CN111222101A - Method and device for preventing software from being illegally copied and used and method and device for collecting software behavior information - Google Patents
Method and device for preventing software from being illegally copied and used and method and device for collecting software behavior information Download PDFInfo
- Publication number
- CN111222101A CN111222101A CN201811427803.XA CN201811427803A CN111222101A CN 111222101 A CN111222101 A CN 111222101A CN 201811427803 A CN201811427803 A CN 201811427803A CN 111222101 A CN111222101 A CN 111222101A
- Authority
- CN
- China
- Prior art keywords
- software
- physical machine
- information
- behavior information
- running
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 230000005856 abnormality Effects 0.000 claims abstract description 14
- 230000003068 static effect Effects 0.000 claims description 16
- 230000002159 abnormal effect Effects 0.000 claims description 10
- 238000001514 detection method Methods 0.000 claims description 3
- 230000006399 behavior Effects 0.000 description 57
- 238000004891 communication Methods 0.000 description 8
- 230000004044 response Effects 0.000 description 7
- 238000012795 verification Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 6
- 230000009471 action Effects 0.000 description 5
- 230000001186 cumulative effect Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000011022 operating instruction Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a method and a device for preventing software from being illegally copied and used and a method and a device for collecting software behavior information. The method for preventing the illegal copy use of the software comprises the following steps: acquiring behavior information sent when software on a physical machine directly runs on the physical machine or indirectly runs through a virtual machine; when the abnormality is detected in the behavior information, determining that the software is used by illegal copy, wherein the behavior information comprises at least one of the following: license identification continuously sent by software running and accumulated running time continuously sent by the software running. The technical scheme disclosed can find out that the software on the same physical machine and/or virtual machine with the same hardware information is illegally copied and used, and reduces the risk of software being pirated and used.
Description
Technical Field
The invention relates to the technical field of computer software, in particular to a method and a device for preventing software from being illegally copied and used and a method and a device for collecting software behavior information.
Background
The traditional software anti-piracy technology generally adopts the following methods:
1. and the legal version software corresponds to the registration codes one by one. This approach is difficult to prevent hacking or copying of the registration code.
2. Binding the legal edition software with the physical machine hardware information (or machine identification code based on the machine hardware information), etc. This method cannot prevent illegal copying and use of software on the virtual machine.
3. License check is carried out through the server. This method is simply a method of verifying license (e.g., registration code or machine code), and since the same license is provided, it is still impossible to distinguish illegal copying and use of software on a plurality of virtual machines on the same physical machine.
Because the registration codes and the hardware information corresponding to different virtual machines on the same physical machine are the same, the above technical solutions in the prior art cannot prevent the software from being illegally copied and used in the virtual machine environment.
Therefore, in order to solve the above technical problems, a new technical solution needs to be proposed.
Disclosure of Invention
The method for preventing the software from being illegally copied and used comprises the following steps:
acquiring behavior information sent when software on a physical machine directly runs on the physical machine or indirectly runs through a virtual machine;
when the abnormality is detected in the behavior information, the software is determined to be illegally copied for use,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
The method for preventing the software from being illegally copied and used further comprises the following steps:
sending out alarm information when the software is determined to be illegally copied and used; and/or
And when the software is determined to be used by illegal copy, sending an operation instruction for instructing the physical machine to automatically stop running or automatically delete or automatically unload the software used by illegal copy to the physical machine.
The method for preventing the software from being illegally copied and used further comprises the following steps:
receiving a physical machine identifier;
sending a license identifier which is required by the installation program of the software and/or the running of the software and is one-to-one bound with the physical machine identifier to the physical machine,
the license identifier comprises token, the physical machine identifier is an MD5 abstract of hardware information of the physical machine, and the hardware information comprises at least one of the following information: CPU information, hard disk information, network card information.
The method for preventing the software from being illegally copied and used comprises the following steps: the static license identifier is illegal, a plurality of dynamic license identifiers corresponding to the same physical machine exist at the same time, and the abnormal accumulated running time corresponding to the same physical machine exists.
The device for preventing the illegal copy use of the software comprises the following components:
the behavior information acquisition module is used for acquiring behavior information sent by software on the physical machine when the software runs on the physical machine directly or indirectly through the virtual machine;
an illegal use detection module for determining that the software is used by illegal copy when detecting the abnormality in the behavior information,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
The device for preventing the software from being illegally copied and used further comprises the following steps:
the warning module is used for sending warning information when the software is determined to be illegally copied and used; and/or
And the first sending module is used for sending an operation instruction for instructing the physical machine to automatically stop running or automatically delete or automatically unload the software used by the illegal copy to the physical machine when the software is determined to be used by the illegal copy.
The device for preventing the software from being illegally copied and used further comprises the following steps:
the physical machine identifier receiving module is used for receiving a physical machine identifier;
a second sending module, which sends license identification which is required by the installation program of the software and/or the software operation and is one-to-one bound with the physical machine identification to the physical machine,
the license identifier comprises token, the physical machine identifier is an MD5 abstract of hardware information of the physical machine, and the hardware information comprises at least one of the following information: CPU information, hard disk information, network card information.
The method for collecting the software behavior information comprises the following steps:
acquiring behavior information sent when software on a physical machine directly runs on the physical machine or indirectly runs through a virtual machine;
the information on the behavior is forwarded on,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
The device for collecting the software behavior information comprises the following components:
the acquisition module is used for acquiring behavior information sent by software on the physical machine when the software runs on the physical machine directly or indirectly through the virtual machine;
a forwarding module for forwarding the behavior information,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
The device for collecting the software behavior information further comprises the following steps:
the first receiving module is used for receiving alarm information used for indicating that the software is illegally copied and used; and/or
The second receiving module is used for receiving an operation instruction for indicating the physical machine to automatically stop running or automatically delete or automatically unload the software used by illegal copy;
and the execution module is used for executing the operation instruction.
According to the technical scheme of the invention, the illegal copy use of the software on the same physical machine and/or the virtual machine with the same hardware information can be found, and the risk of the software being used by piracy is reduced.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the invention and together with the description, serve to explain the principles of the invention. In the drawings, like reference numerals are used to indicate like elements. The drawings in the following description are directed to some, but not all embodiments of the invention. For a person skilled in the art, other figures can be derived from these figures without inventive effort.
Fig. 1 shows, by way of example, a schematic flow chart of a method for preventing illegal copy use of software according to the invention.
Fig. 2 exemplarily shows a schematic block diagram of an apparatus for preventing illegal copy use of software according to the present invention.
Fig. 3 schematically shows a flow chart of a method of collecting software behavior information according to the invention.
Fig. 4 exemplarily shows a schematic block diagram of an apparatus for collecting software behavior information according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
Fig. 1 shows, by way of example, a schematic flow chart of a method for preventing illegal copy use of software according to the invention.
As shown in the solid line box of fig. 1, the method for preventing illegal copy use of software according to the present invention includes:
step S102: acquiring behavior information sent when software on a physical machine directly runs on the physical machine or indirectly runs through a virtual machine;
step S104: when the abnormality is detected in the behavior information, the software is determined to be illegally copied for use,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
For example, the behavior information (i.e., reporting information) may also include the following information:
software name, software version number, physical machine and/or virtual machine information (e.g., physical machine IP or IP list, physical machine identification (i.e., machine identification code) or identification list, virtual machine IP or IP list), anti-replay random numbers (to prevent packet replay attacks), user-operated software logs, and the like.
The above-described behavior information may be transmitted, for example, by asymmetric encrypted HTTP communication. That is, the data content (e.g., the above-described behavior information) of the HTTP transmission can be transmitted encrypted using the public key.
Optionally, as shown in the dashed box of fig. 1, the method for preventing illegal copy use of software according to the present invention further includes:
step S106: sending out alarm information when the software is determined to be illegally copied and used; and/or
Step S108: and when the software is determined to be used by illegal copy, sending an operation instruction for instructing the physical machine to automatically stop running or automatically delete or automatically unload the software used by illegal copy to the physical machine.
The technical scheme can effectively prevent the software from being illegally copied and used.
Optionally, as shown in the dashed box of fig. 1, the method for preventing illegal copy use of software according to the present invention further includes:
step S110: receiving a physical machine identifier;
step S112: sending a license identifier which is required by the installation program of the software and/or the running of the software and is one-to-one bound with the physical machine identifier to the physical machine,
the license identifier comprises token, the physical machine identifier is an MD5 abstract of hardware information of the physical machine, and the hardware information comprises at least one of the following information: CPU information, hard disk information, network card information.
For example, the following method may be used to generate a unique machine identification code (i.e., a physical machine identification):
1. by collecting machine hardware information (CPU information, hard disk information, network card information, etc.), specific string descriptions (which may be specified by the user) are added. The information is processed by the MD5 algorithm (or other digest algorithm) to generate an infohash. This infohash is the unique machine id.
2. The unique machine identification code is obtained by a machine code program.
For example, the unique machine identification code can be bound with license identification (e.g., token), and one physical machine corresponds to one license, so that the identification purpose is achieved.
Optionally, the abnormality includes: the method includes that a static license identifier is illegal (that is, a precondition of software operation is that the static license identifier is legal, and the illegal static license identifier cannot acquire software operation permission), and a plurality of dynamic license identifiers corresponding to the same physical machine exist simultaneously (that is, each machine has a dynamic license identifier in addition to a unique static license identifier when the software is operating, for example, when the software is networked with a service center, the service center issues a dynamic license to the software, and the dynamic license is reissued each time the software is restarted, so the software is called a dynamic license There is an abnormal cumulative operating time period corresponding to the same physical machine (for example, the cumulative operating time period may be chronologically increased or may be decremented by a countdown).
For example, a specific example of the exception information of the multiple dynamic license identifications simultaneously existing corresponding to the same physical machine is as follows:
under normal conditions, the time sequence of dynamic tokens (i.e., a dynamic license) issued on two virtual machines of a machine (i.e., the above behavior information) is:
0. dynamic token1, dynamic token1, dynamic token1,. dynamic token1, 0, dynamic token2,... dynamic token2
Where 0 indicates that there is a virtual machine requesting to run the software, and token1 and token2 respectively indicate the case where the software runs in time on two different virtual machines (i.e., legally runs, and only one virtual machine runs the software for a period of time).
However, when a plurality of different tokens occur after a request (i.e., 0 occurs once), it can be determined that an exception has occurred (i.e., the case where the software is used by illegal copy has occurred), and an example of the exception time series is as follows:
0. dynamic token1, dynamic token2, dynamic token1, dynamic token1, dynamic token2.., dynamic token1, 0, dynamic token2
That is, at this time, whether the software is abnormal is determined by detecting the continuity of the software behavior in time series. That is, it is determined whether the dynamic licenses are consistent or inconsistent, which indicates that there are a plurality of software operating conditions (i.e., abnormal conditions). Since the time-series recording of the dynamic license is discontinuous.
It should be understood that the behavior information may include both static license (id) and dynamic license (id).
1. The static license is issued to the machine together with the software (the static license is registered in the service center).
2. When the software runs, the behavior information including the static license, the dynamic license (0 when the software is started for the first time) and other information can be reported. The service center will look for this static license, whether it exists or not. Presence is legal and absence is illegal.
3. The service center issues a random dynamic license to the running software. Then the running software will contain static license and dynamic license in the regular reporting.
That is, whether the software is legal or not can be directly judged by the validity of the static license. The running state information of the software is identified through the dynamic license, and whether the software is legal or not is indirectly judged according to the state information of the dynamic license.
For example, a specific example of the exception information in which the exception accumulated operation time length corresponding to the same physical machine exists is as follows:
in a normal case where the operation time of one software is incremented (i.e., the above-described cumulative operation time period may be a case of being chronologically incremented), the normal information is as follows:
0 1 2 3 0 1 2 0 1 2 3 4 5 6
however, in an exception case, exception information may occur that includes the following non-incremental software runtime:
0 1 2 4 3 5 4 0
at this time, it indicates that multiple machines (physical machines and/or virtual machines) report the running data of the same software at the same time, that is, the software is illegally copied and used. Therefore, the software running time can be used for judging the illegal condition that multiple machines (physical machines and/or virtual machines) run simultaneously.
That is, at this time, when the software is reported regularly, the running duration of the software (i.e., the accumulated running duration) is reported. Normally, this time period is chronologically increasing. If the increase of the discontinuity is detected, the software can be judged to be discontinuous in the time sequence record (namely, abnormal conditions which are not increased according to the time sequence) in the running time.
For example, the above-described abnormality may include the following specific cases:
1. if the machine code (i.e., physical machine identifier) or token is not found, it is an illegal machine.
2. When registering a machine, a duplicate machine code or token is found.
3. And finding that a plurality of machine codes correspond to different IPs, or a plurality of tokens correspond to different IPs, and the like.
Fig. 2 schematically shows a block diagram of an apparatus 200 for preventing illegal copy use of software according to the present invention.
As shown in the solid line box of fig. 2, the apparatus 200 for preventing illegal copy use of software according to the present invention includes:
a behavior information obtaining module 201, configured to obtain behavior information sent when software on a physical machine runs directly on the physical machine or runs indirectly through a virtual machine;
an illegal use detection module 203 for determining that the software is used by illegal copy when abnormality is detected in the behavior information,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
Optionally, as shown in the dashed line box of fig. 2, the apparatus 200 for preventing the illegal copy use of the software further includes:
an alarm module 205, configured to send an alarm message when it is determined that the software is illegally copied; and/or
The first sending module 207 is configured to send, to the physical machine, an operation instruction for instructing the physical machine to automatically stop running or automatically delete or automatically uninstall the software used in the illegal copy when it is determined that the software is used in the illegal copy.
Optionally, as shown in the dashed line box of fig. 2, the apparatus 200 for preventing the illegal copy use of the software further includes:
a physical machine identifier receiving module 209, configured to receive a physical machine identifier;
a second sending module 211, sending the license identifier, which is required by the installation program of the software and/or the software operation and is one-to-one bound with the physical machine identifier, to the physical machine,
the license identifier comprises token, the physical machine identifier is an MD5 abstract of hardware information of the physical machine, and the hardware information comprises at least one of the following information: CPU information, hard disk information, network card information.
Optionally, the abnormality includes: the static license identifier is illegal, a plurality of dynamic license identifiers corresponding to the same physical machine exist at the same time, and the abnormal accumulated running time corresponding to the same physical machine exists.
For example, the apparatus 200 may be provided on a server (i.e., a data center) in a remote network, and include the following functions:
registration of the machine (physical and/or virtual machine) is performed, e.g., physical machine identification, information of the machine (including information of software to be run, IP, machine code, etc.) may be saved in a database;
performing networking check on the online machine;
identifying different public keys (for example, used in the HTTP communication) by different URLs, and decrypting the public keys by using corresponding private keys;
after the information is acquired, searching a database (for example, a physical machine identifier therein) and confirming whether the machine is legal or not;
returning an operating instruction of normal operation to a legal machine;
sending an alarm to an illegal machine and/or sending a corresponding configuration action to the illegal machine, wherein the configuration actions are divided into two types: the software is stopped from running, and the software self-destruction operation is performed (corresponding to the above steps S106 and S108).
Fig. 3 schematically shows a flow chart of a method of collecting software behavior information according to the invention.
As shown in the solid line box of fig. 3, the method for collecting software behavior information according to the present invention includes:
step S302: acquiring behavior information sent when software on a physical machine directly runs on the physical machine or indirectly runs through a virtual machine;
step S304: the information on the behavior is forwarded on,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
For example, an init () function may be called to perform an initialization operation of the software operation, a start () function may be called to perform a continuous (timed) sending operation of the behavior information, and a stop () function may be called to perform a reclamation operation of the resources after the software normally exits.
Optionally, as shown in a dashed box of fig. 3, the method for collecting software behavior information according to the present invention further includes:
step S306: receiving alarm information for indicating that the software is used by illegal copy; and/or
Step S308: receiving an operation instruction for instructing a physical machine to automatically stop running or automatically delete or automatically unload software used by illegal copy;
step S310: and executing the operation instruction.
Optionally, as shown in a dashed box of fig. 3, the method for collecting software behavior information according to the present invention further includes:
step S312: sending a physical machine identifier;
step S314: receiving license identification which is required by the installation program of the software and/or the software operation and is one-to-one bound with the physical machine identification,
the license identifier comprises token, the physical machine identifier is an MD5 abstract of hardware information of the physical machine, and the hardware information comprises at least one of the following information: CPU information, hard disk information, network card information.
Optionally, the abnormality includes: the static license identifier is illegal, a plurality of dynamic license identifiers corresponding to the same physical machine exist at the same time, and the abnormal accumulated running time corresponding to the same physical machine exists.
Fig. 4 schematically shows a block schematic of an apparatus 400 for collecting software behavior information according to the present invention.
As shown in the solid line box of fig. 4, the apparatus 400 for collecting software behavior information according to the present invention includes:
the acquisition module 401 is configured to acquire behavior information sent when software on a physical machine directly runs on the physical machine or indirectly runs through a virtual machine;
a forwarding module 403 for forwarding the behavior information,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
Optionally, as shown in the dashed box of fig. 4, the apparatus 400 for collecting software behavior information further includes:
a first receiving module 405, configured to receive warning information indicating that the software is illegally copied; and/or
A second receiving module 407, configured to receive an operation instruction for instructing the physical machine to automatically stop running or automatically delete or automatically uninstall the software used by the illegal copy;
and the execution module 409 is used for executing the operation instruction.
Optionally, as shown in the dashed box of fig. 4, the apparatus 400 for collecting software behavior information further includes:
a physical machine identifier sending module 411, configured to send a physical machine identifier;
a third receiving module 413, configured to receive a license identifier that is one-to-one bound to the physical machine identifier and is required by the installation program of the software and/or the software running,
the license identifier comprises token, the physical machine identifier is an MD5 abstract of hardware information of the physical machine, and the hardware information comprises at least one of the following information: CPU information, hard disk information, network card information.
Optionally, the abnormality includes: the static license identifier is illegal, a plurality of dynamic license identifiers corresponding to the same physical machine exist at the same time, and the abnormal accumulated running time corresponding to the same physical machine exists.
Optionally, the apparatus 400 may further comprise an agent module.
For example, the apparatus 400 may transmit an HTTP request to the apparatus 200 provided in the above-described server (i.e., data center) of the remote network through the agent module, and may perform the following specific operations:
1. the agent module uses the HTTP post interface to send data (including the above behavior information) to the devices 200 of the data center.
2. The agent module uses different domain names to access devices 200 in multiple different data centers (i.e., rooms), thereby enabling multi-room efficient access. Other controls are implemented through the url path (e.g., different software, different regions, may be controlled through different url paths).
3. The specific content in the HTTP post (e.g., the above-described behavior information) is encrypted by a public key.
For example, the above specific content may be defined in json format. The specific content may include: the method comprises the steps of software name, software version number, a local IP list, a local unique identification code, current software running time, current communication check random number, check dynamic token (if the first check is carried out, the default is all 0), and user operation software log.
For example, a server (i.e., a data center) in a remote network may send an HTTP response to the agent module in the device 400 through the device 200, and when the software runs on the machine and is linked with the data center, the following specific operations may be performed:
1. checking the dynamic token: if the request data sent by the agent is all 0, randomly generating a dynamic token; and if the request data sent by the agent is not all 0, returning the dynamic token.
2. If no abnormity exists in the behavior information, returning an HTTP response with the number of 200, wherein the HTTP response comprises the following contents: the method comprises the following steps of software name, software version number, local IP list, local unique identification code, random number verification of current communication, dynamic token + action verification and normal.
3. If the behavior information is found to have an abnormality, returning an HTTP response with the number of 200, wherein the HTTP response comprises the following contents: software name, software version number, local IP list, local unique identification code, random number verification of the current communication, dynamic token + action verification and exception verification.
4. Sending a self-destruction instruction, wherein the self-destruction instruction also corresponds to an HTTP response with the number of 200, and the HTTP response comprises the following contents: software name, software version number, local IP list, local unique identification code, random number verification in the communication, dynamic token + action verification, abnormal + self-destruction script (the self-destruction script can be also written and embedded into the library in advance and directly called).
5. And making running software and releasing the running software to the machine.
According to the technical scheme of the invention, the method has the following advantages:
1. by acquiring the software behavior information and performing behavior analysis and behavior mining on the software behavior information, illegal copy and use of software on the same physical machine and/or virtual machine (with the same hardware information) can be found, and the risk of software being used by piracy is reduced.
2. Whether a plurality of software runs can be judged by issuing and detecting the time sequence of the dynamic token change.
3. Whether a plurality of software runs exist can be judged through the time sequence of the software running time.
4. When multiple software runs are detected, an alarm can be sent out, the software runs can be stopped, and/or the software can be deleted.
The above-described aspects may be implemented individually or in various combinations, and such variations are within the scope of the present invention.
It will be understood by those of ordinary skill in the art that all or some of the steps of the methods, systems, functional modules/units in the devices disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed by several physical components in cooperation. Some or all of the components may be implemented as software executed by a processor, such as a digital signal processor or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can accessed by a computer. In addition, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as known to those skilled in the art.
Finally, it should be noted that: the above examples are only for illustrating the technical solutions of the present invention, and are not limited thereto. Although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A method for preventing illegal copy use of software, comprising:
acquiring behavior information sent when software on a physical machine directly runs on the physical machine or indirectly runs through a virtual machine;
determining that the software is illegally copied for use when detecting that there is an abnormality in the behavior information,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
2. The method for preventing illegal copy use of software according to claim 1, further comprising:
sending out alarm information when the software is determined to be illegally copied and used; and/or
And when the software is determined to be used by illegal copy, sending an operation instruction for instructing the physical machine to automatically stop running or automatically delete or automatically unload the software used by illegal copy to the physical machine.
3. The method for preventing illegal copy use of software according to claim 1, further comprising:
receiving a physical machine identifier;
sending a license identifier which is required by an installation program of the software and/or software operation and is one-to-one bound with the physical machine identifier to the physical machine,
wherein the license identifier comprises a token, the physical machine identifier is an MD5 digest of hardware information of the physical machine, and the hardware information comprises at least one of the following information: CPU information, hard disk information, network card information.
4. The method for preventing illegal copy use of software according to claim 1, wherein the abnormality includes: the static license identifier is illegal, a plurality of dynamic license identifiers corresponding to the same physical machine exist at the same time, and the abnormal accumulated running time corresponding to the same physical machine exists.
5. An apparatus for preventing illegal copy use of software, comprising:
the behavior information acquisition module is used for acquiring behavior information sent by software on the physical machine when the software runs on the physical machine directly or indirectly through the virtual machine;
an illegal use detection module for determining that the software is used by illegal copy when detecting that there is an abnormality in the behavior information,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
6. The apparatus for preventing illegal copy use of software according to claim 5, further comprising:
the warning module is used for sending warning information when the software is determined to be illegally copied and used; and/or
And the first sending module is used for sending an operation instruction for instructing the physical machine to automatically stop running or automatically delete or automatically unload the software used by the illegal copy to the physical machine when the software is determined to be used by the illegal copy.
7. The apparatus for preventing illegal copy use of software according to claim 5, further comprising:
the physical machine identifier receiving module is used for receiving a physical machine identifier;
a second sending module, which sends license identification which is required by the installation program of the software and/or the software operation and is one-to-one bound with the physical machine identification to the physical machine,
wherein the license identifier comprises a token, the physical machine identifier is an MD5 digest of hardware information of the physical machine, and the hardware information comprises at least one of the following information: CPU information, hard disk information, network card information.
8. A method for collecting software behavior information, comprising:
acquiring behavior information sent when software on a physical machine directly runs on the physical machine or indirectly runs through a virtual machine;
the behavior information is forwarded on, and the behavior information is forwarded,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
9. An apparatus for collecting software behavior information, comprising:
the acquisition module is used for acquiring behavior information sent by software on the physical machine when the software runs on the physical machine directly or indirectly through the virtual machine;
a forwarding module for forwarding the behavior information,
wherein the behavior information comprises at least one of: license identification continuously sent by software running and accumulated running time continuously sent by the software running.
10. The apparatus for collecting software behavior information as recited in claim 9, further comprising:
the first receiving module is used for receiving alarm information used for indicating that the software is illegally copied and used; and/or
The second receiving module is used for receiving an operation instruction for indicating the physical machine to automatically stop running or automatically delete or automatically unload the software used by illegal copy;
and the execution module is used for executing the operation instruction.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811427803.XA CN111222101B (en) | 2018-11-27 | 2018-11-27 | Method and device for preventing software from being illegally copied and used and method and device for collecting software behavior information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811427803.XA CN111222101B (en) | 2018-11-27 | 2018-11-27 | Method and device for preventing software from being illegally copied and used and method and device for collecting software behavior information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111222101A true CN111222101A (en) | 2020-06-02 |
| CN111222101B CN111222101B (en) | 2022-06-03 |
Family
ID=70828845
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811427803.XA Active CN111222101B (en) | 2018-11-27 | 2018-11-27 | Method and device for preventing software from being illegally copied and used and method and device for collecting software behavior information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111222101B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101447009A (en) * | 2008-12-29 | 2009-06-03 | 北京飞天诚信科技有限公司 | Method, device and system for installing software |
| US20100205303A1 (en) * | 2009-02-10 | 2010-08-12 | Pradeep Kumar Chaturvedi | Virtual machine software license management |
| US20140059671A1 (en) * | 2012-08-21 | 2014-02-27 | International Business Machines Corporation | Device identification for externalizing password from device coupled with user control of external password service |
| CN103885830A (en) * | 2014-04-16 | 2014-06-25 | 中国科学院软件研究所 | Data processing method used in cross-data-center live migration process of virtual machine |
| CN103902878A (en) * | 2012-12-28 | 2014-07-02 | 杭州华三通信技术有限公司 | License authentication method and device under virtual environment |
| WO2015031861A1 (en) * | 2013-08-30 | 2015-03-05 | U-Me Holdings LLC | Making a user's data, settings, and licensed content available in the cloud |
| CN106559259A (en) * | 2016-10-31 | 2017-04-05 | 海尔优家智能科技(北京)有限公司 | Unit exception behavior alarm method and device and platform information querying method and device |
| CN107329803A (en) * | 2017-07-07 | 2017-11-07 | 北京金山安全管理系统技术有限公司 | Virtual machine management method and device |
| CN108092984A (en) * | 2017-12-25 | 2018-05-29 | 新华三技术有限公司 | A kind of authorization method of applications client, device and equipment |
| CN108229108A (en) * | 2017-08-31 | 2018-06-29 | 海信电子科技(深圳)有限公司 | A kind of method and device for preventing from illegally copying software |
-
2018
- 2018-11-27 CN CN201811427803.XA patent/CN111222101B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101447009A (en) * | 2008-12-29 | 2009-06-03 | 北京飞天诚信科技有限公司 | Method, device and system for installing software |
| US20100205303A1 (en) * | 2009-02-10 | 2010-08-12 | Pradeep Kumar Chaturvedi | Virtual machine software license management |
| US20140059671A1 (en) * | 2012-08-21 | 2014-02-27 | International Business Machines Corporation | Device identification for externalizing password from device coupled with user control of external password service |
| CN103902878A (en) * | 2012-12-28 | 2014-07-02 | 杭州华三通信技术有限公司 | License authentication method and device under virtual environment |
| WO2015031861A1 (en) * | 2013-08-30 | 2015-03-05 | U-Me Holdings LLC | Making a user's data, settings, and licensed content available in the cloud |
| CN103885830A (en) * | 2014-04-16 | 2014-06-25 | 中国科学院软件研究所 | Data processing method used in cross-data-center live migration process of virtual machine |
| CN106559259A (en) * | 2016-10-31 | 2017-04-05 | 海尔优家智能科技(北京)有限公司 | Unit exception behavior alarm method and device and platform information querying method and device |
| CN107329803A (en) * | 2017-07-07 | 2017-11-07 | 北京金山安全管理系统技术有限公司 | Virtual machine management method and device |
| CN108229108A (en) * | 2017-08-31 | 2018-06-29 | 海信电子科技(深圳)有限公司 | A kind of method and device for preventing from illegally copying software |
| CN108092984A (en) * | 2017-12-25 | 2018-05-29 | 新华三技术有限公司 | A kind of authorization method of applications client, device and equipment |
Non-Patent Citations (2)
| Title |
|---|
| 鹿玲杰: "软件加密的一种实现方法", 《微型电脑应用》 * |
| 鹿玲杰: "软件加密的一种实现方法", 《微型电脑应用》, 31 January 1998 (1998-01-31) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111222101B (en) | 2022-06-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8769296B2 (en) | Software signature tracking | |
| JP5430747B2 (en) | Network contents tampering prevention equipment, method and system | |
| CN111490981B (en) | Access management method and device, bastion machine and readable storage medium | |
| US8726374B2 (en) | Tampering monitoring system, control device, and tampering control method | |
| CN111800405A (en) | Detection method, detection device and storage medium | |
| EP3563548B1 (en) | Historic data breach detection | |
| CN108881132B (en) | Application authorization method, client, server and computer readable medium | |
| CN111324517B (en) | Application service supervision method, supervision server and storage medium | |
| WO2013039527A1 (en) | Security mechanism for developmental operating systems | |
| CN108256351B (en) | File processing method and device, storage medium and terminal | |
| CN113127873A (en) | Credible measurement system of fortress machine and electronic equipment | |
| CN111222101B (en) | Method and device for preventing software from being illegally copied and used and method and device for collecting software behavior information | |
| CN108989298B (en) | Equipment safety monitoring method and device and computer readable storage medium | |
| CN111628987B (en) | Authentication method, device, system, electronic equipment and computer readable storage medium | |
| CN110677483B (en) | Information processing system and trusted security management system | |
| CN112650557B (en) | Command execution method and device | |
| CN113596600A (en) | Security management method, device, equipment and storage medium for live broadcast embedded program | |
| CN110597557B (en) | System information acquisition method, terminal and medium | |
| CN111858114B (en) | Device starting exception handling and device starting control method, device and system | |
| KR20150133038A (en) | Method and apparatus for detecting illegally copied application | |
| CN114513314B (en) | Digital certificate detection method and device, electronic equipment and storage medium | |
| CN115134143B (en) | Global Internet of things equipment authentication method, device and storage medium | |
| KR101655434B1 (en) | System and method for monitoring mobile download in web hard | |
| WO2018122051A1 (en) | Attack signature generation | |
| JP2005157904A (en) | Device and method for monitoring unauthorized use of program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |