CN111556503B - Personal WIFI hotspot management method based on Windows operating system - Google Patents

Personal WIFI hotspot management method based on Windows operating system Download PDF

Info

Publication number
CN111556503B
CN111556503B CN202010239488.9A CN202010239488A CN111556503B CN 111556503 B CN111556503 B CN 111556503B CN 202010239488 A CN202010239488 A CN 202010239488A CN 111556503 B CN111556503 B CN 111556503B
Authority
CN
China
Prior art keywords
terminal computer
request
managed
ssid
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010239488.9A
Other languages
Chinese (zh)
Other versions
CN111556503A (en
Inventor
李凯
孔祥焱
吴艳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Hongteng Intelligent Technology Co ltd
Original Assignee
360 Digital Security Technology Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 360 Digital Security Technology Group Co Ltd filed Critical 360 Digital Security Technology Group Co Ltd
Priority to CN202010239488.9A priority Critical patent/CN111556503B/en
Publication of CN111556503A publication Critical patent/CN111556503A/en
Application granted granted Critical
Publication of CN111556503B publication Critical patent/CN111556503B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4416Network booting; Remote initial program loading [RIPL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a personal WIFI hotspot management method based on a Windows operating system, which is used for analyzing the execution flow of a WIFI hotspot request through a reverse Windows operating system WIFI module and realizing the effective management of a terminal WIFI hotspot through a driving layer filtering technology. The method comprises the steps that a server generates a legal network hotspot information list, the server sets network hotspot information of a terminal computer, and the terminal computer monitors the change of the network hotspot information of the terminal computer. The method solves the problem that network hotspots cannot be managed in a large-scale local area network, also solves the problems of large work load, low efficiency and incapability of automatic maintenance of illegal hotspot management, greatly improves the working efficiency, reduces the maintenance cost and has wide application range by remotely and uniformly planning a terminal computer network hotspot list and a terminal computer real-time monitoring mode through a server side.

