CN105190637A - Software security detection method, apparatus and device - Google Patents

Software security detection method, apparatus and device Download PDF

Info

Publication number
CN105190637A
CN105190637A CN201480000117.8A CN201480000117A CN105190637A CN 105190637 A CN105190637 A CN 105190637A CN 201480000117 A CN201480000117 A CN 201480000117A CN 105190637 A CN105190637 A CN 105190637A
Authority
CN
China
Prior art keywords
summary info
software code
element device
network element
original digest
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201480000117.8A
Other languages
Chinese (zh)
Inventor
谭平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN105190637A publication Critical patent/CN105190637A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Virology (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A software security detection method, apparatus and device. The method comprises: a network management device obtaining original summary information from a network element device, the original summary information being summary information generated by the network element device for software code loaded in a memory; the network management device receiving verification summary information sent by the network element device, the verification summary information being summary information generated by the network element device during the running of the software code; and the network management device comparing the verification summary information with the original summary information to determine whether they are consistent, if the two pieces of information is not consistent, determining that the software code is not secure, and if the two pieces of information is consistent, determining that the software code is secure. By using embodiments of the present invention, whether software suffers a malicious attack during the running of the software can be detected because a network element device can send, to a network management device, summary information during the running of the software, so that the security of software running on the network element device can be protected, thereby improving the dynamic security of the software.

Description

Software security detection method, apparatus and device
Software security Eurya plant surveys method, device and equipment
Technical field
[01] the present invention relates to field of information security technology, more particularly to software security detection method, device and equipment.Background technology
[02] Malware can invade the system of network element device by changing, replacing the software on some network element devices, and system is destroyed, or steal the information on network element device.In the prior art, integrality that generally can be to software on network element device by the way of digital signature is verified, i.e. Network Management Equipment can be when issuing software or carrying out software upgrading, generate the digital signature of software, and by digital signature packing in software, network element device is then sent to, network element device is before loading software, the security of software is verified according to digital signature, software loaded after being verified.
[03] inventor has found in the research process to prior art; when the integrality of software and credibility are protected on to network element device; it is typically only capable to be verified before software is loaded; this verification mode is a kind of static verification mode; when in the running of software after loading is complete by malicious attack; due to being difficult to that software is verified, therefore reduce the dynamic security on network element device in software running process.The content of the invention
[04] the embodiments of the invention provide software security detection method, device and equipment, to solve the problem of network element device of the prior art is difficult to protect the dynamic security in software running process.
[05] in order to solve the above-mentioned technical problem, the embodiment of the invention discloses following technical scheme:[06] first aspect is there is provided a kind of software security detection method, and methods described includes:[07] Network Management Equipment obtains original digest information from network element device, and the original digest information is the summary info that the network element device is the software code generation being carried in internal memory;
[08] Network Management Equipment receives the checking summary info that the network element device is sent, and the checking summary info is the summary info that the network element device is generated in the software code running; [09] whether the Network Management Equipment checking summary info is consistent with the original digest information, if not, it is determined that the software code is dangerous, if, it is determined that the software code safety.
[10] combine in a first aspect, in the first possible implementation of first aspect, the Network Management Equipment obtains original digest information from network element device, including:[11] Network Management Equipment sends the request message of original digest information to the network element device, and receives the original digest information that the network element device is returned according to the request message of the original digest information;Or,
[12] when the Network Management Equipment reception network element device has loaded the software code in internal memory, the original digest information reported to the Network Management Equipment.
[13] combine in a first aspect, or first aspect the first possible implementation, in second of possible implementation of first aspect, the Network Management Equipment receives the checking summary info that the network element device is sent, including:
[14] Network Management Equipment receives the checking summary info that the network element device is reported according to the time cycle of setting;Or,
[15] Network Management Equipment sends the request message that reports for verifying summary info to the network element device, and receives the checking summary info that reports request message return of the network element device according to the checking summary info.[16] second aspect is there is provided a kind of software security detection method, and methods described includes:
[17] original digest information is sent to Network Management Equipment by network element device, and the original digest information is the summary info that the network element device is the software code generation being carried in internal memory;
[18] network element device sends the checking summary info of the software code in the software code running to the Network Management Equipment, so that the Network Management Equipment determines whether the software code is safe by relatively more described checking summary info and the original digest information.
[19] second aspect is combined, in the first possible implementation of second aspect, the original digest information is sent to Network Management Equipment by the network element device, including:
[20] network element device receives the request message for the original digest information that the Network Management Equipment is sent, it is that the software code being carried in internal memory generates the original digest information according to the request message of the original digest information, and the original digest information is sent to the Network Management Equipment;Or, [21] it is that the software code generates the original digest information, and the original digest information is reported to the Network Management Equipment when network element device has loaded the software code in internal memory.
[22] second aspect is combined, or the first possible implementation of second aspect, in second of possible implementation of second aspect, the network element device sends the checking summary info of the software code in the software code running to the Network Management Equipment, including:
[23] network element device generates the checking summary info of the software code, and send the checking summary info to the Network Management Equipment in the software code running according to the time cycle of setting;Or,
What [24] network element device received the checking summary info that the Network Management Equipment is sent in the software code running reports request message, the checking summary info of the software code is generated according to the request message that reports of the checking summary info, and the checking summary info is sent to the Network Management Equipment.
[25] third aspect is there is provided a kind of software security detection means, and described device includes:
[26] obtaining unit, for obtaining original digest information from network element device, the original digest information is the summary info that the network element device is the software code generation being carried in internal memory;
[27] receiving unit, for receiving the checking summary info that the network element device is sent, the checking summary info is the summary info that the network element device is generated in the software code running;
[28] detection unit, whether the original digest information for comparing the checking summary info of the receiving unit reception with the obtaining unit is obtained is consistent, if not, it is determined that the software code is dangerous, if, it is determined that the software code safety.
[29] third aspect is combined, in the first possible implementation of the third aspect, [30] described obtaining unit includes:Request message transmission sub-unit and the first original digest receiving subelement;
[31] the request message transmission sub-unit, the request message for sending original digest information to the network element device;
[32] the first original digest receiving subelement, for receiving the original digest information that the request message for the original digest information that the network element device is sent according to the request message transmission sub-unit is returned;
[33] or, the obtaining unit includes:Second original digest receiving subelement; [34] the second original digest receiving subelement, the original digest information reported for receiving when the network element device has loaded the software code in internal memory.
[35] combine the third aspect, or the third aspect the first possible implementation, in second of possible implementation of the third aspect, [36] described receiving unit includes:First checking summary receiving subelement;
[37] the first checking summary receiving subelement, for receiving the checking summary info that the network element device is reported according to the time cycle of setting;
[38] or, the receiving unit includes:Report request transmission sub-unit and the second checking summary receiving subelement;
[39] it is described to report request transmission sub-unit, for reporting request message to network element device transmission checking summary info;
[40] the second checking summary receiving subelement, the checking summary info for reporting request message to return for receiving the checking summary info that the network element device reports request transmission sub-unit to send according to.
[41] fourth aspect is there is provided a kind of software security detection means, and described device includes:
[42] first transmitting elements, for original digest information to be sent into Network Management Equipment, the original digest information is the summary info of the software code generation to be carried in internal memory;
[43] second transmitting elements, checking summary info for sending the software code to the Network Management Equipment in the software code running, so that the original digest information that the checking summary info that the Network Management Equipment is sent by relatively more described second transmitting element is sent with first transmitting element determines whether the software code is safe.
[44] fourth aspect is combined, in the first possible implementation of fourth aspect, [45] described first transmitting element includes:Request message receiving subelement, the first original digest generation subelement and the first original digest transmission sub-unit;
[46] the request message receiving subelement, the request message for receiving the original digest information that the Network Management Equipment is sent;
[47] first original digest generation subelement, for according to the request message receiving subelement receive it is original The request message of summary info is that the software code being carried in internal memory generates the original digest information;
[48] the first original digest transmission sub-unit, the original digest information for first original digest to be generated to subelement generation is sent to the Network Management Equipment;
[49] or, first transmitting element includes:Second original digest generates subelement and the second original digest transmission sub-unit;
[50] the second original digest generation subelement, is that the software code generates the original digest information during for having loaded the software code in internal memory;
[51] the second original digest transmission sub-unit, the original digest information for reporting the second original digest generation subelement generation to the Network Management Equipment.
[52] combine fourth aspect, or fourth aspect the first possible implementation, in second of possible implementation of fourth aspect,
[53] second transmitting element includes:First checking summarization generation unit and the first checking summary transmission sub-unit;
[54] the first checking summarization generation unit, in the software code running, the checking summary info of the software code to be generated according to the time cycle of setting;
[55] the first checking summary transmission sub-unit, the checking summary info for sending the first checking summarization generation unit generation to the Network Management Equipment;
[56] or, second transmitting element includes:Report request receiving subelement, the second checking summarization generation subelement and the second checking summary transmission sub-unit;
[57] it is described to report request receiving subelement, report request message for receive the checking summary info that the Network Management Equipment is sent in the software code running;
[58] the second checking summarization generation subelement, the checking summary info for reporting request message to generate the software code of the checking summary info for reporting request receiving subelement reception according to;
[59] the second checking summary transmission sub-unit, for the checking summary info of the described second checking summarization generation subelement generation to be sent into the Network Management Equipment. [60] the 5th aspects are there is provided a kind of Network Management Equipment, and the Network Management Equipment includes:Network interface and processor, wherein,
[61] network interface, for obtaining original digest information from network element device, the original digest information is the summary info that the network element device is the software code generation being carried in internal memory, and the checking summary info that the network element device is sent is received, the checking summary info is the summary info that the network element device is generated in the software code running;
[62] processor, it is whether consistent with the original digest information for comparing the checking summary info, if not, it is determined that the software code is dangerous, if, it is determined that the software code safety.
[63] the 5th aspect is combined, in the first possible implementation of the 5th aspect, the network interface, specifically for sending the request message of original digest information to the network element device, and receive the original digest information that the network element device is returned according to the request message of the original digest information;Or, when the reception network element device has loaded the software code in internal memory, the original digest information reported to the Network Management Equipment.
[64] the 5th aspect is combined, or the first possible implementation in terms of the 5th, in second of possible implementation of the 5th aspect, the network interface, specifically for receiving the checking summary info that the network element device is reported according to the time cycle of setting;Or, the request message that reports for verifying summary info is sent to the network element device, and receive the checking summary info that reports request message return of the network element device according to the checking summary info.
[65] the 6th aspects are there is provided a kind of network element device, and the network element device includes:Network interface and processor, wherein,
[66] processor, for original digest information to be sent into Network Management Equipment by the network interface, the original digest information is the summary info that the network element device is the software code generation being carried in internal memory, and, the checking summary info of the software code is sent to the Network Management Equipment by the network interface in the software code running, so that the Network Management Equipment determines whether the software code is safe by relatively more described checking summary info and the original digest information.
[67] the 6th aspect is combined, in the first possible implementation of the 6th aspect, the processor, after request message specifically for receiving the original digest information that the Network Management Equipment is sent when the network interface, it is that the software code being carried in internal memory generates the original digest information according to the request message of the original digest information, and the original digest information is sent to by the Network Management Equipment by the network interface;Or, it is that the software code generates the original digest information when having loaded the software code in internal memory, and by the network interface to the webmaster Equipment reports the original digest information.
[68] the 6th aspect is combined, or the first possible implementation in terms of the 6th, in second of possible implementation of the 6th aspect, the processor, specifically in the software code running, time cycle according to setting generates the checking summary info of the software code, and sends the checking summary info to the Network Management Equipment by the network interface;Or, when the network interface receives after the reporting request message of summary info of checking that the Network Management Equipment is sent in the software code running, the checking summary info of the software code is generated according to the request message that reports of the checking summary info, and the checking summary info is sent to by the Network Management Equipment by the network interface.
[69] in the embodiment of the present invention, Network Management Equipment obtains original digest information from network element device, the original digest information is the summary info that network element device is the software code generation being carried in internal memory, network element device generates checking summary info in software code running, Network Management Equipment receives the checking summary info that network element device is sent, and whether compare checking summary info consistent with original digest information, if not, then determine that software code is dangerous, if, it is determined that software code safety.Using the embodiment of the present invention; because network element device can be by sending the summary info in software running process to Network Management Equipment; therefore it can detect software in the process of running whether by malicious attack; protected so as to the security to the software in running on network element device, improve the dynamic security of software.Brief description of the drawings
[70] in order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, the required accompanying drawing used in embodiment or description of the prior art will be briefly described below, apparently, drawings in the following description are only some embodiments of the present invention, for those of ordinary skill in the art, without having to pay creative labor, other accompanying drawings can also be obtained according to these accompanying drawings.
[71] Figure 1A is one embodiment flow chart of invention software safety detecting method;
[72] Figure 1B is another embodiment flow chart of invention software safety detecting method;
[73] Fig. 2 is another embodiment flow chart of invention software safety detecting method;
[74] Fig. 3 is another embodiment flow chart of invention software safety detecting method;[75] Fig. 4 is another embodiment flow chart of invention software safety detecting method;
[76] Fig. 5 is another embodiment flow chart of invention software safety detecting method; [77] Fig. 6 is one embodiment block diagram of invention software safety detection device;
[78] Fig. 7 is another embodiment block diagram of invention software safety detection device;
[79] Fig. 8 is the embodiment block diagram of Network Management Equipment of the present invention;[80] Fig. 9 is the embodiment block diagram of network element device of the present invention.Embodiment
[81] in order that those skilled in the art more fully understand the technical scheme in the embodiment of the present invention, and enable the above-mentioned purpose of the embodiment of the present invention, feature and advantage more obvious understandable, technical scheme in the embodiment of the present invention is described in further detail below in conjunction with the accompanying drawings.
[82] be one embodiment flow chart of invention software safety detecting method referring to Figure 1A, the embodiment from Network Management Equipment side describe software running process in safety detection process:
[83] step 101:Network Management Equipment obtains original digest information from network element device, and the original digest information is the summary info that network element device is the software code generation being carried in internal memory.
[84] optionally, Network Management Equipment can send the request message of original digest information to network element device, and receive the original digest information that network element device is returned according to the request message of original digest information;Or, when Network Management Equipment can also receive network element device and load software code in internal memory, the original digest information reported to Network Management Equipment.
[85] step 102:Network Management Equipment receives the checking summary info that network element device is sent, and the checking summary info is the summary info that network element device is generated in software code running.
[86] optionally, Network Management Equipment can receive the checking summary info that network element device is reported according to the time cycle of setting;Or, Network Management Equipment can also send the request message that reports for verifying summary info to network element device, and receive the checking summary info that reports request message return of the network element device according to checking summary info.
[87] step 103:Network Management Equipment, which compares, verifies whether summary info is consistent with original digest information, if not, it is determined that software code is dangerous, if, it is determined that software code safety.
[88] as seen from the above-described embodiment; because network element device can be by sending the summary info in software running process to Network Management Equipment; therefore it can detect software in the process of running whether by malicious attack; protected so as to the security to the software in running on network element device, improve the dynamic security of software. [89] be another embodiment flow chart of invention software safety detecting method referring to Figure 1B, the embodiment from network element device side describe software running process in safety detection process:
[90] step 111:Original digest information is sent to Network Management Equipment by network element device, and original digest information is the summary info that network element device is the software code generation being carried in internal memory.[91] it is optional, network element device can receive the request message of the original digest information of Network Management Equipment transmission, it is that the software code being carried in internal memory generates original digest information according to the request message of original digest information, and original digest information is sent to Network Management Equipment;Or, it is software code generation original digest information, and original digest information is reported to Network Management Equipment when network element device can also load software code in internal memory.
[92] step 112:Network element device sends the checking summary info of software code in software code running to Network Management Equipment, so that Network Management Equipment determines whether software code is safe by comparing checking summary info and original digest information.
[93] optionally, network element device can generate the checking summary info of software code, and send checking summary info to Network Management Equipment in software code running according to the time cycle of setting;Or, the checking summary info that network element device can also receive Network Management Equipment transmission in software code running reports request message, the checking summary info of software code is generated according to the request message that reports of checking summary info, and checking summary info is sent to Network Management Equipment.
[94] as seen from the above-described embodiment; because network element device can be by sending the summary info in software running process to Network Management Equipment; therefore it can detect software in the process of running whether by malicious attack; protected so as to the security to the software in running on network element device, improve the dynamic security of software.
[95] it is another embodiment flow chart of invention software safety detecting method referring to Fig. 2:[96] step 201:Network element device loads software into internal memory.
[97] in the embodiment of the present invention, network element device can be specially veneer etc., and the on-chip system of bus connection can be provided with network element device(System on Chip, SoC) safety chip and internal memory etc., wherein, SoC safety chips can further include central processing unit(Central Processing Unit, CPU), field programmable gate array(Field-Programmable Gate Array, FPGA), digital signal processor(Digital Signal Processor, DSP), CPLD (Complex Programmable Logic Device, CPU)) etc., internal memory can include random access memory(Random Access Memory, RAM), flash memory(Flash) etc.. [98] when Network Management Equipment issues new software, or existing software is upgraded software when, can be these Software Create digital signature, that is the summary info of Network Management Equipment software for calculation, and by generating digital signature after the private key encryption summary info, by digital signature packing in software, and the software kit is sent to network element device, in the prior art, network element device is received after software kit, obtain digital signature therein, with public key decryptions, the digital signature obtains the first summary info, and simultaneously according to the second summary info of the mode software for calculation consistent with Network Management Equipment side, if the first summary info is consistent with the second summary info, then illustrate software security to be loaded, if the first summary info and the second summary info are inconsistent, then illustrate that software to be loaded is dangerous, ensure the static security of software to be loaded with this.
[99] when network element device is by verifying that digital signature determines software security to be loaded, the software is loaded into internal memory, loading procedure can include the decompression and initialization to software, after the completion of loading, the software is generally run in software code form in internal memory, i.e., software to be loaded is different from the form of both software codes for being loaded into internal memory.
[100] step 202:Network Management Equipment sends the request message of original digest information to network element device.
[101] in the present embodiment, Network Management Equipment can be specially operation maintenance center (Operation and Maintenance Center, OMC) equipment etc., and each Network Management Equipment can realize the communication between multiple network element devices.[102] in the present embodiment, the request message of original digest information can be actively sent to network element device from Network Management Equipment, Network Management Equipment can to network element device send software kit after preset time after send the request message, the preset time with ensure network element device can complete in internal memory load software code.
[103] step 203:Network element device is that original digest information is generated after the software code being carried in internal memory according to the request message of original digest information.[104] in the present embodiment, network element device is received after the request message of original digest information, is calculated the summary info for the software code being carried in internal memory, is regard the summary info as original digest information.Wherein, summary info is referred to as eap-message digest(Message Digest), or digital digest(Digital Digest), it is the value of the regular length of unique correspondence software code, and it can be by an one-way hash function(Hash) encryption function is acted on software code and produced, if software code changes in itself, and the summary info calculated can also change, therefore can verify by summary info the security and integrality of software code.
[105] step 204:Original digest information is sent to Network Management Equipment by network element device.
[106] step 205:Network Management Equipment preserves original digest information. [107] step 206:Network element device generates the checking summary info of software code in software code running according to the time cycle of setting.
[108] in the present embodiment, in order to verify the security in software code running, network element device can be in software code running, according to the summary info of the time cycle software for calculation code of setting, using the summary info as checking summary info, for example, network element device can set a timer, when the timing cycle of timer is reached, triggering network element device calculates the checking summary info of the timing cycle.In this step, verify that the calculation and process of summary info are consistent with original digest information, will not be repeated here.
[109] step 207:Network element device reports checking summary info to Network Management Equipment.
[110] step 208:Network Management Equipment, which compares, verifies whether summary info is consistent with original digest information, when verifying that summary info is inconsistent with original digest information, determines that software code is dangerous, when verifying that summary info is consistent with original digest information, determines software code safety.
[111] after Network Management Equipment receives checking summary info, the original digest information of preservation can be obtained, then checking summary info is compared whether consistent with original digest information, it can determine to be not tampered with software code running if consistent, software code safety, can determine to be tampered in software code running if inconsistent, therefore software code is dangerous, now Network Management Equipment can trigger alarm, or carry out manual intervention by keeper.
[112] as seen from the above-described embodiment; because network element device can be by sending the summary info in software running process to Network Management Equipment; therefore it can detect software in the process of running whether by malicious attack; protected so as to the security to the software in running on network element device, improve the dynamic security of software.
[113] it is another embodiment flow chart of invention software safety detecting method referring to Fig. 3:[114] step 301:Network element device loads software into internal memory.
[115] in the embodiment of the present invention, network element device can be specially veneer etc., SoC safety chips and internal memory etc. can be provided with network element device, wherein, SoC safety chips can be further comprising CPU, FPGA, DSP, CPLD etc., and internal memory can include RAM, Flash etc..
[116] when Network Management Equipment issues new software, or existing software is upgraded software when, can be these Software Create digital signature, by digital signature packing in software, and the software kit is sent to network element device, in the prior art, network element device is received after software kit, digital signature therein is obtained, and by verifying that digital signature determines software It is whether safe, ensure the static security of software to be loaded with this.The detailed process that network element device is verified to the software received is consistent with the description in abovementioned steps 201, will not be repeated here.
[117] when network element device is by verifying that digital signature determines software security to be loaded, the software is loaded into internal memory, loading procedure can include the decompression and initialization to software, after the completion of loading, the software is generally run in software code form in internal memory, i.e., software to be loaded is different from the form of both software codes for being loaded into internal memory.
[118] step 302:Network Management Equipment sends the request message of original digest information to network element device.
[119] in the present embodiment, Network Management Equipment can be specially 0MC equipment etc., and each Network Management Equipment can realize the communication between multiple network element devices.[120] in the present embodiment, the request message of original digest information can be actively sent to network element device from Network Management Equipment, Network Management Equipment can to network element device send software kit after preset time after send the request message, the preset time with ensure network element device can complete in internal memory load software code.
[121] step 303:Network element device is that original digest information is generated after the software code being carried in internal memory according to the request message of original digest information.[122] in the present embodiment, network element device is received after the request message of original digest information, is calculated the summary info for the software code being carried in internal memory, is regard the summary info as original digest information.Wherein, summary info can be acted on and produced by an One-way Hash Encryption function pair software code, if software code changes in itself, the summary info calculated can also change, therefore can verify by summary info the security and integrality of software code.[123] step 304:Original digest information is sent to Network Management Equipment by network element device.[124] step 305:Network Management Equipment preserves original digest information.
[125] step 306:The checking summary info that network element device receives Network Management Equipment transmission in software code running reports request message.
[126] difference with the embodiment shown in Fig. 2 is, the present embodiment is on network element device in software code running, and what Network Management Equipment can send checking summary info in real time according to keeper's demand reports request message. [127] step 307:Network element device is according to the checking summary info for reporting request message to generate software code for verifying summary info.
[128] network element device receives checking summary info and reported after request message, calculate the summary info of the software code run in current memory, it regard the summary info as checking summary info, verify that the calculation and process of summary info are consistent with original digest information, will not be repeated here.
[129] step 308:Network element device will verify that summary info is sent to Network Management Equipment.
[130] step 309:Network Management Equipment, which compares, verifies whether summary info is consistent with original digest information, when verifying that summary info is inconsistent with original digest information, determines that software code is dangerous, when verifying that summary info is consistent with original digest information, determines software code safety.[131] after Network Management Equipment receives checking summary info, the original digest information of preservation can be obtained, then checking summary info is compared whether consistent with original digest information, it can determine to be not tampered with software code running if consistent, software code safety, can determine to be tampered in software code running if inconsistent, therefore software code is dangerous, now Network Management Equipment can trigger alarm, or carry out manual intervention by keeper.
[132] as seen from the above-described embodiment; because network element device can be by sending the summary info in software running process to Network Management Equipment; therefore it can detect software in the process of running whether by malicious attack; protected so as to the security to the software in running on network element device, improve the dynamic security of software.
[133] it is another embodiment flow chart of invention software safety detecting method referring to Fig. 4:
[134] step 401:Network element device loads software into internal memory.
[135] in the embodiment of the present invention, network element device can be specially veneer etc., SoC safety chips and internal memory etc. can be provided with network element device, wherein, SoC safety chips can be further comprising CPU, FPGA, DSP, CPLD etc., and internal memory can include RAM, Flash etc..
[136] when Network Management Equipment issues new software, or existing software is upgraded software when, can be these Software Create digital signature, by digital signature packing in software, and the software kit is sent to network element device, in the prior art, network element device is received after software kit, digital signature therein is obtained, and by verifying that digital signature determines whether software safe, ensures the static security of software to be loaded with this.The detailed process that network element device is verified to the software received is consistent with the description in abovementioned steps 201, will not be repeated here. [137] step 402:It is software code generation original digest information when network element device has loaded software code in internal memory.
[138] different from the embodiment shown in earlier figures 2 and Fig. 3, network element device can be after software code have been loaded in the present embodiment, and the summary info of generation software code, regard the summary info as original digest information in real time.Wherein, summary info can be acted on and produced by an One-way Hash Encryption function pair software code, if software code changes in itself, the summary info calculated can also change, therefore can verify by summary info the security and integrality of software code.
[139] step 403:Network element device reports original digest information to Network Management Equipment.[140] step 404:Network Management Equipment preserves original digest information.
[141] step 405:Network element device generates the checking summary info of software code in software code running according to the time cycle of setting.
[142] in the present embodiment, in order to verify the security in software code running, network element device can be in software code running, according to the summary info of the time cycle software for calculation code of setting, using the summary info as checking summary info, for example, network element device can set a timer, when the timing cycle of timer is reached, triggering network element device calculates the checking summary info of the timing cycle.In this step, verify that the calculation and process of summary info are consistent with original digest information, will not be repeated here.
[143] step 406:Network element device reports checking summary info to Network Management Equipment.
[144] step 407:Network Management Equipment, which compares, verifies whether summary info is consistent with original digest information, when verifying that summary info is inconsistent with original digest information, determines that software code is dangerous, when verifying that summary info is consistent with original digest information, determines software code safety.[145] after Network Management Equipment receives checking summary info, the original digest information of preservation can be obtained, then checking summary info is compared whether consistent with original digest information, it can determine to be not tampered with software code running if consistent, software code safety, can determine to be tampered in software code running if inconsistent, therefore software code is dangerous, now Network Management Equipment can trigger alarm, or carry out manual intervention by keeper.
[146] as seen from the above-described embodiment; because network element device can be by sending the summary info in software running process to Network Management Equipment; therefore it can detect software in the process of running whether by malicious attack; protected so as to the security to the software in running on network element device, improve the dynamic security of software. [147] it is another embodiment flow chart of invention software safety detecting method referring to Fig. 5:[148] step 501:Network element device loads software into internal memory.
[149] in the embodiment of the present invention, network element device can be specially veneer etc., SoC safety chips and internal memory etc. can be provided with network element device, wherein, SoC safety chips can be further comprising CPU, FPGA, DSP, CPLD etc., and internal memory can include RAM, Flash etc..
[150] when Network Management Equipment issues new software, or existing software is upgraded software when, can be these Software Create digital signature, by digital signature packing in software, and the software kit is sent to network element device, in the prior art, network element device is received after software kit, digital signature therein is obtained, and by verifying that digital signature determines whether software safe, ensures the static security of software to be loaded with this.The detailed process that network element device is verified to the software received is consistent with the description in abovementioned steps 201, will not be repeated here.
[151] step 502:It is software code generation original digest information when network element device has loaded software code in internal memory.Step 503:Network element device reports original digest information to Network Management Equipment.
[152] step 504:Network Management Equipment preserves original digest information.
[153] different from the embodiment shown in earlier figures 2 and Fig. 3, network element device can be after software code have been loaded in the present embodiment, and the summary info of generation software code, regard the summary info as original digest information in real time.Wherein, summary info can be acted on and produced by an One-way Hash Encryption function pair software code, if software code changes in itself, the summary info calculated can also change, therefore can verify by summary info the security and integrality of software code.
[154] step 505:The checking summary info that network element device receives Network Management Equipment transmission in software code running reports request message.
[155] difference with the embodiment shown in Fig. 2 and Fig. 4 is, the present embodiment is on network element device in software code running, and what Network Management Equipment can send checking summary info in real time according to keeper's demand reports request message.
[156] step 506:Network element device is according to the checking summary info for reporting request message to generate software code for verifying summary info.[157] network element device receives checking summary info and reported after request message, calculates the summary info of the software code run in current memory, using the summary info as checking summary info, verify the calculation and process of summary info with Original digest information is consistent, will not be repeated here.
[158] step 507:Network element device will verify that summary info is sent to Network Management Equipment.
[159] step 508:Network Management Equipment, which compares, verifies whether summary info is consistent with original digest information, when verifying that summary info is inconsistent with original digest information, determines that software code is dangerous, when verifying that summary info is consistent with original digest information, determines software code safety.
[160] after Network Management Equipment receives checking summary info, the original digest information of preservation can be obtained, then checking summary info is compared whether consistent with original digest information, it can determine to be not tampered with software code running if consistent, software code safety, can determine to be tampered in software code running if inconsistent, therefore software code is dangerous, now Network Management Equipment can trigger alarm, or carry out manual intervention by keeper.[161] as seen from the above-described embodiment; because network element device can be by sending the summary info in software running process to Network Management Equipment; therefore it can detect software in the process of running whether by malicious attack; protected so as to the security to the software in running on network element device, improve the dynamic security of software.
[162] embodiment with the inventive method software security detection method is corresponding, and present invention also offers the embodiment of software security detection means, Network Management Equipment and network element device.[163] it is one embodiment block diagram of invention software safety detection device referring to Fig. 6, the device can be arranged on Network Management Equipment side:
[164] device includes:Obtaining unit 610, receiving unit 620 and detection unit 630.
[165] wherein, obtaining unit 610, for obtaining original digest information from network element device, the original digest information is the summary info that the network element device is the software code generation being carried in internal memory;[166] receiving unit 620, for receiving the checking summary info that the network element device is sent, the checking summary info is the summary info that the network element device is generated in the software code running;
[167] detection unit 630, whether the original digest information for comparing the checking summary info of the reception of receiving unit 610 with the obtaining unit 620 is obtained is consistent, if not, it is determined that the software code is dangerous, if, it is determined that the software code safety.[168] optionally, the obtaining unit 610 can include(Not shown in Fig. 6): [169] request message transmission sub-unit, the request message for sending original digest information to the network element device;
[170] first original digest receiving subelements, for receiving the original digest information that the request message for the original digest information that the network element device is sent according to the request message transmission sub-unit is returned.
[171] optionally, the obtaining unit 610 can also include(Not shown in Fig. 6):[172] second original digest receiving subelements, the original digest information reported for receiving when the network element device has loaded the software code in internal memory.
[173] optionally, the receiving unit 620 can include(Not shown in Fig. 6):
[174] first checking summary receiving subelements, for receiving the checking summary info that the network element device is reported according to the time cycle of setting;[175] optionally, the receiving unit 620 can also include(Not shown in Fig. 6):
[176] request transmission sub-unit is reported, for reporting request message to network element device transmission checking summary info;
[177] second checking summary receiving subelements, the checking summary info for reporting request message to return for receiving the checking summary info that the network element device reports request transmission sub-unit to send according to.
[178] it is another embodiment block diagram of invention software safety detection device referring to Fig. 7, the device can be arranged on network element device side:
[179] device includes:First transmitting element 710 and the second transmitting element 720.
[180] wherein, the first transmitting element 710, for original digest information to be sent into Network Management Equipment, the original digest information is the summary info of the software code generation to be carried in internal memory;
[181] second transmitting elements 720, checking summary info for sending the software code to the Network Management Equipment in the software code running, so that the original digest information that the checking summary info that the Network Management Equipment is sent by relatively more described second transmitting element is sent with first transmitting element determines whether the software code is safe.
[182] optionally, first transmitting element 710 can include(Not shown in Fig. 7):
[183] request message receiving subelement, the request message for receiving the original digest information that the Network Management Equipment is sent; [184] first original digests generate subelement, and the request message of the original digest information for being received according to the request message receiving subelement is that the software code being carried in internal memory generates the original digest information;
[185] first original digest transmission sub-units, the original digest information for first original digest to be generated to subelement generation is sent to the Network Management Equipment.
[186] optionally, first transmitting element 710 can also include(Not shown in Fig. 7):
[187] second original digests generate subelement, during for having loaded the software code in internal memory, are that the software code generates the original digest information;
[188] second original digest transmission sub-units, the original digest information for reporting the second original digest generation subelement generation to the Network Management Equipment.
[189] optionally, second transmitting element 720 can include(Not shown in Fig. 7):
[190] first checking summarization generation units, in the software code running, the checking summary info of the software code to be generated according to the time cycle of setting;
[191] first checking summary transmission sub-units, the checking summary info for sending the first checking summarization generation unit generation to the Network Management Equipment.
[192] optionally, second transmitting element 720 can also include(Not shown in Fig. 7):
[193] request receiving subelement is reported, request message is reported for receive the checking summary info that the Network Management Equipment is sent in the software code running;
[194] second checking summarization generation subelements, the checking summary info for reporting request message to generate the software code of the checking summary info for reporting request receiving subelement reception according to;
[195] second checking summary transmission sub-units, for the checking summary info of the described second checking summarization generation subelement generation to be sent into the Network Management Equipment.
[196] it is the embodiment block diagram of Network Management Equipment of the present invention referring to Fig. 8:
[197] Network Management Equipment includes:Network interface 810 and processor 820. [198] wherein, the network interface 810, for obtaining original digest information from network element device, the original digest information is the summary info that the network element device is the software code generation being carried in internal memory, and the checking summary info that the network element device is sent is received, the checking summary info is the summary info that the network element device is generated in the software code running;[199] processor 820, it is whether consistent with the original digest information for comparing the checking summary info, if not, it is determined that the software code is dangerous, if, it is determined that the software code safety.
[200] optionally, the network interface 810, can be specifically for sending the request message of original digest information to the network element device, and receives the original digest information that the network element device is returned according to the request message of the original digest information;Or, when the reception network element device has loaded the software code in internal memory, the original digest information reported to the Network Management Equipment.
[201] optionally, the network interface 810, can be specifically for receiving the checking summary info that the network element device is reported according to the time cycle of setting;Or, the request message that reports for verifying summary info is sent to the network element device, and receive the checking summary info that reports request message return of the network element device according to the checking summary info.[202] it is the embodiment block diagram of network element device of the present invention referring to Fig. 9:
[203] network element device includes:Network interface 910 and processor 920.
[204] wherein, the processor 920, for original digest information to be sent into Network Management Equipment by the network interface 910, the original digest information is the summary info that the network element device is the software code generation being carried in internal memory, and, the checking summary info of the software code is sent to the Network Management Equipment by the network interface 910 in the software code running, so that the Network Management Equipment determines whether the software code is safe by relatively more described checking summary info and the original digest information.
[205] it is optional, the processor 920, can be specifically for receiving the original digest information that the Network Management Equipment is sent when the network interface request message after, it is that the software code being carried in internal memory generates the original digest information according to the request message of the original digest information, and the original digest information is sent to by the Network Management Equipment by the network interface;Or, it is that the software code generates the original digest information, and the original digest information is reported to the Network Management Equipment by the network interface when having loaded the software code in internal memory.
[206] optionally, the processor 920, can be specifically in the software code running, according to setting Time cycle generate the checking summary info of the software code, and the checking summary info is sent to the Network Management Equipment by the network interface;Or, when the network interface receives after the reporting request message of summary info of checking that the Network Management Equipment is sent in the software code running, the checking summary info of the software code is generated according to the request message that reports of the checking summary info, and the checking summary info is sent to by the Network Management Equipment by the network interface.
[207] as seen from the above-described embodiment, Network Management Equipment obtains original digest information from network element device, the original digest information is the summary info that network element device is the software code generation being carried in internal memory, network element device generates checking summary info in software code running, Network Management Equipment receives the checking summary info that network element device is sent, and whether compare checking summary info consistent with original digest information, if not, then determine that software code is dangerous, if, it is determined that software code safety.Using the embodiment of the present invention; because network element device can be by sending the summary info in software running process to Network Management Equipment; therefore it can detect software in the process of running whether by malicious attack; protected so as to the security to the software in running on network element device, improve the dynamic security of software.
[208] those skilled in the art can be understood that the technology in the embodiment of the present invention can add the mode of required general hardware platform to realize by software.Understood based on such, the part that technical scheme in the embodiment of the present invention substantially contributes to prior art in other words can be embodied in the form of software product, the computer software product can be stored in storage medium, such as R0M/RAM, magnetic disc, CD, including some instructions are to cause a computer equipment(Can be personal computer, server, or network equipment etc.)Perform the method described in some parts of each embodiment of the invention or embodiment.
[209] each embodiment in this specification is described by the way of progressive, and identical similar part is mutually referring to what each embodiment was stressed is the difference with other embodiment between each embodiment.For system embodiment, because it is substantially similar to embodiment of the method, so description is fairly simple, the relevent part can refer to the partial explaination of embodiments of method.
[210] the embodiments of the present invention described above are not intended to limit the scope of the present invention.Any modifications, equivalent substitutions and improvements made within the spirit and principles in the present invention etc., should be included in the scope of the protection.

Claims (12)

  1. Claim
    1st, a kind of software security detection method, it is characterised in that methods described includes:
    Network Management Equipment obtains original digest information from network element device, and the original digest information is the summary info that the network element device is the software code generation being carried in internal memory;
    The Network Management Equipment receives the checking summary info that the network element device is sent, and the checking summary info is the summary info that the network element device is generated in the software code running;
    Whether the Network Management Equipment checking summary info is consistent with the original digest information, if not, it is determined that the software code is dangerous, if, it is determined that the software code safety.2nd, according to the method described in claim 1, it is characterised in that the Network Management Equipment obtains original digest information from network element device, including:
    The Network Management Equipment sends the request message of original digest information to the network element device, and receives the original digest information that the network element device is returned according to the request message of the original digest information;Or, when the Network Management Equipment reception network element device has loaded the software code in internal memory, the original digest information reported to the Network Management Equipment.
    3rd, method according to claim 1 or 2, it is characterised in that the Network Management Equipment receives the checking summary info that the network element device is sent, including:
    The Network Management Equipment receives the checking summary info that the network element device is reported according to the time cycle of setting;Or,
    The Network Management Equipment sends the request message that reports for verifying summary info to the network element device, and receives the checking summary info that reports request message return of the network element device according to the checking summary info.
    4th, a kind of software security detection method, it is characterised in that methods described includes:
    Original digest information is sent to Network Management Equipment by network element device, and the original digest information is the summary info that the network element device is the software code generation being carried in internal memory;
    The network element device sends the checking summary info of the software code in the software code running to the Network Management Equipment, so that the Network Management Equipment determines whether the software code is safe by relatively more described checking summary info and the original digest information.
    5th, method according to claim 4, it is characterised in that the network element device original is plucked described Information is wanted to be sent to Network Management Equipment, including:
    The network element device receives the request message for the original digest information that the Network Management Equipment is sent, it is that the software code being carried in internal memory generates the original digest information according to the request message of the original digest information, and the original digest information is sent to the Network Management Equipment;Or,
    It is that the software code generates the original digest information, and the original digest information is reported to the Network Management Equipment when network element device has loaded the software code in internal memory.
    6th, the method according to claim 4 or 5, it is characterised in that the network element device sends the checking summary info of the software code in the software code running to the Network Management Equipment, including:The network element device generates the checking summary info of the software code in the software code running, according to the time cycle of setting, and sends the checking summary info to the Network Management Equipment;Or, what the network element device received the checking summary info that the Network Management Equipment is sent in the software code running reports request message, the checking summary info of the software code is generated according to the request message that reports of the checking summary info, and the checking summary info is sent to the Network Management Equipment.
    7th, a kind of software security detection means, it is characterised in that described device includes:
    Obtaining unit, for obtaining original digest information from network element device, the original digest information is the summary info that the network element device is the software code generation being carried in internal memory;
    Receiving unit, for receiving the checking summary info that the network element device is sent, the checking summary info is the summary info that the network element device is generated in the software code running;
    Whether detection unit, the original digest information for comparing the checking summary info of the receiving unit reception with the obtaining unit is obtained is consistent, if not, it is determined that the software code is dangerous, if, it is determined that the software code safety.8th, the device according to the claim 7, it is characterised in that
    The obtaining unit includes:Request message transmission sub-unit and the first original digest receiving subelement;The request message transmission sub-unit, the request message for sending original digest information to the network element device;
    The first original digest receiving subelement, for receiving the original digest information that the request message for the original digest information that the network element device is sent according to the request message transmission sub-unit is returned;
    Or, the obtaining unit includes:Second original digest receiving subelement;
    The second original digest receiving subelement, for receive the network element device loaded in internal memory it is described The original digest information reported during software code.
    9th, the device according to claim 7 or 8, it is characterised in that
    The receiving unit includes:First checking summary receiving subelement;
    The first checking summary receiving subelement, for receiving the checking summary info that the network element device is reported according to the time cycle of setting;
    Or, the receiving unit includes:Report request transmission sub-unit and the second checking summary receiving subelement;It is described to report request transmission sub-unit, for reporting request message to network element device transmission checking summary info;
    The second checking summary receiving subelement, the checking summary info for reporting request message to return for receiving the checking summary info that the network element device reports request transmission sub-unit to send according to.
    10th, a kind of software security detection means, it is characterised in that described device includes:
    First transmitting element, for original digest information to be sent into Network Management Equipment, the original digest information is the summary info of the software code generation to be carried in internal memory;
    Second transmitting element, checking summary info for sending the software code to the Network Management Equipment in the software code running, so that the original digest information that the checking summary info that the Network Management Equipment is sent by relatively more described second transmitting element is sent with first transmitting element determines whether the software code is safe.
    11st, device according to claim 10, it is characterised in that
    First transmitting element includes:Request message receiving subelement, the first original digest generation subelement and the first original digest transmission sub-unit;
    The request message receiving subelement, the request message for receiving the original digest information that the Network Management Equipment is sent;
    First original digest generates subelement, and the request message of the original digest information for being received according to the request message receiving subelement is that the software code being carried in internal memory generates the original digest information;The first original digest transmission sub-unit, the original digest information for first original digest to be generated to subelement generation is sent to the Network Management Equipment;
    Or, first transmitting element includes:Second original digest generates subelement and the second original digest transmission sub-unit;
    Second original digest generates subelement, is institute during for having loaded the software code in internal memory State software code and generate the original digest information;
    The second original digest transmission sub-unit, the original digest information for reporting the second original digest generation subelement generation to the Network Management Equipment.12nd, the device according to claim 10 or 11, it is characterised in that
    Second transmitting element includes:First checking summarization generation unit and the first checking summary transmission sub-unit;
    The first checking summarization generation unit, in the software code running, the checking summary info of the software code to be generated according to the time cycle of setting;
    The first checking summary transmission sub-unit, the checking summary info for sending the first checking summarization generation unit generation to the Network Management Equipment;
    Or, second transmitting element includes:Report request receiving subelement, the second checking summarization generation subelement and the second checking summary transmission sub-unit;
    It is described to report request receiving subelement, report request message for receive the checking summary info that the Network Management Equipment is sent in the software code running;
    The second checking summarization generation subelement, the checking summary info for reporting request message to generate the software code of the checking summary info for reporting request receiving subelement reception according to;
    The second checking summary transmission sub-unit, for the checking summary info of the described second checking summarization generation subelement generation to be sent into the Network Management Equipment.
    13rd, a kind of Network Management Equipment, it is characterised in that the Network Management Equipment includes:Network interface and processor, wherein,
    The network interface, for obtaining original digest information from network element device, the original digest information is the summary info that the network element device is the software code generation being carried in internal memory, and the checking summary info that the network element device is sent is received, the checking summary info is the summary info that the network element device is generated in the software code running;
    The processor, it is whether consistent with the original digest information for comparing the checking summary info, if not, it is determined that the software code is dangerous, if, it is determined that the software code safety.14th, Network Management Equipment according to claim 13, it is characterised in that
    The network interface, specifically for sending the request message of original digest information to the network element device, and receives the original digest information that the network element device is returned according to the request message of the original digest information; Or, when the reception network element device has loaded the software code in internal memory, the original digest information reported to the Network Management Equipment.
    15th, the Network Management Equipment according to claim 13 or 14, it is characterised in that
    The network interface, specifically for receiving the checking summary info that the network element device is reported according to the time cycle of setting;Or, the request message that reports for verifying summary info is sent to the network element device, and receive the checking summary info that reports request message return of the network element device according to the checking summary info.16th, a kind of network element device, it is characterised in that the network element device includes:Network interface and processor, wherein,
    The processor, for original digest information to be sent into Network Management Equipment by the network interface, the original digest information is the summary info that the network element device is the software code generation being carried in internal memory, and, the checking summary info of the software code is sent to the Network Management Equipment by the network interface in the software code running, so that the Network Management Equipment determines whether the software code is safe by relatively more described checking summary info and the original digest information.
    17th, network element device according to claim 16, it is characterised in that
    The processor, after request message specifically for receiving the original digest information that the Network Management Equipment is sent when the network interface, it is that the software code being carried in internal memory generates the original digest information according to the request message of the original digest information, and the original digest information is sent to by the Network Management Equipment by the network interface;Or, it is that the software code generates the original digest information, and the original digest information is reported to the Network Management Equipment by the network interface when having loaded the software code in internal memory.18th, the network element device according to claim 16 or 17, it is characterised in that
    The processor, specifically in the software code running, generating the checking summary info of the software code according to the time cycle of setting, and the checking summary info is sent to the Network Management Equipment by the network interface;Or, when the network interface receives after the reporting request message of summary info of checking that the Network Management Equipment is sent in the software code running, the checking summary info of the software code is generated according to the request message that reports of the checking summary info, and the checking summary info is sent to by the Network Management Equipment by the network interface.
CN201480000117.8A 2014-03-04 2014-03-04 Software security detection method, apparatus and device Pending CN105190637A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2014/072826 WO2015131324A1 (en) 2014-03-04 2014-03-04 Software security detection method, apparatus and device

Publications (1)

Publication Number Publication Date
CN105190637A true CN105190637A (en) 2015-12-23

Family

ID=54054338

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201480000117.8A Pending CN105190637A (en) 2014-03-04 2014-03-04 Software security detection method, apparatus and device

Country Status (2)

Country Link
CN (1) CN105190637A (en)
WO (1) WO2015131324A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108875372A (en) * 2017-12-29 2018-11-23 哈尔滨安天科技股份有限公司 A kind of code detection method, device, electronic equipment and storage medium
CN111740854A (en) * 2019-03-25 2020-10-02 美光科技公司 Apparatus, method and system for secure device communication

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10474823B2 (en) * 2016-02-16 2019-11-12 Atmel Corporation Controlled secure code authentication
CN106096388B (en) * 2016-05-31 2019-04-16 北京小米移动软件有限公司 A kind of code security processing method, device, terminal device and system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6047242A (en) * 1997-05-28 2000-04-04 Siemens Aktiengesellschaft Computer system for protecting software and a method for protecting software
CN1514375A (en) * 2003-07-21 2004-07-21 *** Software protection method
CN101783801A (en) * 2010-01-29 2010-07-21 福建星网锐捷网络有限公司 Software protection method based on network, client side and server
CN101996286A (en) * 2009-08-10 2011-03-30 北京多思科技发展有限公司 Dynamic security measure implementation method, security measurement device and application system
CN102375953A (en) * 2010-08-10 2012-03-14 上海贝尔股份有限公司 Software certification method and software certification device
CN103065072A (en) * 2011-10-21 2013-04-24 北京大学 Method and device to improve Java software jailbreak difficulty and copyright verification method
CN103501294A (en) * 2010-08-18 2014-01-08 北京奇虎科技有限公司 Method for judging whether program is malicious or not

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102208003A (en) * 2010-03-31 2011-10-05 鸿富锦精密工业(深圳)有限公司 Software program protection system and method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6047242A (en) * 1997-05-28 2000-04-04 Siemens Aktiengesellschaft Computer system for protecting software and a method for protecting software
CN1514375A (en) * 2003-07-21 2004-07-21 *** Software protection method
CN101996286A (en) * 2009-08-10 2011-03-30 北京多思科技发展有限公司 Dynamic security measure implementation method, security measurement device and application system
CN101783801A (en) * 2010-01-29 2010-07-21 福建星网锐捷网络有限公司 Software protection method based on network, client side and server
CN102375953A (en) * 2010-08-10 2012-03-14 上海贝尔股份有限公司 Software certification method and software certification device
CN103501294A (en) * 2010-08-18 2014-01-08 北京奇虎科技有限公司 Method for judging whether program is malicious or not
CN103065072A (en) * 2011-10-21 2013-04-24 北京大学 Method and device to improve Java software jailbreak difficulty and copyright verification method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108875372A (en) * 2017-12-29 2018-11-23 哈尔滨安天科技股份有限公司 A kind of code detection method, device, electronic equipment and storage medium
CN111740854A (en) * 2019-03-25 2020-10-02 美光科技公司 Apparatus, method and system for secure device communication
CN111740854B (en) * 2019-03-25 2023-07-18 美光科技公司 Apparatus, method and system for secure device communication

Also Published As

Publication number Publication date
WO2015131324A1 (en) 2015-09-11

Similar Documents

Publication Publication Date Title
CN106407808B (en) The method and system for the malicious event that detection occurs for block chain data structure
CN109194625B (en) Client application protection method and device based on cloud server and storage medium
CN102833259B (en) The anti-tamper detection method of inter-system data, verification code generating method and device
US20120260345A1 (en) Trust verification of a computing platform using a peripheral device
CN104715183A (en) Trusted verifying method and equipment used in running process of virtual machine
US20200074122A1 (en) Cryptographic operation processing method, apparatus, and system, and method for building measurement for trust chain
CN102833745B (en) Method, communication equipment and communication system that a kind of software security is upgraded
CN105190637A (en) Software security detection method, apparatus and device
WO2019213869A1 (en) Method and device for blockchain node
CN115147956B (en) Data processing method, device, electronic equipment and storage medium
CN103500202A (en) Security protection method and system for light-weight database
WO2019029817A1 (en) Devices and methods for key attestation with multiple device certificates
CN109145651B (en) Data processing method and device
US10122755B2 (en) Method and apparatus for detecting that an attacker has sent one or more messages to a receiver node
CN110069415B (en) Software integrity checking and software testing method used in software testing process
WO2018136087A1 (en) Multiple remote attestation service for cloud-based systems
CN111586013B (en) Network intrusion detection method, device, node terminal and storage medium
CN105577706A (en) Network safety defense system and method thereof
CN113132310A (en) Safe access method and system for power distribution terminal and power distribution master station
CN112751807B (en) Secure communication method, device, system and storage medium
CN114095227A (en) Credible authentication method and system for data communication gateway and electronic equipment
EP3776318B1 (en) Tamper-resistant data encoding for mobile devices
CN117240611B (en) PLC information security protection system and method based on artificial intelligence
CN115412271A (en) Data watermark adding method and data security analysis method and device
CN111555857A (en) Edge network and network transmission method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20151223