CN110162962A - Program security recognition methods, device, equipment and computer readable storage medium - Google Patents
Program security recognition methods, device, equipment and computer readable storage medium Download PDFInfo
- Publication number
- CN110162962A CN110162962A CN201910464979.0A CN201910464979A CN110162962A CN 110162962 A CN110162962 A CN 110162962A CN 201910464979 A CN201910464979 A CN 201910464979A CN 110162962 A CN110162962 A CN 110162962A
- Authority
- CN
- China
- Prior art keywords
- list
- program
- identified
- trust
- level
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 55
- 238000004590 computer program Methods 0.000 claims abstract description 34
- 238000005070 sampling Methods 0.000 claims description 11
- 230000008569 process Effects 0.000 claims description 5
- 230000009286 beneficial effect Effects 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 9
- 238000004422 calculation algorithm Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000010276 construction Methods 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000002559 palpation Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000012550 audit Methods 0.000 description 1
- 238000009411 base construction Methods 0.000 description 1
- 238000005034 decoration Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
This application discloses a kind of program security recognition methods, including when receiving list to be identified, determine the attribute-bit of the list to be identified;Judge in default list library with the presence or absence of the program list with the list to be identified with same alike result mark;If it exists, then the level of trust of described program list is obtained;Set the level of trust of described program list to the level of trust of the list to be identified;The program security recognition methods can the legitimacy to computer program effectively identified, to guarantee the normal operation of computer.Disclosed herein as well is a kind of program security identification device, equipment and computer readable storage mediums, all have above-mentioned beneficial effect.
Description
Technical field
This application involves computer software technical field, in particular to a kind of program security recognition methods further relates to one
Kind program security identification device, equipment and computer readable storage medium.
Background technique
In general, corresponding flow chart of data processing can be realized by running computer program on the client, but if
When illegalities computer program involved in the computer program of client, biggish crisis often is brought to client, is influenced
The normal operation of computer.
In order to protect client, the operation permission of computer program in client can be controlled by inventory, specifically,
The legitimacy of computer program can be indicated in program listing in detail, blacklist and unknown program do not allow to run, white list and ash
List is allowed to run.However, in the prior art, often being carried out by administrator for the validity judgement of computer program
What manual identified was realized, judging result is largely dependent upon the level of expertise of administrator, but only relies on people's
Knowledge and intuition judge that computer program whether be harmful program is extremely insecure.
Therefore, how the legitimacy of computer program is effectively identified, to guarantee that the normal operation of computer is this
Field technical staff's urgent problem to be solved.
Summary of the invention
The purpose of the application is to provide a kind of program security recognition methods, and this method can be to the legitimacy of computer program
It is effectively identified, ensure that the normal operation of computer;The another object of the application is to provide a kind of program security identification
Device, equipment and computer readable storage medium, it may have above-mentioned beneficial effect.
In order to solve the above technical problems, this application provides a kind of program security recognition methods, comprising:
When receiving list to be identified, the attribute-bit of the list to be identified is determined;
Judge in default list library with the presence or absence of the program list with the list to be identified with same alike result mark;
If it exists, then the level of trust of described program list is obtained;
Set the level of trust of described program list to the level of trust of the list to be identified.
Preferably, the attribute-bit is hash value.
Preferably, the building process in the default list library includes:
File acquisition is carried out by sampling instrument, obtains each program list;
Determine the level of trust and attribute-bit of each described program list;
Judged in the default list library according to the attribute-bit with the presence or absence of corresponding program list;
If it exists, then the described program list of acquisition is deleted;
If it does not exist, then the described program list of acquisition is inserted into corresponding level of trust and attribute-bit described pre-
If list library.
Preferably, the described program list by acquisition is inserted into described pre- with corresponding level of trust and attribute-bit
If list library, comprising:
System type judgement is carried out to described program list;
If described program list is Windows file, by described program list and corresponding level of trust and attribute mark
Knowledge is inserted into Windows list library;
If described program list is Linux file, by described program list and corresponding level of trust and attribute-bit
It is inserted into Linux list library.
Preferably, described program safety recognition methods further include:
It is carried out according to the program list in the program name single pair program listing and client inventory in the default list library
Level of trust updates.
Preferably, described to judge that there is same alike result mark with the presence or absence of with the list to be identified in default list library
Before program list, further includes:
Judge that the inventory to be identified whether there is in described program inventory according to the attribute-bit;
If it exists, then the level of trust of the list to be identified is obtained in described program inventory;
If it does not exist, then executing in the default list library of the judgement has same genus with the presence or absence of with the list to be identified
Property mark program list the step of.
Preferably, described program safety recognition methods further include:
If the program list that there is same alike result mark with the list to be identified is not present in the default list library,
After the level of trust for determining the list to be identified, the attribute-bit of the list to be identified is calculated, and by the institute after identification
It states list to be identified and is inserted into the default list library with corresponding level of trust and attribute-bit.
In order to solve the above technical problems, present invention also provides a kind of program security identification devices, comprising:
Attribute-bit determining module, for when receiving list to be identified, determining the attribute mark of the list to be identified
Know;
Program list judgment module is identical with the presence or absence of having with the list to be identified in default list library for judging
The program list of attribute-bit;
Level of trust obtains module, if having same genus with the list to be identified for existing in the default list library
Property mark program list, then obtain the level of trust of described program list;
Level of trust setup module, for setting the level of trust of described program list in the letter of the list to be identified
Appoint rank.
In order to solve the above technical problems, present invention also provides a kind of program securities to identify equipment, comprising:
Memory, for storing computer program;
Processor realizes the step of any one of the above program security recognition methods when for executing the computer program
Suddenly.
In order to solve the above technical problems, the computer can present invention also provides a kind of computer readable storage medium
It reads to be stored with computer program on storage medium, the computer program realizes any one of the above program when being executed by processor
The step of safety recognition methods.
A kind of program security recognition methods provided herein, including when receiving list to be identified, determine institute
State the attribute-bit of list to be identified;Judge that there is same alike result mark with the presence or absence of with the list to be identified in default list library
The program list of knowledge;If it exists, then the level of trust of described program list is obtained;The level of trust of described program list is arranged
For the level of trust of the list to be identified.
As it can be seen that program security recognition methods provided herein, constructs list library to store known legitimate in advance
The program list of property, can be direct after obtaining its attribute-bit as a result, when receiving the list to be identified of unknown legitimacy
Judge to whether there is program list identical with its attribute-bit in default list library, if the attribute-bit of list to be identified with
The attribute-bit of a certain program list is identical in default list library, then list to be identified and the program list are same computer journey
Sequence realizes the effective judgement for treating identification list legitimacy then the level of trust of the two also must be the same as a result, into
One step guarantees that the computer program of client operation is legitimacy program, ensure that the normal operation of computer.
A kind of program security identification device, equipment and computer readable storage medium provided herein, has
There is above-mentioned beneficial effect, details are not described herein.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of application for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is a kind of flow diagram of program security recognition methods provided herein;
Fig. 2 is a kind of flow diagram of the construction method in default list library provided herein;
Fig. 3 is the flow diagram of another program security recognition methods provided herein;
Fig. 4 is a kind of structural schematic diagram of program security identification device provided herein;
Fig. 5 is the structural schematic diagram that a kind of program security provided herein identifies equipment.
Specific embodiment
The core of the application is to provide a kind of program security recognition methods, and this method can be to the legitimacy of computer program
It is effectively identified, ensure that the normal operation of computer;Another core of the application is to provide a kind of program security identification
Device, equipment and computer readable storage medium, it may have above-mentioned beneficial effect.
To keep the purposes, technical schemes and advantages of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application
In attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is
Some embodiments of the present application, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art
All other embodiment obtained without making creative work, shall fall in the protection scope of this application.
Referring to FIG. 1, Fig. 1 is a kind of flow diagram of program security recognition methods provided herein, the party
Method may include:
S101: when receiving list to be identified, the attribute-bit of list to be identified is determined;
This step aim at treat identification list attribute-bit acquisition, wherein the list to be identified be it is unknown its
The program list of legitimacy, each program list have its unique corresponding attribute-bit.Therefore, when management platform receive to
When identifying list, it can be calculated, to obtain its corresponding unique identification, i.e., above-mentioned attribute-bit.It is contemplated that,
The concrete type of the attribute-bit has no effect on the implementation of the technical program, need to only can be realized and represent program list uniqueness
Function.
Preferably, above-mentioned attribute-bit can be hash value.
A kind of concrete type of attribute-bit, i.e. hash value are present embodiments provided, for list hash value to be identified
Acquisition can be realized by hash algorithm.Specifically, the binary value of random length can be mapped as regular length by hash algorithm
Smaller binary value, which is cryptographic Hash, i.e., above-mentioned hash value.Due to cryptographic Hash be one piece of data it is unique and
Extremely compact numerical value representation, even if only changing a letter in paragraph in one section of plaintext of hash, subsequent Hash all will
Generate different values, therefore, to find hash be the same hash value two different inputs, computationally for substantially
It is impossible, thus can be using hash value as above-mentioned attribute-bit, to represent the uniqueness of program list.
S102: judge in default list library with the presence or absence of the program list with list to be identified with same alike result mark;
Specifically, can judge default list library based on the attribute-bit after the attribute-bit for obtaining list to be identified
In whether there is the computer program, that is, judge that there is same alike result mark with the presence or absence of with list to be identified in default list library
Program list.According to the uniqueness of attribute-bit, if attribute-bit is identical, illustrate in list to be identified and default list library
Program list be same computer program, be otherwise different computer programs.Wherein, above-mentioned default list library is preparatory structure
The list library built, wherein being stored with the program list of a large amount of known legitimate.
Further, this application provides a kind of construction methods in specific default list library, referring to FIG. 2, Fig. 2 is this Shen
Please provided by a kind of flow chart of default list base construction method, this method can include:
S201: file acquisition is carried out by sampling instrument, obtains each program list;
S202: the level of trust and attribute-bit of each program list are determined;
S203: judged to whether there is corresponding program list in default list library according to attribute-bit;If it exists, then it executes
S204 then executes S205 if it does not exist;
S204: the program list of acquisition is deleted;
S205: the program list of acquisition is inserted into default list library with corresponding level of trust and attribute-bit.
Firstly, carrying out file acquisition by preset sampling instrument, all kinds of program lists are obtained with as much as possible,
In, the sampling instrument which can carry for system, for example, sampling instrument is one for linux system
Shell script, for Windows system, sampling instrument is an exe program, it is seen then that the concrete type of sampling instrument
According to depending on system type, the application is not limited this.Further, to each program list carry out level of trust setting and
The calculating of attribute-bit, the process can carry out multiple audit and verification, to guarantee the standard of program list level of trust setting result
True property, and then guarantee the subsequent accuracy treated identification list and compare judgement.Further, since program list is slotting one by one
Enter to default list library, and the case where the program list in system also will appear repetition, therefore, inserted by each program list
Enter to before default list library, first can judge whether it has been stored in default list library according to its attribute-bit, if
It is inserted into default list library, then is directly deleted the program list of the acquisition, to avoid repeating, certainly, if default
The program list of the acquisition is not present in list library, then is inserted into the program list together together with its confidence levels and attribute-bit
Into default list library.
Preferably, the program list of acquisition is inserted into default list library with corresponding level of trust and attribute-bit, wrapped
It includes: system type judgement is carried out to program list;If program list is Windows file, by program list and corresponding letter
Rank and attribute-bit is appointed to be inserted into Windows list library;If program list be Linux file, by program list with it is corresponding
Level of trust and attribute-bit be inserted into Linux list library.
For the identification convenient for list to be identified, for the program list in default list library, system class according to locating for it
The difference of type is stored in different list libraries, specifically, before program list is inserted into default list library,
System type judgement first can be carried out to it, the program list for belonging to Windows system is inserted into Windows list library, will be belonged to
Linux list library is inserted into the program list of linux system.Wherein, above-mentioned Windows file is to belong to Windows system
The program list of system, Linux file are the program list for belonging to linux system.
As a kind of preferred embodiment, which can also include: according in default list library
Program list in program name single pair program listing and client inventory carries out level of trust update.
Specifically, due to presetting its known level of trust of the program list in list library and attribute-bit, to protect
The normal operation of card system and client can also be based further on the level of trust of each program list in default list library to being
The program list in internal program inventory and client inventory of uniting carries out the update of level of trust, i.e., to being already present on default list
In library and it is under the jurisdiction of the program name of program listing and client inventory and sets up surely corresponding level of trust.
S103: it if there is the program list that there is same alike result mark with list to be identified in default list library, obtains
The level of trust of program list;
S104: the level of trust of program list is set to the level of trust of list to be identified.
It is aforementioned it is stated that if there is the program name that there is same alike result mark with list to be identified in default list library
It is single, then illustrate that the program list in list to be identified and default list library is same computer program, then, the program list
Level of trust is the level of trust of list to be identified, at this point, the program list directly can be obtained in default list library
Level of trust, and set the level of trust of program list to the level of trust of list to be identified, identification name is treated to realize
Single validity decision, the i.e. identification of completion program list.Further, white or grey program name is judged as level of trust
It is single, it directly operates normally on the client, black or unknown program program list is judged as level of trust, then
Forbid running on the client, so that the normal operation of computer system be effectively ensured.
Program security recognition methods provided herein constructs journey of the list library to store known legitimate in advance
Sequence list after obtaining its attribute-bit, can directly judge pre- as a result, when receiving the list to be identified of unknown legitimacy
If whether there is program list identical with its attribute-bit in list library, if the attribute-bit of list to be identified and default name
The attribute-bit of a certain program list is identical in single library, then list to be identified and the program list are same computer program, that
The level of trust of the two also must be the same, and realizes the effective judgement for treating identification list legitimacy as a result, further protects
The computer program for demonstrate,proving client operation is legitimacy program, ensure that the normal operation of computer.
On the basis of the various embodiments described above, referring to FIG. 3, Fig. 3 is another program security provided herein
The flow diagram of recognition methods, the program security recognition methods can include:
S301: when receiving list to be identified, determine list to be identified attribute-bit;
S302: judge that inventory to be identified whether there is in program listing according to attribute-bit;If it exists, then it executes
S303;If it does not exist, then S304 is executed;
S303: the level of trust of list to be identified is obtained in program listing;
Specifically, due to can be by presetting in the program name single pair system program inventory and client inventory in list library
Program list has carried out the update of level of trust, therefore each program list in program listing is also to have completed level of trust to sentence
Therefore the fixed and legal computer program run when receiving new list to be identified, can be inquired first in program listing
With the presence or absence of the program list with the list to be identified with same alike result mark, and if it exists, then no longer need to and default list library
In program list compared one by one, identification name is directly treated according to the level of trust of program list corresponding in program listing
It is single to carry out level of trust setting, to guarantee recognition efficiency.
S304: judge in default list library with the presence or absence of the program list with list to be identified with same alike result mark;
If it exists, then S305 is executed;If it does not exist, then S306 is executed;
S305: the level of trust of institute's program list is obtained, sets list to be identified for the level of trust of program list
Level of trust;
S306: after the level of trust for determining list to be identified, the attribute-bit of list to be identified is calculated, and will be after identification
List to be identified be inserted into default list library with corresponding level of trust and attribute-bit.
Specifically, if not inquiring the program name that there is same alike result mark with list to be identified in default list library
It is single, then illustrate that the list to be identified is new list, do not stored in default list library in advance, at this point, can be by artificial right
It carries out level of trust judgement, after completing level of trust setting, its attribute-bit can be calculated, finally by the completion level of trust
The list to be identified not determined is stored together together with its level of trust and attribute-bit to default list library, so as to subsequent to again
The identical program list received carries out identification decision.
The content that can refer to previous embodiment for the specific implementation process of above-mentioned steps S301 and S304, S305,
This is not being repeated.
Program security recognition methods provided herein is realized based on default list library and attribute-bit and treats knowledge
Effective judgement of alias list legitimacy is further ensured that the computer program of client operation is legitimacy program, ensure that
The normal operation of computer.
On the basis of the various embodiments described above, this application provides a kind of more specifically program security recognition methods,
This method can include:
(1) building of list library is preset:
Firstly, carrying out the acquisition of program list.Specifically, can be by default sampling instrument under specified directory or file
Program list is acquired, and obtains its hash value, then, generates corresponding file after level of trust setting is carried out to it,
And each file corresponds to a record, specific format are as follows: hash#osType#trustlevel, wherein osType=1 table
Show Windows system, osType=2 indicates linux system;TurstLevel=1 indicates that level of trust is black, turstLevel
=2 indicate that level of trust is white.
Further, the program list of acquisition is directed into default list library.Specifically, due to being acquired by sampling instrument
File be encryption file, therefore before importing default list library, first it is decrypted, it is right after the completion of decryption
All program name individual palpations are classified according to OSType, that is, are divided into two class of Windows and Linux;Later, can to two class method lists into
The following processing of row: firstly, being filtered to two class method lists, to filter out already existing program in current preset list library
List avoids repeating;Further, by program name individual palpation lighting system type remaining after filtering be inserted into respectively windows and
In two libraries Linux;Finally, filtering out level of trust in default list library based on hash value is black program list, and utilize
Program list in remaining program name single pair system program inventory and client inventory carries out the update of level of trust, to guarantee
All program lists that active client is run are the legal computer program run.
(2) list identification to be identified:
In system operation, when receiving the list to be identified that client reports, it can determine whether it whether first
Through being present in the program listing of system, and if it exists, then directly treat identification list progress level of trust by program listing and sentence
It is fixed, it if it does not exist, is then compared with the program list in default list library, if it find that being stored in default list library
Identical program list then directly carries out the modification of level of trust according to program name single pair list to be identified, thus real
Existing program list identification.
In addition, can also further realize the inquiry of program listing, specifically can be preset do not shown for system default it is default
Program list in list library is defaulted and is not shown built-in white list, only when receiving modification request, can carry out to it
Display.
Program security recognition methods provided herein constructs journey of the list library to store known legitimate in advance
Sequence list after obtaining its attribute-bit, can directly judge pre- as a result, when receiving the list to be identified of unknown legitimacy
If whether there is program list identical with its attribute-bit in list library, if the attribute-bit of list to be identified and default name
The attribute-bit of a certain program list is identical in single library, then list to be identified and the program list are same computer program, that
The level of trust of the two also must be the same, and realizes the effective judgement for treating identification list legitimacy as a result, further protects
The computer program for demonstrate,proving client operation is legitimacy program, ensure that the normal operation of computer.
To solve the above problems, referring to FIG. 4, Fig. 4 is a kind of program security identification device provided herein
Structural schematic diagram, the device can include:
Attribute-bit determining module 10, for when receiving list to be identified, determining the attribute-bit of list to be identified;
Program list judgment module 20, for judging that there is same genus with the presence or absence of with list to be identified in default list library
Property mark program list;
Level of trust obtains module 30, if identifying with list to be identified with same alike result for existing in default list library
Program list, then obtain the level of trust of program list;
Level of trust setup module 40, for setting the level of trust of program list to the level of trust of list to be identified
Not.
As a kind of preferred embodiment, which may also include default list library building module, use
In carrying out file acquisition by sampling instrument, each program list is obtained;Determine the level of trust and attribute-bit of each program list;
Judged to whether there is corresponding program list in default list library according to attribute-bit;If it exists, then the program name of acquisition is deleted
It is single;If it does not exist, then the program list of acquisition is inserted into default list library with corresponding level of trust and attribute-bit.
As a kind of preferred embodiment, which may also include inventory update module, be used for basis
The program list in program name single pair program listing and client inventory in default list library carries out level of trust update.
As a kind of preferred embodiment, which may also include program list and prejudges disconnected module, use
According to attribute-bit judge inventory to be identified whether there is in program listing;If it exists, then in program listing obtain to
Identify the level of trust of list;If it does not exist, then enter above procedure list judgment module 20.
As a kind of preferred embodiment, which may also include program list memory module, is used for
If determining list to be identified there is no the program list with list to be identified with same alike result mark in default list library
Level of trust after, calculate the attribute-bit of list to be identified, and by list to be identified and the corresponding level of trust after identification
Default list library is inserted into attribute-bit.
Above method embodiment is please referred to for the introduction of device provided by the present application, this will not be repeated here by the application.
To solve the above problems, referring to FIG. 5, Fig. 5 is that a kind of program security provided herein identifies equipment
Structural schematic diagram, the equipment can include:
Memory 1, for storing computer program;
Processor 2, realizes following steps when for executing computer program:
When receiving list to be identified, the attribute-bit of list to be identified is determined;Judge whether deposit in default list library
In the program list with list to be identified with same alike result mark;If it exists, then the level of trust of program list is obtained;By journey
The level of trust of sequence list is set as the level of trust of list to be identified.
Above method embodiment is please referred to for the introduction of equipment provided by the present application, this will not be repeated here by the application.
To solve the above problems, present invention also provides a kind of computer readable storage medium, the computer-readable storage
It is stored with computer program on medium, can be realized when computer program is executed by processor following rapid:
When receiving list to be identified, the attribute-bit of list to be identified is determined;Judge whether deposit in default list library
In the program list with list to be identified with same alike result mark;If it exists, then the level of trust of program list is obtained;By journey
The level of trust of sequence list is set as the level of trust of list to be identified.
The computer readable storage medium may include: USB flash disk, mobile hard disk, read-only memory (Read-Only
Memory, ROM), random access memory (Random Access Memory, RAM), magnetic or disk etc. is various to deposit
Store up the medium of program code.
Above method embodiment is please referred to for the introduction of computer readable storage medium provided by the present application, the application exists
This is not repeated them here.
Each embodiment is described in a progressive manner in specification, the highlights of each of the examples are with other realities
The difference of example is applied, the same or similar parts in each embodiment may refer to each other.For device disclosed in embodiment
Speech, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is referring to method part illustration
?.
Professional further appreciates that, unit described in conjunction with the examples disclosed in the embodiments of the present disclosure
And algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clearly demonstrate hardware and
The interchangeability of software generally describes each exemplary composition and step according to function in the above description.These
Function is implemented in hardware or software actually, the specific application and design constraint depending on technical solution.Profession
Technical staff can use different methods to achieve the described function each specific application, but this realization is not answered
Think beyond scope of the present application.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor
The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit
Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology
In any other form of storage medium well known in field.
Above to program security recognition methods, device, equipment and computer-readable storage medium provided herein
Matter is described in detail.Specific examples are used herein to illustrate the principle and implementation manner of the present application, above
The explanation of embodiment is merely used to help understand the present processes and its core concept.It should be pointed out that for the art
Those of ordinary skill for, under the premise of not departing from the application principle, can also to the application carry out it is several improvement and repair
Decorations, these improvement and modification also fall into the protection scope element of the claim of this application.
Claims (10)
1. a kind of program security recognition methods characterized by comprising
When receiving list to be identified, the attribute-bit of the list to be identified is determined;
Judge in default list library with the presence or absence of the program list with the list to be identified with same alike result mark;
If it exists, then the level of trust of described program list is obtained;
Set the level of trust of described program list to the level of trust of the list to be identified.
2. program security recognition methods as described in claim 1, which is characterized in that the attribute-bit is hash value.
3. program security recognition methods as described in claim 1, which is characterized in that the building process in the default list library
Include:
File acquisition is carried out by sampling instrument, obtains each program list;
Determine the level of trust and attribute-bit of each described program list;
Judged in the default list library according to the attribute-bit with the presence or absence of corresponding program list;
If it exists, then the described program list of acquisition is deleted;
If it does not exist, then the described program list of acquisition is inserted into the default name with corresponding level of trust and attribute-bit
Dan Ku.
4. program security recognition methods as claimed in claim 3, which is characterized in that the described program list by acquisition
The default list library is inserted into corresponding level of trust and attribute-bit, comprising:
System type judgement is carried out to described program list;
If described program list is Windows file, described program list is inserted with corresponding level of trust and attribute-bit
Enter to Windows list library;
If described program list is Linux file, described program list is inserted into corresponding level of trust and attribute-bit
To Linux list library.
5. the program security recognition methods as described in Claims 1-4 any one, which is characterized in that further include:
Trusted according to the program list in the program name single pair program listing and client inventory in the default list library
Grade renewal.
6. program security recognition methods as claimed in claim 5, which is characterized in that it is described judge in default list library whether
Before the program list with the list to be identified with same alike result mark, further includes:
Judge that the inventory to be identified whether there is in described program inventory according to the attribute-bit;
If it exists, then the level of trust of the list to be identified is obtained in described program inventory;
If it does not exist, then executing in the default list library of the judgement has same alike result mark with the presence or absence of with the list to be identified
The step of program list of knowledge.
7. program security recognition methods as described in claim 1, which is characterized in that further include:
If there is no the program lists with the list to be identified with same alike result mark in the default list library, true
After the level of trust of the fixed list to be identified, calculate the attribute-bit of the list to be identified, and by described in after identification to
Identify that list is inserted into the default list library with corresponding level of trust and attribute-bit.
8. a kind of program security identification device characterized by comprising
Attribute-bit determining module, for when receiving list to be identified, determining the attribute-bit of the list to be identified;
Program list judgment module, for judging that there is same alike result with the presence or absence of with the list to be identified in default list library
The program list of mark;
Level of trust obtains module, if having same alike result mark with the list to be identified for existing in the default list library
The program list of knowledge, then obtain the level of trust of described program list;
Level of trust setup module, for setting the level of trust of described program list to the level of trust of the list to be identified
Not.
9. a kind of program security identifies equipment characterized by comprising
Memory, for storing computer program;
Processor realizes program security as claimed in any one of claims 1 to 7 when for executing the computer program
The step of recognition methods.
10. a kind of computer readable storage medium, which is characterized in that be stored with computer on the computer readable storage medium
Program, the computer program realize that program security as claimed in any one of claims 1 to 7 is known when being executed by processor
The step of other method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910464979.0A CN110162962A (en) | 2019-05-30 | 2019-05-30 | Program security recognition methods, device, equipment and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910464979.0A CN110162962A (en) | 2019-05-30 | 2019-05-30 | Program security recognition methods, device, equipment and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110162962A true CN110162962A (en) | 2019-08-23 |
Family
ID=67630629
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910464979.0A Pending CN110162962A (en) | 2019-05-30 | 2019-05-30 | Program security recognition methods, device, equipment and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110162962A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105069352A (en) * | 2015-07-29 | 2015-11-18 | 浪潮电子信息产业股份有限公司 | Method for constructing operating environment of trusted application program on server |
| US20170237754A1 (en) * | 2016-02-17 | 2017-08-17 | Sophos Limited | Evaluating installers and installer payloads |
| CN107766731A (en) * | 2017-09-22 | 2018-03-06 | 郑州云海信息技术有限公司 | A kind of anti-virus attack realization method and system based on application program management and control |
| CN107944232A (en) * | 2017-12-08 | 2018-04-20 | 郑州云海信息技术有限公司 | A kind of design method and system of the Active Defending System Against based on white list technology |
| CN108549810A (en) * | 2018-04-03 | 2018-09-18 | 郑州云海信息技术有限公司 | A kind of program white list service method and system based on OS Type |
| CN108763933A (en) * | 2018-05-23 | 2018-11-06 | 郑州云海信息技术有限公司 | A kind of application management method and system based on auto-programming inventory |
| CN109413042A (en) * | 2018-09-25 | 2019-03-01 | 郑州云海信息技术有限公司 | Method and system based on centralized management platform management blacklist rule |
-
2019
- 2019-05-30 CN CN201910464979.0A patent/CN110162962A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105069352A (en) * | 2015-07-29 | 2015-11-18 | 浪潮电子信息产业股份有限公司 | Method for constructing operating environment of trusted application program on server |
| US20170237754A1 (en) * | 2016-02-17 | 2017-08-17 | Sophos Limited | Evaluating installers and installer payloads |
| CN107766731A (en) * | 2017-09-22 | 2018-03-06 | 郑州云海信息技术有限公司 | A kind of anti-virus attack realization method and system based on application program management and control |
| CN107944232A (en) * | 2017-12-08 | 2018-04-20 | 郑州云海信息技术有限公司 | A kind of design method and system of the Active Defending System Against based on white list technology |
| CN108549810A (en) * | 2018-04-03 | 2018-09-18 | 郑州云海信息技术有限公司 | A kind of program white list service method and system based on OS Type |
| CN108763933A (en) * | 2018-05-23 | 2018-11-06 | 郑州云海信息技术有限公司 | A kind of application management method and system based on auto-programming inventory |
| CN109413042A (en) * | 2018-09-25 | 2019-03-01 | 郑州云海信息技术有限公司 | Method and system based on centralized management platform management blacklist rule |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107483509A (en) | A kind of auth method, server and readable storage medium storing program for executing | |
| CN112231647A (en) | Software authorization verification method | |
| CN108255505A (en) | A kind of firmware update, device, equipment and computer readable storage medium | |
| CN105678192B (en) | A kind of key application method and application apparatus based on smart card | |
| CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
| CN109829294A (en) | A kind of firmware validation method, system, server and electronic equipment | |
| US10740491B2 (en) | Method and device for verifying instructions of diagnostic equipment, and lower computer | |
| CN106452786A (en) | Encryption and decryption processing method, apparatus and device | |
| CN113656780B (en) | Cross-chain access control method and device | |
| CN107194237B (en) | Method and device for application program security authentication, computer equipment and storage medium | |
| KR20160110276A (en) | Method and apparatus for generating Dynamic Secure Module | |
| CN104751049A (en) | Application program installing method and mobile terminal | |
| CN112507326B (en) | Encryption method and device for password information based on SM3 hash algorithm and computer equipment | |
| CN102833247A (en) | Method for anti-sweeping ciphers in user login system and device thereof | |
| CN112231702A (en) | Application protection method, device, equipment and medium | |
| KR20040078593A (en) | System for binding secrets to a computer system having tolerance for hardware changes | |
| CN112000933B (en) | Application software activation method and device, electronic equipment and storage medium | |
| CN111090616B (en) | File management method, corresponding device, equipment and storage medium | |
| CN112651039A (en) | Electric power data differentiation desensitization method and device fusing service scenes | |
| CN110971609A (en) | Anti-cloning method of DRM client certificate, storage medium and electronic equipment | |
| US10862831B2 (en) | System, method, and computer program product providing end-to-end security of centrally accessible group membership information | |
| CN110162962A (en) | Program security recognition methods, device, equipment and computer readable storage medium | |
| CN102426592A (en) | Method for initializing database based on dynamic password | |
| CN106130968A (en) | A kind of identity identifying method and system | |
| CN113792304B (en) | Database access system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190823 |