Description

Personal WIFI hotspot management method based on Windows operating system
Technical Field
The invention belongs to the technical field of computer network security management, and particularly relates to a personal WIFI hotspot management method based on a Windows operating system.
Background
The terminal computer is randomly and privately connected with the WIFI, so that safety risks can be brought to the computer network, even network blocking is caused, and therefore, the WIFI hot spot in the computer network needs to be effectively managed to ensure safe and stable operation of the computer network. When the user network is large in scale, the WIFI hot spot of a large number of terminal computers in the user network can be effectively managed, a large amount of manpower is required to be input to set the working efficiency one by one, and meanwhile, the operation and maintenance cost is also likely to be increased. According to the method, the WIFI hotspot request execution flow is analyzed through the reverse Windows operating system WIFI module, and the high-reliability and high-safety management of the terminal WIFI is realized through the drive layer filtering technology. In summary, in order to ensure that WIFI hotspots in a computer network can be effectively managed, an efficient and safe WIFI hotspot management method is needed.
Disclosure of Invention
The invention mainly aims to provide a personal WIFI hotspot management method based on a Windows operating system, which is used for fundamentally and effectively managing the behavior of connecting a terminal computer user with WIFI in a private way, and can remotely program network hotspot information of all terminal computers in a computer network through a server.
In order to achieve the above purpose, the invention adopts the following technical scheme:
A personal WIFI hotspot management method based on a Windows operating system comprises the following steps:
a. The server generates a legal network hotspot information list:
The server side performs unified planning on all WIFI hotspot information in the network, and a legal network hotspot information list is generated on the server side;
b. The server sets network hot spot information of the terminal computer:
The method comprises the steps that a server side sets a legal network hotspot information list of a terminal computer to be managed on the server side;
The server side informs the terminal computer to be managed according to the legal network hotspot information list;
The terminal computer to be managed utilizes a kernel layer API hooking technology to set that illegal WIFI hot spots of the terminal computer cannot be connected;
c. the terminal computer monitors the change of the network hotspot information of the terminal computer;
The managed terminal computer stores the legal network hot spot information list sent by the server into the legal SSID list of the terminal computer;
The managed terminal computer monitors the change of the network hot spot information of the terminal computer in real time through the equipment IO control interface by utilizing the kernel layer API hooking technology.
In the step c, the managed terminal computer uses the kernel layer API hooking technology to set a hooking monitoring program to monitor the equipment IO control request of the terminal computer;
The managed terminal computer sets a hook monitoring program to monitor the equipment IO control request of the terminal computer in real time, and the method comprises the following steps:
c1. If the managed terminal computer monitors that the terminal computer has a request for equipment IO control, continuing to execute the step c2; if the managed terminal computer does not monitor the request of the device IO control of the terminal computer, executing step c5;
c2. the managed terminal computer sets a hook monitoring program to acquire parameter information carried by monitoring operation;
the parameter information carried by the monitoring operation comprises a device IO request code, a device IO request input parameter and a device IO request output parameter;
When the device IO request code in the parameter information carried by the monitoring operation is an NDIS_OID query request, the first 4 bytes of the input parameter are request identifiers, and the output parameter is a system available SSID array;
c3. the managed terminal computer checks whether IO request codes in parameters carried by the incoming monitoring operation are WIFI hotspot management requests or not;
If the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is equal to the NDIS_OID query request and the first 4 bytes of the input parameters of the equipment IO request are equal to the predefined identification of the SSID of the system, the request is identified as a WIFI hotspot management request, and the step c4 is continuously executed; if the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is not equal to the NDIS_OID query request, the request is a non-WIFI hotspot management request, and step c5 is executed;
c4. analyzing and managing a WIFI hotspot management request;
The managed terminal computer sets a hook monitoring program to convert the acquired device IO request output parameters in the parameter information carried by the monitoring operation of the terminal computer into an SSID array, and circularly compares each node in the SSID array, and if the node SSID name in the SSID array is in the legal SSID list of the terminal computer, the next node in the SSID array is traversed; if the SSID name of the node in the SSID array is not in the legal SSID list of the terminal computer, deleting the node in the SSID array;
c5. the parameter information carried by the monitoring operation comprises a request equipment IO request code, equipment IO request input information parameters and equipment IO request output parameters, and the request equipment IO request input information parameters and the equipment IO request output parameters are returned to an operating system;
the managed terminal computer monitors the request of the IO control of the equipment by using the kernel API hooking technology, and executes the step c1.
The beneficial effects of the invention are as follows:
The personal WIFI hotspot management method based on the Windows operating system is suitable for Windows XP and the operating systems above, and the WIFI management function is developed through reversely analyzing the Windows operating system and hooking the kernel layer. Blacklist and whitelist management of WIFI can be achieved through the technology. The device control interface interception implementation of the driving layer is adopted, so that the device has good device compatibility and system safety.
Drawings
FIG. 1 is a flow chart of a personal WIFI hotspot management method based on a Windows operating system of the present invention;
FIG. 2 is a flowchart of step c of the personal WIFI hotspot management method based on the Windows operating system of the present invention;
Fig. 3 is a schematic structural diagram of an application environment of an embodiment of the present invention.
Detailed Description
The personal WIFI hotspot management method based on the Windows operating system is further described in detail below with reference to the accompanying drawings and embodiments.
The personal WIFI hotspot management method based on the Windows operating system can remotely and uniformly program the network hotspot list of the terminal computer through the server, solves the problem that the network hotspots cannot be managed in a large-scale local area network and the problem that illegal hotspots are managed in a large-scale local area network, has high workload, low efficiency and high system resource occupation, cannot be uniformly planned in a centralized way and cannot be automatically maintained by adopting a real-time monitoring mode of the terminal computer, greatly improves the working efficiency, reduces the operation and maintenance cost and has a wide application range.
Examples
For example, a local area network has 100 terminal computers, terminal computers PC1, PC2, …, PC100, and a SERVER computer (SERVER), and the 100 terminal computers are subjected to network hotspot information management and are ensured to be legal network hotspot information when a network hotspot control request is made, and the personal WIFI hotspot management method based on the Windows operating system of the present invention specifically includes the following steps:
a. The server generates a legal network hotspot information list:
the server computer performs unified planning on WIFI hotspot information of all 100 terminal computers in the local area network, uniformly plans legal network hotspot information of the terminal computer PC1 and the terminal computer PC100 into TP-LINK_001 and TP-LINK_002, and stores legal network hotspot information lists of all 100 terminal computers on the terminal computers;
b. The server sets network hot spot information of the terminal computer:
The server computer sets a legal network hotspot information list of 100 terminal computers to be managed on the server computer, wherein the legal network hotspot information list comprises the terminal computer PC1 and the legal network hotspot information of the terminal computer PC100 as P-LINK_001 and P-LINK_002;
the server side computer informs 100 terminal computers to be managed according to the legal network hotspot information list;
The 100 terminal computers to be managed respectively utilize kernel layer API hooking technology to design that illegal WIFI hot spots of the terminal computers cannot be connected;
c. The managed terminal computer monitors the change of the network hot spot information of the terminal computer;
The managed 100 terminal computers respectively store legal network hot spot information lists sent by the server computers into legal SSID lists of the respective terminal computers;
the legal SSID list is P-LINK_001 and P-LINK_002;
the managed terminal computer monitors the change of network hot spot information of the terminal computer in real time through the equipment IO control interface by utilizing the kernel layer API hooking technology, and the specific working steps are as follows:
c1. In this embodiment, the managed terminal PC100 requests to connect to the link_x of the non-office WIFI hotspot, so that the managed terminal PC100 can monitor that there is a request for device IO control on its terminal PC, and continue to execute step c2; and the managed terminal computers PC1 to PC99 fail to monitor the request of the device IO control on the terminal computers, and execute step c5;
c2. the managed terminal computer PC100 sets a hook monitoring program to acquire parameter information carried by monitoring operation, wherein the parameter information comprises a device IO request code of 0x0012c804, a device IO request input parameter of 0x8cd91200 and a device IO request output parameter of 0x8cd91400;
The device IO request code 0x0012c804 in the parameter information carried by the monitoring operation of the managed terminal computer PC100 can be judged to be an NDIS_OID query request, so that the first 4 bytes 0xD010217 of the device IO request input parameter in the parameter information carried by the monitoring operation of the managed terminal computer PC100 are used as request identifications, the device IO request output parameter is 0x8cd91400, and the system can use SSID arrays LINK_ X, P-LINK_001 and P-LINK_002;
c3. The managed terminal computer PC100 checks that the device IO request code 0x0012c804 in the parameters carried by the incoming monitoring operation is equal to the ndis_oid query request 0x0012c804, and the device IO request input parameter of the device IO request code 0x 001217 is equal to the system SSID predefined identifier 0xD010217, so that the request of the managed terminal computer PC100 this time is identified as a WIFI hotspot management request, and the step c4 is continuously executed; (if the managed terminal computer PC100 checks that the device IO request code in the parameters carried by the incoming monitoring operation is not equal to the NDIS_OID query request, the request is identified as a non-WIFI hotspot management request, step c5 is performed;)
C4. analyzing and managing a WIFI hotspot management request;
The managed terminal computer PC100 sets the hook monitoring program to convert the acquired device IO request output parameter 0x8cd91400 in the parameter information carried by the monitoring operation of the terminal computer to an SSID array link_ X, P-link_001, P-link_002, and circularly compares each node link_ X, P-link_001, P-link_002, link_x in the SSID array not in the SSID legal list, so that the node is deleted, and P-link_001, P-link_002 are in the legal list, so that the node is reserved;
c5. The managed terminal computer PC100 sets a hook monitoring program to send parameter information carried by the monitoring operation of the hook monitoring program to an operating system, wherein the parameter information comprises a request equipment IO request code 0x0012c804, equipment IO request input information parameters 0x8cd91200 and equipment IO request output parameters 0x8cd 91400;
The managed terminal computer PC100 monitors a request for its device IO control using the kernel API hooking technique, and executes step c1.

Claims (1)

1. A personal WIFI hotspot management method based on a Windows operating system comprises the following steps:
a. The server generates a legal network hotspot information list:
The server side performs unified planning on all WIFI hotspot information in the network, and a legal network hotspot information list is generated on the server side;
b. The server sets network hot spot information of the terminal computer:
The method comprises the steps that a server side sets a legal network hotspot information list of a terminal computer to be managed on the server side;
The server side informs the terminal computer to be managed according to the legal network hotspot information list;
The terminal computer to be managed utilizes a kernel layer API hooking technology to set that illegal WIFI hot spots of the terminal computer cannot be connected;
c. the terminal computer monitors the change of the network hotspot information of the terminal computer;
The managed terminal computer stores the legal network hot spot information list sent by the server into the legal SSID list of the terminal computer;
The managed terminal computer monitors the change of network hot spot information of the terminal computer in real time by using a kernel layer API hooking technology through an equipment IO control interface;
the managed terminal computer utilizes the kernel layer API hooking technology to set a hooking monitoring program to monitor the equipment IO control request of the terminal computer;
The managed terminal computer sets a hook monitoring program to monitor the equipment IO control request of the terminal computer in real time, and the method comprises the following steps:
c1. If the managed terminal computer monitors that the terminal computer has a request for equipment IO control, continuing to execute the step c2; if the managed terminal computer does not monitor the request of the device IO control of the terminal computer, executing step c5;
c2. the managed terminal computer sets a hook monitoring program to acquire parameter information carried by monitoring operation;
the parameter information carried by the monitoring operation comprises a device IO request code, a device IO request input parameter and a device IO request output parameter;
When the device IO request code in the parameter information carried by the monitoring operation is an NDIS_OID query request, the first 4 bytes of the input parameter are request identifiers, and the output parameter is a system available SSID array;
c3. the managed terminal computer checks whether IO request codes in parameters carried by the incoming monitoring operation are WIFI hotspot management requests or not;
If the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is equal to the NDIS_OID query request and the first 4 bytes of the input parameters of the equipment IO request are equal to the predefined identification of the SSID of the system, the request is identified as a WIFI hotspot management request, and the step c4 is continuously executed; if the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is not equal to the NDIS_OID query request, the request is a non-WIFI hotspot management request, and step c5 is executed;
c4. analyzing and managing a WIFI hotspot management request;
The managed terminal computer sets a hook monitoring program to convert the acquired device IO request output parameters in the parameter information carried by the monitoring operation of the terminal computer into an SSID array, and circularly compares each node in the SSID array, and if the node SSID name in the SSID array is in the legal SSID list of the terminal computer, the next node in the SSID array is traversed; if the SSID name of the node in the SSID array is not in the legal SSID list of the terminal computer, deleting the node in the SSID array;
c5. the parameter information carried by the monitoring operation comprises a request equipment IO request code, equipment IO request input information parameters and equipment IO request output parameters, and the request equipment IO request input information parameters and the equipment IO request output parameters are returned to an operating system;
the managed terminal computer monitors the request of the IO control of the equipment by using the kernel API hooking technology, and executes the step c1.
CN202010239488.9A 2020-03-30 2020-03-30 Personal WIFI hotspot management method based on Windows operating system Active CN111556503B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010239488.9A CN111556503B (en) 2020-03-30 2020-03-30 Personal WIFI hotspot management method based on Windows operating system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010239488.9A CN111556503B (en) 2020-03-30 2020-03-30 Personal WIFI hotspot management method based on Windows operating system

Publications (2)

Publication Number Publication Date
CN111556503A CN111556503A (en) 2020-08-18
CN111556503B true CN111556503B (en) 2024-06-18

Family

ID=72003793

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010239488.9A Active CN111556503B (en) 2020-03-30 2020-03-30 Personal WIFI hotspot management method based on Windows operating system

Country Status (1)

Country Link
CN (1) CN111556503B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102208004A (en) * 2011-05-13 2011-10-05 南京邮电大学 Method for controlling software behavior based on least privilege principle

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7680758B2 (en) * 2004-09-30 2010-03-16 Citrix Systems, Inc. Method and apparatus for isolating execution of software applications
JP4140920B2 (en) * 2006-04-20 2008-08-27 インターナショナル・ビジネス・マシーンズ・コーポレーション Information processing device that supports the protection of personal information
JP2009265823A (en) * 2008-04-23 2009-11-12 Yokogawa Digital Computer Corp Information terminal device and log data acquisition program
JP5387584B2 (en) * 2008-12-08 2014-01-15 日本電気株式会社 Data dependency analysis device, information processing device, data dependency analysis method, and program
KR20120096983A (en) * 2011-02-24 2012-09-03 삼성전자주식회사 Malware detection method and mobile terminal therefor
CN102664758B (en) * 2012-04-28 2015-03-25 沈阳通用软件有限公司 Method for binding and automatically recovering network configuration
CN104935657A (en) * 2015-06-15 2015-09-23 清华大学深圳研究生院 Method for actively pushing information and embedded node operating system
CN106778242B (en) * 2016-11-28 2020-10-16 北京奇虎科技有限公司 Kernel vulnerability detection method and device based on virtual machine
CN107070967A (en) * 2016-12-23 2017-08-18 沈阳通用软件有限公司 A kind of general terminal system reinforcement means
CN110825441B (en) * 2019-09-23 2021-11-02 万达信息股份有限公司 Method for implementing asynchronous system, computer equipment and storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102208004A (en) * 2011-05-13 2011-10-05 南京邮电大学 Method for controlling software behavior based on least privilege principle

Also Published As

Publication number Publication date
CN111556503A (en) 2020-08-18

Similar Documents

Publication Publication Date Title
CN111835826A (en) Cloud edge cooperative linkage system suitable for smart internet of things system
CN107959715B (en) Remote terminal information identification software method based on wireless telecommunications
CN112118617A (en) Base station energy saving method, device and storage medium
CN104660483A (en) Method, service terminal and system for group communication
CN210573263U (en) Building system
CN1852175A (en) Data-logging method and system therefor
CN113703363B (en) Plug-and-play method of intelligent edge computing gateway in power dispatching cloud
CN116192601B (en) Cloud edge end cooperative control system based on electric power Internet of things
CN111683003B (en) Internet of things gateway equipment with GPS positioning and multi-communication networking modes
CN112000659A (en) Basic application system suitable for intelligent terminal equipment of power distribution station
CN117194156A (en) Unified monitoring operation and maintenance management method and system for multi-cloud platform
CN110855739B (en) Container technology-based remote and heterogeneous resource unified management method and system
CN103501345A (en) Control method for remote concentrated control system
CN111556503B (en) Personal WIFI hotspot management method based on Windows operating system
CN102752752B (en) base station maintenance method and apparatus
CN109951313B (en) Monitoring device and method for Hadoop cloud platform
CN101502149B (en) A network managing system for completing customized operation automatically and a method thereof
CN105978715A (en) Data access interface uniform management method based on real time data center
CN105490879A (en) Automatic distributed performance test system of large-scale integrated level network
CN104735097A (en) Information collecting method and system
US10963161B2 (en) Storage apparatus and its control method
CN112769230A (en) Distributed edge micro-cloud monitoring system based on container technology
CN110099208B (en) Method and device for cross-level and cross-domain upgrading of camera in video monitoring system
CN102571412A (en) Target machine server of embedded distributed system
CN106304241A (en) A kind of data transmission method, transponder and gateway

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20210714

Address after: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing

Applicant after: Beijing Hongteng Intelligent Technology Co.,Ltd.

Address before: 110179 No.11, Lane 3, Wenhua Road, Heping District, Shenyang City, Liaoning Province

Applicant before: SHENYANG GENERALSOFT Co.,Ltd.

CB02 Change of applicant information
CB02 Change of applicant information

Address after: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing

Applicant after: Sanliu0 Digital Security Technology Group Co.,Ltd.

Address before: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing

Applicant before: Beijing Hongteng Intelligent Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant