WO2018094984A1 - Input event management method and device and mobile terminal - Google Patents

Input event management method and device and mobile terminal Download PDF

Info

Publication number
WO2018094984A1
WO2018094984A1 PCT/CN2017/085053 CN2017085053W WO2018094984A1 WO 2018094984 A1 WO2018094984 A1 WO 2018094984A1 CN 2017085053 W CN2017085053 W CN 2017085053W WO 2018094984 A1 WO2018094984 A1 WO 2018094984A1
Authority
WO
WIPO (PCT)
Prior art keywords
input event
input
user
device node
interference
Prior art date
Application number
PCT/CN2017/085053
Other languages
French (fr)
Chinese (zh)
Inventor
姚均营
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018094984A1 publication Critical patent/WO2018094984A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/556Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

Disclosed are an input event management method and device, and a mobile terminal. The method comprises: upon receiving an input event from a user, writing a preset interference input event and the input event to a device node file; and after completion of input of the input events, acquiring the device node file, and analyzing the device node file to determine the input event from the user. In the invention, an interference input event is added to prevent a malware from stealing the actual content inputted by a user. In the entire process, all the operations are performed at a back end, and the user only needs to perform an input operation normally without having to memorize anything. The invention can be operated easily by a user, and has favorable theft protection performance, thereby solving a problem in which a smart phone has a low security level because when a user thereof performs an input operation, the inputted content can be stolen easily.

Description

一种输入事件的管理方法、装置及移动终端Management method, device and mobile terminal for input event 技术领域Technical field
本发明涉及通讯领域,特别是涉及一种输入事件的管理方法、装置及移动终端。The present invention relates to the field of communications, and in particular, to a method, device, and mobile terminal for managing an input event.
背景技术Background technique
随着智能手机的快速普及,移动支付等业务在手机终端的服务获得了快速增长,随之而来的客户信息失窃和资金损失却成为普通用户的一大安全威胁。With the rapid popularization of smart phones, services such as mobile payment have experienced rapid growth in the service of mobile terminals, and the subsequent theft of information and the loss of funds have become a major security threat for ordinary users.
目前智能终端键盘输入安全风险,可以归纳如下:At present, the security risks of smart terminal keyboard input can be summarized as follows:
恶意程序通过进程注入技术获取目标程序的输入内容;或者,通过操作系统底层的键盘事件获取输入记录来获取用户输入内容,完成入侵;再或者,通过让用户使用一些特定的输入法来获取键盘输入内容。The malicious program obtains the input content of the target program through the process injection technology; or obtains the input record through the underlying keyboard event of the operating system to obtain the user input content, completes the intrusion; or, by letting the user use some specific input method to obtain the keyboard input content.
现有技术中,智能手机输入安全的问题较为严峻,用户使用智能手机时,当进行输入操作时,输入内容易被窃取,智能手机安全性较低。In the prior art, the problem of smart phone input security is severe. When a user uses a smart phone, when the input operation is performed, the input is easily stolen, and the security of the smart phone is low.
发明内容Summary of the invention
本发明实施例提供一种输入事件的管理方法、装置及移动终端,用以解决现有技术的如下问题:用户使用智能手机时,当进行输入操作时,输入内容易被窃取,智能手机安全性较低。An embodiment of the present invention provides a method, a device, and a mobile terminal for managing an input event, which are used to solve the following problems in the prior art: when a user uses a smart phone, when the input operation is performed, the input is easily stolen, and the security of the smart phone is used. Lower.
为解决上述技术问题,一方面,本发明实施例提供一种输入事件的管理方法,包括:在接收到来自用户的输入事件时,将预设的干扰输入事件和所述输入事件写入设备节点文件中;在所述输入事件完成输入后,获取所述设备节点文件,并解析所述设备节点文件,以确定来自用户的所述输入事件。To solve the above technical problem, in one aspect, an embodiment of the present invention provides a method for managing an input event, including: when receiving an input event from a user, writing a preset interference input event and the input event to a device node In the file; after the input event completes the input, the device node file is obtained, and the device node file is parsed to determine the input event from the user.
可选的,所述预设的干扰输入事件包括:按照预定规则预先生成的所述干扰输入事件;或者,在接收到来自用户的输入事件时,按照所述预定规则生成的所述干扰输入事件。Optionally, the preset interference input event includes: the interference input event generated in advance according to a predetermined rule; or the interference input event generated according to the predetermined rule when receiving an input event from a user .
可选的,解析所述设备节点文件,以确定来自用户的所述输入事件,包括:根据预定规则确定所述设备节点文件中的所述干扰输入事件;将所述干扰输入事件从所述设备节点文件中删除,以确定来自用户的所述输入事件。Optionally, parsing the device node file to determine the input event from the user, including: determining the interference input event in the device node file according to a predetermined rule; and using the interference input event from the device The node file is deleted to determine the input event from the user.
可选的,解析所述设备节点文件的输入事件之后,还包括:将所述输入事件发送至应用层程序,以根据所述输入事件确定用户的输入内容。Optionally, after parsing the input event of the device node file, the method further includes: sending the input event to an application layer program to determine a user input content according to the input event.
可选的,所述干扰输入事件为多个。Optionally, the interference input event is multiple.
另一方面,本发明实施例还提供一种输入事件的管理装置,包括:写入模块,设置为在接收到来自用户的输入事件时,将预设的干扰输入事件和所述输入事件写入设备节点文件中;解析模块,设置为在所述输入事件完成输入后,获取所述设备节点文件,并解析所述设备节点文件,以确定来自用户的所述输入事件。 In another aspect, an embodiment of the present invention further provides an input event management apparatus, including: a writing module, configured to write a preset interference input event and the input event when receiving an input event from a user In the device node file, the parsing module is configured to acquire the device node file after the input event completes the input, and parse the device node file to determine the input event from the user.
可选的,该装置还包括:生成模块,设置为生成所述预设的干扰输入事件;其中,生成规则包括:按照预定规则预先生成的所述干扰输入事件;或者,在接收到来自用户的输入事件时,按照所述预定规则生成的所述干扰输入事件。Optionally, the device further includes: a generating module, configured to generate the preset interference input event; wherein the generating rule comprises: the interference input event generated in advance according to a predetermined rule; or, upon receiving the user from the user The interference input event generated according to the predetermined rule when an event is input.
可选的,所述解析模块包括:确定单元,设置为根据预定规则确定所述设备节点文件中的所述干扰输入事件;删除单元,设置为将所述干扰输入事件从所述设备节点文件中删除,以确定来自用户的所述输入事件。Optionally, the parsing module includes: a determining unit, configured to determine the interference input event in the device node file according to a predetermined rule; and a deleting unit configured to: use the interference input event from the device node file Delete to determine the input event from the user.
可选的,该装置还包括:发送模块,设置为将所述输入事件发送至应用层程序,以根据所述输入事件确定用户的输入内容。Optionally, the apparatus further includes: a sending module, configured to send the input event to the application layer program to determine the input content of the user according to the input event.
另一方面,本发明实施例还提供一种移动终端,包括:上述的输入事件的管理装置。In another aspect, an embodiment of the present invention further provides a mobile terminal, including: the foregoing management device for input events.
本发明在接收到来自用户的输入事件时,就将预设的干扰输入事件和输入事件一起写入设备节点文件中,随后,在使用设备节点文件之前,再从设备节点文件中解析出来自用户的输入事件,进而恢复到用户的真实输入,该过程通过增加干扰输入事件的方式来防止恶意软件窃取到用户输入的真实内容,整个过程无需用户记忆任何东西,只需要正常输入即可,所有工作都在后台完成,用户操作简便,且防窃取效果明显,解决了现有技术的如下问题:用户使用智能手机时,当进行输入操作时,输入内容易被窃取,智能手机安全性较低。When receiving the input event from the user, the present invention writes the preset interference input event and the input event into the device node file, and then parses the user from the device node file before using the device node file. The input event, and then restore to the user's real input, the process to prevent malware from stealing the real content input by the user by increasing the interference input event, the whole process does not require the user to memorize anything, only need to input normally, all work All are completed in the background, the user is easy to operate, and the anti-theft effect is obvious, and the following problems of the prior art are solved: when the user uses the smart phone, when the input operation is performed, the input is easily stolen, and the security of the smart phone is low.
附图说明DRAWINGS
图1是本发明第一实施例中输入事件的管理方法的流程图;1 is a flowchart of a method for managing an input event in a first embodiment of the present invention;
图2是本发明第二实施例中输入事件的管理装置的结构示意图;2 is a schematic structural diagram of an apparatus for managing an input event in a second embodiment of the present invention;
图3是本发明第二实施例中输入事件的管理装置的优选结构示意图;3 is a schematic diagram showing a preferred structure of an input event management apparatus in a second embodiment of the present invention;
图4是本发明第五实施例中智能终端输入框架及恶意程序入侵示意图;4 is a schematic diagram of an input frame of a smart terminal and a malicious program intrusion in a fifth embodiment of the present invention;
图5是本发明第五实施例中多点触控协议输入事件参数含义示意图;5 is a schematic diagram showing the meanings of multi-touch protocol input event parameters in the fifth embodiment of the present invention;
图6是本发明第五实施例中智能终端安全输入管理方法框架示意图。6 is a schematic diagram of a framework of a security terminal security input management method in a fifth embodiment of the present invention.
具体实施方式detailed description
为了解决现有技术的如下问题:用户使用智能手机时,当进行输入操作时,输入内容易被窃取,智能手机安全性较低;本发明提供了一种输入事件的管理方法、装置及移动终端,以下结合附图以及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不限定本发明。In order to solve the problem of the prior art, when the user uses the smart phone, when the input operation is performed, the input is easily stolen, and the security of the smart phone is low; the present invention provides a method, device and mobile terminal for managing input events The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
本发明第一实施例提供了一种输入事件的管理方法,该方法的流程如图1所示,包括步骤S102至S104:A first embodiment of the present invention provides a method for managing an input event. The flow of the method is as shown in FIG. 1 and includes steps S102 to S104:
S102,在接收到来自用户的输入事件时,将预设的干扰输入事件和输入事件写入设备节点文件中。S102. Write a preset interference input event and an input event into the device node file when receiving an input event from the user.
用户的输入事件可以是通过物理按键产生的,也可以是通过虚拟触摸屏幕而产生的,在实现时,只要检测到输入事件,就将预设的干扰输入事件和输入事件一同写入设备节点文件中,这样,当用户在输入文字或数字时,就伴随着有干扰输入,干扰输入事件和用户的输入 都掺杂在设备节点文件中,当有恶意软件窃取了输入内容时,也无法利用窃取到的内容。为了进一步增加干扰,干扰输入事件可以设置为多个。The input event of the user may be generated by a physical button or may be generated by a virtual touch screen. When the input event is detected, the preset interference input event and the input event are written together with the device node file. In this way, when the user inputs text or numbers, there is interference input, interference input events and user input. They are all mixed in the device node file, and when malicious software steals the input content, the stolen content cannot be utilized. In order to further increase the interference, the interference input event can be set to multiple.
在使用时,更多的应用场景是在输入密码时更需要被保护,因此,可以设置在检测到输入事件为输入数字时,再开启该干扰功能。In use, more application scenarios need to be protected when entering a password. Therefore, it can be set to turn on the interference function when an input event is detected as an input number.
S104,在输入事件完成输入后,获取设备节点文件,并解析设备节点文件,以确定来自用户的输入事件。S104. After inputting the event completion input, acquiring the device node file and parsing the device node file to determine an input event from the user.
当用户输入完成后,此时的设备节点文件也已经完成了写入。由于上述干扰输入事件的加入是为了防止恶意软件窃取用户输入的内容,然而,此时用户已经完成了输入,但由于设备节点文件中既有干扰输入事件,又有用户的输入事件,如果直接将该设备节点文件发送至应用层程序,应用层程序会无法识别出用户真正输入的内容,因此,在系统架构层就需要将设备节点文件进行解析,分析出哪些是用户输入的内容。When the user input is completed, the device node file at this time has also been written. Because the above interference input event is added to prevent the malware from stealing the content input by the user, however, the user has completed the input at this time, but since the device node file has both the interference input event and the user input event, if directly The device node file is sent to the application layer program, and the application layer program cannot recognize the content actually input by the user. Therefore, at the system architecture layer, the device node file needs to be parsed to analyze what is input by the user.
本发明实施例在接收到来自用户的输入事件时,就将预设的干扰输入事件和输入事件一起写入设备节点文件中,随后,在使用设备节点文件之前,再从设备节点文件中解析出来自用户的输入事件,进而恢复到用户的真实输入,该过程通过增加干扰输入事件的方式来防止恶意软件窃取到用户输入的真实内容,整个过程无需用户记忆任何东西,只需要正常输入即可,所有工作都在后台完成,用户操作简便,且防窃取效果明显,解决了现有技术的如下问题:用户使用智能手机时,当进行输入操作时,输入内容易被窃取,智能手机安全性较低。When receiving the input event from the user, the embodiment of the present invention writes the preset interference input event and the input event into the device node file, and then parses out from the device node file before using the device node file. The input event from the user is restored to the user's real input. This process prevents the malware from stealing the real content input by the user by increasing the interference input event. The whole process does not require the user to memorize anything, but only needs to input normally. All the work is done in the background, the user is easy to operate, and the anti-theft effect is obvious, which solves the following problems in the prior art: when the user uses the smart phone, when the input operation is performed, the input is easily stolen, and the security of the smart phone is low. .
实现的过程中,对于预设的干扰输入事件,其可以是按照预定规则预先生成的干扰输入事件,则在发现用户的输入事件时,直接将生成的写入到设备节点文件中即可;还可以是在接收到来自用户的输入事件时,按照预定规则即时生成的,伴随着用户的输入事件结束,干扰输入事件的生成也结束。In the process of implementation, for a preset interference input event, which may be an interference input event generated in advance according to a predetermined rule, when the input event of the user is found, the generated input may be directly written into the device node file; It may be generated immediately according to a predetermined rule when receiving an input event from the user, and the generation of the interference input event is also ended with the end of the user's input event.
在解析设备节点文件时,先根据预定规则确定设备节点文件中的干扰输入事件;再将干扰输入事件从设备节点文件中删除,只保留用户的输入事件。具体操作时,由于干扰输入事件是根据预定规则而生成的,生成的干扰输入事件有一定的规则,因此,在想要查找干扰输入事件时,就根据预定规则来寻找干扰输入事件。When parsing the device node file, first determine the interference input event in the device node file according to the predetermined rule; then delete the interference input event from the device node file, and only retain the user input event. In the specific operation, since the interference input event is generated according to a predetermined rule, the generated interference input event has a certain rule. Therefore, when it is desired to find the interference input event, the interference input event is searched according to a predetermined rule.
在解析设备节点文件的输入事件之后,就可以确定设备节点文件中用户的输入事件,就可以将输入事件发送至应用层程序,以根据输入事件确定用户的输入内容。After parsing the input event of the device node file, the input event of the user in the device node file can be determined, and the input event can be sent to the application layer program to determine the user's input according to the input event.
本发明第二实施例提供一种输入事件的管理装置,该装置的结构示意如图2所示,包括:写入模块10,用于在接收到来自用户的输入事件时,将预设的干扰输入事件和输入事件写入设备节点文件中;解析模块20,与写入模块10耦合,用于在输入事件完成输入后,获取设备节点文件,并解析设备节点文件,以确定来自用户的输入事件。A second embodiment of the present invention provides a management device for inputting an event. The structure of the device is as shown in FIG. 2, and includes: a writing module 10, configured to preset interference when receiving an input event from a user. The input event and the input event are written into the device node file; the parsing module 20 is coupled to the write module 10 for acquiring the device node file after the input event completes the input, and parsing the device node file to determine an input event from the user .
图3示出了上述装置的优选结构示意图,上述管理装置还可以包括:生成模块30,与写入模块10耦合,用于生成预设的干扰输入事件;其中,生成规则包括:按照预定规则预先生成的干扰输入事件;或者,在接收到来自用户的输入事件时,按照预定规则生成的干扰输入事件。FIG. 3 is a schematic diagram showing a preferred structure of the foregoing apparatus. The management apparatus may further include: a generating module 30 coupled to the writing module 10 for generating a preset interference input event; wherein the generating rule includes: pre-determining according to a predetermined rule The generated interference input event; or an interference input event generated according to a predetermined rule upon receiving an input event from the user.
解析模块20可以包括确定单元和删除单元,其中,确定单元用于根据预定规则确定设 备节点文件中的干扰输入事件;删除单元用于将干扰输入事件从设备节点文件中删除,以确定来自用户的输入事件。The parsing module 20 may include a determining unit and a deleting unit, wherein the determining unit is configured to determine the setting according to a predetermined rule The interference input event in the standby node file; the deletion unit is configured to delete the interference input event from the device node file to determine an input event from the user.
上述管理装置还可以包括:发送模块,用于将解析模块20解析得到的输入事件发送至应用层程序,以根据输入事件确定用户的输入内容。The foregoing management apparatus may further include: a sending module, configured to send the input event parsed by the parsing module 20 to the application layer program, to determine the input content of the user according to the input event.
本发明第三实施例还提供了一种移动终端,该移动终端的处理器能够实现下述功能:生成预设的干扰输入事件;在接收到来自用户的输入事件时,将预设的干扰输入事件和输入事件写入设备节点文件中;在输入事件完成输入后,获取设备节点文件,并解析设备节点文件,以确定来自用户的输入事件;据预定规则确定设备节点文件中的干扰输入事件;将干扰输入事件从设备节点文件中删除,以确定来自用户的输入事件;将输入事件发送至应用层程序,以根据输入事件确定用户的输入内容。The third embodiment of the present invention further provides a mobile terminal, where the processor of the mobile terminal can implement the following functions: generating a preset interference input event; and inputting a preset interference input when receiving an input event from the user The event and the input event are written into the device node file; after the input event completes the input, the device node file is obtained, and the device node file is parsed to determine an input event from the user; the interference input event in the device node file is determined according to a predetermined rule; The interference input event is deleted from the device node file to determine an input event from the user; the input event is sent to the application layer program to determine the user's input based on the input event.
当然,上述第二实施例中的输入事件的管理装置可以以独立的APP形式存在在移动终端中,通过程序指令调用处理器执行响应的功能。Of course, the management device for the input event in the second embodiment described above may exist in the mobile terminal in the form of a separate APP, and the function of the processor to execute the response is invoked by the program instruction.
本发明第四实施例针对通过操作系统底层的键盘事件获取输入记录这种安全风险,提出一种输入事件的管理方法。The fourth embodiment of the present invention provides a method for managing input events by acquiring the security risk of inputting records through keyboard events at the bottom of the operating system.
恶意程序通过操作系统底层的键盘事件获取输入记录的原理是对输入事件进行窃取和解析,得到用户输入的字符内容。例如,在基于Linux内核的操作系统中,主要是监控和窃取/dev/input文件夹下的多个设备节点文件内容,用户进行的所有输入事件都会通过这些设备节点文件传递给上层应用层程序。The principle that a malicious program obtains an input record through the keyboard event of the underlying operating system is to steal and parse the input event, and obtain the character content input by the user. For example, in a Linux kernel-based operating system, it is mainly to monitor and steal the contents of multiple device node files in the /dev/input folder, and all input events made by the user are passed to the upper application layer program through these device node files.
针对此种窃取方式,本发明提出的输入事件的管理方法具体内容如下:For the stealing method, the specific method for managing the input event proposed by the present invention is as follows:
终端系统进程对输入设备节点文件内容进行监控,当用户使用终端执行输入动作时(即发生输入事件时),输入设备节点文件会接收到用户正常输入的一系列输入事件信息,此时,系统进程通过一定方式生成多个干扰输入事件,并写入到设备节点文件中,这样设备节点文件中既包含正常的用户输入事件又包含系统进程生成的干扰输入事件,在这种方案下,恶意程序获取到的设备节点文件的内容含有干扰信息,无法准确解析出用户的实际输入内容。具体的,监控这些设备节点文件的方法是通过程序打开这些设备节点文件,读取并监控其内容变化。The terminal system process monitors the content of the input device node file. When the user uses the terminal to perform an input action (that is, when an input event occurs), the input device node file receives a series of input event information that the user inputs normally. At this time, the system process A plurality of interference input events are generated in a certain manner and written into the device node file, so that the device node file contains both normal user input events and interference input events generated by the system process. In this scenario, the malicious program obtains The content of the device node file that is sent contains interference information, and the actual input content of the user cannot be accurately parsed. Specifically, the method of monitoring these device node files is to open these device node files through a program, and read and monitor their content changes.
在终端系统框架层获取到底层设备节点文件传递过来的输入事件时,对输入事件进行分析处理,删除由系统进程生成的干扰输入事件,仅保留用户的输入事件,然后将用户输入事件传递给上层应用层程序。这样达到底层加入的干扰输入事件不影响上传应用层程序正常使用的目的。When the terminal system framework layer obtains the input event passed to the underlying device node file, analyzes the input event, deletes the interference input event generated by the system process, retains only the user input event, and then passes the user input event to the upper layer. Application layer program. In this way, the interference input event that is added to the bottom layer does not affect the normal use of the upload application layer program.
具体地,所属设备节点文件是指触摸屏、物理按键等物理设备在操作系统中映射的节点文件,比如基于Linux内核的操作系统设备节点文件为/dev/input目录下的各个文件。具体地,在智能终端中,通过触摸屏、物理按键等输入设备的驱动程序将这些物理设备的输入信号转化为输入事件并写入到设备节点文件中,输入事件遵循多点触摸协议(Multi-touch Protocol)。Specifically, the device node file refers to a node file mapped by a physical device such as a touch screen or a physical button in an operating system. For example, an operating system device node file based on a Linux kernel is a file in the /dev/input directory. Specifically, in the smart terminal, the input signals of the physical devices are converted into input events by the driver of the input device such as a touch screen or a physical button, and written into the device node file, and the input event follows the multi-touch protocol (Multi-touch). Protocol).
所述多点触控协议规定的各类输入事件解释如下:The various input events specified by the multi-touch protocol are explained as follows:
ABS_MT_POSITION_X,表示接触中心X轴坐标;ABS_MT_POSITION_Y,表示接触 中心Y轴坐标;ABS_MT_TOUCH_MAJOR,表示接触椭圆区域的长轴;ABS_MT_TOUCH_MINOR,表示接触椭圆区域的短轴;ABS_MT_ORIENTATION,表示接触椭圆区域的方向;具体的,当椭圆长轴和屏幕坐标系Y方向对齐时返回0值,椭圆向左转时返回负值,向右转时返回正值。ABS_MT_POSITION_X, indicating the X-axis coordinate of the contact center; ABS_MT_POSITION_Y, indicating contact Center Y-axis coordinate; ABS_MT_TOUCH_MAJOR, indicating the long axis of the contact ellipse; ABS_MT_TOUCH_MINOR, indicating the short axis of the contact ellipse; ABS_MT_ORIENTATION, indicating the direction of contact with the ellipse; specifically, when the long axis of the ellipse is aligned with the Y coordinate of the screen coordinate system A value of 0 returns a negative value when the ellipse turns to the left and a positive value when it turns to the right.
具体地,系统进程生成输入干扰事件的方式是遵循多点触控协议,通过程序代码生成输入事件。系统进程生成的输入事件具有一定特点,方便后续解析删除这些干扰输入事件。例如,生成的干扰输入事件中ABS_MT_POSITION_X、ABS_MT_POSITION_Y、ABS_MT_TOUCH_MAJOR、ABS_MT_TOUCH_MINOR ABS_MT_ORIENTATION各个值具有相对规律性,方便后续识别出这些干扰的输入事件。Specifically, the way in which the system process generates an input interference event is to follow a multi-touch protocol to generate an input event through the program code. The input events generated by the system process have certain characteristics, which are convenient for subsequent parsing to delete these interference input events. For example, the generated interference input events ABS_MT_POSITION_X, ABS_MT_POSITION_Y, ABS_MT_TOUCH_MAJOR, ABS_MT_TOUCH_MINOR ABS_MT_ORIENTATION each value has a relative regularity, which is convenient for subsequent identification of these interference input events.
系统进程监控各个设备节点文件的内容变化,当用户进行触摸或按键操作时,系统进程自动将上述生成的干扰输入事件写入到设备节点文件中,从而达到对设备节点文件中的内容进行混淆加密的目的。The system process monitors the content change of each device node file. When the user performs a touch or key operation, the system process automatically writes the generated interference input event into the device node file, thereby performing obfuscated encryption on the content in the device node file. the goal of.
在完成对输入设备节点文件内容的混淆后,终端系统进程需要读取这些设备节点文件中的输入事件,并解析分发给上层应用程序。本方法中,读取和解析设备节点文件中的内容时,根据上述生成干扰输入事件时采用的方法,解析并删除这些干扰输入事件,然后将剩下的用户正常输入的输入事件传递给上层应用程序。After the confusion of the contents of the input device node file is completed, the terminal system process needs to read the input events in the device node files and parse and distribute them to the upper layer application. In the method, when the content in the device node file is read and parsed, the interference input events are parsed and deleted according to the method used when generating the interference input event, and then the input events normally input by the remaining users are transmitted to the upper application. program.
基于上述实施例,在输入设备被恶意入侵的情况下,恶意程序也无法准确收集到用户输入的真正内容,从而达到安全输入的目的。Based on the above embodiment, in the case where the input device is maliciously invaded, the malicious program cannot accurately collect the real content input by the user, thereby achieving the purpose of secure input.
本发明第五实施例提供了一种输入事件的管理方法,该方法应用在智能终端中。如图4所示,智能终端输入框架分为系统内核层、系统框架层、应用层三个部分。A fifth embodiment of the present invention provides a method for managing an input event, which is applied to an intelligent terminal. As shown in FIG. 4, the intelligent terminal input framework is divided into three parts: a system kernel layer, a system frame layer, and an application layer.
当用户操作智能终端进行输入操作时,比如进行触摸屏操作、物理按键操作等,系统内核层各设备驱动程序会将各个输入设备产生的输入信号按照多点触控协议(MTP)规定的格式转化为输入事件,并写入到设备节点文件中。When the user operates the smart terminal for input operation, such as touch screen operation, physical button operation, etc., each device driver of the system kernel layer converts the input signal generated by each input device into a format specified by a multi-touch protocol (MTP) to Enter the event and write it to the device node file.
同时,在系统框架层,终端系统会通过输入读取线程,即图4中所示InputReader Thread,实时读取设备节点文件中的输入事件,并通过事件分发线程,即图4中所示InputDispatch Thread,将输入事件分发给系统应用层程序。At the same time, in the system framework layer, the terminal system reads the input event in the device node file in real time through the input read thread, that is, the InputReader Thread shown in Figure 4, and distributes the thread through the event, that is, the InputDispatch Thread shown in Figure 4. , distribute input events to the system application layer program.
系统应用层程序,如社交软件、手机银行软件、输入法程序等会响应输入事件,完成相应的功能,比如字符输入、屏幕滑动等。System application layer programs, such as social software, mobile banking software, input method programs, etc., respond to input events and perform corresponding functions, such as character input, screen sliding, and the like.
至此,完成输入事件从底层到上层的分发。At this point, the distribution of input events from the bottom to the top is completed.
如果智能终端的系统被恶意程序入侵,输入事件在分发的过程中会被恶意程序收集记录;恶意程序会模仿输入读取线程的功能,收集记录设备节点文件中的输入事件,并解析输入事件,达到记录用户输入的目的。If the system of the smart terminal is invaded by a malicious program, the input event will be collected and recorded by the malicious program during the distribution process; the malicious program will imitate the function of the input read thread, collect the input event in the record device node file, and parse the input event. Achieve the purpose of recording user input.
如图5所示,多点触控协议中涉及的ABS_MT_POSITION_X、ABS_MT_POSITION_Y、ABS_MT_TOUCH_MAJOR、ABS_MT_TOUCH_MINOR、ABS_MT_ORIENTATION输入事件参数的含义如示意图所示:As shown in FIG. 5, the meanings of the ABS_MT_POSITION_X, ABS_MT_POSITION_Y, ABS_MT_TOUCH_MAJOR, ABS_MT_TOUCH_MINOR, and ABS_MT_ORIENTATION input event parameters involved in the multi-touch protocol are as shown in the schematic diagram:
ABS_MT_POSITION_X,表示接触中心X轴坐标;ABS_MT_POSITION_Y,表示接触 中心Y轴坐标;ABS_MT_TOUCH_MAJOR,表示接触椭圆区域的长轴;ABS_MT_TOUCH_MINOR,表示接触椭圆区域的短轴;ABS_MT_ORIENTATION,表示接触椭圆区域的方向;具体的,当椭圆长轴和屏幕坐标系Y方向对齐时返回0值,椭圆向左转时返回负值,向右转时返回正值。ABS_MT_POSITION_X, indicating the X-axis coordinate of the contact center; ABS_MT_POSITION_Y, indicating contact Center Y-axis coordinate; ABS_MT_TOUCH_MAJOR, indicating the long axis of the contact ellipse; ABS_MT_TOUCH_MINOR, indicating the short axis of the contact ellipse; ABS_MT_ORIENTATION, indicating the direction of contact with the ellipse; specifically, when the long axis of the ellipse is aligned with the Y coordinate of the screen coordinate system A value of 0 returns a negative value when the ellipse turns to the left and a positive value when it turns to the right.
设备驱动程序会遵循多点触控协议将物理设备的输入信号转化为输入事件,并写入到设备节点文件中。The device driver converts the input signal of the physical device into an input event following the multi-touch protocol and writes it to the device node file.
如图6所示,本发明实施例智能终端的输入事件的管理方法中增加了干扰事件插入线程、对输入读取线程进行了自定义改进,工作流程如下:As shown in FIG. 6, in the method for managing input events of the intelligent terminal according to the embodiment of the present invention, an interference event insertion thread is added, and an input modification thread is customized, and the workflow is as follows:
首先,用户通过物理输入设备进行输入操作,系统内核层各设备驱动程序会将各个输入设备产生的输入信号按照多点触控协议(MTP)规定的格式转化为输入事件,并写入到设备节点文件中。First, the user performs an input operation through a physical input device, and each device driver of the system kernel layer converts the input signal generated by each input device into an input event according to a format specified by a multi-touch protocol (MTP), and writes it to the device node. In the file.
同时,干扰事件插入线程会遵循多点触控协议,自动生成具有一定特征的干扰输入事件,并写入到设备节点文件中。At the same time, the interference event insertion thread will follow the multi-touch protocol, automatically generate interference input events with certain characteristics, and write to the device node file.
具体地,干扰事件插入线程生成的干扰输入事件特征可以自定义,例如干扰事件的ABS_MT_ORIENTATION值固定为某个值,比如0.8;或者干扰事件中ABS_MT_POSITION_X、ABS_MT_POSITION_Y、ABS_MT_TOUCH_MAJOR、ABS_MT_TOUCH_MINOR的和为某个固定值;类似特征可以根据自由定义,在此不再赘述。Specifically, the interference input event feature generated by the interference event insertion thread may be customized, for example, the ABS_MT_ORIENTATION value of the interference event is fixed to a certain value, such as 0.8; or the sum of the ABS_MT_POSITION_X, ABS_MT_POSITION_Y, ABS_MT_TOUCH_MAJOR, ABS_MT_TOUCH_MINOR in the interference event is a fixed value. Similar features can be defined according to freely and will not be described here.
在输入事件插入线程插入干扰输入事件前,输入事件插入线程和输入读取线程进行通信,将所插入事件的特征规则传递给输入读取线程(即自定义InputReader Thread),实时读取设备节点文件中的输入事件,并根据输入事件插入线程提供的干扰输入事件特征规则,对输入事件进行分析,过滤掉由输入事件插入线程插入的干扰输入事件,仅保留由用户输入产生的输入事件。Before the input event insertion thread inserts the interference input event, the input event insertion thread communicates with the input read thread, and the feature rule of the inserted event is passed to the input read thread (ie, the custom InputReader Thread), and the device node file is read in real time. The input event in the input event is based on the input event event insertion rule provided by the input event, analyzes the input event, filters out the interference input event inserted by the input event insertion thread, and retains only the input event generated by the user input.
输入读取线程在过滤掉干扰事件后,将正确的用户输入事件传递给上层程序。The input read thread passes the correct user input event to the upper layer program after filtering out the interference event.
若智能终端被恶意程序入侵,在图6所示安全输入管理方法框架中,恶意程序获取到的设备节点文件中的内容包含了用户输入事件和干扰输入事件,导致恶意程序无法准确分析出用户的实际输入,从而达到了用户安全输入的目的。If the smart terminal is invaded by a malicious program, in the framework of the secure input management method shown in FIG. 6, the content of the device node file acquired by the malicious program includes a user input event and an interference input event, so that the malicious program cannot accurately analyze the user's The actual input, so as to achieve the purpose of user safety input.
本发明提出的输入事件的管理方法,能够在智能终端现有输入系统基础上,对恶意程序通过键盘事件获取用户输入进行保护,降低因系统权限管理不当,跨进程记录用户输入带来的安全风险,较大程度的提升产品的安全系数。The input event management method proposed by the invention can protect the malicious program from obtaining user input through the keyboard event on the basis of the existing input system of the intelligent terminal, and reduce the security risk caused by the user input through the process due to improper management of the system authority. , to a greater extent, improve the safety factor of the product.
尽管为示例目的,已经公开了本发明的优选实施例,本领域的技术人员将意识到各种改进、增加和取代也是可能的,因此,本发明的范围应当不限于上述实施例。While the preferred embodiments of the present invention have been disclosed for purposes of illustration, those skilled in the art will recognize that various modifications, additions and substitutions are possible, and the scope of the invention should not be limited to the embodiments described above.
工业实用性Industrial applicability
本公开适用于通信领域,用以解决现有技术的如下问题:用户使用智能手机时,当进行输入操作时,输入内容易被窃取,智能手机安全性较低。 The present disclosure is applicable to the field of communications to solve the following problems in the prior art: when a user uses a smart phone, when an input operation is performed, the input is easily stolen, and the security of the smart phone is low.

Claims (13)

  1. 一种输入事件的管理方法,包括:A method of managing input events, including:
    在接收到来自用户的输入事件时,将预设的干扰输入事件和所述输入事件写入设备节点文件中;When receiving an input event from the user, writing the preset interference input event and the input event into the device node file;
    在所述输入事件完成输入后,获取所述设备节点文件,并解析所述设备节点文件,以确定来自用户的所述输入事件。After the input event completes the input, the device node file is obtained and the device node file is parsed to determine the input event from the user.
  2. 如权利要求1所述的管理方法,其中,所述预设的干扰输入事件包括:The management method of claim 1, wherein the preset interference input event comprises:
    按照预定规则预先生成的所述干扰输入事件;或者,The interference input event generated in advance according to a predetermined rule; or
    在接收到来自用户的输入事件时,按照所述预定规则生成的所述干扰输入事件。The interference input event generated in accordance with the predetermined rule upon receiving an input event from a user.
  3. 如权利要求1所述的管理方法,其中,解析所述设备节点文件,以确定来自用户的所述输入事件,包括:The management method of claim 1, wherein the parsing the device node file to determine the input event from a user comprises:
    根据预定规则确定所述设备节点文件中的所述干扰输入事件;Determining the interference input event in the device node file according to a predetermined rule;
    将所述干扰输入事件从所述设备节点文件中删除,以确定来自用户的所述输入事件。The interference input event is deleted from the device node file to determine the input event from the user.
  4. 如权利要求1所述的管理方法,其中,解析所述设备节点文件的输入事件之后,还包括:The management method of claim 1, wherein after the input event of the device node file is parsed, the method further comprises:
    将所述输入事件发送至应用层程序,以根据所述输入事件确定用户的输入内容。The input event is sent to an application layer program to determine a user's input based on the input event.
  5. 如权利要求1至4中任一项所述的管理方法,其中,所述干扰输入事件为多个。The management method according to any one of claims 1 to 4, wherein the interference input event is plural.
  6. 一种输入事件的管理装置,包括:A management device for inputting events, comprising:
    写入模块,设置为在接收到来自用户的输入事件时,将预设的干扰输入事件和所述输入事件写入设备节点文件中;Writing to the module, configured to write the preset interference input event and the input event into the device node file when receiving an input event from the user;
    解析模块,设置为在所述输入事件完成输入后,获取所述设备节点文件,并解析所述设备节点文件,以确定来自用户的所述输入事件。The parsing module is configured to acquire the device node file after the input event completes the input, and parse the device node file to determine the input event from the user.
  7. 如权利要求6所述的管理装置,还包括:The management device of claim 6, further comprising:
    生成模块,设置为生成所述预设的干扰输入事件;Generating a module, configured to generate the preset interference input event;
    其中,生成规则包括:按照预定规则预先生成的所述干扰输入事件;或者,在接收到来自用户的输入事件时,按照所述预定规则生成的所述干扰输入事件。The generating rule includes: the interference input event generated in advance according to a predetermined rule; or the interference input event generated according to the predetermined rule when receiving an input event from a user.
  8. 如权利要求6所述的管理装置,其中,所述解析模块包括:The management device of claim 6, wherein the parsing module comprises:
    确定单元,设置为根据预定规则确定所述设备节点文件中的所述干扰输入事件;a determining unit, configured to determine the interference input event in the device node file according to a predetermined rule;
    删除单元,设置为将所述干扰输入事件从所述设备节点文件中删除,以确定来自用户的所述输入事件。A delete unit is configured to delete the interference input event from the device node file to determine the input event from a user.
  9. 如权利要求6所述的管理装置,还包括:The management device of claim 6, further comprising:
    发送模块,设置为将所述输入事件发送至应用层程序,以根据所述输入事件确定用户的输入内容。A sending module is configured to send the input event to an application layer program to determine a user's input content according to the input event.
  10. 一种移动终端,包括:A mobile terminal includes:
    处理器,在接收到来自用户的输入事件时,将预设的干扰输入事件和所述输入事件写 入设备节点文件中;在所述输入事件完成输入后,获取所述设备节点文件,并解析所述设备节点文件,以确定来自用户的所述输入事件。The processor, when receiving an input event from the user, writing the preset interference input event and the input event Entering into the device node file; after the input event completes the input, acquiring the device node file and parsing the device node file to determine the input event from the user.
  11. 如权利要求10所述的移动终端,其中,The mobile terminal of claim 10, wherein
    所述处理器生成所述预设的干扰输入事件;其中,生成规则包括:按照预定规则预先生成的所述干扰输入事件;或者,在接收到来自用户的输入事件时,按照所述预定规则生成的所述干扰输入事件。The processor generates the preset interference input event; wherein the generating rule comprises: the interference input event generated in advance according to a predetermined rule; or, when receiving an input event from the user, generating according to the predetermined rule The interference input event.
  12. 如权利要求11所述的管理装置,其中,The management device according to claim 11, wherein
    所述处理器根据预定规则确定所述设备节点文件中的所述干扰输入事件;将所述干扰输入事件从所述设备节点文件中删除,以确定来自用户的所述输入事件;将所述输入事件发送至应用层程序,以根据所述输入事件确定用户的输入内容。Determining, by the processor, the interference input event in the device node file according to a predetermined rule; deleting the interference input event from the device node file to determine the input event from a user; The event is sent to the application layer program to determine the user's input based on the input event.
  13. 一种计算机存储介质,所述计算机存储介质存储有执行指令,所述执行指令用于执行权利要求1至5中任一项所述的方法。 A computer storage medium storing execution instructions for performing the method of any one of claims 1 to 5.
PCT/CN2017/085053 2016-11-25 2017-05-19 Input event management method and device and mobile terminal WO2018094984A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611056615.1A CN108108636A (en) 2016-11-25 2016-11-25 A kind of management method of incoming event, device and mobile terminal
CN201611056615.1 2016-11-25

Publications (1)

Publication Number Publication Date
WO2018094984A1 true WO2018094984A1 (en) 2018-05-31

Family

ID=62194903

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/085053 WO2018094984A1 (en) 2016-11-25 2017-05-19 Input event management method and device and mobile terminal

Country Status (2)

Country Link
CN (1) CN108108636A (en)
WO (1) WO2018094984A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104408363A (en) * 2014-12-25 2015-03-11 绵阳艾佳科技有限公司 Safe password system
CN104992119A (en) * 2015-07-17 2015-10-21 上海众人网络安全技术有限公司 Sensitive information anti-interception safety transmission method and system
CN105117223A (en) * 2015-08-20 2015-12-02 广东欧珀移动通信有限公司 Processing method and system of input event
CN105975202A (en) * 2016-04-27 2016-09-28 乐视控股(北京)有限公司 Virtual reality terminal as well as interaction method and device thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104408363A (en) * 2014-12-25 2015-03-11 绵阳艾佳科技有限公司 Safe password system
CN104992119A (en) * 2015-07-17 2015-10-21 上海众人网络安全技术有限公司 Sensitive information anti-interception safety transmission method and system
CN105117223A (en) * 2015-08-20 2015-12-02 广东欧珀移动通信有限公司 Processing method and system of input event
CN105975202A (en) * 2016-04-27 2016-09-28 乐视控股(北京)有限公司 Virtual reality terminal as well as interaction method and device thereof

Also Published As

Publication number Publication date
CN108108636A (en) 2018-06-01

Similar Documents

Publication Publication Date Title
CN105493054B (en) It is protected using the rapid data of double file system
US9576147B1 (en) Security policy application through data tagging
US11328081B2 (en) Consent-based data privacy management system
CN102768717B (en) Malicious file detection method and malicious file detection device
US10073985B2 (en) Apparatus and method for trusted execution environment file protection
US9183383B1 (en) System and method of limiting the operation of trusted applications in presence of suspicious programs
CN111177252B (en) Service data processing method and device
US20190332765A1 (en) File processing method and system, and data processing method
CN103366107A (en) Method, device and mobile phone for protecting access permission of application program
CN107563192B (en) Lesso software protection method and device, electronic equipment and storage medium
EP3176719B1 (en) Methods and devices for acquiring certification document
CN102930892A (en) Multifunctional safe U disk
CN111460516B (en) Non-invasive data protection method, device, terminal and storage medium
CN115329389B (en) File protection system and method based on data sandbox
CN106599115B (en) Data protection method, device and terminal
CN106098069A (en) A kind of identity identifying method and terminal unit
CN104346550A (en) Information processing method and electronic equipment
CN111259382A (en) Malicious behavior identification method, device and system and storage medium
CN106021027A (en) Terminal data processing method and system
CN111767537A (en) Tamper verification method of application program based on IOS (operating system) and related equipment
US11379568B2 (en) Method and system for preventing unauthorized computer processing
WO2018094984A1 (en) Input event management method and device and mobile terminal
CN107633174B (en) User input management method and device and terminal
CN106130968A (en) A kind of identity identifying method and system
CN109033882A (en) A kind of safe dissemination method of retrospective big data and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17873633

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17873633

Country of ref document: EP

Kind code of ref document: A1