CN113742659B - Application program protection method and device, electronic equipment and storage medium - Google Patents
Application program protection method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113742659B CN113742659B CN202110906940.7A CN202110906940A CN113742659B CN 113742659 B CN113742659 B CN 113742659B CN 202110906940 A CN202110906940 A CN 202110906940A CN 113742659 B CN113742659 B CN 113742659B
- Authority
- CN
- China
- Prior art keywords
- application program
- encryption information
- program
- objective function
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 67
- 230000006870 function Effects 0.000 claims description 118
- 230000015654 memory Effects 0.000 claims description 30
- 101150053844 APP1 gene Proteins 0.000 description 11
- 101100189105 Homo sapiens PABPC4 gene Proteins 0.000 description 11
- 102100039424 Polyadenylate-binding protein 4 Human genes 0.000 description 11
- 101100055496 Arabidopsis thaliana APP2 gene Proteins 0.000 description 7
- 101100016250 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) GYL1 gene Proteins 0.000 description 7
- 238000010586 diagram Methods 0.000 description 7
- 101710081949 Xaa-Pro aminopeptidase 3 Proteins 0.000 description 6
- 102100038359 Xaa-Pro aminopeptidase 3 Human genes 0.000 description 6
- 238000004590 computer program Methods 0.000 description 6
- 101100264195 Caenorhabditis elegans app-1 gene Proteins 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000004075 alteration Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Remote Sensing (AREA)
- Radar, Positioning & Navigation (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to the technical field of computers, in particular to an application program protection method, an application program protection device, electronic equipment and a storage medium, which are used for simply and efficiently improving program security. The method comprises the following steps: when a target application program calls a target function, encrypting file information corresponding to the target application program to obtain file encryption information; the file encryption information is sent to an objective function, and the file encryption information is compared with prestored encryption information corresponding to the objective function through the objective function; and determining whether to load the objective function according to the comparison result. According to the method and the device, the file encryption information is compared with the prestored encryption information corresponding to the target function through the target function, and whether the target function is loaded or not is determined according to the comparison result, so that illegal calling of a program can be simply and quickly prevented, intrusion events are prevented, comprehensive protection of a system is realized, the reliability of the system is improved, and the method and the device have higher practicability.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to an application program protection method, an apparatus, an electronic device, and a storage medium.
Background
Along with the continuous progress of science and technology, the C++ function has many malicious calls of malicious software, and damages a source program, so that the society is seriously affected.
In the related art, aiming at the malicious call problem of the C++ function, a system call entry is mainly obtained through an assembly instruction, a system call linked list pointer is obtained through the system call entry, and the system call pointer is processed by a fingerprint algorithm. However, the method can only be applied to a Linux system, solves the problem of intrusion events in a kernel mode of the Linux system, and is poor in applicability and complex in implementation process.
Disclosure of Invention
The embodiment of the application provides an application program protection method, an application program protection device, electronic equipment and a storage medium, which are used for simply and efficiently improving the program security.
The first application program protection method provided by the embodiment of the application comprises the following steps:
When a target application program calls a target function, encrypting file information corresponding to the target application program to obtain file encryption information;
The file encryption information is sent to an objective function, and the file encryption information is compared with prestored encryption information corresponding to the objective function through the objective function;
And determining whether to load the objective function according to the comparison result.
In the above embodiment, when the target application program calls the target function, the file information corresponding to the target application program is encrypted, after the file encryption information is obtained, the file encryption information is sent to the target function, the file encryption information is compared with the prestored encryption information corresponding to the target function through the target function, and whether the target function is loaded is determined according to the comparison result. By the method, illegal calling of a program can be simply and rapidly prevented, intrusion events are prevented, comprehensive protection of a system is realized, and system safety and reliability are improved. Moreover, the method is not only suitable for a Linux system, and has higher practicability.
An optional implementation manner is that the determining whether to load the objective function according to the comparison result includes:
If the comparison results are consistent, loading the objective function;
and if the comparison results are inconsistent, the loading of the objective function is forbidden, and the objective application program is exited.
In the embodiment, whether the target function is loaded is determined through the comparison result, if the comparison result is consistent, the target function is loaded, if the comparison result is inconsistent, the loading of the target function is forbidden, the target application program is exited, illegal calling of the program can be simply and efficiently prevented, comprehensive protection of the system is realized, and the reliability of the system is improved.
An alternative embodiment is that the pre-stored encryption information includes: the method comprises the steps of enabling program names of loadable application programs and second check codes corresponding to the application programs, wherein the second check codes are used for uniquely identifying the application programs and used for representing that the application programs are not modified; the comparing the file encryption information with the pre-stored encryption information through the objective function comprises the following steps:
Acquiring the program name of an application program loadable in the prestored encryption information corresponding to the objective function;
And if the target application program belongs to the loadable application program based on the program name, comparing the first check code in the file encryption information with the second check code corresponding to the target application program in the pre-stored encryption information.
In the embodiment, the file encryption information is compared with the pre-stored encryption information through the objective function, firstly, the program name of the loadable application program in the pre-stored encryption information corresponding to the objective function is obtained, if the fact that the target application program belongs to the loadable application program is determined based on the program name, the first check code in the file encryption information is compared with the second check code corresponding to the target application program in the pre-stored encryption information, illegal calling of the program can be simply and quickly prevented, intrusion events are prevented, comprehensive protection of the system is achieved, system reliability is improved, and the method is high in practicability.
An alternative embodiment is to determine that the alignment results are consistent by:
and if the first check code is consistent with the second check code corresponding to the target application program in the pre-stored encryption information, determining that the comparison result is consistent.
In the above embodiment, if the first check code is consistent with the second check code corresponding to the target application program in the prestored encrypted information, the comparison result is determined to be consistent, so that normal calling of the program can be ensured.
An alternative embodiment is to determine that the alignment results are inconsistent by:
if the first check code is inconsistent with the second check code corresponding to the target application program in the pre-stored encryption information, determining that the comparison result is inconsistent; or alternatively
And if the target application program is determined not to belong to the loadable application program based on the program name, determining that the comparison results are inconsistent.
In the above embodiment, if the first check code is inconsistent with the second check code corresponding to the target application program in the prestored encrypted information, or if the target application program is determined not to belong to the loadable application program based on the program name, the comparison result is determined to be inconsistent, so that illegal calling of the program can be simply and quickly prevented, the occurrence of an intrusion event is prevented, and the comprehensive protection of the system is realized.
An optional implementation manner is that the encrypting the file information corresponding to the target application program to obtain file encryption information includes:
Encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program;
And taking the program name of the target application program and the first check code as the file encryption information.
In the embodiment, the file information is encrypted by the asymmetric encryption method to obtain the first check code corresponding to the target application program, and the program name and the first check code of the target application program are used as the file encryption information, so that the information security is ensured, and illegal calling of the program is effectively prevented.
The application program protection device provided by the embodiment of the application comprises:
The encryption unit is used for encrypting the file information corresponding to the target application program when the target application program calls the target function, so as to obtain file encryption information;
The sending unit is used for sending the file encryption information to an objective function, and comparing the file encryption information with prestored encryption information corresponding to the objective function through the objective function;
and the determining unit is used for determining whether the objective function is loaded or not according to the comparison result.
Optionally, the determining unit is specifically configured to:
If the comparison results are consistent, loading the objective function;
and if the comparison results are inconsistent, the loading of the objective function is forbidden, and the objective application program is exited.
Optionally, the pre-stored encryption information includes: the method comprises the steps of enabling program names of loadable application programs and second check codes corresponding to the application programs, wherein the second check codes are used for uniquely identifying the application programs and used for representing that the application programs are not modified; the sending unit is specifically configured to:
Acquiring the program name of an application program loadable in the prestored encryption information corresponding to the objective function;
And if the target application program belongs to the loadable application program based on the program name, comparing the first check code in the file encryption information with the second check code corresponding to the target application program in the pre-stored encryption information.
Optionally, the determining unit is further configured to determine that the comparison results are consistent by:
and if the first check code is consistent with the second check code corresponding to the target application program in the pre-stored encryption information, determining that the comparison result is consistent.
Optionally, the determining unit is further configured to determine that the comparison result is inconsistent by:
if the first check code is inconsistent with the second check code corresponding to the target application program in the pre-stored encryption information, determining that the comparison result is inconsistent; or alternatively
And if the target application program is determined not to belong to the loadable application program based on the program name, determining that the comparison results are inconsistent.
Optionally, the encryption unit is specifically configured to:
Encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program;
And taking the program name of the target application program and the first check code as the file encryption information.
The electronic device provided by the embodiment of the application comprises a processor and a memory, wherein the memory stores program codes, and when the program codes are executed by the processor, the processor is caused to execute the step of protecting the application program.
An embodiment of the application provides a computer readable storage medium comprising program code for causing an electronic device to perform the steps of an application protection method as described above, when said storage medium is run on the electronic device.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application. The objectives and other advantages of the application will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
Fig. 1 is an application scenario schematic diagram of an application program protection method according to an embodiment of the present application;
FIG. 2 is a flowchart illustrating an application protection method according to an embodiment of the present application;
FIG. 3 is a block diagram illustrating an exemplary method for protecting an application program according to an embodiment of the present application;
FIG. 4 is a flowchart illustrating an embodiment of an application protection method according to the present application;
FIG. 5 is a schematic diagram of an application protection device according to an embodiment of the present application;
fig. 6 is a schematic diagram of a composition structure of an electronic device according to an embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the technical solutions of the present application, but not all embodiments. All other embodiments, based on the embodiments described in the present document, which can be obtained by a person skilled in the art without any creative effort, are within the scope of protection of the technical solutions of the present application.
Some of the concepts involved in the embodiments of the present application are described below.
1. In the embodiment of the application, the term "and/or" describes the association relation of the association objects, which means that three relations can exist, for example, a and/or B can be expressed as follows: a exists alone, A and B exist together, and B exists alone. The character "/" generally indicates that the context-dependent object is an "or" relationship.
2. The term "application" in embodiments of the present application is a computer program that operates in a user mode to interact with a user and has a visual user interface for performing a particular task or tasks. Applications are typically divided into two parts, a graphical user interface and an engine, each running in a separate process, they have their own separate address space. The application program in the embodiment of the application is a computer program, software, applet and the like which can call the C++ function.
3. The term "asymmetric encryption" in the embodiments of the present application is a secret method of a key. The asymmetric encryption algorithm requires two keys: public keys and private keys. The public key and the private key are a pair, and if the data is encrypted by the public key, the data can be decrypted only by the corresponding private key. Because encryption and decryption use two different keys, this approach is called asymmetric encryption. In the embodiment of the application, the file information is encrypted by an asymmetric encryption method.
4. The term "check code" in the present embodiment is generally the last digit of a set of digits, and is derived from the preceding digits by some operation to verify the correctness of the set of digits. The code with check code consists of two parts, namely a body code and a check code, wherein the body code is a number representing a coding object, and the check code is a number which is added at the back of the body code and is used for checking the accuracy of the body code in the input process. Each body code can only have one check code, and the check codes are obtained through a specified mathematical relationship. The check code in the embodiment of the application is used for comparing whether the transmitted file information is consistent with the prestored encryption information or not, and is obtained by encrypting the file information corresponding to the target application program.
The following briefly describes the design concept of the embodiment of the present application:
Along with the continuous progress of science and technology, the C++ function has many malicious calls of malicious software, and damages a source program, so that the society is seriously affected.
In the related art, aiming at the problem of malicious call of the C++ function, besides the method listed in the background art, the hook function can be used for monitoring call of the loading function and judging whether the loading function is in a malicious dynamic link library or a white list, so that the loading function is refused or allowed. However, the implementation of the method is complex, or the method can only be applied to a Linux system, or a hook function needs to be set for each called system.
In view of the above problems, the embodiments of the present application provide an application protection method, an apparatus, an electronic device, and a storage medium. When a target application program calls a target function, encrypting file information corresponding to the target application program, sending the file encryption information to the target function after obtaining the file encryption information, comparing the file encryption information with prestored encryption information corresponding to the target function through the target function, and determining whether to load the target function according to a comparison result. The application compares the file encryption information with the prestored encryption information to determine whether to load the objective function, thereby simply and quickly preventing illegal calling of the program and intrusion events, realizing comprehensive protection of the system, improving the reliability of the system and having high practicability.
The preferred embodiments of the present application will be described below with reference to the accompanying drawings of the specification, it being understood that the preferred embodiments described herein are for illustration and explanation only, and not for limitation of the present application, and embodiments of the present application and features of the embodiments may be combined with each other without conflict.
As shown in fig. 1, an application scenario schematic diagram of an application program protection method provided by an embodiment of the present application is shown in fig. 1, where a specific implementation flow of the method is as follows: when the target application program 10 calls the target function 20, encrypting file information corresponding to the target application program 10, obtaining file encryption information, sending the file encryption information to the target function 20, comparing the file encryption information with prestored encryption information corresponding to the target function 20 through the target function 20, and determining whether to load the target function 20 according to a comparison result.
As shown in fig. 2, an embodiment of the present application provides an application protection method, which includes the following steps:
S21: when a target application program calls a target function, encrypting file information corresponding to the target application program to obtain file encryption information;
Wherein the objective function may be a c++ function. When an application program is started and certain functions are realized based on the application program, a plurality of C++ functions are called, and in order to ensure the security of the system, the identity of the application program needs to be checked.
In an alternative embodiment, the file information is encrypted by an asymmetric encryption method to obtain a first check code corresponding to the target application program, and the program name of the target application program and the first check code are used as the file encryption information.
The file information includes information such as a program name and a path of the application program.
For example, the asymmetric encryption method may be an MD5 algorithm, after the file information of the target application program is obtained, the MD5 value of the file information, that is, the first check code, may be calculated by using the MD5 algorithm, and the MD5 values of different file information are different, so that if any person makes any change to the target application program, the MD5 value will change. By comparing whether the MD5 value provided in advance with the target function side is the same, whether the target application program is tampered or not can be judged, and the uniqueness of the target application program is checked, so that the safety and the integrity of the program can be ensured.
S22: the file encryption information is sent to an objective function, and the file encryption information is compared with prestored encryption information corresponding to the objective function through the objective function;
In an alternative embodiment, the prestored encryption information is prestored for the objective function side and comprises the program name of the loadable application program, namely the program name of the application program allowing the loading of the objective function, and the second check code corresponding to each application program. Wherein each second check code is used to uniquely identify an application and to characterize the application as unmodified.
The pre-stored encryption information corresponding to different objective functions can be the same or different.
For example, the prestored encryption information corresponding to the objective function 1 includes program names of 5 loadable application programs, which are respectively: APP1, APP2, APP3, APP4, APP5, each loadable application program has a check code corresponding to each application program: app1, app2, app3, app4, app5.
For another example, the prestored encrypted information corresponding to the objective function 2 includes program names of 3 loadable application programs, which are respectively: APP1, APP3, APP6, each loadable application has a check code corresponding to each application: app1, app3, app6.
For another example, the prestored encrypted information corresponding to the objective function 3 includes program names of 4 loadable application programs, which are respectively: APP7, APP8, APP9, APP0, each loadable application has a respective corresponding check code: app7, app8, app9, app0.
In the embodiment of the application, when comparing the file encryption information with the pre-stored encryption information, firstly, acquiring the program name of the loadable application program in the pre-stored encryption information corresponding to the objective function, if the application program name is consistent with the loadable program name, the application program belongs to the loadable program, and continuously comparing the first check code in the file encryption information with the second check code corresponding to the objective application program in the pre-stored encryption information; if the name of the application program is inconsistent with the loadable program name, the application program belongs to the non-loadable program, and the following comparison is not needed, so that the program is directly exited.
For example, the program name of the application program a is APP1, and the check code obtained after encryption based on the MD5 algorithm is APP1; the program name of the loadable application program contained in the prestored encrypted information corresponding to the objective function 1 is: APP1, APP2, APP3, APP4, APP5; the respective check codes corresponding to the application programs are as follows: app1, app2, app3, app4, app5.
The program name of the application a belongs to the loadable application as known by querying the program name of the loadable application contained in the prestored encrypted information. Then, the verification code app1 obtained by encrypting the application program a is compared with the second verification code of the target application program, and the comparison shows that the first verification code of the application program a is consistent with the corresponding second verification code, so that the application program a is allowed to load the objective function 1.
