CN110465094A - A kind of plug-in detection method of game based on IP port diagnostic - Google Patents
A kind of plug-in detection method of game based on IP port diagnostic Download PDFInfo
- Publication number
- CN110465094A CN110465094A CN201910765197.0A CN201910765197A CN110465094A CN 110465094 A CN110465094 A CN 110465094A CN 201910765197 A CN201910765197 A CN 201910765197A CN 110465094 A CN110465094 A CN 110465094A
- Authority
- CN
- China
- Prior art keywords
- data packet
- plug
- far
- port
- blacklist
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- A—HUMAN NECESSITIES
- A63—SPORTS; GAMES; AMUSEMENTS
- A63F—CARD, BOARD, OR ROULETTE GAMES; INDOOR GAMES USING SMALL MOVING PLAYING BODIES; VIDEO GAMES; GAMES NOT OTHERWISE PROVIDED FOR
- A63F13/00—Video games, i.e. games using an electronically generated display having two or more dimensions
- A63F13/70—Game security or game management aspects
- A63F13/75—Enforcing rules, e.g. detecting foul play or generating lists of cheating players
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention provides a kind of plug-in detection methods of the game based on IP port diagnostic, this method comprises: the client of step S1, Windows system application layer creates networks filter driver in driving layer;Step S2, the port a far-end address IP- blacklist is established, the port far-end address IP- blacklist stores the IP and port numbers of the plug-in far-end address that can be accessed;Step S3, networks filter driver establishes the data packet that layer captures all request connection servers in data flow, and the IP and port parameter of data packet are analyzed, if the far-end IP of blacklist item is equal in the port the far-end address IP and far-end address IP- blacklist of data packet, the distal end slogan of data packet is equal with the distal end slogan of blacklist item simultaneously, then determines that this data packet is the data packet of plug-in transmission;And far-end address IP, distal end slogan, process ID, process path these information are written in plug-in detection journal file.The present invention can be for plug-in, the efficient detection of realization of known IP feature and port diagnostic.
Description
Technical field
The present invention relates to computer system field of communication technology, software security, the plug-in detection fields of game, especially a kind of
The plug-in detection method of game based on IP port diagnostic.
Background technique
Existing plug-in detection module is usually using the detection method based on proceeding internal memory scanning, such as the memory of scan procedure
Space judges whether comprising plug-in condition code etc., plug-in for game temporarily without disclosed based on data packet IP, port diagnostic
Inner nuclear layer detection means.
The above-mentioned existing plug-in detection scheme of game may use the methods of hidden process, memory polymorphicization by plug-in
Around detection.The scheme of this patent description can detecte such plug-in.In addition this patent is having IP and end applied to detection
Precise and high efficiency is showed to obtain in the plug-in scene of mouth feature.
Technical term is explained:
The WFP filter frame that Microsoft provides delimit many layers in network packet transmission process, such as: FWPM_
LAYER_ALE_FLOW_ESTABLISHED_V4 layers (i.e. data flow foundation layer), FWPM_LAYER_STREAM_V4 layers of (i.e. data
Fluid layer) and FWPM_LAYER_DATAGRAM_DATA_V4 layers (i.e. layer data packet);Since data packet needs basis in system bottom
Different network protocols are packaged, therefore the data content that different layers capture is different.This patent scheme mentions FWPM_
LAYER_ALE_FLOW_ESTABLISHED_V4 layers (i.e. data flow foundation layer), FWPM_LAYER_ALE_FLOW_
ESTABLISHED_V4 layers can capture the authorization connection request that process is sent, and can obtain the transmitting-receiving of data packet in this layer
Progress information, transmitting-receiving IP information, transmitting-receiving port information.
WFP (Windows Filter Platform), computerese are a kind of Windows filter stages, were used for
Filter network packet.
Basic filtering engine BFE is the included user mode services of a Windows operating system, coordinates WFP component, base
The main task that this filter engine BFE is executed is to add or remove filter, the configuration of stored filter device into system and strengthen
WFP configures safety.The communication of application program and basic filtering engine BFE pass through the WFP management functions such as FwpmEngineOpen
It carries out.
Summary of the invention
In order to overcome the problems referred above, the object of the present invention is to provide a kind of plug-in detection sides of the game based on IP port diagnostic
Method is a kind of hidden plug-in behavior monitoring means, can be for plug-in, the efficient inspection of realization of known IP feature and port diagnostic
It surveys.
The present invention is realized using following scheme: a kind of plug-in detection method of game based on IP port diagnostic, feature exist
In: described method includes following steps: step S1, the client of Windows system application layer creates network filtering in driving layer
Driving;
Step S2, the port a far-end address IP- blacklist is established, the storage of far-end address IP- port blacklist is plug-in
The IP and port numbers for the far-end address that can be accessed;
Step S3, networks filter driver establishes the data packet that layer captures all request connection servers in data flow, and right
The IP and port parameter of data packet are analyzed, if in the port the far-end address IP and far-end address IP- blacklist of data packet
The far-end IP of blacklist item is equal, while the distal end slogan of data packet is equal with the distal end slogan of blacklist item, then determines
This data packet is the data packet of plug-in transmission;And by far-end address IP, distal end slogan, process ID, process path these information
It is written in plug-in detection journal file.
2, the plug-in detection method of a kind of game based on IP port diagnostic according to claim 1, it is characterised in that:
The step S2 is further specifically: during creation networks filter driver, the IP address of plug-in access and port numbers are write
Enter the file to networks filter driver, the load of Windows system application and opening network filtration drive;Networks filter driver
After opening successfully, the port far-end address IP- blacklist is initialized, during initializing blacklist, networks filter driver will
All there are IP address and port numbers to be inserted into the blacklist of the port far-end address IP- in write-in file.
3, the plug-in detection method of a kind of game based on IP port diagnostic according to claim 1, it is characterised in that:
Between the step S2 and step S3 further include: step S21, networks filter driver obtains base using FwpmEngineOpen function
This filter engine BFE handle, the parameter as subsequent operation;
Step S22, networks filter driver is established layer in data flow using FwpsCalloutRegister function registration and is monitored
The call back function of data;
Step S23, networks filter driver uses FwpmCalloutAdd function to basic filtering engine BFE application addition
The call back function of preceding registration;
Step S24, networks filter driver uses FwpmSubLayerAdd function, establishes layer creation sublayer in data flow, uses
In capture data;
Step S25, networks filter driver uses FwpmFilterAdd function, by basic filtering engine BFE in data flow
Layer creation filter is established, and call back function is associated with sublayer;After completing association, when sublayer captures network packet,
System can call the corresponding call back function network data packet of sublayer;The data flow establishes the call back function of layer for handling
Request the data packet of network linking.
4, the plug-in detection method of a kind of game based on IP port diagnostic according to claim 3, it is characterised in that:
The step S3 is further specifically: step S31, networks filter driver establishes layer in data flow and captures all request connection services
The data packet of device can extract the far-end IP and remote port of this data packet when the call back function that data flow establishes layer is called
Number, all blacklist items of the port far-end address IP- blacklist are then traversed, each single item is remote with the data packet that currently captures
End address information compares, if the far-end address IP of data packet is equal with the far-end IP of blacklist item, while the distal end of data packet
Port numbers are equal with the distal end slogan of blacklist item, then determine that this data packet is the data packet of plug-in transmission, and then determine hair
It is plug-in for giving the process of this data packet, and enters step S32;If the far-end IP and distal end slogan of data packet cannot match far
Any blacklist item in address ip-port blacklist is held, then determining this data packet not is the data packet of plug-in transmission, and is terminated
Process;
Step S32, call back function using ZwWirteFile function by the far-end address IP of data packet, distal end slogan, into
These information of journey ID, process path are written in plug-in detection journal file.
5, the plug-in detection method of a kind of game based on IP port diagnostic according to claim 3, it is characterised in that:
The data flow establishes the call back function of layer after completing data packet analysis, no matter data packet whether be plug-in transmission data
Packet is let pass without exception, and data packet is allowed to continue to transmit.
The beneficial effects of the present invention are: 1. usage behavior blacklist mechanisms can accurately determine to trigger blacklist
Process is plug-in process.For the plug-in of known IP feature and port diagnostic, may be implemented efficiently to detect.
2. plug-in to bypass this by traditional application layer API hook technology using the network filtering technology of inner nuclear layer
Detection, greatly increases plug-in anti-detection difficulty.
Include login module, therefore this programme application surface is extremely wide 3. plug-in major part is all charge, can be applied to big
Measure plug-in detection.
4. the plug-in behavior monitoring method of the game of this patent is a kind of hidden plug-in behavioral value means, detection is improved
Ability.
Detailed description of the invention
Fig. 1 is method flow schematic diagram of the invention.
Fig. 2 is the port the far-end address IP- blacklist schematic diagram of one embodiment of the invention.
Specific embodiment
The present invention will be further described with reference to the accompanying drawing.
Refering to Figure 1, a kind of plug-in detection method of game based on IP port diagnostic of the invention, the present invention is based on
The WFP networks filter driver frame of Microsoft captures plug-in network request row by installing network filter in system bottom
For;Described method includes following steps: step S1, the client of Windows system application layer creates network filtering in driving layer
Driving;
Step S2, the port a far-end address IP- blacklist is established, the storage of far-end address IP- port blacklist is plug-in
The IP and port numbers for the far-end address that can be accessed;The step S2 is further specifically: during creation networks filter driver,
The IP address of plug-in access and port numbers are written to the file of networks filter driver, Windows system application loads simultaneously
Opening network filtration drive;After networks filter driver is opened successfully, the port far-end address IP- blacklist is initialized, is being initialized
During blacklist, networks filter driver, which will be written in file, all has IP address and port numbers to be inserted into far-end address
In the blacklist of the port IP-.In addition, the blacklist item stored in blacklist must be plug-in distinctive feature, i.e., in addition to this is plug-in
Remaining program does not have the access behavior of this network or probability is extremely low, otherwise there is wrong report risk.
Step S3, networks filter driver establishes the data packet that layer captures all request connection servers in data flow, and right
The IP and port parameter of data packet are analyzed, if in the port the far-end address IP and far-end address IP- blacklist of data packet
The far-end IP of blacklist item is equal, while the distal end slogan of data packet is equal with the distal end slogan of blacklist item, then determines
This data packet is the data packet of plug-in transmission;And by far-end address IP, distal end slogan, process ID, process path these information
It is written in plug-in detection journal file.
Wherein, between the step S2 and step S3 further include: step S21, networks filter driver uses
FwpmEngineOpen function obtains basic filtering engine BFE handle, the parameter as subsequent operation;
Step S22, networks filter driver establishes layer in data flow using FwpsCalloutRegister function registration
The call back function of (FWPM_LAYER_ALE_FLOW_ESTABLISHED_V4 layers) monitoring data;
Step S23, networks filter driver uses FwpmCalloutAdd function to basic filtering engine BFE application addition
The call back function of preceding registration;
Step S24, networks filter driver uses FwpmSubLayerAdd function, establishes layer creation sublayer in data flow, uses
In capture data;
Step S25, networks filter driver uses FwpmFilterAdd function, by basic filtering engine BFE in data flow
Layer creation filter is established, and call back function is associated with sublayer;After completing association, when sublayer captures network packet,
System can call the corresponding call back function network data packet of sublayer;The data flow establishes the call back function of layer for handling
Request the data packet of network linking.
In addition, the step S3 is further specifically: step S31, networks filter driver establishes layer capture institute in data flow
There is the data packet of request connection server that can extract the remote of this data packet when the call back function that data flow establishes layer is called
Hold IP and distal end slogan, then traverse all blacklist items of the port far-end address IP- blacklist, by each single item with currently catch
The far-end address information of the data packet obtained compares, if the far-end address IP of data packet is equal with the far-end IP of blacklist item, together
When data packet distal end slogan it is equal with the distal end slogan of blacklist item, then determine this data packet be plug-in transmission data
Packet, and then determine that the process for sending this data packet is plug-in, and enter step S32;If the far-end IP and distal end of data packet
Slogan cannot match any blacklist item in the blacklist of the port far-end address IP-, then determining this data packet not is plug-in transmission
Data packet, and terminate process;
Step S32, call back function using ZwWirteFile function by the far-end address IP of data packet, distal end slogan, into
These information of journey ID, process path are written in plug-in detection journal file.
Because the present invention only detects, interception function is not set, therefore the data flow establishes the call back function of layer complete
After data packet analysis, no matter data packet whether be plug-in transmission data packet, without exception let pass, allow data packet continue to transmit.
As shown in fig.2, below with reference to a specific embodiment, to further describe the specific implementation side of this patent scheme
Formula:
1. assuming that the plug-in A of game is the externally hung software for destroying the network game client C of game company B product.Outside
The network address that IP is 222.187.224.66 can be accessed after process initiation by hanging A, and the remote port slogan of access is 7373.And it removes
The plug-in A of game, other processes not will do it identical network request.
Whether run during the networks filter driver D detection player developed based on this programme 2. game company B is used
Plug-in A, and scheme protects game client C whereby.
3. after player's running game client C, game client C can automatic load networks filtration drive D, network filtering drives
Dynamic D initializes the port far-end address IP- blacklist after loading successfully, and is inserted into specially in the blacklist of the port far-end address IP-
Door is for detecting the blacklist item of the plug-in A of game " 222.187.224.66-7373 ".
4. networks filter driver D is complete at FWPM_LAYER_ALE_FLOW_ESTABLISHED_V4 layers (data flow foundation layer)
At starting to play network data packet filtering function after registered callbacks function, creation sublayer, the sequence of operations such as opening filter.
5. assuming in game client C operational process, player brings into operation the plug-in A of game.Game plug-in A starting at
Access network is attempted after function, is then sent data packet request to No. 7373 ports of the server that IP is 222.187.224.66 and is connected
It connects server, after the filters trap to this data packet of FWPM_LAYER_ALE_FLOW_ESTABLISHED_V4 sublayer, sentences
Break this network request access object IP address and port numbers at the same hit " 222.187.224.66-7373 " this black name
Individual event, it is determined that the process for sending this data packet is the process of the plug-in A creation of game.
6. networks filter driver D is by the far-end IP of this data packet, the process ID of distal end slogan and originating process, process road
Diameter information is written in plug-in detection journal file by ZwWriteFile function.So far, entire plug-in detection module completes
Primary plug-in behavior capture and record.(in addition to journal file is written, it can also will be believed by modes such as DeviceIoControl
Breath is back to client, but this programme focuses on the capture of plug-in behavior, so having chosen simplest write-in file
Method).
The foregoing is merely presently preferred embodiments of the present invention, all equivalent changes done according to scope of the present invention patent with
Modification, is all covered by the present invention.
Claims (5)
1. a kind of plug-in detection method of game based on IP port diagnostic, it is characterised in that: described method includes following steps:
Step S1, the client of Windows system application layer creates networks filter driver in driving layer;
Step S2, the port a far-end address IP- blacklist is established, the storage of far-end address IP- port blacklist is plug-in to visit
The IP and port numbers for the far-end address asked;
Step S3, networks filter driver establishes the data packet that layer captures all request connection servers in data flow, and to data
The IP and port parameter of packet are analyzed, if black name in the port the far-end address IP and far-end address IP- blacklist of data packet
The far-end IP of individual event is equal, while the distal end slogan of data packet is equal with the distal end slogan of blacklist item, then determines this number
It is the data packet of plug-in transmission according to packet;And far-end address IP, distal end slogan, process ID, these information of process path are written
Into plug-in detection journal file.
2. the plug-in detection method of a kind of game based on IP port diagnostic according to claim 1, it is characterised in that: described
Step S2 is further specifically: during creation networks filter driver, the IP address of plug-in access and port numbers are written to
The file of networks filter driver, the load of Windows system application and opening network filtration drive;Networks filter driver is opened
After success, the port far-end address IP- blacklist is initialized, during initializing blacklist, networks filter driver will be written
All in file have IP address and port numbers to be inserted into the blacklist of the port far-end address IP-.
3. the plug-in detection method of a kind of game based on IP port diagnostic according to claim 1, it is characterised in that: described
Between step S2 and step S3 further include: step S21, networks filter driver obtains basic mistake using FwpmEngineOpen function
Filter engine BFE handle, the parameter as subsequent operation;
Step S22, networks filter driver establishes layer monitoring data in data flow using FwpsCalloutRegister function registration
Call back function;
Step S23, networks filter driver is infused using FwpmCalloutAdd function to basic filtering engine BFE application addition before
The call back function of volume;
Step S24, networks filter driver uses FwpmSubLayerAdd function, layer creation sublayer is established in data flow, for catching
Obtain data;
Step S25, networks filter driver uses FwpmFilterAdd function, is established by basic filtering engine BFE in data flow
Layer creation filter, and call back function is associated with sublayer;After completing association, when sublayer captures network packet, system
The corresponding call back function network data packet of sublayer can be called;The data flow establishes the call back function of layer for handling request
The data packet of network linking.
4. the plug-in detection method of a kind of game based on IP port diagnostic according to claim 3, it is characterised in that: described
Step S3 is further specifically: step S31, networks filter driver establishes layer in data flow and captures all request connection servers
Data packet can extract the far-end IP and distal end slogan of this data packet, so when the call back function that data flow establishes layer is called
All blacklist items for traversing the port far-end address IP- blacklist afterwards, distally with the data packet that currently captures by each single item
Location information compares, if the far-end address IP of data packet is equal with the far-end IP of blacklist item, while the remote port of data packet
It is number equal with the distal end slogan of blacklist item, then determine that this data packet is the data packet of plug-in transmission, and then determine to send this
The process of data packet is plug-in, and enters step S32;If the far-end IP and distal end slogan of data packet cannot match distally
Any blacklist item in the blacklist of the location port IP-, then determining this data packet not is the data packet of plug-in transmission, and terminates to flow
Journey;
Step S32, call back function uses ZwWirteFile function by the far-end address IP of data packet, distal end slogan, process
These information of ID, process path are written in plug-in detection journal file.
5. the plug-in detection method of a kind of game based on IP port diagnostic according to claim 3, it is characterised in that: described
Data flow establishes the call back function of layer after completing data packet analysis, no matter data packet whether be plug-in transmission data packet, one
Rule is let pass, and data packet is allowed to continue to transmit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910765197.0A CN110465094A (en) | 2019-08-19 | 2019-08-19 | A kind of plug-in detection method of game based on IP port diagnostic |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910765197.0A CN110465094A (en) | 2019-08-19 | 2019-08-19 | A kind of plug-in detection method of game based on IP port diagnostic |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110465094A true CN110465094A (en) | 2019-11-19 |
Family
ID=68511220
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910765197.0A Pending CN110465094A (en) | 2019-08-19 | 2019-08-19 | A kind of plug-in detection method of game based on IP port diagnostic |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110465094A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113726761A (en) * | 2021-08-27 | 2021-11-30 | 深圳供电局有限公司 | Network security protection method based on white list |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101924769A (en) * | 2010-08-24 | 2010-12-22 | 无锡开创信息技术有限公司 | Payload characteristic identification based method for identifying Sohu dragon oath game service |
| WO2011150704A1 (en) * | 2010-06-03 | 2011-12-08 | 中兴通讯股份有限公司 | Method and apparatus for media gateway proxy |
| CN109347817A (en) * | 2018-10-12 | 2019-02-15 | 厦门安胜网络科技有限公司 | A kind of method and device that network security redirects |
| CN109889511A (en) * | 2019-01-31 | 2019-06-14 | 中国人民解放军61660部队 | Process DNS activity monitoring method, equipment and medium |
| CN109981604A (en) * | 2019-03-07 | 2019-07-05 | 北京华安普特网络科技有限公司 | A kind of method of the quick black chain of detection webpage |
-
2019
- 2019-08-19 CN CN201910765197.0A patent/CN110465094A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011150704A1 (en) * | 2010-06-03 | 2011-12-08 | 中兴通讯股份有限公司 | Method and apparatus for media gateway proxy |
| CN101924769A (en) * | 2010-08-24 | 2010-12-22 | 无锡开创信息技术有限公司 | Payload characteristic identification based method for identifying Sohu dragon oath game service |
| CN109347817A (en) * | 2018-10-12 | 2019-02-15 | 厦门安胜网络科技有限公司 | A kind of method and device that network security redirects |
| CN109889511A (en) * | 2019-01-31 | 2019-06-14 | 中国人民解放军61660部队 | Process DNS activity monitoring method, equipment and medium |
| CN109981604A (en) * | 2019-03-07 | 2019-07-05 | 北京华安普特网络科技有限公司 | A kind of method of the quick black chain of detection webpage |
Non-Patent Citations (1)
| Title |
|---|
| 雨中风华: "《Windows7以上使用WFP驱动框架实现IP数据包截取(一)》", 《CSDN》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113726761A (en) * | 2021-08-27 | 2021-11-30 | 深圳供电局有限公司 | Network security protection method based on white list |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Gascon et al. | Pulsar: Stateful black-box fuzzing of proprietary network protocols | |
| CN109088901A (en) | Deception defence method and system based on SDN building dynamic network | |
| CN102761458B (en) | Detection method and system of rebound type Trojan | |
| CN106888209B (en) | A kind of industry control bug excavation method based on protocol status figure extreme saturation | |
| CN102035793B (en) | Botnet detecting method, device and network security protective equipment | |
| CN103297433B (en) | The HTTP Botnet detection method of data flow Network Based and system | |
| CN102045220A (en) | Wooden horse monitoring and auditing method and system thereof | |
| CN1889573A (en) | Active decoy method and system | |
| CN103873463A (en) | Multistage filter firewall system and multistage filter method | |
| CN109587156A (en) | Abnormal network access connection identification and blocking-up method, system, medium and equipment | |
| CN114422278B (en) | Method, system and server for detecting program security | |
| CN110035062A (en) | A kind of network inspection method and apparatus | |
| CN109995705A (en) | Attack chain detection method and device based on high interaction honey pot system | |
| CN109800577A (en) | A kind of method and device of identification escape security monitoring behavior | |
| CN110465094A (en) | A kind of plug-in detection method of game based on IP port diagnostic | |
| CN107864128A (en) | Scanning detection method, device, readable storage medium storing program for executing based on network behavior | |
| CN100493065C (en) | Method for using immediate information software by data detection network address switching equipment | |
| CN110460611A (en) | Full flow attack detecting technology based on machine learning | |
| CN107241304A (en) | A kind of detection method and device of DDos attacks | |
| CN112671759A (en) | DNS tunnel detection method and device based on multi-dimensional analysis | |
| CN109981603A (en) | ARP Attack monitoring system and method | |
| CN113542311B (en) | Method for detecting and backtracking defect host in real time | |
| CN110351237A (en) | Honey jar method and device for numerically-controlled machine tool | |
| CN109800571A (en) | Event-handling method and device and storage medium and electronic device | |
| CN110404267A (en) | A kind of plug-in detection method of game based on HTTP flow HOST field feature |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191119 |
|
| RJ01 | Rejection of invention patent application after publication |