WO2013113284A1 - Method and system for protecting computer video device privacy - Google Patents

Method and system for protecting computer video device privacy Download PDF

Info

Publication number
WO2013113284A1
WO2013113284A1 PCT/CN2013/071213 CN2013071213W WO2013113284A1 WO 2013113284 A1 WO2013113284 A1 WO 2013113284A1 CN 2013071213 W CN2013071213 W CN 2013071213W WO 2013113284 A1 WO2013113284 A1 WO 2013113284A1
Authority
WO
WIPO (PCT)
Prior art keywords
module
video
application
video stream
monitoring
Prior art date
Application number
PCT/CN2013/071213
Other languages
French (fr)
Chinese (zh)
Inventor
秦光远
范纪鍠
Original Assignee
北京奇虎科技有限公司
奇智软件(北京)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to CN201210023727.2A priority Critical patent/CN102609660B/en
Priority to CN201210023727.2 priority
Application filed by 北京奇虎科技有限公司, 奇智软件(北京)有限公司 filed Critical 北京奇虎科技有限公司
Publication of WO2013113284A1 publication Critical patent/WO2013113284A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Abstract

Provided are a method and system for protecting computer video device privacy. The method comprises: after an application process opens a video device through a physical driver object module in a video stream filter driver and obtains corresponding video stream parameter information, the physical driver object module sending identification information about the application process and video stream parameter information to a monitoring module through a control module in the video stream filter driver (110); the monitoring module sending replacement data and replacement instructions to the physical driver object module through the control module based on the video stream parameter information; and the replacement instructions being used for, when the application process requests video data, replacing the video stream sent by the video device with the replacement data and sending same to the application process based on the replacement instructions (120). The technical solution does not lead to the result that the application process considers that a video device is damaged and cannot access the video device again, and the application process can access the video device again without restart.

Description

一种计算机视频设备隐私保护方法和系统 技术领域  Computer video device privacy protection method and system
本发明涉及计算机技术领域, 尤其涉及一种计算机视频设备隐私保 护方法和系统。 背景技术  The present invention relates to the field of computer technologies, and in particular, to a computer video device privacy protection method and system. Background technique
随着互联网技术的发展, 在互联网中用户可以通过视频设备 (比如 摄像头) 与其他用户进行视频交互, 并且在互联网中, 许多应用程序都 可打开视频设备, 获取用户端的视频信息。 在使用过程中, 如果一用户 不注意对视频设备的管理, 互联网中其他用户很可能得到到该用户不愿 意公开的视频信息, 尤其对于黑客来说, 很容易就通过远程操作控制视 频设备获取用户端的视频信息。  With the development of Internet technology, users can perform video interaction with other users through video devices (such as cameras) on the Internet, and in the Internet, many applications can open video devices to obtain video information of the user. In the process of use, if a user does not pay attention to the management of the video device, other users on the Internet are likely to get the video information that the user is unwilling to disclose, especially for the hacker, it is easy to obtain the user through the remote operation control video device. Video information on the side.
现有技术中, 对于视频隐私的保护技术是使用 windows 内核 HOOK 技术拦截打开摄像头的进程, 即当有进程打开用户端视频设备时, 通过 内核 API的 HOOK函数 CreateFile函数和 DeviceloControl函数阻断当前 进程发送给用户端视频设备的请求消息, 即钩取, 并弹出提示框等待用 户进行处理。 在这个过程中, 一旦拒绝 HOOK 的 CreateFile 和 DeviceloControl 函数, 即用户长时间不对弹出提示框进行处理或者选择 阻断, 所述进程无法再次打开视频设备, 因为暴力的阻断了应用进程和 视频设备之间的通讯, 破坏了应用进程与视频设备之间正常交互的协议, 导致该应用进程认为视频设备损坏而无法再次访问视频设备, 必须重启 该进程方可再次与视频设备通讯。 发明内容  In the prior art, the protection technology for video privacy is to use the Windows kernel HOOK technology to intercept the process of opening the camera, that is, when a process opens the video device of the client, the current process is blocked by the HOOK function CreateFile function and the DeviceloControl function of the kernel API. The request message to the video device of the client is hooked, and a prompt box is popped up for the user to process. In this process, once the HOOK CreateFile and DeviceloControl functions are rejected, that is, the user does not process the pop-up prompt box for a long time or selects blocking, the process cannot open the video device again because the application process and the video device are blocked violently. The communication between the application process and the video device is broken, causing the application process to think that the video device is damaged and cannot access the video device again. The process must be restarted to communicate with the video device again. Summary of the invention
鉴于上述问题, 提出了本发明以便提供一种克服上述问题或者至少 部分地解决或者减緩上述问题的计算机视频设备隐私保护方法和系统。  In view of the above problems, the present invention has been made in order to provide a computer video device privacy protection method and system that overcomes the above problems or at least partially solves or alleviates the above problems.
根据本发明的一个方面, 提供了一种计算机视频设备隐私保护方法, 包括: 当应用进程通过视频流过滤驱动中的物理驱动对象模块打开视频 设备并获取到相应视频流参数信息后, 所述物理驱动对象模块将所述应 用进程标识信息和视频流参数信息通过所述视频流过滤驱动中的控制模 块发送给监控模块; 所述监控模块依据视频流参数信息将替换数据和替换指令通过所述 控制模块发送至物理驱动对象模块; 所述替换指令用于当应用进程请求 视频数据时, 依据所述替换指令由物理驱动对象模块将视频设备发送的 视频流替换为所述替换数据再发送给应用进程; According to an aspect of the present invention, a computer video device privacy protection method is provided, including: after an application process opens a video device through a physical drive object module in a video stream filter driver and obtains corresponding video stream parameter information, the physical The driving object module sends the application process identification information and the video stream parameter information to the monitoring module through the control module in the video stream filtering driver; And the monitoring module sends the replacement data and the replacement instruction to the physical driving object module by using the control module according to the video stream parameter information; and the replacing instruction is used by the physical driving object according to the replacement instruction when the application process requests the video data. The module replaces the video stream sent by the video device with the replacement data and sends the data stream to the application process;
当允许应用进程使用视频设备时, 监控模块通知所述物理驱动对象 模块停止替换。  When the application process is allowed to use the video device, the monitoring module notifies the physical drive object module to stop the replacement.
根据本发明的另一个方面, 提供了一种计算机视频设备隐私保护系 统, 包括视频流过滤驱动和监控模块; 所述视频流过滤驱动包括控制模 块和物理驱动对象模块;  According to another aspect of the present invention, a computer video device privacy protection system is provided, including a video stream filtering driver and monitoring module; the video stream filtering driver includes a control module and a physical driving object module;
所述监控模块用于接收所述控制模块发送的应用进程标识信息和视 频流参数信息, 依据视频流参数信息将替换数据和替换指令通过所述控 制模块发送至物理驱动对象模块; 并依据应用进程标识信息提示用户端 是否允许所述应用进程使用所述视频设备, 当用户选择允许, 则通知所 述物理驱动对象模块停止替换;  The monitoring module is configured to receive application process identification information and video stream parameter information sent by the control module, and send the replacement data and the replacement instruction to the physical drive object module by using the control module according to the video stream parameter information; and according to the application process The identification information prompts the user end whether the application process is allowed to use the video device, and when the user selects permission, notifies the physical drive object module to stop the replacement;
所述控制模块用于将获取的应用进程标识信息和视频流参数信息发 送至监控模块, 并将所述监控模块发送的所述替换指令和允许指令转发 至物理驱动对象模块;  The control module is configured to send the acquired application process identification information and the video stream parameter information to the monitoring module, and forward the replacement instruction and the permission instruction sent by the monitoring module to the physical driving object module.
所述物理驱动对象模块用于当应用进程开视频设备并获取到视频流 参数信息时, 将所述应用进程标识信息和视频流参数信息通过所述视频 流过滤驱动中的控制模块发送给监控模块; 当应用进程请求视频数据时, 依据所述替换指令将视频设备发送的视频流替换为所述替换数据再发送 给应用进程。  The physical driving object module is configured to send the application process identification information and the video stream parameter information to the monitoring module by using a control module in the video stream filtering driver when the application process opens the video device and obtains the video stream parameter information. When the application process requests video data, the video stream sent by the video device is replaced with the replacement data according to the replacement instruction and sent to the application process.
根据本发明的又一个方面, 提供了一种计算机程序, 其包括计算机 可读代码, 当所述计算机可读代码在服务器上运行时, 导致所述服务器 执行根据权利要求 1-14 中的任一个所述的计算机视频设备隐私保护方 法。  According to still another aspect of the present invention, a computer program comprising computer readable code causing the server to perform any of claims 1-14 when run on a server The computer video device privacy protection method.
根据本发明的再一个方面, 提供了一种计算机可读介质, 其中存储 了如权利要求 29所述的计算机程序。  According to still another aspect of the present invention, a computer readable medium is provided, wherein the computer program according to claim 29 is stored.
本发明的有益效果为:  The beneficial effects of the invention are:
本申请利用 windows系统的过滤驱动机制, 在过滤驱动中创建控制 模块和针对实际视频设备的物理驱动对象模块, 所述控制模块接收监控 模块发送的对应物理驱动对象模块的控制指令和替换数据, 并转发监控 模块发送给物理驱动对象模块的控制指令和替换数据; 本申请利用上述 驱动将视频设备的视频流替换为与视频流数据类型相同的替换数据返回 给应用进程, 在本申请的处理过程中, 对于应用进程的任何一个请求消 息包, 均没有强行的进行阻断, 对于带有视频流数据的请求包, 只是将 请求包中的视频数据替换为与视频相同格式的替换数据, 既没强行的暴 力的阻断应用进程和视频设备之间的通讯, 也不会破坏应用进程与视频 设备之间正常交互的协议, 不会导致该应用进程认为视频设备损坏而无 法再次访问视频设备, 该应用进程不用重启即可重新访问所述视频设备。 The application system uses a filter driving mechanism of the windows system to create a control module and a physical drive object module for the actual video device in the filter driver, and the control module receives the control command and the replacement data of the corresponding physical drive object module sent by the monitoring module, and a control command and replacement data sent by the forwarding monitoring module to the physical drive object module; The driver replaces the video stream of the video device with the replacement data of the same type as the video stream data and returns it to the application process. During the processing of the application, any request packet of the application process is not forcibly blocked. The request packet with the video stream data simply replaces the video data in the request packet with the replacement data in the same format as the video, and neither violently blocks the communication between the application process and the video device, nor does it destroy the application. A protocol that normally interacts with a video device does not cause the application process to think that the video device is damaged and cannot access the video device again. The application process can re-access the video device without restarting.
上述说明仅是本发明技术方案的概述, 为了能够更清楚了解本发明 的技术手段, 而可依照说明书的内容予以实施, 并且为了让本发明的上 述和其它目的、 特征和优点能够更明显易懂, 以下特举本发明的具体实 施方式。 附图说明  The above description is only an overview of the technical solutions of the present invention, and the technical means of the present invention can be more clearly understood, and can be implemented in accordance with the contents of the specification, and the above and other objects, features and advantages of the present invention can be more clearly understood. Specific embodiments of the invention are set forth below. DRAWINGS
通过阅读下文优选实施方式的详细描述, 各种其他的优点和益处对 于本领域普通技术人员将变得清楚明了。 附图仅用于示出优选实施方式 的目的, 而并不认为是对本发明的限制。 而且在整个附图中, 用相同的 参考符号表示相同的部件。 在附图中:  Various other advantages and benefits will become apparent to those skilled in the art from a The drawings are only for the purpose of illustrating the preferred embodiments and are not to be construed as limiting. Throughout the drawings, the same reference numerals are used to refer to the same parts. In the drawing:
图 1 示意性示出了根据本发明一个实施例的计算机视频设备隐私保 护方法的流程图;  FIG. 1 is a flow chart schematically showing a computer video device privacy protection method according to an embodiment of the present invention; FIG.
图 2 示意性示出了根据本发明另一个实施例的计算机视频设备隐私 保护方法的流程图;  2 is a flow chart schematically showing a method for protecting a privacy of a computer video device according to another embodiment of the present invention;
图 3 示意性示出了根据本发明一个实施例的计算机视频设备隐私保 护系统的结构示意图;  FIG. 3 is a schematic block diagram showing the structure of a computer video device privacy protection system according to an embodiment of the present invention; FIG.
图 4 示意性地示出了用于执行根据本发明的方法的服务器的框图; 以及  Figure 4 schematically shows a block diagram of a server for performing the method according to the invention;
图 5 示意性地示出了用于保持或者携带实现根据本发明的方法的程 序代码的存储单元。 具体实施例  Fig. 5 schematically shows a memory unit for holding or carrying a program code implementing a method according to the invention. Specific embodiment
下面结合附图和具体的实施方式对本发明作进一步的描述。  The invention is further described below in conjunction with the drawings and specific embodiments.
在 windows系统中, 如果设置了过滤驱动, 则所有访问实际设备的 消息和实际设备返回的消息都需要经过过滤驱动。 本申请在 windows过 滤驱动的机制下添加了一层视频流过滤驱动, 那么即可在过视频流滤驱 动中对与视频设备交互的消息进行处理, 不必阻断应用进程的消息循环, 而不必直接通过 HOOK函数直接阻断进程的消息循环 , 从而破坏应用进 程与视频设备之间正常的通讯协议, 避免了阻断后应用程序无法再次打 开的情况 , 使应用进程可以多次进行正常访问视频设备。 In the windows system, if the filter driver is set, all messages that access the actual device and messages returned by the actual device need to be filtered. The application adds a layer of video stream filtering driver under the mechanism of the windows filtering driver, so that the message interacting with the video device can be processed in the video stream filtering driver without blocking the message loop of the application process. Instead of directly blocking the message loop of the process directly through the HOOK function, the normal communication protocol between the application process and the video device is destroyed, and the application cannot be opened again after the blocking, so that the application process can perform normal access multiple times. Video device.
参照图 1 ,示出了本申请一种计算机视频设备隐私保护方法的流程示 意图, 包括:  Referring to FIG. 1, a flow diagram of a method for protecting a privacy of a computer video device according to the present application is shown, including:
步骤 110 , 当应用进程通过视频流过滤驱动中的物理驱动对象模块打 开视频设备并获取到相应视频流参数信息后, 所述物理驱动对象模块将 所述应用进程标识信息和视频流参数信息通过所述视频流过滤驱动中的 控制模块发送给监控模块。  Step 110: After the application process opens the video device by using the physical driving object module in the video stream filtering driver and obtains the corresponding video stream parameter information, the physical driving object module passes the application process identification information and the video stream parameter information. The control module in the video stream filter driver is sent to the monitoring module.
在实际中, 需要加载过滤驱动, 并在所述过滤驱动中创建控制模块 和针对视频设备的设备对象。 实际中, 需要将加载针对视频设备(比如 摄像头设备) 的过滤驱动 ( Imaging devices ) 。 一般情况下, 所述过滤驱 动的加载是在系统启动时进行加载的, 即根据系统注册表进行加载, 本 申请的过滤驱动加载时在系统注册表中的位置包括:  In practice, a filter driver needs to be loaded, and a control module and a device object for the video device are created in the filter driver. In practice, it is necessary to load an imaging device for a video device, such as a camera device. Generally, the loading of the filtering driver is loaded when the system is started, that is, according to the system registry, and the location of the filtering driver in the system registry in the application includes:
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cl ass\{6BDDlFC6-810F-HD0-BEC7-08002BE2092F}\UpperFilters"  "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cl ass\{6BDDlFC6-810F-HD0-BEC7-08002BE2092F}\UpperFilters"
创建启动 务项, 将该驱动 Λ良务随机启动 (其中, "CamFilter" 为 启动服务项名称, 可根据实际情况进行修改)  Create a startup service, and start the driver service randomly (where "CamFilter" is the name of the startup service item, which can be modified according to the actual situation)
启动服务项注册表路径:  Start the service item registry path:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ca mFilter]  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ca mFilter]
"Type"=dword:00000001  "Type"=dword:00000001
"Start"=dword:00000001  "Start"=dword:00000001
在加载过滤驱动后, 在过滤驱动中会针对每个实际的视频设备创建 相应的物理驱动对象模块, 还会创建一个控制模块用于接收监控模块的 指令与数据。  After the filter driver is loaded, the corresponding physical drive object module is created for each actual video device in the filter driver, and a control module is also created for receiving the command and data of the monitoring module.
在实际中, 所述物理驱动对象模块将所述应用进程标识信息和视频 流参数信息通过所述视频流过滤驱动中的控制模块发送给监控模块时: 通过所述控制模块中的监控过滤器将所述应用进程标识信息和视频 流参数信息发送给监控模块。  In practice, the physical driving object module sends the application process identification information and video stream parameter information to the monitoring module through the control module in the video stream filtering driver: through the monitoring filter in the control module The application process identification information and the video stream parameter information are sent to the monitoring module.
其中所述的视频流参数信息包括视频流的压缩格式、 视频的高宽、 视频每一帧图片的 size (尺寸), 每一个像素所占的字节数等。 对于每种 应用进程, 其获取的视频流参数信息可能存在不同, 比如应用进程 A获 取的视频的高宽为 360*480,而应用进程 B获取的视频的高宽为 600*800, 相应不同应用进程可能其获取的视频流参数信息不同。  The video stream parameter information includes a compression format of the video stream, a height and a width of the video, a size (size) of each frame of the video, a number of bytes occupied by each pixel, and the like. For each application process, the obtained video stream parameter information may be different. For example, the height and width of the video acquired by the application process A is 360*480, and the height and width of the video acquired by the application process B is 600*800, corresponding to different applications. The process may have different video stream parameter information.
在实际中, 在步骤 110之前还包括:  In practice, before step 110, it also includes:
步骤 90 , 启动监控模块。  Step 90, start the monitoring module.
步骤 100 ,通过监控模块发送打开命令到视频流过滤驱动打开所述控 制模块, 并在所述控制模块中创建监控过滤器。 即监控模块通过 MJ— CREATE函数发送 IPR包到视频流过滤驱动后, 视频流过滤驱动会首先 ^据该 IPR包中指令和对应控制模块的句柄打开 控制模块, 同时控制模块会创建一个空属性的过滤器; 然后监控模块再 发送一个创建监控过滤器的指令将该空属性的过滤器创建为监控过滤 器。 Step 100: Send the open command to the video stream filter driver by the monitoring module to open the control module, and create a monitoring filter in the control module. That is, after the monitoring module sends the IPR packet to the video stream filtering driver through the MJ-CREATE function, the video stream filtering driver first opens the control module according to the instruction in the IPR packet and the handle of the corresponding control module, and the control module creates an empty attribute. Filter; The monitoring module then sends an instruction to create a monitoring filter to create a filter for the empty attribute as a monitoring filter.
步骤 120 ,所述监控模块依据视频流参数信息将替换数据和替换指令 通过所述控制模块发送至物理驱动对象模块; 所述替换指令用于当应用 进程请求视频数据时, 依据所述控制指令由物理驱动对象模块将视频设 备发送的视频流替换为所述替换数据发送给应用进程。  Step 120: The monitoring module sends the replacement data and the replacement instruction to the physical driving object module by using the control module according to the video stream parameter information. The replacement instruction is used when the application process requests the video data, according to the control instruction. The physical drive object module replaces the video stream sent by the video device with the replacement data and sends it to the application process.
在实际中, 所述的监控模块接收到所述视频流参数信息和应用进程 标识信息后, 会依据所述视频流参数信息将预置的替换数据转换为与视 频设备输出的数据类型相同的替换数据并将所述转换后的替换数据通过 控制模块发送至物理驱动对象模块的配置信息中, 立即通过控制模块发 送保护视频流的替换指令到物理驱动对象模块将视频流替换为已准备的 替换数据, 然后将替换后的数据发送给应用进程。  In practice, after receiving the video stream parameter information and the application process identifier information, the monitoring module converts the preset replacement data into the same data type as the video device output according to the video stream parameter information. Data and the converted replacement data is sent to the configuration information of the physical drive object module through the control module, and the replacement instruction for protecting the video stream is immediately sent to the physical drive object module by the control module to replace the video stream with the prepared replacement data. And then send the replaced data to the application process.
步骤 130 , 当允许应用进程使用视频设备时, 监控模块通知所述物理 驱动对象模块停止替换。  Step 130: When the application process is allowed to use the video device, the monitoring module notifies the physical drive object module to stop the replacement.
优选的, 通过以下方式进行当允许应用进程使用视频设备时, 监控 模块通知所述物理驱动对象模块停止替换:  Preferably, when the application process is allowed to use the video device, the monitoring module notifies the physical drive object module to stop the replacement by:
所述监控进程依据应用进程标识信息提示用户端是否允许所述应用 进程使用视频设备, 当用户选择允许应用进程使用视频设备时, 监控模 块通知所述物理驱动对象模块停止替换;  The monitoring process prompts the user to allow the application process to use the video device according to the application process identification information. When the user selects to allow the application process to use the video device, the monitoring module notifies the physical drive object module to stop the replacement;
或者, 所述监控进程依据应用进程标识信息与允许白名单中的进程 标识信息进行匹配, 如果匹配上, 则监控模块通知所述物理驱动对象模 块停止替换。  Alternatively, the monitoring process matches the process identification information in the allowed whitelist according to the application process identification information. If the matching process is performed, the monitoring module notifies the physical driving object module to stop replacing.
实际中, 所述的监控模块接收到所述视频流参数信息和应用进程标 识信息后, 还可依据所述应用进程标识信息 (应用进程 ID和应用进程的 完整路径) 找到具体访视频设备的应用进程名提示用户端是否允许所述 应用进程使用所述视频设备。 如果用户端选择允许, 则通过控制模块发 送一个允许指令到物理驱动对象模块通知其停止替换数据。  In practice, after receiving the video stream parameter information and the application process identifier information, the monitoring module may further find an application of the specific video access device according to the application process identifier information (the application process ID and the complete path of the application process). The process name prompts the client whether the application process is allowed to use the video device. If the client chooses to allow, then the control module sends an allow command to the physical drive object module to inform it to stop the replacement data.
或者, 可根据允许应用进程使用视频设备的白名单, 将所述应用进 程与白名单中的应用进程进行标识信息匹配, 如果匹配上, 则通过控制 模块发送一个允许指令到物理驱动对象模块通知其停止替换数据。 其中 白名单可由用户自己进行设置。  Alternatively, the application process may be used to match the application process in the whitelist according to the whitelist of the video device, and if the matching is performed, the control module sends an allow command to the physical drive object module to notify the Stop replacing data. The whitelist can be set by the user himself.
参照图 2 ,示出了本申请优选的一种计算机视频设备隐私保护方法的 流程示意图, 包括:  Referring to FIG. 2, a flow chart of a method for protecting a privacy of a computer video device, which is preferred in the present application, includes:
步骤 210 , 通过监控模块打开过滤驱动中的控制模块, 并在所述控制 模块中注册监控过滤器。 在实际中, 需要加载过滤驱动, 并在所述过滤驱动中创建控制模块 和针对视频设备的设备对象。 实际中, 需要将加载针对视频设备(比如 摄像头设备) 的过滤驱动 ( Imaging devices ) 。 一般情况下, 所述过滤驱 动的加载是在系统启动时进行加载的, 即根据系统注册表进行加载, 本 申请的过滤驱动加载时在系统注册表中的位置包括: Step 210: Open a control module in the filter driver by using a monitoring module, and register a monitoring filter in the control module. In practice, a filter driver needs to be loaded, and a control module and a device object for the video device are created in the filter driver. In practice, it is necessary to load an imaging device (video device) for a video device (such as a camera device). Generally, the loading of the filter driver is loaded at the time of system startup, that is, loading according to the system registry, and the location of the filter driver in the application registry in the application registry includes:
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cl ass\{6BDDlFC6-810F-TlD0-BEC7-08002BE2092F}\UpperFilters 创建启动 务项, 将该驱动 Λ良务随机启动 (其中, "CamFilter" 为 启动服务项名称, 可根据实际情况进行修改)  "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cl ass\{6BDDlFC6-810F-TlD0-BEC7-08002BE2092F}\UpperFilters Create a startup service item, and start the driver service randomly (where "CamFilter" is the startup service item name, Can be modified according to the actual situation)
启动服务项注册表路径:  Start the service item registry path:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ca mFilter] (其中 "CamFilter" 为启动服务项名称, 可根据实际情况进行 修改)  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ca mFilter] (where "CamFilter" is the name of the startup service item, which can be modified according to the actual situation)
"Type"=dword:00000001  "Type"=dword:00000001
"Start"=dword:00000001  "Start"=dword:00000001
在加载过滤驱动后, 在过滤驱动中会针对每个实际的视频设备创建 相应的物理驱动对象模块, 还会创建一个控制模块用于接收监控模块控 制物理驱动对象模块的指令与数据。  After the filter driver is loaded, a corresponding physical drive object module is created for each actual video device in the filter driver, and a control module is also created for receiving the command and data of the monitoring module to control the physical drive object module.
在启动监控模块后, 监控模块通过发送指令和数据到所述控制模块 中来进行操控。 一般情况下, 监控模块是通过发送控制指令到控制模块 进程操控。  After the monitoring module is started, the monitoring module is controlled by sending instructions and data to the control module. In general, the monitoring module is controlled by sending control commands to the control module process.
在监控模块启动后, 监控模块首先会通过 MJ— CREATE函数发送一 个 IPR—MJ— CREATE请求包到过滤驱动, 过滤驱 ^接收到该请求包后首 先会判断该请求包中的设备对象的句柄是否为预置的控制模块的句柄, 如果是则发送到控制模块打开控制模块, 即打开预置的设备对象句柄, 并创建一个空属性的过滤器; 然后监控模块再发送一条控制指令将该空 属性的过滤器注册为监控过滤器, 实际中, 本申请所述的注册是监控模 块发送监控的 IRP ( I/O request packet )请求并被控制模块挂起, 等待物 理驱动对象模块发送的相关信息, 比如视频流参数信息和需要使用视频 设备的应用进程标识信息等。  After the monitoring module is started, the monitoring module first sends an IPR-MJ-CREATE request packet to the filtering driver through the MJ-CREATE function. After receiving the request packet, the filtering driver first determines whether the handle of the device object in the request packet is The handle of the preset control module, if yes, sent to the control module to open the control module, that is, open the preset device object handle, and create a filter with an empty attribute; then the monitoring module sends a control command to send the empty attribute The filter is registered as a monitoring filter. In practice, the registration described in the present application is an IRP (I/O request packet) request sent by the monitoring module and suspended by the control module, waiting for relevant information sent by the physical driving object module. For example, video stream parameter information and application process identification information that needs to use a video device.
步骤 220 , 当应用进程通过过滤驱动中的物理驱动对象模块打开视频 设备并获取到视频流参数信息时, 则通过物理驱动对象模块将所述打开 请求包中的信息发送给所述监控过滤器并通过监控过滤器反馈给所述监 控模块。  Step 220: When the application process opens the video device by using the physical drive object module in the filter driver and obtains the video stream parameter information, the information in the open request packet is sent to the monitoring filter by the physical drive object module. Feedback to the monitoring module by monitoring the filter.
在实际中, 当应用进程的打开请求包通过过滤驱动中的物理驱动对 象模块打开视频设备并获取到视频流参数信息时:  In practice, when the open request packet of the application process opens the video device through the physical drive object module in the filter driver and obtains the video stream parameter information:
所述物理驱动对象模块通过分析 IPR—MJ— CREATE消息获取所述打 开请求包中的信息; 所述信息包括视频流 ^数信息和应用进程标识信息。 当所述物理驱动对象模块获取到所述打开请求包中的信息时包括: 步骤 S11 , 遍历查看所述控制模块中是否存在监控过滤器, 如果存在 则将所述打开请求包中的信息发送给所述监控过滤器; The physical drive object module obtains information in the open request packet by analyzing an IPR_MJ_CREATE message; the information includes video stream information and application process identifier information. When the physical driving object module acquires the information in the open request packet, the method includes: Step S11: traversing to check whether there is a monitoring filter in the control module, and if yes, sending the information in the open request packet to The monitoring filter;
步骤 S12 , 将所述打开请求包返回应用进程。  Step S12: Return the open request packet to an application process.
即当物理驱动对象模块分析 IPR—MJ— CREATE消息获取到所述打开 请求包中的信息后, 会先遍历查看所述控制模块中是否存在监控过滤器, 如果存在, 才将所述打开请求包中的信息发送给所述监控过滤器, 再将 所述打开请求包返回应用进程; 如果不存在, 则直接将所述打开请求包 返回应用进程。  That is, after the physical drive object module analyzes the IPR_MJ_CREATE message to obtain the information in the open request packet, it first traverses to check whether there is a monitoring filter in the control module, and if so, the open request packet is The information in the message is sent to the monitoring filter, and the open request packet is returned to the application process; if not, the open request packet is directly returned to the application process.
在实际中, 当一个应用进程需要使用视频设备时, 比如 MSN.exe, 首先会发送一个通过 MJ— CREATE函数发送一个 IPR—MJ— CREATE请求 包到过滤驱动, 过滤驱 ^"会判断该 IPR请求包中包括的设备对象的句柄 是否为控制模块的句柄, 如果不是则进入对应用进程的 IPR请求包的处 理流程。  In practice, when an application process needs to use a video device, such as MSN.exe, it will first send an IPR-MJ-CREATE request packet to the filter driver through the MJ-CREATE function, and the filter driver will judge the IPR request. Whether the handle of the device object included in the package is the handle of the control module, and if not, the processing flow of the IPR request packet to the application process.
过滤驱动中的物理驱动对象模块则根据所述 IPR请求判断当前对应 的视频设备是否打开, 如果当前视频设备已经打开, 说明已经有其他应 用进程使用当前的视频设备, 返回结果告知该应用进程无法使用所述视 频设备; 如果当前的视频设备未打开, 则说明该应用进程可以使用当前 的视频设备。  The physical drive object module in the filter driver determines whether the currently corresponding video device is turned on according to the IPR request. If the current video device is already open, it indicates that another application process uses the current video device, and the return result informs the application process that the application process cannot be used. The video device; if the current video device is not turned on, it indicates that the application process can use the current video device.
优选的, 当应用进程通过视频流过滤驱动中的物理驱动对象模块打 开视频设备时包括:  Preferably, when the application process opens the video device through the physical drive object module in the video stream filter driver, the method includes:
步骤 S21 , 判断应用进程发送的打开请求包中是否为控制模块的句 柄。  Step S21: Determine whether the open request packet sent by the application process is a handle of the control module.
在实际中, 控制模块的打开和视频设备的打开过程都是通过  In practice, the opening of the control module and the opening process of the video device are both
MJ— CREATE函数进行的,对于过滤驱动接收到的打开的 IPR请求包,则 会" ^断该请求包中是否为控制模块的句柄。 一般情况下, 在过滤驱动启 动后, 监控模块启动时发送的打开的 IPR请求包中为控制模块的句柄, 此时过滤驱动即将该请求包发送至控制模块从而打开该控制模块。 MJ - CREATE function, for the open IPR request packet received by the filter driver, it will "move the request packet as a handle of the control module. In general, after the filter driver is started, the monitoring module starts when it starts. The open IPR request packet is a handle of the control module, and the filter driver sends the request packet to the control module to open the control module.
步骤 S22 , 如果不是判断视频设备是否已经打开。  Step S22, if it is not determined whether the video device has been turned on.
在实际中, 如果视频设备已经打开, 物理驱动对象模块会保存视频 设备打开的信息。  In practice, if the video device is already turned on, the physical drive object module saves the information that the video device is turned on.
物理驱动对象模块接收到应用进程的用于打开视频设备的 IPR请求 包后, 首先会判断其对应的视频设备是否打开。  After receiving the IPR request packet of the application process for opening the video device, the physical drive object module first determines whether the corresponding video device is turned on.
步骤 S23 , 如果未打开, 则设置回调函数 Create— rountine并将所述打 开请求包发送给下层驱动; 所述回调函数 Create— rountine用于当所述打 开请求包打开视频设备并获取到相应视频流参数言息时发送激活信号至 所述物理驱动对象模块中的第一信息发送子单元。  Step S23, if not opened, setting a callback function Create_rountine and sending the open request packet to a lower layer driver; the callback function Create_rountine is used to open the video device and obtain a corresponding video stream when the open request packet is opened The parameter sends an activation signal to the first information transmitting subunit in the physical drive object module.
在实际中, 当物理驱动对象模块判断出视频设备未被打开后, 设置 一个回调函数 Create— rountine , 并将所述打开请求包发送给下层驱动; 当 请求包在下层驱动打开视频设备并获取到与该应用进程 IPR相应的视频 设备的视频流参数信息时, 回调函数 Create— rountine则发送激活信号至 物理驱动对象模块中的第一信息发送子单元。 In practice, when the physical drive object module determines that the video device is not turned on, a callback function Create_rountine, and send the open request packet to the lower layer driver; when the request packet opens the video device in the lower layer driver and obtains the video stream parameter information of the video device corresponding to the application process IPR, the callback function Create – rountine sends an activation signal to the first information transmitting subunit in the physical drive object module.
在本步骤中, 物理驱动对象模块会遍历控制模块中是否存在监控过 滤器, 即遍历查看控制模块中是否挂起了等待接收所述打开请求包的信 息的 IPR。  In this step, the physical drive object module traverses whether there is a monitoring filter in the control module, that is, traversing the IPR of the information in the control module waiting to receive the open request packet.
步骤 S24 ,所述第一信息发送子单元根据激活信号发送所述打开请求 包中的信息至监控过滤器。  Step S24: The first information sending subunit sends the information in the open request packet to the monitoring filter according to the activation signal.
所述信息发送单元接收到所述发送激活信号后, 将所述打开请求包 中的信息发送至监控过滤器, 其中所述打开请求包中的信息包括视频流 参数信息和应用进程标识信息。 更进一步的说, 所述的视频流参数信息 包括: 视频流的压缩格式、 视频的高宽、视频每一帧图片的 size (尺寸), 每一个像素所占的字节数等; 所述的应用进程标识信息包括: 应用进程 的 id, 应用进程的完整路径。 其中所述的视频流参数信息包括视频流的 压缩格式、 视频的高宽、 视频每一帧图片的 size (尺寸) , 每一个像素所 占的字节数等。 对于每种应用进程, 其获取的视频流参数信息可能存在 不同, 比如应用进程 A获取的视频的高宽为 360*480,而应用进程 B获取 的视频的高宽为 600*800 ,相应不同应用进程可能其获取的视频流参数信 息不同。  After receiving the sending activation signal, the information sending unit sends the information in the open request packet to the monitoring filter, where the information in the open request packet includes video stream parameter information and application process identifier information. Further, the video stream parameter information includes: a compression format of the video stream, a height and a width of the video, a size (size) of each frame of the video, a number of bytes occupied by each pixel, and the like; The application process identification information includes: the id of the application process, and the full path of the application process. The video stream parameter information includes a compression format of the video stream, a height and a width of the video, a size (size) of each frame of the video, a number of bytes occupied by each pixel, and the like. For each application process, the obtained video stream parameter information may be different. For example, the height and width of the video acquired by the application process A is 360*480, and the height and width of the video acquired by the application process B is 600*800, corresponding to different applications. The process may have different video stream parameter information.
另外, 将获得视频流参数信息的打开请求包中的信息发送给所述监 控过滤器时, 也可由回调函数 Create— rountine本身完成, 即在回调函数 Create— rountine中设置将所述打开请 ¾包中的信息发送至监控过滤器的 功能。  In addition, when the information in the open request packet for obtaining the video stream parameter information is sent to the monitoring filter, it can also be completed by the callback function Create_rountine itself, that is, the call to the callback function Create_rountine is set to open the package. The information in the send to the monitoring filter.
在实际中, 优选的, 在应用进程的请求包通过 MJ— CREATE函数打 开视频设备时的代码如下:  In practice, the code when the request packet of the application process is opened by the MJ_CREATE function is as follows:
NT STATUS Create(PDE VICE— OBJECT pdev, PIRP pirp)  NT STATUS Create(PDE VICE— OBJECT pdev, PIRP pirp)
PDEVICE— OBJECT pnextdev; PDEVICE — OBJECT pnextdev;
NTSTATUS status;  NTSTATUS status;
KEVENT event;  KEVENT event;
WCHAR szPath[MAX_PATH];  WCHAR szPath[MAX_PATH];
PIO— STACK— LOCATION stack =  PIO—STACK— LOCATION stack =
IoGetCurrentlrpStackLocation(pirp); IoGetCurrentlrpStackLocation(pirp);
DEVICE— EXTENSION * pctx = pdev -〉 DeviceExtension;  DEVICE— EXTENSION * pctx = pdev -> DeviceExtension;
II 判断打开的对象是否为'监控对象 ' ' if( pdev == g_pdev) II 创建空类型的过滤器 status = CreateFilter( pirp ); II Determine if the open object is 'monitoring object'' if( pdev == g_pdev) II Create an empty type filter Status = CreateFilter( pirp );
CompleteRequest( pirp, 0, status);  CompleteRequest( pirp, 0, status);
return status;  Return status;
// 如果视频设备已打开 则不再设置回调函数进行拦截 // If the video device is already open, the callback function is no longer set to intercept
II 我们将在 IRP— MJ— CLOSE函数中 监控打开摄像头的进程是否  II We will monitor whether the process of opening the camera is in the IRP-MJ-CLOSE function.
II 当该进程退出后 将 power— sign置为 POWER— OFF II When the process exits, set power_sign to POWER-OFF
if( pctx->power_sign == POWER— ON ) return PassThr(pdev,pirp); pnextdev = GetNextDev(pdev);  If( pctx->power_sign == POWER— ON ) return PassThr(pdev,pirp); pnextdev = GetNextDev(pdev);
IoCopyCurrentlrpStackLocationToNext(pirp);  IoCopyCurrentlrpStackLocationToNext(pirp);
〃设置回调函数, 该函数被调用时激活 EVENT事件  〃 Set the callback function, which is activated when the EVENT event is called.
IoSetCompletionRoutineEx(pdev,pirp, create— rountine,  IoSetCompletionRoutineEx(pdev,pirp, create- rountine,
&event,TRUE,FALSE,FALSE); ― &event,TRUE,FALSE,FALSE); ―
status = IoCallDriver(pnextdev,pirp);  Status = IoCallDriver(pnextdev,pirp);
if( status == STATUS— PENDING )  If( status == STATUS— PENDING )
II 等待 EVENT事件 II waiting for the EVENT event
status = KeWaitForSingleObject( &event, II  Status = KeWaitForSingleObject( &event, II
&uevent,pirp->UserEvent; &uevent,pirp->UserEvent;
Executive,  Executive,
KernelMode,  KernelMode,
FALSE,  FALSE,
NULL ); undata = (PCHAR)pirp->AssociatedIrp.SystemBuffer; // 判断是否获取到了摄像头的相关信息  NULL ); undata = (PCHAR)pirp->AssociatedIrp.SystemBuffer; // Determine if the camera information is obtained.
if( !NT_SUCCESS(pirp->IoStatus. Status) || undata == NULL || :(UINT32 *)((PCHAR)undata + 0x30) >= 2 ) )  If( !NT_SUCCESS(pirp->IoStatus. Status) || undata == NULL || :(UINT32 *)((PCHAR)undata + 0x30) >= 2 ) )
// 未获取到信息 直接返回 // did not get the information, return directly
return pirp->Io Status . Status;  Return pirp->Io Status . Status;
// //
II ...  II ...
II 解析读取到的摄像头信息并将相关信息发送给监控过滤器 if( pctx->power_sign == POWER— OFF ) pctx->power_sign = POWER— ON; II parsing the read camera information and sending the relevant information to the monitoring filter if( pctx->power_sign == POWER— OFF ) Pctx->power_sign = POWER—ON;
II 获 打开进程 ID 路径  II Open Process ID Path
pctx->curprocid = PsGetCurrentProcessId();  Pctx->curprocid = PsGetCurrentProcessId();
SetDeviceCurPid(pdev, pctx->curprocid);  SetDeviceCurPid(pdev, pctx->curprocid);
GetCurrentProcessFullPath(szPath, MAX— PATH);  GetCurrentProcessFullPath(szPath, MAX_PATH);
SendToAllMonitorFilter( PROCESS LIVE ,pctx , szPath ); // .... 初始化操作 ― return pirp->Io Status . Status;  SendToAllMonitorFilter( PROCESS LIVE ,pctx , szPath ); // .... Initialization operation ― return pirp->Io Status . Status;
}  }
步骤 230 ,所述监控模块根据所述视频流参数信息和应用进程标识信 息, 将预置的替换数据转换为与视频设备输出的数据类型相同的替换数 据并将所述转换后的替换数据和替换指令通过控制模块发送至物理驱动 对象模块, 并提示用户端是否阻断所述应用进程使用所述视频设备。  Step 230: The monitoring module converts the preset replacement data into the same replacement data as the data type output by the video device according to the video stream parameter information and the application process identification information, and replaces the converted replacement data and the replacement data. The instruction is sent to the physical drive object module through the control module, and prompts the user terminal to block the application process from using the video device.
所述替换指令用于当应用进程请求视频数据时, 依据所述替换指令 由物理驱动对象模块将视频设备发送的视频流替换为所述替换数据再发 送给应用进程。  The replacement instruction is configured to replace, by the physical drive object module, the video stream sent by the video device with the replacement data according to the replacement instruction, and send the video data to the application process, when the application process requests the video data.
在实际中, 当监控模块接收到所述打开请求包的消息后, 会根据所 述消息中的视频流参数信息, 即视频流的压缩格式、 视频的高宽、 视频 每一帧图片的 size, 每一个像素所占的字节数等信息, 将预置的替换数据 (比如 logo图片的数据)转换为与视频流参数信息规定的数据类型相同 类型的替换数据, 即将 logo图片的数据的视频流的压缩格式、 视频的高 宽、视频每一帧图片的 size , 每一个像素所占的字节数等替换为与视频设 备输出的数据类型相同的 logo图片数据;  In practice, when the monitoring module receives the message of the open request packet, it will according to the video stream parameter information in the message, that is, the compressed format of the video stream, the height and width of the video, and the size of each frame of the video. The information such as the number of bytes occupied by each pixel converts the preset replacement data (such as the data of the logo image) into the same type of replacement data as the data type specified by the video stream parameter information, that is, the video stream of the data of the logo image The compression format, the height and width of the video, the size of each frame of the video, the number of bytes occupied by each pixel, and the like are replaced with the same logo image data as the data type output by the video device;
然后再将所述替换数据通过控制模块发送至物理驱动对象模块。 在 实际中, 监控模块首先将所述替换数据发送至所述控制模块, 再由所述 控制模块发送至所述物理驱动对象模块, 所述物理驱动对象模块接收到 所述替换数据后更新进入自己的配置信息中, 然后在步骤 240中使用所 述替换数据。  The replacement data is then sent to the physical drive object module through the control module. In practice, the monitoring module first sends the replacement data to the control module, and then the control module sends the data to the physical drive object module, and the physical drive object module updates and enters itself after receiving the replacement data. In the configuration information, the replacement data is then used in step 240.
该步骤在发送替换数据的时会发送一个替换数据值控制驱动, 再由 控制驱动将替换指令发送至物理驱动对象模块, 使物理驱动对象模块处 于替换状态, 当有应用进程读取视频流时将视频流替换为替换数据再将 替换数据发送至应用进程。  This step sends a replacement data value control driver when sending the replacement data, and then the control driver sends the replacement instruction to the physical drive object module, so that the physical drive object module is in the replacement state, when the application process reads the video stream, The video stream is replaced with replacement data and the replacement data is sent to the application process.
另外, 在实际中, 监控模块还会根据所述打开消息包中的应用进程 标识信息, 即应用进程的 id和应用进程的完整路径, 查找是什么应用进 程正在访问视频设备, 然后通知用户端是否允许该应用进程使用所述视 频设备。  In addition, in practice, the monitoring module further searches for the application process identification information in the open message packet, that is, the id of the application process and the full path of the application process, to find out what application process is accessing the video device, and then notifies the user whether The application process is allowed to use the video device.
步骤 240 , 当用户端未进行选择操作或选择不允许时, 如果有应用进 程通过物理驱动对象模块读取视频流, 所述物理驱动对象模块将视频设 备发送的视频流的每帧视频数据替换为所述替换数据, 并将所述替换数 据发送给应用进程。 Step 240: When the user terminal does not perform the selection operation or the selection is not allowed, if the application process reads the video stream through the physical driving object module, the physical driving object module sets the video Each frame of video data of the video stream to be transmitted is replaced with the replacement data, and the replacement data is sent to the application process.
在实际中, 物理驱动对象模块首先默认将视频设备的视频流替换为 所述替换数据 (比如 logo图片) , 当用户选择不允许当前应用进程使用 视频设备时, 则保持替换。  In practice, the physical drive object module first replaces the video stream of the video device with the replacement data (such as a logo image) by default, and when the user chooses not to allow the current application process to use the video device, it remains replaced.
如果用户选择允许, 则发送允许的指令至所述控制模块, 由控制模 块通知物理驱动对象模块停止替换数据, 将视频设备的数据直接返回给 所述应用进程。  If the user selects the permission, the allowed instruction is sent to the control module, and the control module notifies the physical drive object module to stop the replacement data, and returns the data of the video device directly to the application process.
在实际中, 应用进程通过 MJ CONTROL函数读取视频流 , 即发送 IPR—MJ— DEVICE— CONTROL请求 至物理驱动对象模块去读取视频设 备^视频流。 优 i£的, 所述物理驱动对象模块通过对  In practice, the application process reads the video stream through the MJ CONTROL function, that is, sends the IPR-MJ-DEVICE-CONTROTE request to the physical drive object module to read the video device^video stream. Preferably, the physical drive object module passes
IPR—MJ— DEVICE— CONTROL消息的分析判断是否有应用进程通过物理 驱动对象模块读取视频流。  IPR—MJ—DEVICE—Analysis of the CONTROL message to determine if an application process reads the video stream through the physical drive object module.
当所述 IPR包含视频流时 , 则通过 IPR—MJ— DEVICE— CONTROL的 回调函数 Control— rountine将视频流中每帧视频数据替换 所述替换数 据。  When the IPR contains a video stream, the video data of each frame in the video stream is replaced by the replacement data by the IPR_MJ-DEVICE-CONTROL callback function Control-rountine.
另外如果物理驱动对象模块不能解析视频设备的视频流时, 则将将 所述视频流的数据置换为零发送给应用进程, 即将视频流中每帧视频数 据置换为零, 即将视频流处理为纯色图片发送给应用进程, 其替换也可 以通过回调函数 Control— rountine进行替换。  In addition, if the physical drive object module cannot parse the video stream of the video device, the data of the video stream will be replaced by zero to the application process, that is, the video data of each frame in the video stream is replaced by zero, that is, the video stream is processed into a solid color. The image is sent to the application process, and its replacement can also be replaced by the callback function Control - rountine.
在实际中, 对于回调函数 Control— rountine , 其实际代码可如下所示, 下述代码所述的回调函数 Control— rountine在视频流可以解析的时候将其 替换为图片, 在视频流不能解析^时候, 将视频流数据置换为 0:  In practice, for the callback function Control-rountine, the actual code can be as follows, the callback function Control-rountine described in the following code replaces the video stream with a picture when it can be parsed, when the video stream cannot be parsed ^ , replace the video stream data with 0:
// DEMO 代码:  // DEMO code:
NT STATUS MonitorFilter_rountine( PDE VICE— OBJECT pdev,PIRP pirp,PVOID Context)  NT STATUS MonitorFilter_rountine( PDE VICE— OBJECT pdev, PIRP pirp, PVOID Context)
DEVICE— EXTENSION *pctx; DEVICE— EXTENSION *pctx;
PIO—STA^CK— LOCATION stack;  PIO—STA^CK—LOCATION stack;
PVdlD sysbuf;  PVdlD sysbuf;
UINT32 syssize;  UINT32 syssize;
UINT32 pcode; stack = IoGetCurrentlrpStackLocation(pirp);  UINT32 pcode; stack = IoGetCurrentlrpStackLocation(pirp);
II 如果 controlcode 为获取视频流的控制码 我们才做处理 II If the controlcode is to get the control code of the video stream, we will do the processing.
〃 CONTROL— GETDATA 的数值为 0x002F4017 (微软规定的一 个指令值) 〃 CONTROL—The value of GETDATA is 0x002F4017 (a command value specified by Microsoft)
pcode = stack->Parameters.DeviceIoControl.IoControlCode;  Pcode = stack->Parameters.DeviceIoControl.IoControlCode;
// pctx 为设备上下文  // pctx is the device context
pctx = pdev->DeviceExtension; II 如果控制指令为 CONTROL— GETDATA 且设置驱动为拦截 且该 IRP的 Status 为成功 if( pctx->blogo && NT— SUCCESS(pirp->IoStatus. Status) && pcode == CONTROL GETDATA ) Pctx = pdev->DeviceExtension; II If the control command is CONTROL_GETDATA and the drive is set to intercept and the status of the IRP is successful if(pctx->blogo && NT_ SUCCESS(pirp->IoStatus. Status) && pcode == CONTROL GETDATA )
II 以下两行代码 获取真实视频流 buf 的地址和大小 sysbuf = II The following two lines of code get the address and size of the real video stream buf sysbuf =
MmGetSystemAddressForMdlSafe(pirp->MdlAddress,NormalPagePriority); syssize = MmGetMdlByteCount(pirp->MdlAddress);  MmGetSystemAddressForMdlSafe(pirp->MdlAddress, NormalPagePriority); syssize = MmGetMdlByteCount(pirp->MdlAddress);
II 如果我们向驱动发送了 logo 图片的数据且大小等于 IRP 获取到数据的 size 则进行替换 II If we send the data of the logo image to the driver and the size is equal to the size of the data IRP gets, replace it
if( sysbuf && pctx->plbuf && (syssize == pctx->nlsize)) memcpy(sysbuf ,pctx->plbuf, syssize ); else  If( sysbuf && pctx->plbuf && (syssize == pctx->nlsize)) memcpy(sysbuf ,pctx->plbuf, syssize ); else
// 如果摄像头数据流我无法解释 则将视频处理为单色图片 memset(sysbuf, 0 , syssize); // If the camera data stream I can't explain, then process the video as a monochrome image memset(sysbuf, 0, syssize);
return pirp->IoStatus. Status; 另外, 在实际中, 将视频流替换为替换数据也可以不在 Return pirp->IoStatus. Status; Also, in practice, replacing the video stream with the replacement data may not be
control— rountine中做替换, 本申请也可设置单独的替换模块根据回调函 数的激活信号将进程在 IPR—MJ— DEVICE— CONTROL中获取到每帧的视 频数据替换为所述替换数据。 In the control-rountine replacement, the present application can also set a separate replacement module to replace the video data of each frame acquired by the process in the IPR_MJ_DEVICE_CONTROTION with the replacement data according to the activation signal of the callback function.
另外, 在监控模块获取到视频参数信息和应用进程标识信息后, 还 可根据允许应用进程使用视频设备的白名单, 将应用进程标识信息与所 述白名单中的应用进程标识信息进行匹配, 如果匹配上, 则允许所述应 用进程使用所述视频设备, 如果未匹配上, 则可将预置的替换数据转换 为与视频设备输出的数据类型相同的替换数据并将所述转换后的替换数 据和替换指令通过控制模块发送至物理驱动对象模块, 当有应用进程通 过物理驱动对象模块读取视频流, 所述物理驱动对象模块将视频设备发 送的视频流的每帧视频数据替换为所述替换数据, 并将所述替换数据发 送给应用进程。 In addition, after the monitoring module obtains the video parameter information and the application process identifier information, the application process identification information may be matched with the application process identifier information in the whitelist according to the whitelist of the video device. Matching, the application process is allowed to use the video device, if not matched, the preset replacement data can be converted into the same replacement data as the data type output by the video device, and the converted replacement data is And the replacement instruction is sent to the physical drive object module by the control module, and when the application process reads the video stream through the physical drive object module, the physical drive object module replaces each frame of the video data of the video stream sent by the video device with the replacement. Data, and the replacement data is sent Send to the application process.
另外, 也可结合不允许使用视频设备的黑名单, 将应用进程标识信 息与黑名单进行匹配, 如果匹配上, 则直接选择不允许相应应用进程使 用视频设备, 将视频流替换为相应替换数据。  In addition, the application process identification information can be matched with the blacklist in combination with the blacklist that does not allow the video device to be used. If the match is matched, the corresponding application process is not allowed to use the video device, and the video stream is replaced with the corresponding replacement data.
或者, 将应用进程标识信息同时与白名单、 黑名单进行匹配, 如果 都没匹配上, 则提示用户选择是否允许当前应用进程使用视频设备。  Or, the application process identifier information is matched with the whitelist and the blacklist at the same time. If none of the matches is matched, the user is prompted to select whether to allow the current application process to use the video device.
另外, 在选择不允许后, 还包括:  In addition, after the selection is not allowed, it also includes:
通过第二控制模块发送停止阻断命令至所述物理驱动对象模块, 通 过物理驱动对象模块将视频流之间发送至应用进程。  A stop blocking command is sent to the physical drive object module by the second control module, and the video stream is sent to the application process by the physical drive object module.
在实际中, 用户可启动第二控制模块, 通过第二控制模块发送停止 阻断命令至所述物理驱动对象模块, 使物理驱动对象模块停止将视频流 数据替换为替换数据, 从而使视频流可以之间发送至应用进程。 比如发 送通过 CONTROL— LOGO ACCESS 指令到物理驱动对象模块使物理驱动 对象模块停止将视频流数据替换为替换数据, 从而使视频流可以之间发 送至应用进程。  In practice, the user may activate the second control module, and send a stop blocking command to the physical driving object module by using the second control module, so that the physical driving object module stops replacing the video stream data with the replacement data, so that the video stream can be Sent to the application process. For example, sending a CONTROL_LOGO ACCESS command to the physical drive object module causes the physical drive object module to stop replacing the video stream data with replacement data, so that the video streams can be sent to the application process.
参照图 3 ,其示出了本申请一种计算机视频设备隐私保护系统的结构 示意图, 包括:  Referring to FIG. 3, a schematic structural diagram of a computer video device privacy protection system according to the present application is shown, including:
视频流过滤驱动 310和监控模块 320; 所述视频流过滤驱动包括控制 模块 311和物理驱动对象模块 312;  The video stream filtering driver 310 and the monitoring module 320; the video stream filtering driver includes a control module 311 and a physical driving object module 312;
所述监控模块 320用于接收所述控制模块发送的应用进程标识信息 和视频流参数信息, 依据视频流参数信息将替换数据和替换指令通过所 述控制模块发送至物理驱动对象模块; 并依据应用进程标识信息提示用 户端是否允许所述应用进程使用所述视频设备, 当用户选择允许, 则发 送恢复指令至所述物理驱动对象模块停止替换;  The monitoring module 320 is configured to receive application process identification information and video stream parameter information sent by the control module, and send the replacement data and the replacement instruction to the physical drive object module by using the control module according to the video stream parameter information; The process identifier information prompts the user end whether the application process is allowed to use the video device, and when the user selects the permission, sends a resume instruction to the physical drive object module to stop the replacement;
所述控制模块 311用于将获取的应用进程标识信息和视频流参数信 息发送至监控模块, 并将所述监控模块发送的所述替换指令和允许指令 转发至物理驱动对象模块;  The control module 311 is configured to send the acquired application process identification information and the video stream parameter information to the monitoring module, and forward the replacement instruction and the permission instruction sent by the monitoring module to the physical driving object module.
所述物理驱动对象模块 312用于当应用进程开视频设备并获取到视 频流参数信息时, 将所述应用进程标识信息和视频流参数信息通过所述 视频流过滤驱动中的控制模块发送给监控模块; 当应用进程请求视频数 据时, 依据所述替换指令将视频设备发送的视频流替换为所述替换数据 再发送给应用进程。  The physical driving object module 312 is configured to send the application process identification information and the video stream parameter information to the monitoring module by using a control module in the video stream filtering driver when the application process opens the video device and obtains the video stream parameter information. And when the application process requests video data, replacing the video stream sent by the video device with the replacement data according to the replacement instruction, and sending the data stream to the application process.
进一步的, 所述物理驱动对象模块将所述应用进程标识信息和视频 流参数信息通过所述视频流过滤驱动中的控制模块发送给监控模块时: 通过所述控制模块中的监控过滤器将所述应用进程标识信息和视频 流参数信息发送给监控模块。  Further, the physical driving object module sends the application process identification information and the video stream parameter information to the monitoring module through the control module in the video stream filtering driver: by using the monitoring filter in the control module The application process identification information and the video stream parameter information are sent to the monitoring module.
另外, 还包括:  In addition, it also includes:
监控模块启动模块, 启动监控模块; 创建指令发送模块, 通过监控模块发送打开命令到视频流过滤驱动 打开所述控制模块, 并在所述控制模块中创建监控过滤器。 The monitoring module starts the module and starts the monitoring module; The instruction sending module is created, and the monitoring module sends an open command to the video stream filtering driver to open the control module, and creates a monitoring filter in the control module.
其中, 当应用进程通过视频流过滤驱动中的物理驱动对象模块打开 视频设备并获取到视频流参数信息时:  Wherein, when the application process opens the video device through the physical drive object module in the video stream filter driver and obtains the video stream parameter information:
所述物理驱动对象模块通过分析 IPR—MJ— CREATE消息获取所述视 频流参数信息和应用进程标识信息。  The physical drive object module obtains the video stream parameter information and the application process identifier information by analyzing an IPR_MJ_CREATE message.
其中, 当所述物理驱动对象模块获取到获取所述视频流参数信息和 应用进程标识信息时包括:  The acquiring, by the physical driving object module, the acquiring the video stream parameter information and the application process identifier information includes:
遍历查看所述控制模块中是否存在监控过滤器, 如果存在则将所述 打开请求包中的信息发送给所述监控过滤器;  Traversing to check whether there is a monitoring filter in the control module, and if yes, sending information in the open request packet to the monitoring filter;
将所述打开请求包返回应用进程。  Returning the open request packet to the application process.
其中, 可通过以下方式进行当允许应用进程使用视频设备时, 监控 模块通知所述物理驱动对象模块停止替换:  The monitoring module notifies the physical drive object module to stop the replacement when the application process is allowed to use the video device by:
所述监控进程依据应用进程标识信息提示用户端是否允许所述应用 进程使用视频设备, 当用户选择允许应用进程使用视频设备时, 监控模 块通知所述物理驱动对象模块停止替换;  The monitoring process prompts the user to allow the application process to use the video device according to the application process identification information. When the user selects to allow the application process to use the video device, the monitoring module notifies the physical drive object module to stop the replacement;
或者, 所述监控进程依据应用进程标识信息与允许白名单中的进程 标识信息进行匹配, 如果匹配上, 则监控模块通知所述物理驱动对象模 块停止替换。  Alternatively, the monitoring process matches the process identification information in the allowed whitelist according to the application process identification information. If the matching process is performed, the monitoring module notifies the physical driving object module to stop replacing.
其中, 所述物理驱动对象模块通过对 IPR—MJ— DEVICE— CONTROL 消息的分析判断是否有应用进程通过物理驱动对 ^模块读取视频流。  The physical drive object module determines whether an application process reads the video stream through the physical drive to the ^ module by analyzing the IPR_MJ_DEVICE_CONTROL message.
其中, 当用户端未进行选择操作或选择进行阻断时, 如果有应用进 程通过物理驱动对象模块读取视频流时:  Wherein, when the user terminal does not perform a selection operation or selects to block, if an application process reads the video stream through the physical drive object module:
通过 IPR—MJ— DEVICE— CONTROL的回调函数 Control— rountine将视 频流中每帧视频数据替换为所述替换数据。  Each frame of video data in the video stream is replaced with the replacement data by IPR_MJ-DEVICE-CONTROL's callback function Control-rountine.
其中, 所述监控模块依据视频流参数信息将替换数据通过所述控制 模块发送至物理驱动对象模块之前包括:  The monitoring module sends the replacement data to the physical drive object module through the control module according to the video stream parameter information, including:
将预置的替换数据转换为与视频设备输出的数据类型相同的替换数 据。  The preset replacement data is converted to the same replacement data as the data type output by the video device.
其中, 当物理驱动对象模块不能解析所述视频流时, 将所述视频流 的数据置换为零发送给应用进程。 使应用程序将获取单色图像如黑色或 绿色。  Wherein, when the physical drive object module cannot parse the video stream, the data of the video stream is replaced by zero and sent to the application process. Causes the app to get a monochrome image such as black or green.
其中, 当应用进程通过视频流过滤驱动中的物理驱动对象模块打开 视频设备时包括:  Wherein, when the application process opens the video device through the physical drive object module in the video stream filter driver, the method includes:
第一判断子单元, 判断应用进程发送的打开请求包中是否为控制模 块的句柄;  a first determining subunit, determining whether the open request packet sent by the application process is a handle of the control module;
第二判断子单元, 如果不是, 则判断视频设备是否已经打开; 如果未打开, 则设置回调函数 Create— rountine并将所述打开请求包 发送给下层驱动; 所述回调函数 Create— rountine用于当所述打开请求包 打开视频设备并获取到视频流参数信息时发送激活信号至所述物理驱动 对象模块中的第一信息发送子单元; a second determining subunit, if not, determining whether the video device has been turned on; if not, setting a callback function Create_rountine and the open request packet Sending to the lower layer driver; the callback function Create_rountine is configured to send an activation signal to the first information sending subunit in the physical driving object module when the opening request packet opens the video device and acquires the video stream parameter information;
第一信息发送子单元, 所述第一信息发送子单元根据激活信号发送 所述打开请求包中的信息至监控过滤器。  And a first information sending subunit, wherein the first information sending subunit sends the information in the open request packet to the monitoring filter according to the activation signal.
其中, 在将所述转换后的替换数据通过控制模块发送至物理驱动对 象模块时:  Wherein, when the converted replacement data is sent to the physical drive object module through the control module:
所述物理驱动对象模块将所述替换数据更新进入其配置信息中。 其中, 通过监控模块打开过滤驱动中的控制模块, 并在所述控制模 块中注册监控过滤器之前还包括:  The physical drive object module updates the replacement data into its configuration information. Wherein, before the monitoring module is opened by the monitoring module, and the monitoring filter is registered in the control module, the method further includes:
根据系统注册表加载过滤驱动, 并在所述过滤驱动中创建控制模块 和针对视频设备的物理驱动对象模块。  A filter driver is loaded according to a system registry, and a control module and a physical drive object module for the video device are created in the filter driver.
其中, 在选择阻断后, 还包括:  Among them, after the selection is blocked, it also includes:
第二控制模块, 用于发送停止阻断命令至所述物理驱动对象模块, 控制所述物理驱动对象模块停止将视频流数据替换为替换数据。  And a second control module, configured to send a stop blocking command to the physical driving object module, and control the physical driving object module to stop replacing video stream data with replacement data.
对于系统实施例而言, 由于其与方法实施例基本相似, 所以描述的 比较简 , 相关之处参†方法实施例的部分说明即可、。 ^ 说明的都是与其他实施例的不同之处, 各个实施例之间相同相似的部分 互相参见即可。  For the system embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and the relevant parts of the method embodiment can be partially described. The descriptions are all different from the other embodiments, and the same similar parts between the respective embodiments can be referred to each other.
本发明的各个部件实施例可以以硬件实现, 或者以在一个或者多个 处理器上运行的软件模块实现, 或者以它们的组合实现。 本领域的技术 人员应当理解, 可以在实践中使用微处理器或者数字信号处理器 (DSP ) 来实现根据本发明实施例的计算机视频设备隐私保护系统中的一些或者 全部部件的一些或者全部功能。 本发明还可以实现为用于执行这里所描 述的方法的一部分或者全部的设备或者装置程序 (例如, 计算机程序和 计算机程序产品) 。 这样的实现本发明的程序可以存储在计算机可读介 质上, 或者可以具有一个或者多个信号的形式。 这样的信号可以从因特 网网站上下载得到, 或者在载体信号上提供, 或者以任何其他形式提供。  The various component embodiments of the present invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or digital signal processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components of the computer video device privacy protection system in accordance with embodiments of the present invention. The invention can also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein. Such a program implementing the present invention may be stored on a computer readable medium or may have the form of one or more signals. Such signals may be downloaded from the Internet website, or provided on a carrier signal, or in any other form.
例如, 图 4 示出了可以实现根据本发明的计算机视频设备隐私保护 方法的服务器, 例如应用服务器。 该服务器传统上包括处理器 410 和以 存储器 420形式的计算机程序产品或者计算机可读介质。 存储器 420可 以是诸如闪存、 EEPROM (电可擦除可编程只读存储器) 、 EPROM、 硬 盘或者 ROM之类的电子存储器。存储器 420具有用于执行上述方法中的 任何方法步骤的程序代码 431的存储空间 430。 例如, 用于程序代码的存 储空间 430 可以包括分别用于实现上面的方法中的各种步骤的各个程序 代码 431。这些程序代码可以从一个或者多个计算机程序产品中读出或者 写入到这一个或者多个计算机程序产品中。 这些计算机程序产品包括诸 如硬盘, 紧致盘 (CD ) 、 存储卡或者软盘之类的程序代码载体。 这样的 计算机程序产品通常为如参考图 5 所述的便携式或者固定存储单元。 该 存储单元可以具有与图 4的服务器中的存储器 420类似布置的存储段、 存储空间等。 程序代码可以例如以适当形式进行压缩。 通常, 存储单元 包括计算机可读代码 43Γ , 即可以由例如诸如 410之类的处理器读取的 代码, 这些代码当由服务器运行时, 导致该服务器执行上面所描述的方 法中的各个步骤。 For example, FIG. 4 illustrates a server, such as an application server, that can implement a computer video device privacy protection method in accordance with the present invention. The server conventionally includes a processor 410 and a computer program product or computer readable medium in the form of a memory 420. The memory 420 may be an electronic memory such as a flash memory, an EEPROM (Electrically Erasable Programmable Read Only Memory), an EPROM, a hard disk, or a ROM. Memory 420 has a memory space 430 for program code 431 for performing any of the method steps described above. For example, storage space 430 for program code may include separate programs for implementing various steps in the above methods, respectively. Code 431. The program code can be read from or written to one or more computer program products. These computer program products include program code carriers such as hard disks, compact disks (CDs), memory cards or floppy disks. Such computer program products are typically portable or fixed storage units as described with reference to FIG. The storage unit may have a storage section, a storage space, and the like arranged similarly to the storage 420 in the server of FIG. The program code can be compressed, for example, in an appropriate form. Typically, the storage unit includes computer readable code 43A, i.e., code that can be read by a processor, such as 410, which, when executed by a server, causes the server to perform various steps in the methods described above.
本文中所称的 "一个实施例"、 "实施例"或者"一个或者多个实施例" 意味着, 结合实施例描述的特定特征、 结构或者特性包括在本发明的至 少一个实施例中。 此外, 请注意, 这里"在一个实施例中"的词语例子不一 定全指同一个实施例。  "an embodiment," or "one or more embodiments" as used herein means that a particular feature, structure, or characteristic described in connection with the embodiments is included in at least one embodiment of the invention. Moreover, it is noted that the examples of the words "in one embodiment" herein are not necessarily all referring to the same embodiment.
在此处所提供的说明书中, 说明了大量具体细节。 然而, 能够理解, 本发明的实施例可以在没有这些具体细节的情况下被实践。 在一些实例 中, 并未详细示出公知的方法、 结构和技术, 以便不模糊对本说明书的 理解。  Numerous specific details are set forth in the description provided herein. However, it is understood that the embodiments of the invention may be practiced without these specific details. In some instances, well known methods, structures, and techniques have not been shown in detail so as not to obscure the description.
应该注意的是上述实施例对本发明进行说明而不是对本发明进行限 制, 并且本领域技术人员在不脱离所附权利要求的范围的情况下可设计 出替换实施例。 在权利要求中, 不应将位于括号之间的任何参考符号构 造成对权利要求的限制。单词 "包含"不排除存在未列在权利要求中的元件 或步骤。 位于元件之前的单词 "一"或"一个"不排除存在多个这样的元件。 本发明可以借助于包括有若干不同元件的硬件以及借助于适当编程的计 算机来实现。 在列举了若干装置的单元权利要求中, 这些装置中的若干 个可以是通过同一个硬件项来具体体现。 单词第一、 第二、 以及第三等 的使用不表示任何顺序。 可将这些单词解释为名称。  It is to be noted that the above-described embodiments are illustrative of the invention and are not intended to limit the scope of the invention, and those skilled in the art can devise alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as a limitation. The word "comprising" does not exclude the presence of the elements or steps that are not recited in the claims. The word "a" or "an" preceding a component does not exclude the presence of a plurality of such elements. The invention can be implemented by means of hardware comprising several distinct elements and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means can be embodied by the same hardware item. The use of the words first, second, and third does not indicate any order. These words can be interpreted as names.
此外, 还应当注意, 本说明书中使用的语言主要是为了可读性和教 导的目的而选择的, 而不是为了解释或者限定本发明的主题而选择的。 因此, 在不偏离所附权利要求书的范围和精神的情况下, 对于本技术领 域的普通技术人员来说许多修改和变更都是显而易见的。 对于本发明的 范围, 对本发明所做的公开是说明性的, 而非限制性的, 本发明的范围 由所附权利要求书限定。  In addition, it should be noted that the language used in the specification has been selected primarily for the purpose of readability and teaching, and is not intended to be interpreted or limited. Therefore, many modifications and variations will be apparent to those of ordinary skill in the art. The disclosure of the present invention is intended to be illustrative, and not restrictive, and the scope of the invention is defined by the appended claims.

Claims

权 利 要 求 Rights request
1、 一种计算机视频设备隐私保护方法, 包括: 1. A method for protecting a privacy of a computer video device, comprising:
当应用进程通过视频流过滤驱动中的物理驱动对象模块打开视频设 备并获取到相应视频流参数信息后, 所述物理驱动对象模块将所述应用 进程标识信息和视频流参数信息通过所述视频流过滤驱动中的控制模块 发送给监控模块;  After the application process opens the video device through the physical drive object module in the video stream filter driver and obtains the corresponding video stream parameter information, the physical drive object module passes the application process identification information and the video stream parameter information through the video stream. The control module in the filter driver is sent to the monitoring module;
所述监控模块依据视频流参数信息将替换数据和替换指令通过所述 控制模块发送至物理驱动对象模块; 所述替换指令用于当应用进程请求 视频数据时, 依据所述替换指令由物理驱动对象模块将视频设备发送的 视频流替换为所述替换数据再发送给应用进程;  And the monitoring module sends the replacement data and the replacement instruction to the physical driving object module by using the control module according to the video stream parameter information; and the replacing instruction is used by the physical driving object according to the replacement instruction when the application process requests the video data. The module replaces the video stream sent by the video device with the replacement data and sends the data stream to the application process;
当允许应用进程使用视频设备时, 监控模块通知所述物理驱动对象 模块停止替换。  When the application process is allowed to use the video device, the monitoring module notifies the physical drive object module to stop the replacement.
2、 根据权利要求 1所述的方法, 其中, 所述物理驱动对象模块将所 述应用进程标识信息和视频流参数信息通过所述视频流过滤驱动中的控 制模块发送给监控模块时:  2. The method according to claim 1, wherein the physical driving object module sends the application process identification information and the video stream parameter information to the monitoring module by using a control module in the video stream filtering driver:
通过所述控制模块中的监控过滤器将所述应用进程标识信息和视频 流参数信息发送给监控模块。  The application process identification information and the video stream parameter information are sent to the monitoring module by using a monitoring filter in the control module.
3、 根据权利要求 2所述的方法, 还包括:  3. The method of claim 2, further comprising:
启动监控模块;  Start the monitoring module;
通过监控模块发送打开命令到视频流过滤驱动打开所述控制模块, 并在所述控制模块中创建监控过滤器。  The control module is opened by the monitoring module sending an open command to the video stream filter driver, and a monitoring filter is created in the control module.
4、 根据权利要求 1或 2所述的方法, 其中, 当应用进程通过视频流 过滤驱动中的物理驱动对象模块打开视频设备并获取到视频流参数信息 时:  4. The method according to claim 1 or 2, wherein, when the application process opens the video device through the physical drive object module in the video stream filter driver and obtains the video stream parameter information:
所述物理驱动对象模块通过分析 IPR—MJ— CREATE消息获取所述视 频流参数信息和应用进程标识信息。  The physical drive object module obtains the video stream parameter information and the application process identifier information by analyzing an IPR_MJ_CREATE message.
5、 根据权利要求 4所述的方法, 其中, 当所述物理驱动对象模块获 取到获取所述视频流参数信息和应用进程标识信息时包括:  The method of claim 4, wherein when the physical drive object module obtains the video stream parameter information and the application process identifier information, the method includes:
遍历查看所述控制模块中是否存在所述监控过滤器, 如果存在则将 所述打开请求包中的信息发送给所述监控过滤器;  Traversing to see whether the monitoring filter exists in the control module, and if yes, sending information in the open request packet to the monitoring filter;
将所述打开请求包返回应用进程。  Returning the open request packet to the application process.
6、 根据权利要求 1所述的方法, 其中, 通过以下方式进行当允许应 用进程使用视频设备时, 监控模块通知所述物理驱动对象模块停止替换: 所述监控进程依据应用进程标识信息提示用户端是否允许所述应用 进程使用视频设备, 当用户选择允许应用进程使用视频设备时, 监控模 块通知所述物理驱动对象模块停止替换;  The method according to claim 1, wherein, when the application process is allowed to use the video device, the monitoring module notifies the physical driving object module to stop the replacement: the monitoring process prompts the user end according to the application process identification information. Whether the application process is allowed to use the video device, and when the user selects to allow the application process to use the video device, the monitoring module notifies the physical drive object module to stop the replacement;
或者, 所述监控进程依据应用进程标识信息与允许白名单中的进程 标识信息进行匹配, 如果匹配上, 则监控模块通知所述物理驱动对象模 块停止替换。 Or the monitoring process is based on the application process identification information and the process in the whitelist. The identification information is matched, and if it matches, the monitoring module notifies the physical drive object module to stop the replacement.
7、 根据权利要求 1所述的方法, 其中:  7. The method of claim 1 wherein:
所述物理驱动对象模块通过对 IPR—MJ— DEVICE— CONTROL消息的 分析判断是否有应用进程通过物理驱动对 ^漠块读取视频流。  The physical drive object module determines whether an application process reads the video stream through the physical drive pair through the analysis of the IPR_MJ_DEVICE_CONTROL message.
8、 根据权利要求 7所述的方法, 其中, 当用户端未进行选择操作或 选择进行阻断时, 如果有应用进程通过物理驱动对象模块读取视频流时: 通过 IPR—MJ— DEVICE— CONTROL的回调函数 Control— rountine将视 频流中每帧视频数据替换为所述替换数据。  8. The method according to claim 7, wherein, when the user terminal does not perform a selection operation or selects to block, if an application process reads the video stream through the physical drive object module: by IPR-MJ-DEVICE-CONTROL The callback function Control - rountine replaces each frame of video data in the video stream with the replacement data.
9、 根据权利要求 1或 8所述的方法, 其中, 所述监控模块依据视频 流参数信息将替换数据通过所述控制模块发送至物理驱动对象模块之前 包括:  The method according to claim 1 or 8, wherein the monitoring module sends the replacement data to the physical drive object module through the control module according to the video stream parameter information, including:
将预置的替换数据转换为与视频设备输出的数据类型相同的替换数 据。  The preset replacement data is converted to the same replacement data as the data type output by the video device.
10、 根据权利要求 1或 8所述的方法, 其中:  10. The method of claim 1 or 8, wherein:
当物理驱动对象模块不能解析所述视频流时, 将所述视频流的数据 置换为零发送给应用进程。  When the physical drive object module cannot parse the video stream, the data of the video stream is replaced with zeros and sent to the application process.
11、 根据权利要求 1所述的方法, 其中, 当应用进程通过视频流过 滤驱动中的物理驱动对象模块打开视频设备时包括:  11. The method according to claim 1, wherein when the application process opens the video device through the physical drive object module in the video stream filter driver, the method includes:
判断应用进程发送的打开请求包中是否为控制模块的句柄; 如果不是, 则判断视频设备是否已经打开;  Determining whether the open request packet sent by the application process is a handle of the control module; if not, determining whether the video device has been opened;
如果未打开, 则设置回调函数 Create— rountine并将所述打开请求包 发送给下层驱动; 所述回调函数 Create— rountine用于当所述打开请求包 打开视频设备并获取到视频流参数信息时发送激活信号至所述物理驱动 对象模块中的第一信息发送子单元;  If not, setting a callback function Create_rountine and sending the open request packet to a lower layer driver; the callback function Create_rountine is used to send when the open request packet opens the video device and obtains video stream parameter information Activating a signal to the first information transmitting subunit in the physical driving object module;
所述第一信息发送子单元根据激活信号发送所述打开请求包中的信 息至监控过滤器。  The first information transmitting subunit transmits the information in the open request packet to the monitoring filter according to the activation signal.
12、 根据权利要求 1所述的方法, 其中, 在将所述转换后的替换数 据通过控制模块发送至物理驱动对象模块时:  12. The method according to claim 1, wherein, when the converted replacement data is transmitted to the physical drive object module through the control module:
所述物理驱动对象模块将所述替换数据更新进入其配置信息中。 The physical drive object module updates the replacement data into its configuration information.
13、 根据权利要求 1所述的方法, 其中, 通过监控模块打开过滤驱 动中的控制模块, 并在所述控制模块中注册监控过滤器之前还包括: 根据系统注册表加载过滤驱动, 并在所述过滤驱动中创建控制模块 和针对视频设备的物理驱动对象模块。 13. The method according to claim 1, wherein the monitoring module is opened by the monitoring module, and before the monitoring filter is registered in the control module, the method further comprises: loading the filtering driver according to the system registry, and The control module and the physical drive object module for the video device are created in the filter driver.
14、 根据权利要求 1所述的方法, 其中, 在用户选择阻断后, 还包 括:  14. The method according to claim 1, wherein after the user selects blocking, the method further includes:
通过第二控制模块发送停止阻断命令至所述物理驱动对象模块, 控 制所述物理驱动对象模块停止将视频流数据替换为替换数据。 And transmitting, by the second control module, a stop blocking command to the physical driving object module, and controlling the physical driving object module to stop replacing the video stream data with the replacement data.
15、 一种计算机视频设备隐私保护系统, 包括: 15. A computer video device privacy protection system, comprising:
视频流过滤驱动和监控模块; 所述视频流过滤驱动包括控制模块和 物理驱动对象模块;  a video stream filtering driver and monitoring module; the video stream filtering driver includes a control module and a physical driving object module;
所述监控模块用于接收所述控制模块发送的应用进程标识信息和视 频流参数信息, 依据视频流参数信息将替换数据和替换指令通过所述控 制模块发送至物理驱动对象模块; 并依据应用进程标识信息提示用户端 是否允许所述应用进程使用所述视频设备, 当用户选择允许, 则通知所 述物理驱动对象模块停止替换;  The monitoring module is configured to receive application process identification information and video stream parameter information sent by the control module, and send the replacement data and the replacement instruction to the physical drive object module by using the control module according to the video stream parameter information; and according to the application process The identification information prompts the user end whether the application process is allowed to use the video device, and when the user selects permission, notifies the physical drive object module to stop the replacement;
所述控制模块用于将获取的应用进程标识信息和视频流参数信息发 送至监控模块, 并将所述监控模块发送的所述替换指令和允许指令转发 至物理驱动对象模块;  The control module is configured to send the acquired application process identification information and the video stream parameter information to the monitoring module, and forward the replacement instruction and the permission instruction sent by the monitoring module to the physical driving object module.
所述物理驱动对象模块用于当应用进程开视频设备并获取到视频流 参数信息时, 将所述应用进程标识信息和视频流参数信息通过所述视频 流过滤驱动中的控制模块发送给监控模块; 当应用进程请求视频数据时, 依据所述替换指令将视频设备发送的视频流替换为所述替换数据再发送 给应用进程。  The physical driving object module is configured to send the application process identification information and the video stream parameter information to the monitoring module by using a control module in the video stream filtering driver when the application process opens the video device and obtains the video stream parameter information. When the application process requests video data, the video stream sent by the video device is replaced with the replacement data according to the replacement instruction and sent to the application process.
16、 根据权利要求 15所述的系统, 其中, 所述物理驱动对象模块将 所述应用进程标识信息和视频流参数信息通过所述视频流过滤驱动中的 控制模块发送给监控模块时:  The system according to claim 15, wherein the physical driving object module sends the application process identification information and the video stream parameter information to the monitoring module by using a control module in the video stream filtering driver:
通过所述控制模块中的监控过滤器将所述应用进程标识信息和视频 流参数信息发送给监控模块。  The application process identification information and the video stream parameter information are sent to the monitoring module by using a monitoring filter in the control module.
17、 根据权利要求 16所述的系统, 还包括:  17. The system of claim 16 further comprising:
启动模块, 用于启动监控模块;  a startup module, configured to start a monitoring module;
创建模块, 用于通过监控模块发送打开命令到视频流过滤驱动打开 所述控制模块, 并在所述控制模块中创建监控过滤器。  And a creating module, configured to send the open command to the video stream filter driver through the monitoring module to open the control module, and create a monitoring filter in the control module.
18、 根据权利要求 15或 16所述的系统, 其中, 当应用进程通过视 频流过滤驱动中的物理驱动对象模块打开视频设备并获取到视频流参数 信息时:  18. The system according to claim 15 or 16, wherein, when the application process opens the video device through the physical drive object module in the video stream filter driver and obtains the video stream parameter information:
所述物理驱动对象模块通过分析 IPR—MJ— CREATE消息获取所述视 频流参数信息和应用进程标识信息。  The physical drive object module obtains the video stream parameter information and the application process identifier information by analyzing an IPR_MJ_CREATE message.
19、 根据权利要求 18所述的系统, 其中, 当所述物理驱动对象模块 获取到获取所述视频流参数信息和应用进程标识信息时包括:  The system according to claim 18, wherein when the physical driving object module acquires the video stream parameter information and the application process identifier information, the method includes:
遍历查看所述控制模块中是否存在所述监控过滤器, 如果存在则将 所述打开请求包中的信息发送给所述监控过滤器;  Traversing to see whether the monitoring filter exists in the control module, and if yes, sending information in the open request packet to the monitoring filter;
将所述打开请求包返回应用进程。  Returning the open request packet to the application process.
20、 根据权利要求 15所述的系统, 其中, 通过以下方式进行当允许 应用进程使用视频设备时, 监控模块通知所述物理驱动对象模块停止替 换: 所述监控进程依据应用进程标识信息提示用户端是否允许所述应用 进程使用视频设备, 当用户选择允许应用进程使用视频设备时, 监控模 块通知所述物理驱动对象模块停止替换; 20. The system according to claim 15, wherein when the application process is allowed to use the video device, the monitoring module notifies the physical drive object module to stop the replacement by: The monitoring process prompts the user to allow the application process to use the video device according to the application process identification information. When the user selects to allow the application process to use the video device, the monitoring module notifies the physical drive object module to stop the replacement;
或者, 所述监控进程依据应用进程标识信息与允许白名单中的进程 标识信息进行匹配, 如果匹配上, 则监控模块通知所述物理驱动对象模 块停止替换。  Alternatively, the monitoring process matches the process identification information in the allowed whitelist according to the application process identification information. If the matching process is performed, the monitoring module notifies the physical driving object module to stop replacing.
21、 根据权利要求 15所述的系统, 其中:  21. The system of claim 15 wherein:
所述物理驱动对象模块通过对 IPR—MJ— DEVICE— CONTROL消息的 分析判断是否有应用进程通过物理驱动对 ^漠块读取视频流。  The physical drive object module determines whether an application process reads the video stream through the physical drive pair through the analysis of the IPR_MJ_DEVICE_CONTROL message.
22、 根据权利要求 21所述的系统, 其中, 当用户端未进行选择操作 或选择进行阻断时, 如果有应用进程通过物理驱动对象模块读取视频流 时:  22. The system according to claim 21, wherein, when the user terminal does not perform a selection operation or selects to block, if an application process reads the video stream through the physical drive object module:
通过 IPR—MJ— DEVICE— CONTROL的回调函数 Control— rountine将视 频流中每帧视频数据替换为所述替换数据。  Each frame of video data in the video stream is replaced with the replacement data by IPR_MJ-DEVICE-CONTROL's callback function Control-rountine.
23、 根据权利要求 15或 21所述的系统, 其中, 所述监控模块依据 视频流参数信息将替换数据通过所述控制模块发送至物理驱动对象模块 之前包括:  The system according to claim 15 or 21, wherein the monitoring module sends the replacement data to the physical drive object module through the control module according to the video stream parameter information, including:
将预置的替换数据转换为与视频设备输出的数据类型相同的替换数 据。  The preset replacement data is converted to the same replacement data as the data type output by the video device.
24、 根据权利要求 15或 21所述的系统, 其中:  24. A system according to claim 15 or 21 wherein:
当物理驱动对象模块不能解析所述视频流时, 将所述视频流的数据 置换为零发送给应用进程。  When the physical drive object module cannot parse the video stream, the data of the video stream is replaced with zeros and sent to the application process.
25、 根据权利要求 15所述的系统, 其中, 当应用进程通过视频流过 滤驱动中的物理驱动对象模块打开视频设备时包括:  The system according to claim 15, wherein when the application process opens the video device through the physical drive object module in the video stream filter driver, the method includes:
第一判断子单元, 用于判断应用进程发送的打开请求包中是否为控 制模块的句柄;  a first determining subunit, configured to determine whether an open request packet sent by the application process is a handle of the control module;
第二判断子单元, 用于如果不是, 则判断视频设备是否已经打开; 如果未打开, 则设置回调函数 Create— rountine并将所述打开请求包 发送给下层驱动; 所述回调函数 Create— rountine用于当所述打开请求包 打开视频设备并获取到视频流参数信息时发送激活信号至所述物理驱动 对象模块中的第一信息发送子单元;  a second determining subunit, if not, determining whether the video device has been turned on; if not, setting a callback function Create_rountine and transmitting the open request packet to a lower layer driver; the callback function Create_rountine And sending an activation signal to the first information sending subunit in the physical driving object module when the opening request packet opens the video device and acquiring the video stream parameter information;
第一信息发送子单元, 用于根据激活信号发送所述打开请求包中的 信息至监控过滤器。  And a first information sending subunit, configured to send the information in the open request packet to the monitoring filter according to the activation signal.
26、 根据权利要求 15所述的系统, 其中, 在将所述转换后的替换数 据通过控制模块发送至物理驱动对象模块时:  26. The system according to claim 15, wherein, when the converted replacement data is transmitted to the physical drive object module through the control module:
所述物理驱动对象模块将所述替换数据更新进入其配置信息中。 The physical drive object module updates the replacement data into its configuration information.
27、 根据权利要求 1所述的系统, 其中, 通过监控模块打开过滤驱 动中的控制模块, 并在所述控制模块中注册监控过滤器之前还包括: 驱动加载模块, 根据系统注册表加载过滤驱动, 并在所述过滤驱动 中创建控制模块和针对视频设备的物理驱动对象模块。 27. The system according to claim 1, wherein the monitoring module is opened by the monitoring module, and before the monitoring filter is registered in the control module, the method further includes: The driver loading module loads the filter driver according to the system registry, and creates a control module and a physical drive object module for the video device in the filter driver.
28、 根据权利要求 1所述的系统, 其中, 在用户选择阻断后, 还包 括:  28. The system according to claim 1, wherein after the user selects blocking, the method further comprises:
第二控制模块, 用于发送停止阻断命令至所述物理驱动对象模块, 控制所述物理驱动对象模块停止将视频流数据替换为替换数据。  And a second control module, configured to send a stop blocking command to the physical driving object module, and control the physical driving object module to stop replacing video stream data with replacement data.
29、 一种计算机程序, 包括计算机可读代码, 当所述计算机可读代 码在服务器上运行时, 导致所述服务器执行根据权利要求 1-14中的任一 个所述的计算机视频设备隐私保护方法。  29. A computer program comprising computer readable code, when the computer readable code is run on a server, causing the server to perform a computer video device privacy protection method according to any one of claims 1-14 .
30、 一种计算机可读介质, 其中存储了如权利要求 29所述的计算机 程序。  A computer readable medium storing the computer program of claim 29.
PCT/CN2013/071213 2012-02-03 2013-01-31 Method and system for protecting computer video device privacy WO2013113284A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201210023727.2A CN102609660B (en) 2012-02-03 2012-02-03 A kind of computer video equipment method for secret protection and system
CN201210023727.2 2012-02-03

Publications (1)

Publication Number Publication Date
WO2013113284A1 true WO2013113284A1 (en) 2013-08-08

Family

ID=46527021

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/071213 WO2013113284A1 (en) 2012-02-03 2013-01-31 Method and system for protecting computer video device privacy

Country Status (2)

Country Link
CN (1) CN102609660B (en)
WO (1) WO2013113284A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102609660B (en) * 2012-02-03 2015-09-16 北京奇虎科技有限公司 A kind of computer video equipment method for secret protection and system
US9645860B2 (en) * 2013-09-06 2017-05-09 Microsoft Technology Licensing, Llc Verification that particular information is transferred by an application
US9432627B2 (en) * 2013-09-06 2016-08-30 Microsoft Technology Licensing, Llc Restricting information requested by an application
CN104361283B (en) * 2014-12-05 2018-05-18 网宿科技股份有限公司 The method for protecting Web attacks

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20070076645A (en) * 2006-01-19 2007-07-25 주식회사 팬택 Method for limiting use of mobile phone with camera
CN101055715A (en) * 2007-05-08 2007-10-17 北京中星微电子有限公司 Method, system and video driving device for getting the video data
CN101668157A (en) * 2009-09-24 2010-03-10 中兴通讯股份有限公司 Method used for privacy protection in video call, application server and system
CN102104766A (en) * 2009-12-18 2011-06-22 深圳富泰宏精密工业有限公司 Privacy protecting system and method in video call
CN102609660A (en) * 2012-02-03 2012-07-25 奇智软件(北京)有限公司 Privacy protection method and privacy protection system for computer video equipment
CN102663293A (en) * 2012-03-28 2012-09-12 奇智软件(北京)有限公司 Protection method and protection device for video devices of computer

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101667235B (en) * 2008-09-02 2013-10-23 北京瑞星信息技术有限公司 Method and device for protecting user privacy

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20070076645A (en) * 2006-01-19 2007-07-25 주식회사 팬택 Method for limiting use of mobile phone with camera
CN101055715A (en) * 2007-05-08 2007-10-17 北京中星微电子有限公司 Method, system and video driving device for getting the video data
CN101668157A (en) * 2009-09-24 2010-03-10 中兴通讯股份有限公司 Method used for privacy protection in video call, application server and system
CN102104766A (en) * 2009-12-18 2011-06-22 深圳富泰宏精密工业有限公司 Privacy protecting system and method in video call
CN102609660A (en) * 2012-02-03 2012-07-25 奇智软件(北京)有限公司 Privacy protection method and privacy protection system for computer video equipment
CN102663293A (en) * 2012-03-28 2012-09-12 奇智软件(北京)有限公司 Protection method and protection device for video devices of computer

Also Published As

Publication number Publication date
CN102609660A (en) 2012-07-25
CN102609660B (en) 2015-09-16

Similar Documents

Publication Publication Date Title
KR101130474B1 (en) Generic usb drivers
WO2013113284A1 (en) Method and system for protecting computer video device privacy
US8117476B2 (en) Information processing apparatus, startup method and computer program
US8732704B2 (en) Support for personal computing in a public computing infrastructure by using a single VM delta image for each VM base image utilized by a user
US20100132042A1 (en) Method for upgrading antivirus software and terminal and system thereof
CA2471835C (en) Secure booting of chip devices
US20080184050A1 (en) Apparatus, method and computer program for processing information
JP2004310775A (en) Portable operating system and method for loading the same
US20070266195A1 (en) Internet SCSI Communication via UNDI Services
JP2005228293A5 (en)
US8701195B2 (en) Method for antivirus in a mobile device by using a mobile storage and a system thereof
US20010015758A1 (en) Automatic transfer of image information between imaging device and host system
JP2013246817A (en) Remote card content management using synchronous server-side scripting
US9380626B2 (en) Communication apparatus, information processing apparatus, and control method for the same
CN102663293B (en) Protection method and protection device for video devices of computer
CA2599832A1 (en) A method and protocol for transmitting extended commands to usb devices
WO2017088627A1 (en) Network detection method and apparatus, digital set-top box, and storage medium
JP2004112745A (en) Computer remote control module apparatus and method
JP2005100141A (en) System, method, and program for security management, and recording medium
US8095719B2 (en) Data communication systems and bridges
JP6387581B2 (en) Server data port to learn with data switch
WO2018040999A1 (en) Method and apparatus for processing process
CN110308951A (en) A kind of processing method and processing device of startup interface Caton, equipment, storage medium
US9390041B2 (en) Method for processing device connection, combination device and host device
JP2004280137A (en) Image monitoring system using personal computer

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13743654

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct app. not ent. europ. phase

Ref document number: 13743654

Country of ref document: EP

Kind code of ref document: A1