13 | 2016-06-29 | 哈尔滨安天科技股份有限公司 | Sandbox based two-dimensional code detection method and system |
| CN205722587U (en) * | 2016-06-15 | 2016-11-23 | 山东泰宝防伪技术产品有限公司 | 2 D code information safety line coloured layering paper anti-counterfeiting mark |
| CN106599759A (en) * | 2016-12-22 | 2017-04-26 | 广东小天才科技有限公司 | Terminal information processing method and device |
| CN107423793A (en) * | 2017-04-28 | 2017-12-01 | 南京邮电大学 | A kind of Quick Response Code generation identification technology of new type of safe |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110689337A (en) * | 2019-08-20 | 2020-01-14 | 哈尔滨学院 | Intelligent prompting method and system based on QR Code two-dimensional Code |
| CN112448881A (en) * | 2019-09-03 | 2021-03-05 | 阿里巴巴集团控股有限公司 | Anti-counterfeiting method and device for electronic mail and anti-counterfeiting method and device for communication message |
| CN110827041A (en) * | 2019-11-04 | 2020-02-21 | 广州布珞科技有限公司 | Anti-counterfeiting tracing method, system, medium and equipment |
| CN113903256A (en) * | 2021-09-27 | 2022-01-07 | 国网河南省电力公司长葛市供电公司 | Pole number plate with two-dimensional identification data information for power transmission and distribution line |
| CN115002685A (en) * | 2022-07-14 | 2022-09-02 | 深圳市利诺威科技有限公司 | Method and system for transmitting image data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109450619B (en) | 2022-08-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109450619A (en) | A kind of two-dimension code safe means of defence and system | |
| Aburrous et al. | Intelligent phishing detection system for e-banking using fuzzy data mining | |
| CN104620225B (en) | Method and system for server security checking | |
| US20070198420A1 (en) | Method and a system for outbound content security in computer networks | |
| CN102546641B (en) | Method and system for carrying out accurate risk detection in application security system | |
| CN116861446A (en) | Data security assessment method and system | |
| CN111083107A (en) | Block chain-based network security vulnerability collection processing method | |
| US20240015182A1 (en) | Device for providing protective service against email security-based zero-day url attack and method for operating same | |
| CN104580092A (en) | Method and device for conducting security detection on network page | |
| Karuparthi et al. | Enhanced approach to detection of SQL injection attack | |
| CN115189937A (en) | Security protection method and device for client data | |
| KR101464736B1 (en) | Security Assurance Management System and Web Page Monitoring Method | |
| CN101741645A (en) | Method, device and system for detecting storage-type cross-site scripting attack and attack detector | |
| Grossman | Whitehat website security statistics report | |
| CN116248406B (en) | Information security storage method and information security device thereof | |
| JP2017509072A (en) | Security evaluation system and method | |
| CN114861180B (en) | Application program security detection method and device | |
| US20240163299A1 (en) | Email security diagnosis device based on quantitative analysis of threat elements, and operation method thereof | |
| CN115396184A (en) | Mail detection method and device and nonvolatile storage medium | |
| CN115134169A (en) | Block chain data management method and system | |
| CN114124453B (en) | Processing method and device of network security information, electronic equipment and storage medium | |
| EP4254241A1 (en) | Method and device for image-based malware detection, and artificial intelligence-based endpoint detection and response system using same | |
| CN115603924A (en) | Detection method and device for phishing mails, electronic equipment and storage medium | |
| CN102780686A (en) | Credible resource based method and device for protecting bank user information | |
| CN105490998B (en) | A kind of safety credit appraisal procedure and system based on digital certificate authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |