CN111343204A - Control command obfuscation method, apparatus and computer-readable storage medium - Google Patents
Control command obfuscation method, apparatus and computer-readable storage medium Download PDFInfo
- Publication number
- CN111343204A CN111343204A CN202010420396.0A CN202010420396A CN111343204A CN 111343204 A CN111343204 A CN 111343204A CN 202010420396 A CN202010420396 A CN 202010420396A CN 111343204 A CN111343204 A CN 111343204A
- Authority
- CN
- China
- Prior art keywords
- command
- control command
- translation model
- data
- confusion
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Artificial Intelligence (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Medical Informatics (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Power Engineering (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a control command confusion method, a control command confusion device and a computer readable storage medium, wherein the control command confusion method comprises the following steps: receiving first data; acquiring and storing a command translation model according to the received first data, wherein the command translation model is constructed through a neural network; receiving second data and determining an obfuscation command in the received second data; and analyzing the confusion command according to the command translation model to obtain a control command corresponding to the confusion command. The invention provides a control command obfuscation method, a control command obfuscation device and a computer readable storage medium, wherein an obfuscation command is analyzed by a model built by a neural network to obtain an original control command, the analysis process is invisible, and the problem of safety caused by control command leakage caused by the fact that a third party obtains a secret key by monitoring a decryption process and obtains the control command transmitted between a server and a host through the secret key in the existing network communication is solved.
Description
Technical Field
The present invention relates to the field of computer network security, and in particular, to a method and an apparatus for obfuscating control commands, and a computer-readable storage medium.
Background
In network communication, when a server distributes a control command to a terminal device, the control command is often protected in some form in order to protect the control command from being acquired by a third party, the conventional protection mode is encryption by a secret key, the third party can monitor a program to know what decryption method is called when the third party decrypts the control command, the secret key is acquired by the decryption method, and the control command is further acquired by the secret key, so that the control command is leaked, and a safety problem is caused.
The above is only for the purpose of assisting understanding of the technical aspects of the present invention, and does not represent an admission that the above is prior art.
Disclosure of Invention
The invention provides a control command confusion method, a control command confusion device and a computer readable storage medium, and aims to solve the problem that in the prior art, a control command is easy to leak, so that potential safety hazards are caused.
In order to achieve the above object, the present invention provides a control command obfuscating method, which is applied to a terminal device, and includes: receiving first data; acquiring and storing a command translation model according to the received first data, wherein the command translation model is constructed through a neural network; receiving second data and determining an obfuscation command in the received second data; and analyzing the confusion command according to the command translation model to obtain a control command corresponding to the confusion command.
Optionally, the step of obtaining and storing a command translation model according to the received first data includes: acquiring the command translation model and verification information in the first data; verifying the command translation model according to the verification information; and if the verification is successful, saving the command translation model.
Optionally, after the step of verifying the command translation model according to the verification information, the method further includes: and if the verification fails, sending first abnormal information to the server.
Optionally, after the step of determining the obfuscation command in the received second data, the method includes: retrieving the command translation model according to command identification information in the second data; and when the command translation model matched with the command identification information is retrieved, the step of analyzing the confusion command according to the command translation model is executed.
Optionally, after the step of retrieving the command translation model according to the command identification information in the second data, the control command obfuscation method further includes: and if the command translation model corresponding to the confusion command is not retrieved, sending second abnormal information to a server.
Optionally, the step of analyzing the obfuscated command according to the command translation model to obtain a control command corresponding to the obfuscated command further includes: receiving comparison information, wherein the comparison information comprises the control command matched with the received confusion command; according to the comparison information, determining the analysis accuracy of the command translation model when analyzing the confusion command, and determining analysis state data according to the analysis accuracy; and sending the analysis state data to a server so that the server can update the command translation model according to the analysis state data.
In order to achieve the above object, the present invention provides a control command obfuscating method, which is applied to a server, and includes: acquiring a training data set comprising a control command and an obfuscating command corresponding to the control command; training a preset training model constructed by adopting a neural network according to the training data set to obtain a command translation model; generating first data according to the command translation model; and sending the first data to terminal equipment.
Optionally, the step of generating first data according to the command translation model includes: acquiring verification information corresponding to the command translation model; and generating the first data according to the command translation model and the verification information.
Optionally, after the step of sending the first data to the terminal device, the method further includes: receiving analysis state data sent by the terminal equipment, wherein the analysis state data comprises analysis accuracy; and if the analysis accuracy is smaller than a preset accuracy threshold, repeatedly executing the step of obtaining the training data set comprising the control command and the confusion command corresponding to the control command.
In order to achieve the above object, the present invention provides a control command obfuscating device, which includes a processor, a memory, and a control command obfuscating program stored in the memory and executable on the processor, and when executed by the processor, the control command obfuscating program implements the steps of the control command obfuscating method according to any one of the above embodiments.
To achieve the above object, the present invention provides a computer-readable storage medium, on which a control command obfuscating method is stored, and when executed by a processor, the method implements the steps of the control command obfuscating method according to any one of the above embodiments.
The invention provides a control command confusion method, a control command confusion device and a computer readable storage medium, wherein the original control command is obtained by analyzing the confusion command by a command translation model constructed by a neural network, and because the specific method adopted by the analysis of the model is difficult to deduce and obtain when the model analyzes the confusion command, a third party cannot obtain the analysis method by monitoring the analysis process, the control command is difficult to obtain by the analysis method, and the safety of the control command in network transmission is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the structures shown in the drawings without creative efforts.
Fig. 1 is a schematic terminal structure diagram of a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart of example 1 of the present invention.
FIG. 3 is a schematic flow chart of embodiment 2 of the present invention.
FIG. 4 is a schematic flow chart of embodiment 3 of the present invention.
FIG. 5 is a schematic flow chart of embodiment 4 of the present invention.
FIG. 6 is a schematic flow chart of embodiment 5 of the present invention.
FIG. 7 is a flowchart of example 6 of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that all the directional indicators (such as up, down, left, right, front, and rear … …) in the embodiment of the present invention are only used to explain the relative position relationship between the components, the movement situation, etc. in a specific posture (as shown in the drawing), and if the specific posture is changed, the directional indicator is changed accordingly.
In addition, the descriptions related to "first", "second", etc. in the present invention are only for descriptive purposes and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present invention, "a plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.
In the present invention, unless otherwise expressly stated or limited, the terms "connected," "secured," and the like are to be construed broadly, and for example, "secured" may be a fixed connection, a removable connection, or an integral part; can be mechanically or electrically connected; they may be directly connected or indirectly connected through intervening media, or they may be connected internally or in any other suitable relationship, unless expressly stated otherwise. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
In addition, the technical solutions in the embodiments of the present invention may be combined with each other, but it must be based on the realization of those skilled in the art, and when the technical solutions are contradictory or cannot be realized, such a combination of technical solutions should not be considered to exist, and is not within the protection scope of the present invention.
The terminal of the embodiment of the invention can be a PC, and can also be a mobile terminal device with a display function, such as a smart phone, a tablet computer, an electronic book reader, an MP3 (Moving Picture Experts Group Audio Layer III, dynamic video Experts compress standard Audio Layer 3) player, an MP4 (Moving Picture Experts Group Audio Layer IV, dynamic video Experts compress standard Audio Layer 3) player, a portable computer, and the like.
As shown in fig. 1, the terminal may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a non-volatile memory (e.g., a magnetic disk memory). The memory 1005 may alternatively be a storage device separate from the processor 1001.
Optionally, the terminal may further include a camera, a Radio Frequency (RF) circuit, a sensor, an audio circuit, a WiFi module, and the like. Such as light sensors, motion sensors, and other sensors. Specifically, the light sensor may include an ambient light sensor that may adjust the brightness of the display screen according to the brightness of ambient light, and a proximity sensor that may turn off the display screen and/or the backlight when the mobile terminal is moved to the ear. As one of the motion sensors, the gravity acceleration sensor can detect the magnitude of acceleration in each direction (generally, three axes), detect the magnitude and direction of gravity when the mobile terminal is stationary, and can be used for applications (such as horizontal and vertical screen switching, related games, magnetometer attitude calibration), vibration recognition related functions (such as pedometer and tapping) and the like for recognizing the attitude of the mobile terminal; of course, the mobile terminal may also be configured with other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which are not described herein again.
Those skilled in the art will appreciate that the terminal structure shown in fig. 1 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
As shown in fig. 1, the memory 1005, which is a kind of computer storage medium, may include therein an operating system, a network communication module, a user interface module, and an application program.
In the terminal shown in fig. 1, the network interface 1004 is mainly used for connecting to a backend server and performing data communication with the backend server; the user interface 1003 is mainly used for connecting a client (user side) and performing data communication with the client; and the processor 1001 may be configured to invoke an application stored in the memory 1005 and perform the following operations:
receiving first data;
acquiring and storing a command translation model according to the received first data, wherein the command translation model is constructed through a neural network;
receiving second data and determining an obfuscation command in the received second data;
and analyzing the confusion command according to the command translation model to obtain a control command corresponding to the confusion command.
Further, the processor 1001 may call an application program stored in the memory 1005, and also perform the following operations:
acquiring the command translation model and verification information in the first data;
verifying the command translation model according to the verification information;
and if the verification is successful, saving the command translation model.
Further, the processor 1001 may call an application program stored in the memory 1005, and also perform the following operations:
and if the verification fails, sending first abnormal information to the server.
Further, the processor 1001 may call an application program stored in the memory 1005, and also perform the following operations:
retrieving the command translation model according to command identification information in the second data;
when the command translation model matched with the command identification information is retrieved, the step of analyzing the confusion command according to the command translation model is executed.
Further, the processor 1001 may call an application program stored in the memory 1005, and also perform the following operations:
and if the command translation model corresponding to the confusion command is not retrieved, sending second abnormal information to a server.
Further, the processor 1001 may call an application program stored in the memory 1005, and also perform the following operations:
receiving comparison information, wherein the comparison information comprises the control command matched with the received confusion command;
according to the comparison information, determining the analysis accuracy of the command translation model when analyzing the confusion command, and determining analysis state data according to the analysis accuracy;
and sending the analysis state data to a server so that the server can update the command translation model according to the analysis state data.
As shown in fig. 1, the memory 1005, which is a kind of computer storage medium, may include therein an operating system, a network communication module, a user interface module, and an application program.
In the terminal shown in fig. 1, the network interface 1004 is mainly used for connecting to a backend server and performing data communication with the backend server; the user interface 1003 is mainly used for connecting a client (user side) and performing data communication with the client; and the processor 1001 may be configured to invoke an application stored in the memory 1005 and perform the following operations:
acquiring a training data set comprising a control command and an obfuscating command corresponding to the control command;
training a preset training model constructed by adopting a neural network according to the training data set to obtain a command translation model;
generating first data according to the command translation model;
and sending the first data to terminal equipment.
Further, the processor 1001 may call an application program stored in the memory 1005, and also perform the following operations:
acquiring verification information corresponding to the command translation model;
and generating the first data according to the command translation model and the verification information.
Further, the processor 1001 may call an application program stored in the memory 1005, and also perform the following operations:
receiving analysis state data sent by the terminal equipment, wherein the analysis state data comprises analysis accuracy;
and if the analysis accuracy is smaller than a preset accuracy threshold, repeatedly executing the step of obtaining the training data set comprising the control command and the confusion command corresponding to the control command.
The invention provides a control command confusion method, a control command confusion device and a computer readable storage medium.
Example 1
Referring to fig. 2, an embodiment 1 of the present invention provides a control command obfuscating method, where the control command obfuscating method is applied to a terminal device, and the control command obfuscating method includes:
s100, receiving first data;
wherein the first data is data received from a network host, the network host being an electronic computer or other device connected to a computer network. Specifically, the network host is a server, and the server runs its built-in computer software to provide services, such as sending data to other terminal devices.
S200, acquiring and storing a command translation model according to the received first data, wherein the command translation model is constructed through a neural network;
the received first data comprises a command translation model, the command translation model is a machine learning model constructed through a neural network, the neural network is an artificial neural network for short, the neural network is applied to the fields of machine learning and cognitive science, and is a mathematical model or a calculation model simulating the structure and the function of a biological neural network, the modern neural network is a nonlinear statistical data modeling tool, the neural network is provided with a group of weights capable of being adjusted and a nonlinear function relation capable of estimating input data, in addition, the machine learning algorithm is a type of algorithm which automatically analyzes and obtains rules from the data and predicts the data by using the rules, and the internal analysis process of the command translation model constructed through the neural network is invisible when the data is predicted.
S300, receiving second data and determining an obfuscating command in the received second data;
wherein the second data is data received from a network host, the second data includes an obfuscating command, the obfuscating command is a command corresponding to the control command to obfuscate contents of the control command, and the control command is a computer-executable program code.
In some alternative embodiments, the specific form of the confusion command is not limited, and it may be any form of character string, audio, picture, video, or other data format capable of being trained by the machine learning model.
Specifically, the data form of the confusion command includes audio, image and video, wherein the audio refers to sound wave information recorded on a medium and processed by a computer, the sound wave information needs to be converted into digital form before being processed by the computer, the image is a substance reproduced by human vision perception, the image in the invention refers to a digital image, the digital image refers to an image stored in digital form and processed by the computer, and the video refers to a group of data formed by a series of digital images.
And S400, analyzing the confusion command according to the command translation model to obtain a control command corresponding to the confusion command.
The control command corresponding to the obfuscated command can be obtained by analyzing the obfuscated command by the command translation model, and the analyzing process can also be regarded as predicting the obfuscated command by the command translation model to determine the control command corresponding to the obfuscated command.
In some alternative embodiments, the confusion command is a character string, for example, the confusion command is "Call Home", the control command is "ping 192.168.1.1" obtained by parsing through the command translation model, the confusion command may also be a picture, for example, the confusion command is picture 1, the confusion command is "reboot" obtained by parsing through the command translation model, the relationship between the confusion command and the control command may be regarded as a mapping relationship, and the relationship is opaque, i.e., difficult to infer and obtain.
The invention provides a control command confusion method, which is characterized in that the contents of a control command are confused by a command translation model constructed by a neural network, so that a confusion command irrelevant to the original control command is obtained, the contents of the control command cannot be obtained by the confusion command even after the confusion command is obtained by a third party, the effect of confusing the control command is achieved, the control command is difficult to obtain by the third party, and the safety in transmitting the control command in a computer network is improved.
Example 2
Referring to fig. 3, the step S200 includes:
s210, acquiring the command translation model and verification information in the first data;
the first data comprises a command translation model and verification information, the verification information can be used for verifying the identity of a sender of the command translation model, the integrity and the authenticity of the command translation model, the verification information comprises a digital signature, the digital signature is a method for identifying the digital information by using a public key encryption technology, the digital signature is an electronic signature formed by encrypting the command translation model through a mathematical algorithm or other modes, the verification information also comprises a digital certificate, the digital certificate is an electronic file for public key infrastructure, and the electronic file comprises public key information, owner identity information and a digital signature of the electronic file by a digital certificate certification authority so as to ensure that the whole content of the electronic file is correct.
S220, verifying the command translation model according to the verification information;
specifically, the verification information comprises a digital signature, the digital signature in the verification information is obtained, the digital signature is decrypted through a public key, a digital abstract of the digital signature is obtained, a text abstract of a command translation model is calculated through a Hash algorithm, the digital abstract is compared with the text abstract, and if the digital abstract is the same as the text abstract, verification is successful.
In some optional embodiments, the public key used in the digital signature is further verified to verify the validity of the digital signature, and the verification method includes obtaining the public key of the digital certificate through a certification authority, decrypting the digital signature in the digital certificate through the public key, calculating a hash value of the digital signature, comparing the hash value of the digital signature with the hash value of the public key, and if the two hash values are the same, indicating that the public key used in the digital signature is successfully verified.
S230, if the verification is successful, saving the command translation model;
specifically, after the verification is successful, the command translation model is stored in the terminal device, so that the terminal device can analyze the confusion command according to the command translation model.
S240, if the verification fails, first abnormal information is sent to the server.
Specifically, when the command translation model is verified through the verification information, if a digital digest of the digital signature is different from a text digest, the verification fails, and it can be understood that when the digital signature is verified through the digital certificate, if a hash value of the digital signature is different from a hash value of the public key, the verification fails, after the verification fails, first abnormal information is sent to the server, the server refers to the network host sending the command translation model, the first abnormal information includes log records of the verification digital signature, including system information, verification information, command translation model information and records of a verification process when the verification fails, and the first abnormal information is used for enabling the server to confirm a reason of the verification failure according to the first abnormal information and further change the command translation model or the verification information according to the reason of the verification failure.
The invention verifies the command translation model through the verification information to confirm the identity, integrity and correctness of the sender, improves the safety of the command translation model in the transmission process, and further obtains the control command by analyzing the confusion command through the command translation model, so that a third party cannot identify the control command through the confusion command or monitor the analysis process to obtain the method for analyzing the control command, thereby improving the safety of the control command in network transmission.
Example 3
Referring to fig. 4, the step S300 further includes:
s310, retrieving the command translation model according to the command identification information in the second data;
the second data comprises an obfuscated command and command identification information, the command identification information comprises a corresponding relation between the obfuscated command and a command translation model, and the command translation model corresponding to the obfuscated command is selected through the command identification information, and the command translation model capable of analyzing the obfuscated command can be determined according to the command identification information.
In an alternative embodiment, the control commands may be classified according to their execution purpose, for example, if the execution purpose of a certain type of control commands is to detect network connectivity, then such control commands may be classified into the same class, the obfuscated commands corresponding to such control commands are classified into the same class, and the association information between the obfuscated commands corresponding to such control commands and the command translation model is established, and the association information is used as the command identification information of the obfuscated commands.
S320, when the command translation model matched with the command identification information is searched, the step of analyzing the confusion command according to the command translation model is executed.
Specifically, after receiving the obfuscated command and the command identification information, the terminal device retrieves a command translation model matched with the command identification information, and when retrieving a corresponding command translation model, analyzes the obfuscated command through the command translation model.
S330, if the command translation model corresponding to the confusion command is not retrieved, second abnormal information is sent to the server.
Specifically, the second abnormal information includes an abnormal log record, the abnormal log record refers to a retrieval process when an abnormality occurs, and if a command translation model corresponding to the confusion command is not retrieved, the retrieved second abnormal information is sent to the server, so that the server can judge the cause of the abnormality according to the second abnormal information and further process the abnormality.
According to the invention, the command translation models corresponding to the confusion commands are retrieved, so that the terminal equipment can select different command translation models to analyze the confusion commands according to the different confusion commands, the efficiency of the analysis process is improved, meanwhile, a third party is difficult to acquire the control commands from the analysis process, the safety of the control commands in network transmission is improved, and the efficiency of acquiring the control commands from the confusion commands is improved.
Example 4
Referring to fig. 5, the step S400 further includes:
s500, receiving comparison information, wherein the comparison information comprises the control command matched with the received confusion command;
the method comprises the steps of receiving comparison information from a certain server, wherein the comparison information comprises a control command matched with an obfuscation command.
S600, according to the comparison information, determining the analysis accuracy of the command translation model in analyzing the confusion command, and determining analysis state data according to the analysis accuracy;
according to the control command matched with the confusion command in the comparison information, the terminal equipment judges the control command corresponding to the analyzed confusion command according to the comparison information, and determines the matching proportion of the control command corresponding to the analyzed confusion command and the control command in the comparison information, wherein the matching proportion is the analysis accuracy. Specifically, the analysis state data includes an analysis accuracy, and the analysis state data is related information for analyzing the confusion command by the command translation model.
S700, sending the analysis state data to a server so that the server can update the command translation model according to the analysis state data.
And sending the analysis state data to a server where the command translation model is located, so that the server optimizes the command translation model according to the analysis accuracy.
According to the invention, by calculating the analysis accuracy of the command translation model in the analysis process, the command translation model can update itself according to the analysis accuracy, so that the analysis accuracy of the command translation model is improved, the effect of analyzing the control command through the confusion command is better, meanwhile, a third party is difficult to obtain the control command from the analysis process, and the safety of the control command in network transmission is improved.
Example 5
Referring to fig. 6, an embodiment 5 of the present invention provides a control command obfuscating method applied to a server, where the control command obfuscating method includes:
s10, acquiring a training data set comprising a control command and an obfuscating command corresponding to the control command;
specifically, the training data set is data used for training a model constructed by the neural network, the training data set includes a control command and a confusion command, the control command is a program executable by a computer, the confusion command is any data capable of training the model constructed by the neural network after being preprocessed, the preprocessing is used for converting the confusion command in any form into a data form capable of being trained by the preset training model, after the preprocessing is completed, the training data set is established through the preprocessed data, for example, if the confusion command is data in a character string form, the confusion command in the character string form can be encoded through One-Hot Encoding during preprocessing, the character string is vectorized, and the vectorized data can train the model constructed by the neural network.
S20, training a preset training model constructed by a neural network according to the training data set to obtain a command translation model;
the command translation model is obtained by training a preset training model through a training data set, the preset training model refers to an initial model, and the preset training model is constructed by adopting a neural network.
S30, generating first data according to the command translation model;
wherein the first data comprising the command translation model is generated according to the command translation model.
And S40, sending the first data to the terminal equipment.
The terminal device refers to a network host which needs to analyze the confusion command according to the command translation model.
According to the invention, a certain opaque mapping relation between the control command and the confusion command is established through the command translation model, and the opaque characteristic is shown in that a third party cannot deduce the control command through the confusion command or cannot deduce the internal implementation process of the command translation model, so that the third party cannot obtain the control command easily, and the safety of the control command in network transmission is improved.
Example 6
Referring to fig. 7, in embodiment 5, the step S30 includes:
s31, acquiring verification information corresponding to the command translation model;
the verification information comprises a digital signature and a digital certificate, the digest of the command translation model is obtained through a digest algorithm, the digest is encrypted through a private key to generate a digital signature corresponding to the command translation model, a public key of the digital signature is authenticated, and the digital certificate of the digital signature is generated.
S32, generating the first data according to the command translation model and the verification information.
The first data is generated by using the command translation model and the verification information of the command translation model as a part of the first data.
S33, receiving analysis state data sent by the terminal equipment, wherein the analysis state data comprises analysis accuracy;
and S34, if the analysis accuracy is smaller than a preset accuracy threshold, repeatedly executing the step of obtaining the training data set comprising the control command and the confusion command corresponding to the control command.
Specifically, the preset accuracy threshold is the accuracy of the preset command translation model for analyzing the confusion command, when the analysis accuracy is smaller than the preset accuracy, the analysis accuracy of the command translation model is lower than the standard, at the moment, the training data set is changed again, and the command translation model is trained again, so that the command translation model is optimized to achieve higher analysis accuracy.
According to the invention, the safety of the command translation model in the transmission process is improved by generating the verification information of the command translation model, the command translation model is updated in time by judging whether the accuracy of the command translation model in the actual analysis process is lower than the standard, and the analysis accuracy of the command translation model is improved, so that the efficiency of acquiring the control command is improved, and the safety of the control command in the network transmission process is further improved.
In order to achieve the above object, the present application provides a control command obfuscator device, which includes a processor, a memory, and a control command obfuscator program stored on the memory and executable on the processor, and when executed by the processor, the control command obfuscator program implements the steps of the control command obfuscating method according to any one of the above embodiments.
To achieve the above object, the present application proposes a computer-readable storage medium having a control command obfuscation method stored thereon, which when executed by a processor implements the steps of the control command obfuscation method according to any one of the above embodiments.
In some alternative embodiments, the processor may be a Central Processing Unit (CPU), other general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, a discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The storage may be an internal storage unit of the device, such as a hard disk or a memory of the device. The memory may also be an external storage device of the device, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), etc. provided on the device. Further, the memory may also include both internal and external storage units of the device. The memory is used for storing the computer program and other programs and data required by the device. The memory may also be used to temporarily store data that has been output or is to be output.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention, and all modifications and equivalents of the present invention, which are made by the contents of the present specification and the accompanying drawings, or directly/indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (12)
1. A control command obfuscation method applied to a terminal device, the control command obfuscation method comprising:
receiving first data;
acquiring and storing a command translation model according to the received first data, wherein the command translation model is constructed through a neural network;
receiving second data and determining an obfuscation command in the received second data;
and analyzing the confusion command according to the command translation model to obtain a control command corresponding to the confusion command.
2. A control command obfuscation method as in claim 1, wherein the step of obtaining and saving a command translation model based on the received first data comprises:
acquiring the command translation model and verification information in the first data;
verifying the command translation model according to the verification information;
and if the verification is successful, saving the command translation model.
3. A control command obfuscation method as claimed in claim 2, wherein the step of validating the command translation model according to the validation information is followed by further comprising:
and if the verification fails, sending first abnormal information to the server.
4. A control command obfuscation method as in claim 1, wherein the step of determining an obfuscation command in the received second data is followed by further comprising:
retrieving the command translation model according to command identification information in the second data;
and when the command translation model matched with the command identification information is retrieved, the step of analyzing the confusion command according to the command translation model is executed.
5. The control command obfuscation method of claim 4, wherein after the step of retrieving the command translation model based on command identification information in the second data, the control command obfuscation method further comprises:
and if the command translation model corresponding to the confusion command is not retrieved, sending second abnormal information to a server.
6. The method for obfuscating control commands according to claim 1, wherein the step of parsing the obfuscated command according to the command translation model to obtain the control command corresponding to the obfuscated command further includes:
receiving comparison information, wherein the comparison information comprises the control command matched with the received confusion command;
according to the comparison information, determining the analysis accuracy of the command translation model when analyzing the confusion command, and determining analysis state data according to the analysis accuracy;
and sending the analysis state data to a server so that the server can update the command translation model according to the analysis state data.
7. A control command obfuscation method applied to a server, the control command obfuscation method comprising:
acquiring a training data set comprising a control command and an obfuscating command corresponding to the control command;
training a preset training model constructed by adopting a neural network according to the training data set to obtain a command translation model;
generating first data according to the command translation model;
and sending the first data to terminal equipment.
8. A control command obfuscation method as claimed in claim 7, wherein the step of generating first data according to the command translation model comprises:
acquiring verification information corresponding to the command translation model;
and generating the first data according to the command translation model and the verification information.
9. A control command obfuscation method as claimed in claim 7, wherein the step of sending the first data to a terminal device is followed by further comprising:
receiving analysis state data sent by the terminal equipment, wherein the analysis state data comprises analysis accuracy;
and if the analysis accuracy is smaller than a preset accuracy threshold, repeatedly executing the step of obtaining the training data set comprising the control command and the confusion command corresponding to the control command.
10. A control command obfuscation method as claimed in any one of claims 1 to 9, wherein the data form of the obfuscation command includes audio, image and video.
11. A control command obfuscator comprising a processor, a memory, and a control command obfuscator program stored on the memory and executable on the processor, the control command obfuscator program when executed by the processor implementing the steps of the control command obfuscation method as claimed in any one of claims 1-10.
12. A computer-readable storage medium having stored thereon a control command obfuscation method that, when executed by a processor, implements the steps of the control command obfuscation method as recited in any one of claims 1-10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010420396.0A CN111343204B (en) | 2020-05-18 | 2020-05-18 | Control command obfuscation method, apparatus and computer-readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010420396.0A CN111343204B (en) | 2020-05-18 | 2020-05-18 | Control command obfuscation method, apparatus and computer-readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111343204A true CN111343204A (en) | 2020-06-26 |
| CN111343204B CN111343204B (en) | 2021-06-08 |
Family
ID=71187570
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010420396.0A Active CN111343204B (en) | 2020-05-18 | 2020-05-18 | Control command obfuscation method, apparatus and computer-readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111343204B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113741973A (en) * | 2021-08-25 | 2021-12-03 | 杭州安恒信息技术股份有限公司 | Command identification method, system, computer and readable storage medium |
| CN113778521A (en) * | 2021-09-10 | 2021-12-10 | 广东电网有限责任公司 | Power grid demand instruction processing method, electronic device and storage medium |
| US11675928B2 (en) | 2018-01-05 | 2023-06-13 | Samsung Electronics Co., Ltd. | Electronic device for obfuscating and decoding data and method for controlling same |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302414A (en) * | 2016-08-04 | 2017-01-04 | 北京百度网讯科技有限公司 | The anti-grasping means of web site contents and device |
| CN107133502A (en) * | 2017-04-14 | 2017-09-05 | 北京洋浦伟业科技发展有限公司 | A kind of processing method and processing device of application program |
| CN108227565A (en) * | 2017-12-12 | 2018-06-29 | 深圳和而泰数据资源与云技术有限公司 | A kind of information processing method, terminal and computer-readable medium |
| US10185713B1 (en) * | 2015-09-28 | 2019-01-22 | Amazon Technologies, Inc. | Optimized statistical machine translation system with rapid adaptation capability |
| CN109492355A (en) * | 2018-11-07 | 2019-03-19 | 中国科学院信息工程研究所 | A kind of software analysis resistant method and system based on deep learning |
| CN110933104A (en) * | 2019-12-11 | 2020-03-27 | 成都卫士通信息产业股份有限公司 | Malicious command detection method, device, equipment and medium |
| CN111065088A (en) * | 2019-10-18 | 2020-04-24 | 宇龙计算机通信科技(深圳)有限公司 | Position acquisition method and device, storage medium and electronic equipment |
-
2020
- 2020-05-18 CN CN202010420396.0A patent/CN111343204B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10185713B1 (en) * | 2015-09-28 | 2019-01-22 | Amazon Technologies, Inc. | Optimized statistical machine translation system with rapid adaptation capability |
| CN106302414A (en) * | 2016-08-04 | 2017-01-04 | 北京百度网讯科技有限公司 | The anti-grasping means of web site contents and device |
| CN107133502A (en) * | 2017-04-14 | 2017-09-05 | 北京洋浦伟业科技发展有限公司 | A kind of processing method and processing device of application program |
| CN108227565A (en) * | 2017-12-12 | 2018-06-29 | 深圳和而泰数据资源与云技术有限公司 | A kind of information processing method, terminal and computer-readable medium |
| CN109492355A (en) * | 2018-11-07 | 2019-03-19 | 中国科学院信息工程研究所 | A kind of software analysis resistant method and system based on deep learning |
| CN111065088A (en) * | 2019-10-18 | 2020-04-24 | 宇龙计算机通信科技(深圳)有限公司 | Position acquisition method and device, storage medium and electronic equipment |
| CN110933104A (en) * | 2019-12-11 | 2020-03-27 | 成都卫士通信息产业股份有限公司 | Malicious command detection method, device, equipment and medium |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11675928B2 (en) | 2018-01-05 | 2023-06-13 | Samsung Electronics Co., Ltd. | Electronic device for obfuscating and decoding data and method for controlling same |
| CN113741973A (en) * | 2021-08-25 | 2021-12-03 | 杭州安恒信息技术股份有限公司 | Command identification method, system, computer and readable storage medium |
| CN113778521A (en) * | 2021-09-10 | 2021-12-10 | 广东电网有限责任公司 | Power grid demand instruction processing method, electronic device and storage medium |
| CN113778521B (en) * | 2021-09-10 | 2023-06-16 | 广东电网有限责任公司 | Processing method of power grid demand instruction, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111343204B (en) | 2021-06-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111343204B (en) | Control command obfuscation method, apparatus and computer-readable storage medium | |
| CN109472166B (en) | Electronic signature method, device, equipment and medium | |
| KR102216877B1 (en) | Authentication method and apparatus based on biometric information in a electronic device | |
| JP6814147B2 (en) | Terminals, methods, non-volatile storage media | |
| CN106255102B (en) | Terminal equipment identification method and related equipment | |
| CN108959990B (en) | Two-dimensional code verification method and device | |
| CN111833472B (en) | Real-time attendance checking method and device and computer readable storage medium | |
| CN105447357A (en) | Application processing method and terminal | |
| CN111598573A (en) | Equipment fingerprint verification method and device | |
| CN109150542A (en) | Hardware signature method, hardware stamped signature verification method, sealing system and storage medium | |
| CN110691085A (en) | Login method, login device, password management system and computer readable medium | |
| CN110113329A (en) | A kind of verification method and device of identifying code | |
| CN108092947B (en) | Method and device for identity authentication of third-party application | |
| CN107608707A (en) | Application detection method, terminal and readable storage medium storing program for executing with hot repair function | |
| CN108109188B (en) | Image processing method and mobile terminal | |
| CN107437997B (en) | Radio frequency communication device and method | |
| CN112073414B (en) | Industrial Internet equipment secure access method, device, equipment and storage medium | |
| CN113127844A (en) | Variable access method, device, system, equipment and medium | |
| CN109558707B (en) | Method and device for detecting security level of encryption function and mobile device | |
| WO2023061262A1 (en) | Image processing method and apparatus, and device and storage medium | |
| CN116488873A (en) | Information transmission method, apparatus, computer device and storage medium | |
| CN116011042A (en) | Data storage method, device, system, computer equipment and storage medium | |
| CN115329309A (en) | Verification method, verification device, electronic equipment and storage medium | |
| CN113672886A (en) | Prompting method and device | |
| KR20140076082A (en) | Apparatus for user authentication on mobile platform and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |