WO2020114374A1 - 一种检测被篡改的应用的方法及设备 - Google Patents
一种检测被篡改的应用的方法及设备 Download PDFInfo
- Publication number
- WO2020114374A1 WO2020114374A1 PCT/CN2019/122594 CN2019122594W WO2020114374A1 WO 2020114374 A1 WO2020114374 A1 WO 2020114374A1 CN 2019122594 W CN2019122594 W CN 2019122594W WO 2020114374 A1 WO2020114374 A1 WO 2020114374A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- application
- image
- verification code
- data
- tampered
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/565—Static detection by checking file integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
Definitions
- the invention belongs to the technical field of mobile Internet, and in particular relates to a method and device for detecting tampered applications with concealment capability on a mobile intelligent terminal.
- Copycat apps affect the privacy and user experience of users. Therefore, the integrity of the app needs to be verified. If the app is illegally tampered with, it should be judged on the server side and copycats are prohibited. APP use function.
- the application installation files stored in the large-capacity area are stored on the large-capacity card by copying the files. It is not known whether the installation files originate from legal channels (such as operators or third-party application providers). Such applications installed on the card may bring many uncertain security risks to the smart card.
- Some applications are not completely free for users to use, and users need to apply in advance for authorization before use. Once the authorized application installation files are copied to other unauthorized large-capacity cards, it may happen that unauthorized users can successfully install the application, which will cause great harm to the interests of application providers .
- the core method of the current APP integrity verification method is to collect the summary value of the APP installation file and resource file, and report it through the interface. After the server matches the official APP summary value, it is concluded whether the APP is the official version. Judgment.
- Chinese Invention Patent Publication No. CN102663292A discloses a method and system for implementing smart card application deployment, where the method includes: when an application is released, the application installation file and the verification file are packaged into an application installation file package for publication; when the application is installed , If the application installation file package does not have a verification file package, or the calculated summary value does not match the summary value in the plain text of the verification data decrypted from the verification file, or Authorization prohibits application installation; otherwise, installation is allowed.
- the present invention proposes an APP integrity verification method, which has strong concealment capability and is applied to mobile intelligent terminals.
- the present invention provides a method for detecting a tampered application of a terminal, including:
- the first image associated with the upload operation of the application is obtained, and the upload operation is triggered by the use of the function of the application;
- the second image is provided to the server.
- a method for detecting a tampered application on the server side including:
- a device integrity verification device including:
- One or more processors storage devices that store one or more programs
- the one or more processors When the one or more programs are executed by the one or more processors, the one or more processors implement the method as described above.
- a computer-readable storage medium on which a computer program is stored, which when executed by a processor implements the method as described above.
- the advantage of the present invention is that the digest value of the APP is hidden in normal user data (picture) for reporting, thus avoiding the process of hackers detecting the integrity check.
- FIG. 1 shows a schematic diagram of an application integrity checking system of the present invention
- FIG. 2 shows a flowchart of a method for detecting a tampered application of the present invention
- FIG. 3 shows a structural diagram of a first verification device for application integrity of the present invention.
- FIG. 4 shows a structural diagram of a second verification device for application integrity of the present invention.
- the present invention provides a method for detecting a tampered application of a terminal for a client, including:
- A1 Calculate the verification code of the application installed on the terminal; after the user completes the application installation, when the client activates the application for the first time, the application will start a daemon to calculate the verification code of the current application.
- the application After the application is started, obtain the first image associated with the upload operation of the application, and the upload operation is triggered by the use of the function of the application. For example, when a user uses an application, the application prompts the user to perform certain product process operations that inevitably upload pictures (such as uploading avatars, setting background pictures, etc.), and the pictures generated in this process are recorded as the first image; the image is When the user uses the application normally, the image provided by the application to the server is not a step specifically added for verification. For example, the avatar uploaded by the user when using the application.
- certain product process operations such as uploading avatars, setting background pictures, etc.
- A3. Use the check code to process the data of the first image, and generate a second image based on the processed data.
- the visual effect of the second image is similar to that of the first image;
- image transformation is performed on the first image to obtain first transformation data, and the first transformation data includes a first frequency domain matrix; using the check code, the first transformation data is changed, Preferably, the partial sequence of the middle frequency band of the first frequency domain matrix may be changed based on the check code, for example, the check code may be encrypted and replaced with the encrypted check code Partial data of the middle frequency band in the first frequency domain matrix.
- Use the obtained second frequency domain matrix as second transformed data; perform reverse image transformation on the second transformed data to obtain the second image.
- the above image conversion operation will not affect the visual effect of the uploaded image, because although the high-frequency part of the image will be lost during the image conversion process, the low-frequency part is unchanged, and only A part of the mid-band sequence that still exists after the image transformation is replaced. Since the low-frequency part determines the visual effect of the picture, and the low-frequency part of the picture does not change before and after the transformation in this embodiment, the visual effect of the transformed image does not change significantly.
- the processed picture is visually The original picture is not much different.
- the image transformation includes discrete cosine transformation or wavelet transformation.
- Discrete Cosine Transform (DCT for Discrete Transform) is a transform related to Fourier Transform. It is similar to Discrete Fourier Transform (DFT for Discrete Fourier Transform), but only uses real numbers.
- the discrete cosine transform is equivalent to a discrete Fourier transform that is about twice its length. This discrete Fourier transform is performed on a real even function (because the Fourier transform of a real even function is still a real even function ), in some variants it is necessary to move the input or output position by half a unit (DCT has 8 standard types, 4 of which are common).
- Wavelet transform is a new transform analysis method, which inherits and develops the idea of localization of short-time Fourier transform, and at the same time overcomes the shortcomings that the window size does not change with frequency, and can provide a change with frequency
- the "time-frequency" window is an ideal tool for time-frequency analysis and processing of signals. Its main feature is that it can fully highlight the characteristics of some aspects of the problem through transformation, can localize the analysis of time (space) frequency, and gradually refine the signal (function) through scaling and translation operations at multiple scales, and finally reach the high frequency. Time subdivision, frequency subdivision at low frequency, can automatically adapt to the requirements of time-frequency signal analysis, so that it can focus on any details of the signal and solve the difficult problem of Fourier transform.
- the encryption uses at least one of the following methods: MD5 algorithm, SHA encryption, and DES encryption algorithm.
- MD5 Message Digest Algorithm (English: MD5 Message-Digest Algorithm), a widely used cryptographic hash function, can produce a 128-bit (16 byte) hash value (hash value), used to ensure information transmission Complete and consistent.
- the secure hash algorithm (English: Secure Hash Algorithm, abbreviated as SHA) is a family of cryptographic hash functions, and is a secure hash algorithm certified by FIPS. An algorithm that can calculate a fixed-length character string (also called message digest) corresponding to a digital message. And if the input messages are different, the probability that they correspond to different character strings is very high.
- Data encryption algorithm (Data Encryption Algorithm, DEA) is a symmetric encryption algorithm, is the most widely used key system.
- the check code includes a summary value generated based on the running core file and resource file of the application.
- A4 Provide the second image to the server. After that, the client enters a short waiting period, waiting for the server to give the application detection result.
- A5. Receive the application detection result from the server; if the application detection result indicates that the application has been tampered with, perform at least one of the following operations: prompt the user that the application is an illegal application; prohibit the application from being used. If there is a match, the customer can be prompted to use the application with confidence.
- the server sends the comparison result to the client. If the application has not been tampered with, it can prompt the user that the application is a legitimate application and the user can use it with confidence. That is, if the application is legal, the server can issue an application detection result indicating that it has not been tampered. Of course, in this case, the server may also choose not to issue the detection result, and the client defaults that the application can be used normally.
- the verification code (based on the digest value generated by the APP running core file and resource file) is hidden in the process of the product normally uploading information (for example, hidden in the avatar uploaded by the user). Check code to reduce the possibility of being cracked.
- a method for detecting a tampered application on the server side includes:
- the main role of the server is to compare the encrypted verification code with the original verification code stored on the server when the application was first released to identify the authenticity of the newly installed application on the client, thereby preventing the application that has been tampered with from being compromised Information security of client users.
- Step B2. Perform image transformation on the second image to obtain second transformation data; preferably, the image transformation includes discrete cosine transformation or wavelet transformation.
- the purpose of this step is to transform the second image to obtain the verification code of the application to be hidden hidden in it.
- the second transformed data may include Two frequency domain matrix.
- the verification code includes a summary value generated based on the core file and the resource file run by the application program.
- the operation of the client is to hide the check code of the application to be verified in the middle frequency band of the frequency domain matrix corresponding to the image
- the operation of the server is a reverse process, that is, the data extraction operation is performed first, and the client will encrypt The verification code of the application to be verified is extracted, and then the corresponding decryption process is performed, so that the verification code of the verification code of the application to be verified can be obtained so as to carry out the next comparative verification work.
- the verification code obtained after the image conversion and extraction of the server side is compared with the initial verification code stored on the server side by the application. If they are the same, the application is considered to have not been tampered with, otherwise the application is considered to be Tampered cottage application.
- the server sends the comparison result to the client. If the application has not been tampered with, it can prompt the user that the application is a legitimate application and the user can use it with confidence. That is, if the application is legal, the server can issue an application detection result indicating that it has not been tampered. Of course, in this case, the server may also choose not to issue the detection result, and the client defaults that the application can be used normally.
- the verification code (based on the digest value generated by the APP running core file and resource file) is hidden in the process of the product normally uploading information (for example, hidden in the avatar uploaded by the user). Check code to reduce the possibility of being cracked.
- an application program integrity verification device including: one or more processors, a storage device storing one or more programs; when the one or more programs are When the one or more processors execute, the one or more processors implement the method described above.
- the verification device is client hardware, and common clients such as mobile phones, tablet computers, and smart watches can be used.
- the verification device is the server itself.
- a computer-readable storage medium on which a computer program is stored, which when executed by a processor implements the method as described above.
- the computer-readable storage medium is located in the client hardware, such as memory.
- the computer-readable storage medium is located in the server, such as a memory or a hard disk.
- An APP integrity verification method with hidden capability on a mobile intelligent terminal used for an application integrity verification system, including a client and a server as shown in FIG. 1, as shown in FIG. 2, wherein It includes the following steps:
- the APP prompts the user to perform certain product process operations that will inevitably upload pictures (such as uploading avatars, setting background pictures, etc.), and the pictures generated in this process are denoted as P1; the image is used by the user normally When applying, the image provided by the application to the server is not a step specifically added for verification. For example, the avatar uploaded by the user when using the application.
- step S4 Perform a discrete cosine transform on P1 to obtain a frequency domain matrix M1.
- the partial sequence of the mid-band of M1 is replaced to obtain a frequency domain matrix M2 containing the digest value.
- the above image conversion operation will not affect the visual effect of the uploaded image, because: although the high frequency part of the image will be lost during the image conversion process, the low frequency part is unchanged, and only Replace a part of the mid-band sequence that still exists after the image conversion.
- the encryption of the digest value T2 may use the MD5 algorithm, SHA encryption, or DES encryption.
- the server After receiving the picture P2, the server performs discrete cosine transform to obtain the frequency domain matrix M2, and extracts the encrypted digest value T2 from the mid-band of M2 based on preset rules, and decrypts it to obtain the APP digest. Value T2;
- the check code (based on the digest value generated by the APP running core file and resource file) is hidden in the process of the product normally uploading information (for example, hidden in the avatar uploaded by the user), in order to hide the school Check the code to reduce the possibility of being cracked.
- the enumerated image transformation method is discrete cosine transform, but the enumeration is not a limitation of the image transformation method, and those skilled in the art may also use other image transformation methods according to the inventive idea of the present invention.
- Process the picture Specifically, for example, wavelet transform.
- this embodiment provides an apparatus for checking the integrity of an application program, including:
- Installation unit used to download and install the current application
- the verification code calculation unit is used to activate the current application program and calculate the verification code of the current application program; preferably, the verification code is a summary value generated based on the core file and the resource file run by the application program.
- the first prompt unit is used to prompt the user to upload the first picture
- An image transformation unit is used to acquire the first picture and perform image transformation on it to obtain a first frequency domain matrix; preferably, the image transformation is discrete cosine transformation.
- An encryption and replacement unit for encrypting the check code of the current application program, and replacing the partial sequence of the middle frequency band of the first frequency domain matrix with the encrypted check code to obtain a second frequency domain matrix; Encryption uses at least one of the following methods: MD5 algorithm, SHA encryption, DES encryption algorithm.
- the inverse transform unit is used to perform inverse image transform on the second frequency domain matrix to obtain a second picture, and upload the second picture to the server.
- the second prompting unit is used to receive the judgment result sent by the server, and when the current application is judged as an illegal application, prompt the user that the current application is illegal.
- the prompt method is at least one of the following methods: pop-up dialog box, vibration, and sound broadcast. Or, when the current application is determined to be an illegal application, the user is prohibited from continuing to use the current application.
- the check code (based on the digest value generated by the APP running core file and resource file) is hidden in the process of the product normally uploading information (for example, hidden in the avatar uploaded by the user), in order to hide the school Check the code to reduce the possibility of being cracked.
- the enumerated image transformation method is discrete cosine transform, but the enumeration is not a limitation of the image transformation method, and those skilled in the art can also use other image transformation methods according to the inventive idea of the present invention.
- Process the picture Specifically, for example, wavelet transform.
- this embodiment provides an application integrity verification device, including:
- Recording unit used to record and save the verification code of legal application
- the image transformation unit is used to receive the picture uploaded by the client and perform image transformation; the image transformation is discrete cosine transformation.
- the check code extraction unit is used to extract the encrypted check code in the picture; the encrypted check code is obtained by encrypting the digest value generated based on the current application running core file and resource file.
- the decryption unit is used to decrypt the encrypted verification code to obtain the verification code of the current application program; the verification code is a summary value generated based on the core file and the resource file run by the application program.
- the comparison unit compares the verification code of the legal application program with the verification code of the current application program to determine the legality of the current application program. If the verification code of the legal application is the same as the verification code of the current application, the current application is legal; if the verification code of the legitimate application is different from the verification code of the current application, the current application is illegal.
- the result sending unit is used to send the comparison result to the client, so that the client prompts the user that the application is legal or illegal.
- the check code (based on the digest value generated by the APP running core file and resource file) is hidden in the process of the product normally uploading information (for example, hidden in the avatar uploaded by the user), in order to hide the school Check the code to reduce the possibility of being cracked.
- the enumerated image transformation method is discrete cosine transform, but the enumeration is not a limitation of the image transformation method, and those skilled in the art can also use other image transformation methods according to the inventive idea of the present invention.
- Process the picture Specifically, for example, wavelet transform.
- modules in the device in the embodiment can be adaptively changed and set in one or more devices different from the embodiment.
- the modules or units or components in the embodiments may be combined into one module or unit or component, and in addition, they may be divided into a plurality of submodules or subunits or subcomponents. Except that at least some of such features and/or processes or units are mutually exclusive, all features disclosed in this specification (including the accompanying claims, abstract and drawings) and any method so disclosed or All processes or units of equipment are combined. Unless expressly stated otherwise, each feature disclosed in this specification (including the accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose.
- the various component embodiments of the present invention may be implemented in hardware, or implemented in software modules running on one or more processors, or implemented in a combination thereof.
- a microprocessor or a digital signal processor (DSP) may be used to implement some or all functions of some or all components in the apparatus for creating a virtual machine according to an embodiment of the present invention.
- DSP digital signal processor
- the present invention may also be implemented as a device or device program (eg, computer program and computer program product) for performing a part or all of the method described herein.
- Such a program implementing the present invention may be stored on a computer-readable medium, or may have the form of one or more signals.
- Such a signal can be downloaded from an Internet website, or provided on a carrier signal, or provided in any other form.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (16)
- 一种用于终端的检测被篡改的应用的方法,其特征在于,包括:计算所述终端上所安装的应用的校验码;所述应用启动后,获取所述应用的上传操作关联的第一影像,所述上传操作由所述应用的功能使用触发;使用所述校验码处理所述第一影像的数据,并根据处理后的数据生成第二影像,所述第二影像的视觉效果与所述第一影像相似;将所述第二影像提供给服务端。
- 根据权利要求1所述的方法,其特征在于,所述使用所述校验码处理所述第一影像的数据,并根据处理后的数据生成第二影像,包括:对所述第一影像进行图像变换,获得第一变换数据;使用所述校验码,改变所述第一变换数据,获得第二变换数据;对所述第二变换数据进行反向图像变换,获得所述第二影像。
- 根据权利要求2所述的方法,其特征在于,所述第一变换数据包括第一频域矩阵,所述第二变换数据包括第二频域矩阵,所述使用所述校验码改变所述第一变换数据,获得第二变换数据,包括:基于所述校验码,改变所述第一频域矩阵的中频段的部分序列,得到所述第二频域矩阵。
- 根据权利要求3所述的方法,其特征在于,所述基于所述校验码,改变所述第一频域矩阵的中频段的部分序列,包括:对所述校验码进行加密,并使用加密后的校验码替换所述第一频域矩阵中的中频段的部分数据。
- 根据权利要求4所述的方法,其特征在于,所述加密采用如下方法的至少一种:MD5算法、SHA加密、DES加密算法。
- 根据权利要求2所述的方法,其特征在于,所述图像变换包括离散余弦变换或小波变换。
- 根据权利要求1所述的方法,其特征在于,所述校验码包括基于所述应用的运行核心文件和资源文件生成的摘要值。
- 根据权利要求1所述的方法,其特征在于,所述方法进一步包括:接收来自服务端的应用检测结果;若所述应用检测结果指示所述应用被篡改,执行以下至少一项操作:提示用户所述应用为非法应用;禁止所述应用被使用。
- 一种用于服务端的检测被篡改的应用的方法,其特征在于,包括:接收安装有所述应用的终端在所述应用的功能使用过程中上传的第二影像;对所述第二影像进行图像变换,获得第二变换数据;基于预设规则,从所述第二变换数据中提取数据,以获得来自所述终端的校验码;将来自所述终端的校验码与预先存储的所述应用的基准校验码进行匹配;若来自所述终端的校验码与所述基准校验码不匹配,确定所述应用被篡改。
- 根据权利要求9所述的方法,其特征在于,该方法还包括:若所述应用被篡改,向所述终端发送用于指示所述应用被篡改的应用检测结果。
- 根据权利要求9所述的方法,其特征在于,所述第二变换数据包括第二频域矩阵,所述基于预设规则从所述第二变换数据中提取数据,包括:基于所述预设规则,从所述第二频域矩阵的中频段中提取数据。
- 根据权利要求9所述的方法,其特征在于,所提取的数据被解密以获得所述来自终端的校验码。
- 根据权利要求9所述的方法,其特征在于,所述校验码包括基于应用程序运行核心文件和资源文件生成的摘要值。
- 根据权利要求9所述的方法,其特征在于,所述图像变换包括离散余弦变换或小波变换。
- 一种应用程序完整性的校验设备,其特征在于,包括:一个或多个处理器、存储一个或多个程序的存储装置;当所述一个或多个程序被所述一个或多个处理器执行时,所述一个或多个处理器实现如权利要求1至14中任一项所述的方法。
- 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计 算机程序被处理器执行时实现如权利要求1至14任一项所述的方法。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811468551.5 | 2018-12-03 | ||
CN201811468551.5A CN111259387B (zh) | 2018-12-03 | 2018-12-03 | 一种检测被篡改的应用的方法及设备 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020114374A1 true WO2020114374A1 (zh) | 2020-06-11 |
Family
ID=70952059
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2019/122594 WO2020114374A1 (zh) | 2018-12-03 | 2019-12-03 | 一种检测被篡改的应用的方法及设备 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN111259387B (zh) |
WO (1) | WO2020114374A1 (zh) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112346904A (zh) * | 2020-10-20 | 2021-02-09 | 威胜集团有限公司 | 智能电表校验方法、装置、智能电表及存储介质 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103763108A (zh) * | 2014-02-07 | 2014-04-30 | 陈子祺 | 一种识别移动设备硬件唯一序列号的远程系统及方法 |
CN104123491A (zh) * | 2014-07-18 | 2014-10-29 | 广州金山网络科技有限公司 | 一种检测应用程序安装包是否被篡改的方法及装置 |
CN105426709A (zh) * | 2015-11-12 | 2016-03-23 | 福建北卡科技有限公司 | 基于jpeg图像信息隐藏的私密信息通信方法与系统 |
CN105471886A (zh) * | 2015-12-23 | 2016-04-06 | 东软集团股份有限公司 | 一种用户身份识别方法及装置 |
US20160352522A1 (en) * | 2014-10-20 | 2016-12-01 | Soongsil University Research Consortium Techno-Park | User Terminal For Detecting Forgery Of Application Program Based On Signature Information And Method Of Detecting Forgery Of Application Program Using The Same |
CN108108618A (zh) * | 2017-12-28 | 2018-06-01 | 中国信息通信研究院 | 伪造攻击的应用界面检测方法及装置 |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1249002B1 (en) * | 2000-01-13 | 2011-03-16 | Digimarc Corporation | Authenticating metadata and embedding metadata in watermarks of media signals |
CN101316169B (zh) * | 2008-07-18 | 2010-11-03 | 张曌 | 基于互联网第三方生物特征验证的网络身份验证方法 |
CN102034220B (zh) * | 2010-12-23 | 2012-12-26 | 武汉大学苏州研究院 | 一种基于数字水印的票据电子影像防篡改方法 |
CN104268822A (zh) * | 2014-09-18 | 2015-01-07 | 上海理工大学 | 网络上传图像的防伪认证方法 |
CN106778099A (zh) * | 2016-11-29 | 2017-05-31 | 北京奇虎科技有限公司 | 防篡改apk的生成方法和装置、安装及运行方法和装置 |
CN107403089B (zh) * | 2017-07-10 | 2020-09-04 | 东软集团股份有限公司 | 基于应用程序的资源篡改识别方法和装置 |
CN108875385B (zh) * | 2018-05-07 | 2021-09-17 | 麒麟合盛网络技术股份有限公司 | 应用间通信的方法及装置 |
CN108923910B (zh) * | 2018-07-12 | 2021-06-25 | 南方电网科学研究院有限责任公司 | 一种移动应用apk防篡改的方法 |
-
2018
- 2018-12-03 CN CN201811468551.5A patent/CN111259387B/zh active Active
-
2019
- 2019-12-03 WO PCT/CN2019/122594 patent/WO2020114374A1/zh active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103763108A (zh) * | 2014-02-07 | 2014-04-30 | 陈子祺 | 一种识别移动设备硬件唯一序列号的远程系统及方法 |
CN104123491A (zh) * | 2014-07-18 | 2014-10-29 | 广州金山网络科技有限公司 | 一种检测应用程序安装包是否被篡改的方法及装置 |
US20160352522A1 (en) * | 2014-10-20 | 2016-12-01 | Soongsil University Research Consortium Techno-Park | User Terminal For Detecting Forgery Of Application Program Based On Signature Information And Method Of Detecting Forgery Of Application Program Using The Same |
CN105426709A (zh) * | 2015-11-12 | 2016-03-23 | 福建北卡科技有限公司 | 基于jpeg图像信息隐藏的私密信息通信方法与系统 |
CN105471886A (zh) * | 2015-12-23 | 2016-04-06 | 东软集团股份有限公司 | 一种用户身份识别方法及装置 |
CN108108618A (zh) * | 2017-12-28 | 2018-06-01 | 中国信息通信研究院 | 伪造攻击的应用界面检测方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN111259387A (zh) | 2020-06-09 |
CN111259387B (zh) | 2021-06-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
TWI557589B (zh) | 用於產品驗證和啟動的安全軟體產品識別器 | |
US10360463B2 (en) | Method and apparatus of verifying usability of biological characteristic image | |
US9906513B2 (en) | Network authorization system | |
US10726111B2 (en) | Increased security using dynamic watermarking | |
CN110798315A (zh) | 基于区块链的数据处理方法、装置及终端 | |
TWI436235B (zh) | 資料加密方法與系統,資料解密方法 | |
CN111917535B (zh) | 一种数据加密存储方法、装置及服务器 | |
US11425165B2 (en) | Methods, systems, articles of manufacture and apparatus to reduce spoofing vulnerabilities | |
CN106992859B (zh) | 一种堡垒机私钥管理方法及装置 | |
WO2008088979A1 (en) | Self validation of user authentication requests | |
US9025770B1 (en) | Dynamic encryption arrangement with a wireless device and methods therefor | |
WO2020114374A1 (zh) | 一种检测被篡改的应用的方法及设备 | |
CN111338841A (zh) | 数据处理方法、装置、设备和存储介质 | |
US20160055339A1 (en) | Encryption Processing Method and Device for Application, and Terminal | |
CN108985075A (zh) | 一种轻量级的镜像文件磁盘加密系统和方法 | |
WO2020057389A1 (zh) | 一种签名验证方法、装置、电子设备及可读存储介质 | |
CN112825093B (zh) | 安全基线检查方法、主机、服务器、电子设备及存储介质 | |
US9882879B1 (en) | Using steganography to protect cryptographic information on a mobile device | |
TWI656454B (zh) | Method and system for preventing password file leakage detection | |
CN114791834B (zh) | 一种应用程序的启动方法、装置、电子设备及存储介质 | |
CN114091088B (zh) | 用于提高通信安全的方法和装置 | |
US20080104414A1 (en) | Apparatus And Method For Decryption, Electronic Apparatus And Method For Inputting Password Encryption, And Electronic System With A Password | |
CN109660355B (zh) | 防止pos终端被非法篡改的方法、装置、存储介质以及终端 | |
CN108848051B (zh) | 应用数据的获取方法和装置 | |
CN110263553B (zh) | 基于公钥验证的数据库访问控制方法、装置及电子设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19894180 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19894180 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 23/12/2021) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19894180 Country of ref document: EP Kind code of ref document: A1 |