S23: and determining whether to load the objective function according to the comparison result.
In the embodiment of the application, the file encryption information is compared with the prestored encryption information corresponding to the objective function through the objective function, and whether the objective function is loaded is determined according to the comparison result, so that illegal calling of a program can be simply and quickly prevented, the occurrence of an intrusion event is prevented, the comprehensive protection of the system is realized, the safety and the reliability of the system are improved, the method and the system are not only suitable for Linux systems, but also suitable for various operating systems, and the practicability is higher.
In an alternative embodiment, whether the objective function is loaded is determined according to the comparison result, and if the comparison result is consistent, the objective function is loaded; and if the comparison results are inconsistent, the loading of the objective function is forbidden, and the objective application program is exited.
For example, taking the objective function as a C++ function as an example, comparing the file encryption information of the application program with prestored encryption information in the C++ function, loading the C++ function if the comparison result is consistent, prohibiting loading the objective function and exiting the application program if the comparison result is inconsistent, so that illegal calling of the program can be simply and efficiently prevented, comprehensive protection of the system is realized, and the reliability of the system is improved.
In an alternative embodiment, if the first check code is consistent with the second check code corresponding to the target application program in the pre-stored encrypted information, the comparison result is determined to be consistent.
For example, the program name of the application a is APP1, and the program name of the loadable application included in the prestored encrypted information corresponding to the c++ function is: APP1, APP2, APP3, APP4, APP5, then application a belongs to the loadable application, the first check code of application a is APP1, the corresponding second check code in the prestored encrypted information is APP1, and by comparing the known results to be consistent, loading of application a is allowed, so that normal call of the program can be ensured.
In an alternative embodiment, if the first check code is inconsistent with the second check code corresponding to the target application program in the pre-stored encrypted information, or it is determined based on the program name that the target application program does not belong to the loadable application program, the comparison result is inconsistent.
For example, the program name of the application program B is APP2, and the program name of the loadable application program contained in the prestored encrypted information corresponding to the c++ function is: APP1, APP2, APP3, APP4, APP5, the application program B belongs to a loadable application program, a first check code of the application program B is APP2, a second check code corresponding to the pre-stored encryption information is APP6, and the application program B is not allowed to be loaded if the first check code is inconsistent with the second check code through comparison; for another example, the program name of the application program C is APP0, and the program name of the loadable application program included in the prestored encrypted information corresponding to the c++ function is: APP1, APP2, APP3, APP4, APP5, according to the program name, it can be known that the application program C does not belong to the loadable application program, and the comparison result is inconsistent, and the program is exited, so that illegal calling of the program can be simply and rapidly prevented, occurrence of an intrusion event is prevented, and comprehensive protection of the system is realized.
As shown in fig. 3, a working block diagram of an application program protection method according to an embodiment of the present application is shown, and working logic is specifically described below by taking an objective function as a c++ function as an example:
When the application program calls the C++ function, the information of the application program is encrypted through an asymmetric encryption method and then transmitted to the C++ function, the transmitted file encryption information is compared with the pre-stored encryption information through the C++ function, when the transmitted information is consistent with the pre-stored encryption information, loading is allowed, and when the transmitted information is inconsistent with the pre-stored encryption information, loading is forbidden.
As shown in fig. 4, a specific flow chart of an application program protection method provided by an embodiment of the present application includes the following steps:
s400: encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program;
S401: taking the program name and the first check code of the target application program as file encryption information;
S402: transmitting the file encryption information to an objective function;
S403: judging whether the target application program belongs to a loadable application program, if so, executing step S404; if not, go to step S407;
s404: comparing the first check code with a second check code corresponding to a target application program in pre-stored encryption information;
S405: if the comparison result is consistent, executing step S406; if not, step S407 is performed.
S406: allowing loading.
S407: the procedure is exited.
The method can ensure the safety and the integrity of the program, limit the calling of malicious software, realize the comprehensive protection of the system, improve the reliability of the system and have high use value.
Based on the same inventive concept, the embodiment of the application also provides an application program protection device. As shown in fig. 5, a schematic diagram of an application protection device 500 according to an embodiment of the application includes:
an encryption unit 501, configured to encrypt file information corresponding to a target application program when the target application program invokes a target function, to obtain file encryption information;
The sending unit 502 is configured to send the file encryption information to the objective function, and compare the file encryption information with pre-stored encryption information corresponding to the objective function through the objective function;
A determining unit 503, configured to determine whether to load the objective function according to the comparison result.
Optionally, the determining unit 503 is specifically configured to:
if the comparison results are consistent, loading an objective function;
And if the comparison results are inconsistent, the loading of the objective function is forbidden, and the objective application program is exited.
Optionally, pre-storing the encrypted information includes: the method comprises the steps of enabling program names of loadable application programs and second check codes corresponding to the application programs, wherein the second check codes are used for uniquely identifying the application programs and used for representing that the application programs are not modified; the sending unit 502 is specifically configured to:
acquiring the program name of an application program loadable in prestored encryption information corresponding to an objective function;
if the target application program belongs to the loadable application program based on the program name, comparing the first check code in the file encryption information with the second check code corresponding to the target application program in the pre-stored encryption information.
Optionally, the determining unit 503 is further configured to determine that the comparison result is consistent by:
And if the first check code is consistent with the second check code corresponding to the target application program in the prestored encrypted information, determining that the comparison result is consistent.
Optionally, the determining unit 503 is further configured to determine that the comparison result is inconsistent by:
If the first check code is inconsistent with the second check code corresponding to the target application program in the prestored encrypted information, determining that the comparison result is inconsistent; or alternatively
If the target application program is determined not to belong to the loadable application program based on the program name, the comparison result is determined to be inconsistent.
Optionally, the encryption unit 501 is specifically configured to:
encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program;
And taking the program name and the first check code of the target application program as file encryption information.
For convenience of description, the above parts are described as being functionally divided into modules (or units) respectively. Of course, the functions of each module (or unit) may be implemented in the same piece or pieces of software or hardware when implementing the present application.
Those skilled in the art will appreciate that the various aspects of the application may be implemented as a system, method, or program product. Accordingly, aspects of the application may be embodied in the following forms, namely: an entirely hardware embodiment, an entirely software embodiment (including firmware, micro-code, etc.) or an embodiment combining hardware and software aspects may be referred to herein as a "circuit," module "or" system.
The embodiment of the application also provides electronic equipment based on the same conception as the embodiment of the method. In this embodiment, the electronic device may be configured as shown in fig. 6, including a memory 601, a communication module 603, and one or more processors 602.
A memory 601 for storing a computer program for execution by the processor 602. The memory 601 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, programs required for running an instant messaging function, and the like; the storage data area can store various instant messaging information, operation instruction sets and the like.
The memory 601 may be a volatile memory (RAM) such as a random-access memory (RAM); the memory 601 may also be a nonvolatile memory (non-volatile memory), such as a read-only memory, a flash memory (flash memory), a hard disk (HARD DISK DRIVE, HDD) or a solid state disk (solid-state disk) (STATE DRIVE, SSD); or memory 601, is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory 601 may be a combination of the above memories.
The processor 602 may include one or more central processing units (central processing unit, CPUs) or a digital processing unit, or the like. A processor 602 for implementing the above application protection method when calling the computer program stored in the memory 601.
The communication module 603 is used for communicating with terminals and other servers.
The specific connection medium between the memory 601, the communication module 603, and the processor 602 is not limited in the embodiment of the present application. The embodiment of the present application is shown in fig. 6, where the memory 601 and the processor 602 are connected by a bus 604, and the bus 604 is shown in bold in fig. 6, and the connection between other components is merely illustrative, and not limited thereto. The bus 604 may be divided into an address bus, a data bus, a control bus, and the like. For ease of description, only one thick line is depicted in fig. 6, but only one bus or one type of bus is not depicted.
The memory 601 stores a computer storage medium in which computer executable instructions for implementing the application protection method of the embodiment of the present application are stored. The processor 602 is configured to perform the application protection method described above, as shown in fig. 2.
An application protection device according to the present application may comprise at least a processor and a memory. The memory stores therein program code that, when executed by the processor, causes the processor to perform the steps in the application protection method according to various exemplary embodiments of the application described in this specification. For example, the processor may perform the steps as shown in fig. 2.
In some possible embodiments, aspects of the application protection method provided by the present application may also be implemented in the form of a program product comprising program code for causing a computer device to perform the steps of the application protection method according to the various exemplary embodiments of the application described herein above, when the program product is run on a computer device, e.g. the computer device may perform the steps as shown in fig. 2.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The application-protected program product of embodiments of the present application may employ a portable compact disk read-only memory (CD-ROM) and include program code and may run on a computing device. However, the program product of the present application is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with a command execution system, apparatus, or device.
The readable signal medium may include a data signal propagated in baseband or as part of a carrier wave with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with a command execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's equipment, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
It should be noted that although several units or sub-units of the apparatus are mentioned in the above detailed description, such a division is merely exemplary and not mandatory. Indeed, the features and functions of two or more of the elements described above may be embodied in one element in accordance with embodiments of the present application. Conversely, the features and functions of one unit described above may be further divided into a plurality of units to be embodied.
Furthermore, although the operations of the methods of the present application are depicted in the drawings in a particular order, this is not required or suggested that these operations must be performed in this particular order or that all of the illustrated operations must be performed in order to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
While preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the spirit or scope of the application. Thus, it is intended that the present application also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (8)
1. A method of application protection, the method comprising:
When a target application program calls a target function, encrypting file information corresponding to the target application program to obtain file encryption information;
The file encryption information is sent to an objective function, and the file encryption information is compared with prestored encryption information corresponding to the objective function through the objective function; the pre-stored encryption information comprises: the method comprises the steps of enabling program names of loadable application programs and second check codes corresponding to the application programs, wherein the second check codes are used for uniquely identifying the application programs and used for representing that the application programs are not modified;
determining whether to load the objective function according to the comparison result;
the encrypting the file information corresponding to the target application program to obtain file encryption information includes:
Encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program; taking the program name of the target application program and the first check code as the file encryption information;
the comparing the file encryption information with the pre-stored encryption information through the objective function comprises the following steps:
Acquiring the program name of an application program loadable in the prestored encryption information corresponding to the objective function;
And if the target application program belongs to the loadable application program based on the program name, comparing the first check code in the file encryption information with the second check code corresponding to the target application program in the pre-stored encryption information.
2. The method of claim 1, wherein determining whether to load the objective function based on the comparison result comprises:
If the comparison results are consistent, loading the objective function;
and if the comparison results are inconsistent, the loading of the objective function is forbidden, and the objective application program is exited.
3. The method of claim 2, wherein the alignment is determined to be consistent by:
and if the first check code is consistent with the second check code corresponding to the target application program in the pre-stored encryption information, determining that the comparison result is consistent.
4. The method of claim 2, wherein the alignment result is determined to be inconsistent by:
if the first check code is inconsistent with the second check code corresponding to the target application program in the pre-stored encryption information, determining that the comparison result is inconsistent; or alternatively
And if the target application program is determined not to belong to the loadable application program based on the program name, determining that the comparison results are inconsistent.
5. An application guard, the apparatus comprising:
The encryption unit is used for encrypting the file information corresponding to the target application program when the target application program calls the target function, so as to obtain file encryption information;
The sending unit is used for sending the file encryption information to an objective function, and comparing the file encryption information with prestored encryption information corresponding to the objective function through the objective function; the pre-stored encryption information comprises: the method comprises the steps of enabling program names of loadable application programs and second check codes corresponding to the application programs, wherein the second check codes are used for uniquely identifying the application programs and used for representing that the application programs are not modified;
the determining unit is used for determining whether the objective function is loaded or not according to the comparison result;
the encryption unit is specifically configured to:
Encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program; taking the program name of the target application program and the first check code as the file encryption information;
the sending unit is specifically configured to:
Acquiring the program name of an application program loadable in the prestored encryption information corresponding to the objective function;
And if the target application program belongs to the loadable application program based on the program name, comparing the first check code in the file encryption information with the second check code corresponding to the target application program in the pre-stored encryption information.
6. The apparatus of claim 5, wherein the determining unit is specifically configured to:
If the comparison results are consistent, loading the objective function;
and if the comparison results are inconsistent, the loading of the objective function is forbidden, and the objective application program is exited.
7. An electronic device comprising a processor and a memory, wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps of the method of any of claims 1-4.
8. A computer readable storage medium, characterized in that it comprises a program code for causing an electronic device to perform the steps of the method according to any one of claims 1-4, when said storage medium is run on said electronic device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110906940.7A CN113742659B (en) | 2021-08-09 | 2021-08-09 | Application program protection method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110906940.7A CN113742659B (en) | 2021-08-09 | 2021-08-09 | Application program protection method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113742659A CN113742659A (en) | 2021-12-03 |
| CN113742659B true CN113742659B (en) | 2024-08-27 |
Family
ID=78730615
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110906940.7A Active CN113742659B (en) | 2021-08-09 | 2021-08-09 | Application program protection method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113742659B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105683990A (en) * | 2013-10-10 | 2016-06-15 | Inka安特沃客有限公司 | Method and apparatus for protecting dynamic libraries |
| CN110245464A (en) * | 2018-10-10 | 2019-09-17 | 爱信诺征信有限公司 | The method and apparatus for protecting file |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105760787B (en) * | 2015-06-30 | 2019-05-31 | 卡巴斯基实验室股份制公司 | System and method for the malicious code in detection of random access memory |
| CN107391970B (en) * | 2017-06-07 | 2020-08-04 | 武汉斗鱼网络科技有限公司 | Function access control method and device in Flash application program |
| CN112800416A (en) * | 2020-12-31 | 2021-05-14 | 航天信息股份有限公司 | Safety protection system and method for calling chain |
-
2021
- 2021-08-09 CN CN202110906940.7A patent/CN113742659B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105683990A (en) * | 2013-10-10 | 2016-06-15 | Inka安特沃客有限公司 | Method and apparatus for protecting dynamic libraries |
| CN110245464A (en) * | 2018-10-10 | 2019-09-17 | 爱信诺征信有限公司 | The method and apparatus for protecting file |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113742659A (en) | 2021-12-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101700552B1 (en) | Context based switching to a secure operating system environment | |
| US8949586B2 (en) | System and method for authenticating computer system boot instructions during booting by using a public key associated with a processor and a monitoring device | |
| US20140289535A1 (en) | Cryptographic System and Methodology for Securing Software Cryptography | |
| CN112257086B (en) | User privacy data protection method and electronic equipment | |
| CN112231702B (en) | Application protection method, device, equipment and medium | |
| CN110750791A (en) | Method and system for guaranteeing physical attack resistance of trusted execution environment based on memory encryption | |
| CN115248919A (en) | Method and device for calling function interface, electronic equipment and storage medium | |
| CN113704211B (en) | Data query method and device, electronic equipment and storage medium | |
| US10719456B2 (en) | Method and apparatus for accessing private data in physical memory of electronic device | |
| CN113742659B (en) | Application program protection method and device, electronic equipment and storage medium | |
| CN116827551A (en) | Method and device for preventing global override | |
| CN116910712A (en) | Code protection method, system, electronic equipment and storage medium | |
| US11336667B2 (en) | Single point secured mechanism to disable and enable the access to all user associated entities | |
| US11615188B2 (en) | Executing software | |
| CN114386047A (en) | Application vulnerability detection method and device, electronic equipment and storage medium | |
| CN117063174A (en) | Security module and method for inter-app trust through app-based identity | |
| EP3244340A1 (en) | Method for securely running an application | |
| CN111639353A (en) | Data management method and device, embedded equipment and storage medium | |
| CN111753263A (en) | Non-inductive encryption and decryption method based on macOS system | |
| CN113407434B (en) | Method and device for processing debug file | |
| CN111523115B (en) | Information determining method, function calling method and electronic equipment | |
| CN115906056A (en) | Method, system, device, storage medium and program product for loading dynamic library | |
| CN115618334A (en) | Attack defense method and device, electronic equipment and storage medium | |
| CN117786624A (en) | Data processing method, device, equipment and storage medium | |
| CN118611876A (en) | Encryption dog-based algorithm library authorization and encryption method, system and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |