CN116132082A - Information sending method, information receiving method and device - Google Patents

Information sending method, information receiving method and device Download PDF

Info

Publication number
CN116132082A
CN116132082A CN202211104383.8A CN202211104383A CN116132082A CN 116132082 A CN116132082 A CN 116132082A CN 202211104383 A CN202211104383 A CN 202211104383A CN 116132082 A CN116132082 A CN 116132082A
Authority
CN
China
Prior art keywords
interaction information
target
communication interaction
information
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211104383.8A
Other languages
Chinese (zh)
Inventor
黄理健
孙洪伟
肖新光
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Antiy Network Technology Co Ltd
Original Assignee
Beijing Antiy Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Antiy Network Technology Co Ltd filed Critical Beijing Antiy Network Technology Co Ltd
Priority to CN202211104383.8A priority Critical patent/CN116132082A/en
Publication of CN116132082A publication Critical patent/CN116132082A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
    • H04L63/306Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Technology Law (AREA)
  • Computer And Data Communications (AREA)
  • Telephone Function (AREA)

Abstract

The application provides an information sending method, an information receiving method and an information receiving device, and the method provided by the application comprises the following steps: intercepting original communication interaction information to be sent to a second communication account; adding target content into the original communication interaction information to obtain target communication interaction information; the target content is configured to exist in a hidden form when the specified communication program displays the target communication interaction information; and sending the target communication interaction information to the second equipment logged in the second communication account, so that the second equipment determines whether the target communication interaction information is credible according to the target content in the target communication interaction information. In the method, the first equipment adds target content, and the second equipment safely checks the target content, so that a receiver of the target communication interaction information determines whether the received target communication interaction information is credible or not according to a safety check result.

Description

Information sending method, information receiving method and device
Technical Field
The present disclosure relates to the field of information security, and in particular, to an information sending method, an information receiving method, and an information receiving device.
Background
At present, when two parties communicate interactive information through a network, the true identity of an information sender cannot be determined, and whether the information sender is an actual owner of an account cannot be determined. This results in that often, an unlawful party uses a non-technical means to steal the account number and the password (such as an instant messaging program or a mailbox) of the user communication software, and uses the stolen user account number group to send fraud information with a fake link address and the like so as to induce the victim to click on the fake link address and the like, thereby achieving the purposes of cheating the property of the victim, illegally collecting the information of the victim and the like, and causing serious consequences which cannot be evaluated for the victim. Therefore, when the network is used for communication of the interaction information, the user cannot determine whether the information sender is the actual owner of the account, so that whether the communication information sent by the opposite party is credible cannot be determined.
Disclosure of Invention
In view of this, the present application provides an information sending method, an information receiving method, and an information receiving device, so as to solve the problem that when a network is used to perform communication of interactive information, a user cannot determine whether an information sender is an actual owner of an account, and thus cannot determine whether communication information sent by an opposite party is credible.
In one aspect of the present application, there is provided an information sending method applied to a first device, where the first device includes a specified communication program that has logged into a first communication account, the method including:
intercepting original communication interaction information to be sent to a second communication account; the original communication interaction information is generated by the appointed communication program;
adding target content into the original communication interaction information to obtain target communication interaction information; the target content is used for determining that the first communication account is a trusted account; the target content is configured to exist in a hidden form when the designated communication program displays the target communication interaction information;
and sending the target communication interaction information to second equipment logged in the second communication account, so that the second equipment determines whether the target communication interaction information is credible according to target content in the target communication interaction information.
In an exemplary embodiment of the present application, the adding the target content to the original communication interaction information to obtain the target communication interaction information includes:
if the original communication interaction information only comprises text information, adding the target content into the text information to obtain the target communication interaction information; wherein the target content is zero width characters.
In an exemplary embodiment of the present application, the adding the target content to the original communication interaction information to obtain the target communication interaction information includes:
if the original communication interaction information comprises image information and/or audio information, adding the target content into the image information and/or the audio information to obtain the target communication interaction information; wherein the target content is a digital watermark.
In another aspect of the present application, there is provided an information receiving method applied to a second device including a specified communication program in which a second communication account has been registered, the method including:
receiving target communication interaction information sent to the second communication account by a first communication account logged in on first equipment;
judging whether the target communication interaction information contains target content or not;
determining a safety verification result corresponding to the target communication interaction information according to the judgment result; the target content is used for determining that the first communication account is a trusted account, and the security check result is used for indicating whether the target communication interaction information is trusted or not;
and displaying the target communication interaction information by using the appointed communication program according to the safety verification result.
In an exemplary embodiment of the present application, the determining whether the target communication interaction information includes target content includes:
if the target communication interaction information only comprises text information, determining whether the text information comprises zero-width characters, and if so, determining that the target communication interaction information comprises target content; if the target communication interaction information does not contain the target content, determining that the target communication interaction information does not contain the target content;
in an exemplary embodiment of the present application, the determining whether the target communication interaction information includes target content includes:
if the target communication interaction information comprises image information and/or audio information, determining whether the image information and/or the audio information comprises a digital watermark, and if so, determining that the target communication interaction information comprises target content; and if the target communication interaction information does not contain the target content, determining that the target communication interaction information does not contain the target content.
In an exemplary embodiment of the present application, the determining, according to the result of the determination, a security check result corresponding to the target communication interaction information includes:
if the target communication interaction information is judged to contain target content, determining the safety verification result according to the target content;
If the target communication interaction information is judged to not contain the target content, determining a second result as a security check result; the security check result is a first result or a second result, the first result indicates that the communication interaction information is credible, and the second result indicates that the communication interaction information is not credible.
In an exemplary embodiment of the present application, displaying the communication interaction information according to the security check result includes:
and if the safety verification result is a second result, displaying the communication interaction information and a prompt message, wherein the prompt message is used for prompting a user that the communication interaction information is not credible.
In another aspect of the present application, there is provided an information transmitting apparatus provided in a first device including a specified communication program in which a first communication account has been registered, the apparatus including:
the interception module is used for intercepting the original communication interaction information to be sent to the second communication account; the original communication interaction information is generated by the appointed communication program;
the generation module is used for adding target content into the original communication interaction information to obtain target communication interaction information; the target content is used for determining that the first communication account is a trusted account; the target content is configured to exist in a hidden form when the designated communication program displays the target communication interaction information;
And the sending module is used for sending the target communication interaction information to second equipment logged in the second communication account so that the second equipment can determine whether the target communication interaction information is credible according to target content in the target communication interaction information.
In another aspect of the present application, there is provided an information receiving method, provided in a second device including a specified communication program in which a second communication account has been registered, the apparatus including:
the receiving module is used for receiving target communication interaction information sent to the second communication account by the first communication account logged in on the first equipment;
the judging module is used for judging whether the target communication interaction information contains target content or not;
the verification module is used for determining a safety verification result corresponding to the target communication interaction information according to the judgment result; the target content is used for determining that the first communication account is a trusted account, and the security check result is used for indicating whether the target communication interaction information is trusted or not;
and the display module is used for displaying the target communication interaction information by utilizing the appointed communication program according to the safety verification result.
According to the method, the original communication interaction information, which is to be sent to the second communication account, of the appointed communication program which is logged in the first communication account in the first device is intercepted, so that the original communication interaction information is prevented from being directly sent to the second device which is logged in the second communication account. And after interception, adding target content into the original communication interaction information to obtain target communication interaction information. And finally, the target communication interaction information is sent to the second device which logs in the second communication account. The first device may be a device in which a program for executing the method is installed, and the device may be regarded as a common device of a user who transmits original communication interaction information. Thus, after the second device receives the target communication interaction information sent by the specified communication program on the first device, whether the target communication interaction information is credible can be judged according to whether the target content is contained in the communication interaction information. That is, if the target communication interaction information includes the target content, it may be determined that the first device on which the designated communication program of the first communication account is logged is installed with the program for executing the method, and the program is sent from the common device of the user corresponding to the first communication account, so that it may be determined that the target communication interaction information is trusted. Otherwise, the target communication interaction information is possibly sent by the user who is not the actual owner of the first communication account, so that the receiver (the user corresponding to the second communication account) can be kept alert under the condition, and loss is avoided. Therefore, according to the method, the target content is added through the first equipment, the target content is safely checked through the second equipment, whether the received target communication interaction information is credible or not can be determined according to the safety check result by the receiver of the target communication interaction information, and the problem that whether the communication information sent by the opposite party is credible or not cannot be determined because a user cannot determine whether the information sender is an actual owner of an account or not when the network is used for communication of the interaction information is solved.
Meanwhile, in the application, the target content is configured to be hidden when the appointed communication program in the second device displays the target communication interaction information, so that when the second device displays, only the content of the original communication interaction information is displayed, but the target content added after interception is not displayed, and thus, when the user communicates the interaction information, the additionally added target content is not displayed all the time, but can automatically complete the security verification in the background, complete verification is achieved under the condition that the user is not felt, and the user is reminded when the risk exists.
Furthermore, even if the device for receiving the target communication interaction information sent by the first device does not use the method provided by the application, the problem that the received device cannot normally display the content of the original communication interaction information because the target content exists in a hidden form is avoided.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of an information sending method provided in the present embodiment;
fig. 2 is a block diagram of an information receiving method according to the present embodiment;
fig. 3 is a flowchart of an information sending apparatus provided in the present embodiment;
fig. 4 is a block diagram of an information receiving apparatus according to the present embodiment.
Detailed Description
Embodiments of the present application are described in detail below with reference to the accompanying drawings.
It should be noted that, without conflict, the following embodiments and features in the embodiments may be combined with each other; and, based on the embodiments in this disclosure, all other embodiments that may be made by one of ordinary skill in the art without inventive effort are within the scope of the present disclosure.
It is noted that various aspects of the embodiments are described below within the scope of the following claims. It should be apparent that the aspects described herein may be embodied in a wide variety of forms and that any specific structure and/or function described herein is merely illustrative. Based on the present disclosure, one skilled in the art will appreciate that one aspect described herein may be implemented independently of any other aspect, and that two or more of these aspects may be combined in various ways. For example, an apparatus may be implemented and/or a method practiced using any number of the aspects set forth herein. In addition, such apparatus may be implemented and/or such methods practiced using other structure and/or functionality in addition to one or more of the aspects set forth herein.
Before describing embodiments of the present application, some specialized terms in embodiments of the present application are explained below:
zero width characters, which are typically invisible in a typical text editor, i.e. are some invisible, unprintable characters.
Digital watermarking (Digital Watermark), a technique for embedding a specific digital signal into a digital product to protect the copyright, integrity, copy protection or tracking of the digital product. The digital watermark has transparency. Namely, the digital watermark is tightly combined with the original data and hidden in the original data, and the appreciation value and the use value of the original data cannot be destroyed by the existence of the digital watermark.
Referring to fig. 1, in one aspect of the present application, an information sending method is provided and applied to a first device, where the first device includes a designated communication program that has logged into a first communication account. The first device and the second device described later can be electronic devices with computing and communication functions, such as a mobile phone, a tablet computer, a notebook computer, a desktop computer and the like. In this embodiment, the first device and the second device are named differently, which is merely to distinguish between the receiving party and the sending party of the information in the description of the technical solution, and there is no additional limitation. The information method provided in this embodiment may be set in the control system of the first device, or may be set in a program separately installed in the first device. Specifically, the method can be started after the user performs identity authentication (such as face recognition authentication, check code authentication or authentication independent of an authentication password outside a login password), or the actual owner of the account is installed on the commonly used electronic equipment (the association of the account and the authentication of the identity can be performed during the installation), so that the first equipment after the method is operated can be regarded as trusted equipment.
The method comprises the following steps:
s100, intercepting original communication interaction information to be sent to a second communication account; the original communication interaction information is generated by the appointed communication program.
The original communication interaction information is communication information for interaction information sent by a designated communication program (such as an instant communication program or mail) in the first device. Interception may be performed through a communication interface of the first device.
The original communication interaction information can comprise text information, image information, audio information and the like which are input by a user. The original communication interaction information comprises communication data, such as specific contents of short messages or mails, which are input by a user of the first device for interaction. Under normal conditions, the second device displays the original communication interaction information after receiving the information.
S300, adding target content into the original communication interaction information to obtain target communication interaction information; the target content is used for determining that the first communication account is a trusted account; the target content is configured to exist in a hidden form when the designated communication program displays the target communication interaction information. For example, the target content may be a preset zero width character or a digital watermark, etc.
S500, the target communication interaction information is sent to second equipment logged in the second communication account, so that the second equipment determines whether the target communication interaction information is credible according to target content in the target communication interaction information.
The first device adds the target content in the original communication interaction information, so that the second device can determine whether the first communication account for sending the target communication interaction information is credible or not by identifying whether the received target communication interaction information has the target content or not, so as to determine whether the target communication interaction information is credible or not and a display mode, and timely output a reminder when the target communication interaction information is not credible.
The method provided in this embodiment may be set in the control system of the first device or in a program separately installed in the first device, and the operation of the sample method may be performed independently of the specified communication program, so that when the method is actually used, the original transmission data packets sent by the specified communication programs may be intercepted and modified at the same time, so that the application scenario is wide and flexible.
According to the method provided by the embodiment, the original communication interaction information to be sent to the second communication account by the appointed communication program which is logged in the first communication account in the first device is intercepted, so that the original communication interaction information is prevented from being directly sent to the second device which is logged in the second communication account. And after interception, adding target content into the original communication interaction information to obtain target communication interaction information. And finally, the target communication interaction information is sent to the second device which logs in the second communication account. The first device may be a device in which a program for executing the method is installed, and the device may be regarded as a common device of a user who transmits original communication interaction information. Thus, after the second device receives the target communication interaction information sent by the specified communication program on the first device, whether the target communication interaction information is credible can be judged according to whether the target content is contained in the communication interaction information. That is, if the target communication interaction information includes the target content, it may be determined that the first device on which the designated communication program of the first communication account is logged is installed with the program for executing the method, and the program is sent from the common device of the user corresponding to the first communication account, so that it may be determined that the target communication interaction information is trusted. Otherwise, the target communication interaction information is possibly sent by the user who is not the actual owner of the first communication account, so that the receiver (the user corresponding to the second communication account) can be kept alert under the condition, and loss is avoided. Therefore, according to the method, the target content is added through the first equipment, the target content is safely checked through the second equipment, whether the received target communication interaction information is credible or not can be determined according to the safety check result by the receiver of the target communication interaction information, and the problem that whether the communication information sent by the opposite party is credible or not cannot be determined because a user cannot determine whether the information sender is an actual owner of an account or not when the network is used for communication of the interaction information is solved.
Meanwhile, in the application, the target content is configured to be hidden when the appointed communication program in the second device displays the target communication interaction information, so that when the second device displays, only the content of the original communication interaction information is displayed, but the target content added after interception is not displayed, and thus, when the user communicates the interaction information, the additionally added target content is not displayed all the time, but can automatically complete the security verification in the background, complete verification is achieved under the condition that the user is not felt, and the user is reminded when the risk exists.
Furthermore, even if the device for receiving the target communication interaction information sent by the first device does not use the method provided by the application, the problem that the received device cannot normally display the content of the original communication interaction information because the target content exists in a hidden form is avoided.
In an exemplary embodiment of the present application, adding target content to original communication interaction information to obtain target communication interaction information includes:
if the original communication interaction information only comprises text information, adding target content into the text information to obtain target communication interaction information. Wherein the target content added in the text information may be zero width characters.
Because the zero-width character is not displayed in a general compiler, in this embodiment, the second method provided by the embodiment of the present invention may be used to independently set a compiler capable of parsing and acquiring the zero-width character, so as to acquire the target content in the target communication interaction information, and use the target content for security verification. Zero width characters are added in the text information, so that the reading of the original content (namely the content of the original communication interaction information) by a receiver is not influenced, and the aim of safety verification can be fulfilled. The target content may be a preset zero-width character.
In an exemplary embodiment of the present application, adding target content to original communication interaction information to obtain target communication interaction information includes:
if the original communication interaction information comprises image information and/or audio information, adding target content into the image information and/or the audio information to obtain target communication interaction information. Wherein the target content added within the image information and/or the audio information may be a digital watermark.
Specifically, if the original communication interaction information includes image information and/or audio information, even if text information is included in the original communication interaction information, the target content is preferentially added in the image information and/or the audio information.
Because of the different communication programs, the used compilers are different, so that if zero width characters are added in the text information, some communication programs on the second equipment can analyze and display the zero width characters, and the reading experience of the user can be affected. In the application, in the case that the original communication interaction information includes image information and/or audio information, the target content is preferentially added in the image information and/or the audio information, and the target content exists in the form of a digital watermark. Because the digital watermark needs to be analyzed and acquired by using a specific analysis device, the communication program basically does not have the analysis device, and the digital watermark has transparency, the condition that the communication program on the second equipment can display the target content can be reduced.
In an exemplary embodiment of the present application, intercepting original communication interaction information to be sent to a second communication account includes:
and monitoring the data packet generated by the appointed communication program, and intercepting the original communication interaction information which is to be sent to the second communication account and uses the appointed communication protocol in the data packet.
When the first device works normally, a lot of communication interaction information is sent out, and if each communication interaction information is to be intercepted, a lot of computing resources are consumed. In this embodiment, only the original communication interaction information using the specified communication protocol to be sent to the second communication account is intercepted, so as to accurately intercept the communication interaction information sent by the specified communication program (the original communication interaction information using the specified communication protocol). In practical implementation, if there are multiple communication programs in the first device, the communication program to be processed in the method provided in this implementation may be determined as a specified communication program (or multiple communication programs), and the communication protocol used by each specified communication program is determined as a specified communication protocol, so as to finally obtain a protocol set including at least one specified communication protocol.
When intercepting, the communication interaction information of the communication protocol belonging to the protocol set can be determined as the original communication interaction information of the designated communication protocol, and the interception is performed.
In an exemplary embodiment of the present application, after intercepting the original communication interaction information to be sent to the second communication account, the method further includes the following steps before adding the target content in the original communication interaction information to obtain the target communication interaction information:
determining whether the original communication interaction information contains character strings meeting preset conditions; if so, entering a safe mode.
In the secure mode, step S100 and the following steps are performed. If the original communication interaction information sent by the first equipment is not intercepted in the normal mode.
The character strings meeting the preset conditions can be preset keywords, web page links, unknown links or jump links and the like.
Specifically, entering the secure mode includes:
and acquiring the safety verification information input by the user, and entering a safety mode if the safety verification information accords with a preset entering condition. The security check information may be biological information such as face information of the user, and may be a preset security code for distinguishing a login code of the user to the communication program. The entry condition may be a comparison with biological information or a verification password input in advance for verification, and if the same, it is determined that the entry condition is satisfied.
Further, in this embodiment, the user may enter the security mode in an active trigger manner.
By the method, under the common mode, the non-sensitive original communication interaction information is not intercepted and target content is not added, so that the data processing amount is reduced. Meanwhile, if the original communication interaction information contains a character string meeting the preset condition, triggering to enter a safety mode. Therefore, after the second device receives the target communication interaction information, if the second device does not contain the character string meeting the preset condition, the target communication interaction information can be directly displayed without safety verification. If the character string meeting the preset condition is contained, the security check can be entered, and the security check result is obtained, so that the communication interaction information is displayed according to the security check result.
Further, in an exemplary embodiment of the present application, compared to the above embodiment, if the first device is in the secure mode, the current mode information of the first device may be added to the original communication interaction information, so that the second device can determine whether the first device is currently in the secure mode or not with the current mode information. Thus, after receiving the target communication interaction information, if the second device contains a character string meeting the preset condition, if the current mode information in the target communication interaction information indicates that the first device is in the safe mode, the second device directly displays the communication interaction information. If the current mode information in the target transmission data packet indicates that the first device is in the normal mode or the current mode information does not exist, displaying the communication interaction information and simultaneously displaying a prompt message so as to inform a user of the second device that the target transmission data packet has risk.
Further, in an exemplary embodiment of the present application, the original communication interaction information exists in the original transmission data packet, that is, step S100 includes:
and intercepting the original transmission data packet to be sent to the second communication account. The original transmission data packet comprises original transmission protocol information and original communication interaction information.
In this case, as compared to the previous embodiment, the target content can also be added to the original transport protocol information.
The original transmission data packet is a data packet sent by a designated communication program (such as an instant communication program or mail) in the first device and used for carrying out communication of interactive information. Interception may be performed through a communication interface of the first device. The original transport protocol information may be a header portion of an original transport packet, and may include a source address field, a destination address field, a data length field, a protocol information field, and the like. Specifically, after receiving the original transmission data packet or a target transmission data packet described later, the second device does not display the original transmission protocol information or the target transmission protocol information, but is used for processing the original transmission data packet.
And if the target content is added in the original transmission protocol information, obtaining the target transmission protocol information. I.e. the original transport protocol after adding the target content is the target transport protocol information.
At this time, any one of the original communication interaction information and the target transmission protocol information can be used as a target transmission data packet to be sent to the second device, so that the second device determines whether the original communication interaction information or the target communication interaction information is credible according to the target content in the target transmission protocol information.
In this embodiment, the target content is in the target transmission protocol information, and when the second device displays, only the original communication interaction information or the target communication interaction information is displayed, but the target transmission protocol information is not displayed, so that the additionally added target content is not always displayed when the user communicates the interaction information, but the security verification can be automatically completed in the background, the complete verification is completed under the condition that the user is not felt, and the user is reminded when the risk exists.
In an exemplary embodiment of the present application, adding target content in original transport protocol information to obtain target transport protocol information includes:
a check field is added to the original transport protocol information. The check field may be added at the final position of the original transmission protocol information, so as to reduce the influence on the original content in the original transmission protocol information as much as possible.
And filling target content corresponding to the first communication account in a preset database into the check field to obtain the target transmission protocol information.
The preset target content may be preset content, such as a specific character string, which is agreed in advance by both parties (such as the first device and the second device) using the method.
Thus, after the second device receives the target transmission data packet, whether the first device or the original communication interaction information or the target communication interaction information is credible or not can be determined according to the number of fields in the target transmission protocol information. For example, the original transport protocol information includes only 5 fields, if the received target transport protocol information is also 5 fields, the target transport protocol information is not trusted, and if the target transport protocol information is 6 fields, the target transport protocol information is trusted. Further, if the verification field is determined to be included, the field content (i.e. the target content) of the verification field can be compared with the preset content pre-stored for safety verification, if the preset content is the same, the verification field is trusted, and if the preset content is not the same, the verification field is not trusted. Therefore, the safety verification of the target transmission data packet can be completed, whether the original communication interaction information or the target communication interaction information is credible or not is determined, the calculated amount in the processing process is small, the calculation resources are saved, and the safety verification efficiency is improved.
In an exemplary embodiment of the present application, adding target content in original transport protocol information to obtain target transport protocol information includes:
and carrying out data conversion on the original transmission protocol information and/or the original communication interaction information to obtain target content. The specific data conversion may be to perform hash value calculation on the original transmission protocol information and/or the original communication interaction information, so as to obtain a hash value as the target content.
A check field is added to the original transport protocol information.
And filling the target content into the check field to obtain the target transmission protocol information.
Compared with the previous embodiment, in this embodiment, the target content is not preset, but is obtained by performing data conversion according to the original transmission protocol information and/or the original communication interaction information, so that the target content corresponding to different original transmission data packets may be different. After the second device receives the original transmission data packet, the same method can also be used for carrying out data conversion on the information except the target content and/or the original communication interaction information in the original transmission protocol information to obtain verification information. And comparing the verification information with the target content in the verification field only, if the verification information is the same, the verification information is trusted, and if the verification information is not the same, the verification information is not trusted.
Compared with the previous embodiment, the target content used in the embodiment is not fixed, so that a malicious user can be prevented from acquiring the actual content of the target content and autonomously adding the actual content to avoid the security check of the second device by intercepting the target transmission data packet.
Referring to fig. 2, in another aspect of the present application, an information receiving method is provided and applied to a second device, where the second device includes a designated communication program that has logged into a second communication account. Wherein the second device is a receiving device compared to the first device.
The method comprises the following steps:
s200, receiving target communication interaction information sent to the second communication account by the first communication account logged in on the first device.
In this embodiment, the target communication interaction information refers to the communication interaction information received by the second device, which may be the same as or different from the target communication interaction information in the foregoing embodiment. That is, the target communication interaction information may or may not include the target content.
The target communication interaction information can comprise text information, image information, audio information and the like which are input by a user. The target communication interaction information comprises communication data, such as specific contents of short messages or mails, which are input by a user of the first device and used for interaction.
S400, judging whether the target communication interaction information contains target content.
S600, determining a safety verification result corresponding to the target communication interaction information according to the judgment result; the target content is used for determining that the first communication account is a trusted account, and the security check result is used for indicating whether the target communication interaction information is trusted or not.
If the target communication interaction information contains target content, the first device intercepts the original communication interaction information to be sent to the second communication account and adds the original communication interaction information into the original communication interaction information. The target content is used for determining that the first communication account is a trusted account, and the security check result is used for indicating whether the target communication interaction information is trusted or not.
S800, displaying the target communication interaction information by using the appointed communication program according to the safety verification result.
Specifically, if the security check result indicates that the target communication interaction information is reliable, the target communication interaction information is displayed directly by using the designated communication program; if the communication interaction information is not trusted, displaying a prompt message and displaying the communication interaction information by using the appointed communication program, wherein the prompt message is used for prompting a user that the communication interaction information is not trusted.
It should be noted that, in the present application, the first device and the second device may be exchanged for each other in different situations, and the two methods may be implemented in one embodiment or device. In this embodiment, the first device refers to a device that sends a message, and the second device refers to a device that receives a message.
According to the method provided by the embodiment, the original communication interaction information to be sent to the second communication account by the appointed communication program which is logged in the first communication account in the first device is intercepted, so that the original communication interaction information is prevented from being directly sent to the second device which is logged in the second communication account. And after interception, adding target content into the original communication interaction information to obtain target communication interaction information. And finally, the target communication interaction information is sent to the second device which logs in the second communication account. The first device may be a device in which a program for executing the method is installed, and the device may be regarded as a common device of a user who transmits original communication interaction information. Thus, after the second device receives the target communication interaction information sent by the specified communication program on the first device, whether the target communication interaction information is credible can be judged according to whether the target content is contained in the communication interaction information. That is, if the target communication interaction information includes the target content, it may be determined that the first device on which the designated communication program of the first communication account is logged is installed with the program for executing the method, and the program is sent from the common device of the user corresponding to the first communication account, so that it may be determined that the target communication interaction information is trusted. Otherwise, the target communication interaction information is possibly sent by the user who is not the actual owner of the first communication account, so that the receiver (the user corresponding to the second communication account) can be kept alert under the condition, and loss is avoided. Therefore, according to the method, the target content is added through the first equipment, the target content is safely checked through the second equipment, whether the received target communication interaction information is credible or not can be determined according to the safety check result by the receiver of the target communication interaction information, and the problem that whether the communication information sent by the opposite party is credible or not cannot be determined because a user cannot determine whether the information sender is an actual owner of an account or not when the network is used for communication of the interaction information is solved.
Meanwhile, in the application, the target content is configured to be hidden when the appointed communication program in the second device displays the target communication interaction information, so that when the second device displays, only the content of the original communication interaction information is displayed, but the target content added after interception is not displayed, and thus, when the user communicates the interaction information, the additionally added target content is not displayed all the time, but can automatically complete the security verification in the background, complete verification is achieved under the condition that the user is not felt, and the user is reminded when the risk exists.
Furthermore, even if the device for receiving the target communication interaction information sent by the first device does not use the method provided by the application, the problem that the received device cannot normally display the content of the original communication interaction information because the target content exists in a hidden form is avoided.
In an exemplary embodiment of the present application, determining whether the target communication interaction information includes target content includes:
if the target communication interaction information only comprises text information, determining whether the text information comprises zero-width characters, and if so, determining that the target communication interaction information comprises target content; if the target communication interaction information does not contain the target content, determining that the target communication interaction information does not contain the target content;
If the target communication interaction information comprises image information and/or audio information, determining whether the image information and/or the audio information comprises a digital watermark, and if so, determining that the target communication interaction information comprises target content; and if the target communication interaction information does not contain the target content, determining that the target communication interaction information does not contain the target content.
And determining a safety verification result corresponding to the target communication interaction information according to the judgment result, wherein the safety verification result comprises the following steps:
if the target communication interaction information is judged to not contain the target content, determining a second result as a security check result; the security check result is a first result or a second result, the first result indicates that the communication interaction information is credible, and the second result indicates that the communication interaction information is not credible.
After the second device receives the target communication interaction information, whether the target communication interaction information is credible can be determined according to whether target content exists in the target communication interaction information (namely whether zero width characters exist in text information and whether digital watermarks exist in image information and audio information).
That is, if there is a zero width character in the text information or there is a digital watermark in the image information and the audio information, it may be determined that the first device uses the information sending device provided in the present application, and the first communication account is trusted, or not trusted.
Referring to fig. 3, in another aspect of the present application, there is provided an information transmitting apparatus, provided in a first device, including:
the interception module is used for intercepting the original communication interaction information to be sent to the second equipment;
the generation module is used for adding target content into the original communication interaction information to obtain target communication interaction information; the target content is used for determining that the first device is a trusted device; the target content is configured to exist in a hidden form when the second device displays the target communication interaction information;
and the sending module is used for sending the target communication interaction information to the second equipment so that the second equipment can determine whether the target communication interaction information is credible or not according to the target content in the target communication interaction information.
Referring to fig. 4, in another aspect of the present application, there is provided an information receiving method, provided in a second device, including:
the receiving module is used for receiving the target communication interaction information sent by the first equipment;
the verification module is used for determining a safety verification result corresponding to the target communication interaction information according to whether the target content exists in the target communication interaction information; after intercepting original communication interaction information to be sent to second equipment by first equipment, target content is added into the original communication interaction information; the target content is used for determining that the first equipment is a trusted equipment, and the security check result is used for indicating whether the target communication interaction information is trusted or not;
And the display module is used for displaying the target communication interaction information according to the safety verification result.
Furthermore, although the steps of the methods in the present disclosure are depicted in a particular order in the drawings, this does not require or imply that the steps must be performed in that particular order or that all illustrated steps be performed in order to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform, etc.
From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a mobile terminal, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, an electronic device capable of implementing the above method is also provided.
Those skilled in the art will appreciate that the various aspects of the present application may be implemented as a system, method, or program product. Accordingly, aspects of the present application may be embodied in the following forms, namely: an entirely hardware embodiment, an entirely software embodiment (including firmware, micro-code, etc.) or an embodiment combining hardware and software aspects may be referred to herein as a "circuit," module "or" system.
An electronic device according to this embodiment of the present application. The electronic device is only one example and should not impose any limitation on the functionality and scope of use of the embodiments of the present application.
The electronic device is in the form of a general purpose computing device. Components of an electronic device may include, but are not limited to: the at least one processor, the at least one memory, and a bus connecting the various system components, including the memory and the processor.
Wherein the memory stores program code that can be executed by the processor to cause the processor to perform steps according to various exemplary embodiments of the present application as described in the above section of the exemplary method of the present specification.
The storage may include readable media in the form of volatile storage, such as Random Access Memory (RAM) and/or cache memory, and may further include Read Only Memory (ROM).
The storage may also include a program/utility having a set (at least one) of program modules including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.
The bus may be one or more of several types of bus structures including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor, or a local bus using any of a variety of bus architectures.
The electronic device may also communicate with one or more external devices (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device, and/or with any device (e.g., router, modem, etc.) that enables the electronic device to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface. And, the electronic device may also communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through a network adapter. The network adapter communicates with other modules of the electronic device via a bus. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with an electronic device, including but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a terminal device, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, a computer-readable storage medium having stored thereon a program product capable of implementing the method described above in the present specification is also provided. In some possible implementations, the various aspects of the present application may also be implemented in the form of a program product comprising program code for causing a terminal device to carry out the steps according to the various exemplary embodiments of the present application as described in the "exemplary methods" section of this specification, when the program product is run on the terminal device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable signal medium may include a data signal propagated in baseband or as part of a carrier wave with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
Furthermore, the above-described figures are only illustrative of the processes involved in the method according to exemplary embodiments of the present application, and are not intended to be limiting. It will be readily appreciated that the processes shown in the above figures do not indicate or limit the temporal order of these processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, for example, among a plurality of modules.
It should be noted that although in the above detailed description several modules or units of a device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit in accordance with embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into a plurality of modules or units to be embodied.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions easily conceivable by those skilled in the art within the technical scope of the present application should be covered in the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (10)

1. An information transmission method applied to a first device including a specified communication program in which a first communication account has been registered, the method comprising:
intercepting original communication interaction information to be sent to a second communication account; the original communication interaction information is generated by the appointed communication program;
Adding target content into the original communication interaction information to obtain target communication interaction information; the target content is used for determining that the first communication account is a trusted account; the target content is configured to exist in a hidden form when the designated communication program displays the target communication interaction information;
and sending the target communication interaction information to second equipment logged in the second communication account, so that the second equipment determines whether the target communication interaction information is credible according to target content in the target communication interaction information.
2. The method for sending information according to claim 1, wherein adding the target content to the original communication interaction information to obtain the target communication interaction information comprises:
if the original communication interaction information only comprises text information, adding the target content into the text information to obtain the target communication interaction information; wherein the target content is zero width characters.
3. The method for sending information according to claim 1, wherein adding the target content to the original communication interaction information to obtain the target communication interaction information comprises:
If the original communication interaction information comprises image information and/or audio information, adding the target content into the image information and/or the audio information to obtain the target communication interaction information; wherein the target content is a digital watermark.
4. An information receiving method applied to a second device including a specified communication program in which a second communication account has been registered, the method comprising:
receiving target communication interaction information sent to the second communication account by a first communication account logged in on first equipment;
judging whether the target communication interaction information contains target content or not;
determining a safety verification result corresponding to the target communication interaction information according to the judgment result; the target content is used for determining that the first communication account is a trusted account, and the security check result is used for indicating whether the target communication interaction information is trusted or not;
and displaying the target communication interaction information by using the appointed communication program according to the safety verification result.
5. The method according to claim 4, wherein the determining whether the target communication interaction information includes the target content comprises:
If the target communication interaction information only comprises text information, determining whether the text information comprises zero-width characters, and if so, determining that the target communication interaction information comprises target content; and if the target communication interaction information does not contain the target content, determining that the target communication interaction information does not contain the target content.
6. The method according to claim 4, wherein the determining whether the target communication interaction information includes the target content comprises:
if the target communication interaction information comprises image information and/or audio information, determining whether the image information and/or the audio information comprises a digital watermark, and if so, determining that the target communication interaction information comprises target content; and if the target communication interaction information does not contain the target content, determining that the target communication interaction information does not contain the target content.
7. The method according to claim 5 or 6, wherein the determining, according to the result of the determination, a security check result corresponding to the target communication interaction information includes:
if the target communication interaction information is judged to contain target content, determining the safety verification result according to the target content;
If the target communication interaction information is judged to not contain the target content, determining a second result as a security check result; the security check result is a first result or a second result, the first result indicates that the communication interaction information is credible, and the second result indicates that the communication interaction information is not credible.
8. The information receiving method according to claim 1, wherein displaying the communication interaction information according to the security check result comprises:
and if the safety verification result is a second result, displaying the communication interaction information and a prompt message, wherein the prompt message is used for prompting a user that the communication interaction information is not credible.
9. An information transmission apparatus provided in a first device including a specified communication program in which a first communication account has been registered, the apparatus comprising:
the interception module is used for intercepting the original communication interaction information to be sent to the second communication account; the original communication interaction information is generated by the appointed communication program;
the generation module is used for adding target content into the original communication interaction information to obtain target communication interaction information; the target content is used for determining that the first communication account is a trusted account; the target content is configured to exist in a hidden form when the designated communication program displays the target communication interaction information;
And the sending module is used for sending the target communication interaction information to second equipment logged in the second communication account so that the second equipment can determine whether the target communication interaction information is credible according to target content in the target communication interaction information.
10. An information receiving apparatus provided in a second device including a specified communication program in which a second communication account has been registered, the apparatus comprising:
the receiving module is used for receiving target communication interaction information sent to the second communication account by the first communication account logged in on the first equipment;
the judging module is used for judging whether the target communication interaction information contains target content or not;
the verification module is used for determining a safety verification result corresponding to the target communication interaction information according to the judgment result; the target content is used for determining that the first communication account is a trusted account, and the security check result is used for indicating whether the target communication interaction information is trusted or not;
and the display module is used for displaying the target communication interaction information by utilizing the appointed communication program according to the safety verification result.
CN202211104383.8A 2022-09-09 2022-09-09 Information sending method, information receiving method and device Pending CN116132082A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211104383.8A CN116132082A (en) 2022-09-09 2022-09-09 Information sending method, information receiving method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211104383.8A CN116132082A (en) 2022-09-09 2022-09-09 Information sending method, information receiving method and device

Publications (1)

Publication Number Publication Date
CN116132082A true CN116132082A (en) 2023-05-16

Family

ID=86303330

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211104383.8A Pending CN116132082A (en) 2022-09-09 2022-09-09 Information sending method, information receiving method and device

Country Status (1)

Country Link
CN (1) CN116132082A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116738408A (en) * 2023-08-14 2023-09-12 北京安天网络安全技术有限公司 Method, device and medium for determining suspicious equipment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067892A (en) * 2012-12-21 2013-04-24 深圳一卡通新技术有限公司 Short message transmission method using watermark
CN104853327A (en) * 2014-02-17 2015-08-19 南京英锐祺科技有限公司 Method for designing and implementing digital watermark for GSM short message business
CN107426172A (en) * 2017-06-05 2017-12-01 国政通科技股份有限公司 The matching method for pushing and device of a kind of identity information
US20180063183A1 (en) * 2014-10-23 2018-03-01 International Business Machines Corporation Interacting with a remote server over a network to determine whether to allow data exchange with a resource at the remote server
CN111191198A (en) * 2019-11-25 2020-05-22 京东数字科技控股有限公司 Account information processing method and device, computer readable medium and electronic equipment
CN111404925A (en) * 2020-03-12 2020-07-10 北京航空航天大学 Vehicle-mounted CAN bus data encryption method based on dynamic digital watermarking
CN114205133A (en) * 2021-12-06 2022-03-18 南昌大学 Information security enhancement method for vehicle-mounted CAN network and electronic equipment

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067892A (en) * 2012-12-21 2013-04-24 深圳一卡通新技术有限公司 Short message transmission method using watermark
CN104853327A (en) * 2014-02-17 2015-08-19 南京英锐祺科技有限公司 Method for designing and implementing digital watermark for GSM short message business
US20180063183A1 (en) * 2014-10-23 2018-03-01 International Business Machines Corporation Interacting with a remote server over a network to determine whether to allow data exchange with a resource at the remote server
CN107426172A (en) * 2017-06-05 2017-12-01 国政通科技股份有限公司 The matching method for pushing and device of a kind of identity information
CN111191198A (en) * 2019-11-25 2020-05-22 京东数字科技控股有限公司 Account information processing method and device, computer readable medium and electronic equipment
CN111404925A (en) * 2020-03-12 2020-07-10 北京航空航天大学 Vehicle-mounted CAN bus data encryption method based on dynamic digital watermarking
CN114205133A (en) * 2021-12-06 2022-03-18 南昌大学 Information security enhancement method for vehicle-mounted CAN network and electronic equipment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张震宇等: ""基于不可见字符的文本水印设计"", 《南京理工大学学报》, vol. 41, no. 4, 31 August 2017 (2017-08-31), pages 405 - 411 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116738408A (en) * 2023-08-14 2023-09-12 北京安天网络安全技术有限公司 Method, device and medium for determining suspicious equipment
CN116738408B (en) * 2023-08-14 2023-11-17 北京安天网络安全技术有限公司 Method, device and medium for determining suspicious equipment

Similar Documents

Publication Publication Date Title
US9369475B2 (en) System and method for securing a third party communication with a hosting web page
WO2015169158A1 (en) Information protection method and system
US7860970B2 (en) Secure initialization of intrusion detection system
US20150373045A1 (en) Methods and apparatus for varying soft information related to the display of hard information
US8813237B2 (en) Thwarting cross-site request forgery (CSRF) and clickjacking attacks
US10091219B2 (en) Methods and apparatus for detecting remote control of a client device
CN102844750A (en) Executable code validation in a web browser
JP2006005921A (en) Verifying human interaction to computer entity by way of trusted component on computing device
CN101223562A (en) Immunizing HTML browsers and extensions from known vulnerabilities
US7725585B2 (en) Methods and systems for alerting a user interface with full destination information
CN116132082A (en) Information sending method, information receiving method and device
CN114938288B (en) Data access method, device, equipment and storage medium
CN116094743A (en) Information sending method, information receiving method and device
CN109522683B (en) Software tracing method, system, computer equipment and storage medium
CN114448734A (en) Network access method, device, equipment and storage medium
JP2001508892A (en) Method and safety system for handling safety critical activities
CN116305129B (en) Document detection method, device, equipment and medium based on VSTO
US20080060063A1 (en) Methods and systems for preventing information theft
CN106789899B (en) Cross-domain message sending method and device based on HTML5
CN116028917A (en) Authority detection method and device, storage medium and electronic equipment
CN109857488B (en) Application program call control method and device, terminal and readable storage medium
KR101934516B1 (en) E-mail Processing System for Time of Open Protection
JP6628861B2 (en) Information processing equipment
CN109145594B (en) Vulnerability detection method and device
EP1168138A2 (en) System and method for producing log files for secured transactions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination