CN109472132A - Anti- brush machine guard method and device - Google Patents

Anti- brush machine guard method and device Download PDF

Info

Publication number
CN109472132A
CN109472132A CN201811342322.9A CN201811342322A CN109472132A CN 109472132 A CN109472132 A CN 109472132A CN 201811342322 A CN201811342322 A CN 201811342322A CN 109472132 A CN109472132 A CN 109472132A
Authority
CN
China
Prior art keywords
brushed
configuration file
system configuration
file
machine equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811342322.9A
Other languages
Chinese (zh)
Inventor
许宁涛
胡传林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Teng Rui Ruifeng Technology Co Ltd
Original Assignee
Shenzhen Teng Rui Ruifeng Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Teng Rui Ruifeng Technology Co Ltd filed Critical Shenzhen Teng Rui Ruifeng Technology Co Ltd
Priority to CN201811342322.9A priority Critical patent/CN109472132A/en
Publication of CN109472132A publication Critical patent/CN109472132A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention provides a kind of anti-brush machine guard method and devices, are related to field of computer technology, including the brush machine data packet of extraction is loaded into machine equipment to be brushed, and after machine equipment brush machine to be brushed is restarted, generate the corresponding the first system configuration file of brush machine data packet;Obtain the second system configuration file for the machine equipment to be brushed that background management system backs up in advance;Compare the first system configuration file and second system configuration file distorts degree, distorts grade according to the degree of distorting is corresponding and sends operating instruction to the machine equipment to be brushed after restarting, so that machine equipment to be brushed operation is according to the corresponding movement of operating instruction.This method alleviate conventional method can not omnibearing protection, and can not to machine equipment to be brushed carry out drastic reduction the technical issues of, reached the technical effect protected comprehensively to machine equipment to be brushed.

Description

Anti- brush machine guard method and device
Technical field
The present invention relates to field of computer technology, more particularly, to a kind of anti-brush machine guard method and device.
Background technique
Currently, smart machine is widely used by user, there are the contents such as a large amount of personal information in equipment.In order to ensure Smart machine using safe, avoid smart machine system from illegally being distorted, now often utilize binary file and system local school It tests file and compares the conventional method of verification and carry out the protection of anti-brush machine.
The protection mechanism of the method mainly in machine equipment brush machine to be brushed or starting, utilizes local preset listed files Verify file and Encryption Algorithm verification carried out to each binary file of system, such as through verifying, in discovery system there are one or Multiple binary files are destroyed, then machine equipment to be brushed can not be by brush machine or starting.
But for this anti-brush machine guard method, a variety of Open-Source Tools or open source scheme are provided on network, it can will be to be brushed The system of machine equipment distorts rear reutilization system loophole and carries out camouflage processing to the binary file after change, and there are also some hackers Local preset listed files verification file can be cracked and forge check code, this makes verification file that can not verify out binary system text Part has been destroyed, therefore traditional anti-brush machine guard method can not carry out omnibearing protection to machine equipment to be brushed.In addition, machine to be brushed The system of equipment is after illegally being distorted, and machine equipment to be brushed can not restart or radio upgrade, to machine equipment to be brushed brush again into Official system can not also make equipment restore to also result in the personal information loss that machine equipment to be brushed has been deposited as before.Either to The system of brush machine equipment is illegally distorted or personal information is lost, and is all that machine equipment user to be brushed is unwilling to receive.
Summary of the invention
In view of this, the purpose of the present invention is to provide a kind of anti-brush machine guard method and devices, to alleviate tradition side Method can not omnibearing protection, and can not to machine equipment to be brushed carry out drastic reduction the technical issues of.
In a first aspect, this method is applied to compiler server the embodiment of the invention provides a kind of anti-brush machine guard method, This method comprises: extracting brush machine data packet, brush machine data packet is loaded into machine equipment to be brushed, in order to machine equipment brush machine weight to be brushed Qi Hou generates the corresponding the first system configuration file of brush machine data packet;If monitor background management system with restart after to The communication of brush machine equipment is normal, obtains the second system configuration file for the machine equipment to be brushed that background management system backs up in advance;Wherein, Second system configuration file be brush machine data packet be loaded into before machine equipment to be brushed, the system configuration file of machine equipment to be brushed it is pre- Set file;Compare the first system configuration file and second system configuration file distorts degree, usurps according to the degree of distorting is corresponding Change grade and send operating instruction to the machine equipment to be brushed after restarting, so that machine equipment to be brushed operation is corresponding dynamic according to operating instruction Make;Wherein, it distorts and is tampered the pre-set grade of file according to degree.
With reference to first aspect, the embodiment of the invention provides the first possible embodiments of first aspect, wherein ratio What it is to the first system file and second system file includes: to extract the first system configuration file and compile in advance the step of distorting degree The private key for the background management system translated generates first key;And it extracts second system configuration file and compiles in advance to be brushed The private key of machine equipment generates the second key;Compare first key and the second key whether consistency;If so, journey is distorted in determination Degree is distorted for nothing;If not, the differential file list of the first system configuration file and second system configuration file is generated, and according to Differential file list match distorts degree, wherein differential file list includes the first system configuration file and second system configuration Grade is distorted belonging to the differential file and differential file of file.
The possible embodiment of with reference to first aspect the first, the embodiment of the invention provides second of first aspect Possible embodiment, wherein extract the private key of the first system configuration file and the background management system compiled in advance, generation the The step of one key includes: to extract the first system configuration file, carries out Hash calculation to the first system configuration file, obtains first Corresponding first cryptographic Hash of system configuration file;First cryptographic Hash and the private key of the background management system compiled in advance are spelled It connects, Hash calculation is carried out to splicing result and obtains first key;Extract the second system configuration file and compile in advance to The step of private key of brush machine equipment, the second key of generation includes: to extract second system configuration file, to second system configuration file Hash calculation is carried out, corresponding second cryptographic Hash of second system configuration file is obtained;By the second cryptographic Hash in advance compile to The private key of brush machine equipment is spliced, and is carried out Hash calculation to splicing result and is obtained the second key.
With reference to first aspect, the embodiment of the invention provides the third possible embodiments of first aspect, wherein should Method further include: when monitoring that machine equipment to be brushed is in pattern compiler, in compilation process, the system that generates machine equipment to be brushed Configuration file, wherein system configuration file is the current corresponding configuration file of operating system of machine equipment to be brushed;By system configuration File and the brush machine data packet obtained in advance are packaged, and generate second system configuration file, and second system configuration file is sent Back-up processing is carried out to background management system.
The third possible embodiment with reference to first aspect, the embodiment of the invention provides the 4th kind of first aspect Possible embodiment, wherein the brush machine data packet obtained by system configuration file and in advance is packaged, and generates second system configuration The step of file includes: to carry out Hash calculation for each file for including in system configuration file, and it is corresponding to generate each file Cryptographic Hash;By the corresponding cryptographic Hash of each file and the storage of the file name association of file into specified configuration file;It will match It sets file and brush machine data packet is packaged and generates second system configuration file.
With reference to first aspect, the embodiment of the invention provides the 5th kind of possible embodiments of first aspect, wherein will Brush machine data packet is loaded into after machine equipment to be brushed, this method further include: monitoring software is generated, in order to machine equipment brush machine to be brushed After restarting, the machine equipment to be brushed after restarting is monitored by monitoring software.
The possible embodiment of with reference to first aspect the first, the embodiment of the invention provides the 6th kind of first aspect Possible embodiment, wherein this method further includes;Differential file list is uploaded to background management system, in order to basis Differential file list carries out the reparation of version loophole.
Second aspect, the embodiment of the present invention also provide a kind of anti-brush machine protective device, which includes: to insmod, and use In extracting brush machine data packet, brush machine data packet is loaded into machine equipment to be brushed, after restarting in order to machine equipment brush machine to be brushed, is generated The corresponding the first system configuration file of brush machine data packet;Monitoring modular, if after for monitoring background management system and restarting Machine equipment to be brushed communication it is normal, obtain the second system configuration file for the machine equipment to be brushed that background management system backs up in advance; Wherein, second system configuration file is that brush machine data packet is loaded into before machine equipment to be brushed, the system configuration text of machine equipment to be brushed The profile of part;Comparison module is distorted degree for compare the first system configuration file and second system configuration file, is pressed According to the corresponding grade of distorting of the degree of distorting to the machine equipment to be brushed transmission operating instruction after restarting, so that machine equipment to be brushed runs root According to the corresponding movement of operating instruction;Wherein, it distorts and is tampered the pre-set grade of file according to degree.
In conjunction with second aspect, the embodiment of the invention provides the first possible embodiments of second aspect, wherein should Device further include: collector, for when monitoring that machine equipment to be brushed is in pattern compiler, in compilation process, generate to The system configuration file of brush machine equipment, wherein system configuration file is the current corresponding configuration of operating system of machine equipment to be brushed File;Backup module, the brush machine data packet for obtaining by system configuration file and in advance are packaged, and generate second system configuration text Part, and second system configuration file is sent to background management system and carries out back-up processing.
The third aspect, the embodiment of the present invention also provide a kind of computer storage medium, and the computer storage medium is for depositing Computer program instructions are stored up, when computer executes computer program instructions, anti-brush machine described in first aspect strictly according to the facts is executed and protects Maintaining method.
The embodiment of the present invention bring it is following the utility model has the advantages that
Anti- brush machine guard method provided in an embodiment of the present invention and device, are set by the way that brush machine data packet is loaded into machine to be brushed It is standby, and after machine equipment brush machine to be brushed is restarted, generate the corresponding the first system configuration file of brush machine data packet;It is to be monitored to arrive backstage Management system with restart after machine equipment to be brushed communicate it is normal after, obtain the machine equipment to be brushed that background management system backs up in advance Second system configuration file;Compare the first system configuration file and second system configuration file distorts degree, according to distorting journey Corresponding grade of distorting is spent to the machine equipment to be brushed transmission operating instruction after restarting, and makes machine equipment operation to be brushed according to operating instruction Corresponding movement.It, can be effective by obtaining the second system configuration file for the machine equipment to be brushed that background management system backs up in advance Avoid a possibility that local verification file is cracked and forges.The corresponding grade of distorting of degree is distorted to after restarting by basis Machine equipment to be brushed send different operating instructions, machine equipment to be brushed can be enabled according to the actual conditions distorted, independently It chooses whether to restore original system, can preferably protect machine equipment to be brushed.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification It obtains it is clear that understand through the implementation of the invention.The objectives and other advantages of the invention are in specification and attached drawing Specifically noted structure is achieved and obtained.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate Appended attached drawing, is described in detail below.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below Attached drawing is some embodiments of the present invention, for those skilled in the art, without creative efforts, It is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of anti-brush machine guard method flow chart provided in an embodiment of the present invention;
Fig. 2 is the flow chart that a kind of machine equipment system to be brushed provided in an embodiment of the present invention is restored;
Fig. 3 is a kind of structural schematic diagram of anti-brush machine protective device provided in an embodiment of the present invention;
Fig. 4 is the structural schematic diagram of the anti-brush machine protective device of another kind provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with attached drawing to the present invention Technical solution be clearly and completely described, it is clear that described embodiments are some of the embodiments of the present invention, rather than Whole embodiments.Based on the embodiments of the present invention, those skilled in the art institute without making creative work The every other embodiment obtained, shall fall within the protection scope of the present invention.
The anti-brush machine guard method of tradition at present can not carry out omnibearing protection to machine equipment to be brushed, and can not set to machine to be brushed It is standby to carry out system reducing, it is based on this, a kind of anti-brush machine guard method provided in an embodiment of the present invention and device can be in all directions Machine equipment to be brushed is protected, and there is collection system loophole and recovery system.
For convenient for understanding the present embodiment, first to a kind of anti-brush machine guard method disclosed in the embodiment of the present invention It describes in detail.
Embodiment one:
With reference to a kind of anti-brush machine guard method flow chart shown in FIG. 1, this method can be applied to compiler server, including Following steps:
Step S102 extracts brush machine data packet, brush machine data packet is loaded into machine equipment to be brushed, in order to machine equipment to be brushed After brush machine is restarted, the corresponding the first system configuration file of brush machine data packet is generated;
In actual use, machine equipment to be brushed described in the embodiment of the present invention can be smart phone, tablet computer, palm Computer etc. has the intelligent terminal of independent operating system, also, above-mentioned steps are usually to be in pattern compiler in machine equipment to be brushed Lower progress.Using machine equipment to be brushed as smart phone, and, for the operating system of the smart phone is Android system, when this is waited for After brush machine equipment and compiler server communication connection, it can be configured operation by user, machine equipment to be brushed is made to be in compiling Mode obtains the brush machine file in brush machine data packet at this point it is possible to be compiled on compiler server to Android source code, In order to carry out brush machine operation to machine equipment to be brushed.
Further, above-mentioned brush machine data packet may include the brush machine packet and upgrade package of current machine equipment to be brushed, and brush machine packet is used In carrying out brush machine to machine equipment to be brushed, upgrade package is for upgrading machine equipment to be brushed.
Step S104 obtains backstage if monitoring that background management system communicates normally with the machine equipment to be brushed after restarting The second system configuration file for the machine equipment to be brushed that management system backs up in advance;
Wherein, second system configuration file is that brush machine data packet is loaded into before machine equipment to be brushed, and machine equipment to be brushed is The profile of system configuration file;
Step S106, compare the first system configuration file and second system configuration file distorts degree, according to distorting journey Corresponding grade of distorting is spent to the machine equipment to be brushed transmission operating instruction after restarting, so that machine equipment to be brushed operation refers to according to operation Enable corresponding movement;
Wherein, it distorts and is tampered the pre-set grade of file according to degree, specifically, user can be in advance to second The configuration preference level that tampers with a document in system configuration file, for example, can be divided into according to the priority level for being tampered file several Classification: for example, the vandalisms such as severe viral, allow what machine equipment to be brushed did illegal purposes to be tampered file, it can be provided Danger classes can be to be brushed after restarting at this point, corresponding file is tampered if compiler server monitors danger classes Machine equipment sends shutdown command, to forbid the machine equipment to be brushed to use current brush machine data packet;
When file lower for priority is tampered or is deleted, in comparison step S106, compiler server Updated data package can be generated, include being tampered or deleted file in the updated data package, in order to by by The process that one system configuration file and second system configuration file are compared carries out the file for including in updated data package extensive It is multiple, restore order at this point it is possible to send to the machine equipment to be brushed after restarting;
Further, the lesser lower configuration file of priority is influenced for the operating system of machine equipment to be brushed to be tampered When, compiler server can only inform that user's system configuration file is modified, and then proceed to execute the operation of brush machine, Huo Zheke Directly to ignore the content etc. distorted, when specific implementation, being tampered the pre-set grade of file can be with reference to current to be brushed Machine equipment, and equipment is carried out according to the actual situation, it is not limited by the embodiments of the present invention.
Anti- brush machine guard method provided in an embodiment of the present invention and device, are set by the way that brush machine data packet is loaded into machine to be brushed It is standby, and after machine equipment brush machine to be brushed is restarted, generate the corresponding the first system configuration file of brush machine data packet;It is to be monitored to arrive backstage Management system with restart after machine equipment to be brushed communicate it is normal after, obtain the machine equipment to be brushed that background management system backs up in advance Second system configuration file;Compare the first system configuration file and second system configuration file distorts degree, according to distorting journey Corresponding grade of distorting is spent to the machine equipment to be brushed transmission operating instruction after restarting, and makes machine equipment operation to be brushed according to operating instruction Corresponding movement.It, can be effective by obtaining the second system configuration file for the machine equipment to be brushed that background management system backs up in advance Avoid a possibility that local verification file is cracked and forges.The corresponding grade of distorting of degree is distorted to after restarting by basis Machine equipment to be brushed send different operating instructions, machine equipment to be brushed can be enabled according to the actual conditions distorted, independently It chooses whether to restore original system, can preferably protect machine equipment to be brushed.
In actual use, it is compared for the ease of the degree of distorting to the first system file and second system file, The process of above-mentioned steps S106 can be carried out by comparing the private key of the first system file and second system file, specifically, on Stating step S106 may include following procedure:
(1) private key for extracting the first system configuration file and the background management system compiled in advance, generates first key;
When specific implementation, the first system configuration file is extracted, Hash calculation is carried out to the first system configuration file, obtains the Corresponding first cryptographic Hash of one system configuration file;
First cryptographic Hash and the private key of the background management system compiled in advance are spliced, Hash is carried out to splicing result First key is calculated.
(2) private key for extracting second system configuration file and the machine equipment to be brushed compiled in advance, generates the second key;
When specific implementation, second system configuration file is extracted, Hash calculation is carried out to second system configuration file, obtains the Corresponding second cryptographic Hash of two system configuration file;
Second cryptographic Hash and the private key of the machine equipment to be brushed compiled in advance are spliced, Hash meter is carried out to splicing result Calculation obtains the second key.
(3) compare above-mentioned first key and the second key whether consistency;If so, determining that degree of distorting is distorted for nothing; If not, generating the differential file list of the first system configuration file and second system configuration file, and arranged according to differential file Degree is distorted in table matching, wherein differential file list includes the difference of the first system configuration file and second system configuration file Grade is distorted belonging to file and differential file.
When specific implementation, above-mentioned grade of distorting may include danger classes, required grade, take as an elective course grade and negligible etc. Grade.
Wherein, danger classes includes that machine equipment to be brushed is seriously illegally distorted, such as severe viral is implanted into machine equipment to be brushed In the case of, cause machine equipment to be brushed to be engaged in illegal purposes by vandalism, passively.
When the degree of distorting belongs to danger classes, background management system notice monitoring software closes machine equipment to be brushed simultaneously by force Forbid machine equipment to be brushed to reuse, to avoid machine equipment to be brushed system contain severe viral in the case where, be illegally used And it is engaged in illegal act, irremediable loss is brought for user.
Required grade includes that the file of machine equipment to be brushed is distorted by depth, causes to hinder to the operation of machine equipment to be brushed, and/ Or equipment user is caused using difficulty, but and there is no severe virals etc. to endanger in biggish situation.
When the degree of distorting belongs to required grade, need to carry out depth recovery to machine equipment to be brushed, before restoring machine to be brushed System mode;
When specific implementation, background management system makes differential file packet, wherein differential file according to differential file list Packet includes being tampered file packet, deleted file packet and being increased file packet in order to restore machine equipment to be brushed to be It is easy to understand, Fig. 2 shows a kind of flow charts that machine equipment system to be brushed is restored, comprising the following steps:
Step S200 extracts second system configuration file from background management system;
Step S202, according to differential file list, from second system configuration file, downloading is tampered file packet and is deleted Except file packet, and file packet and deleted file packet boil down to updated data package will be tampered;
Step S204, according to differential file list, from second system configuration file, extraction is increased file, to being increased Add file and carry out Hash calculation, the corresponding cryptographic Hash of each file is generated, by the text of each file corresponding cryptographic Hash and file Part name associated storage is to being increased in file packet;
Step S206 downloads updated data package and is increased file packet to machine equipment to be brushed;
Updated data package is installed to machine equipment to be brushed using root authority, and replaces original, and use is deleted by step S208 Except the respective file increased in file packet is deleted in order.
By step shown in Fig. 2, can will be before the associated documents depth recovery to machine to be brushed in differential file packet System state effectively prevents the problem of user data caused by passive brush machine process is emptied.
Above-mentioned to take as an elective course the file that grade may include machine equipment to be brushed and distorted by moderate, the file distorted will not be to machine to be brushed The normal operation of equipment causes to hinder, but need equipment user to machine equipment to be brushed carry out new system setting in the case where.
Further, when the degree of distorting, which belongs to, takes as an elective course grade, compiler server differential file list can be sent to In the running log of brush machine equipment, and machine equipment to be brushed is notified to show that " equipment is tampered " printed words, equipment user can be selected independently It selects whether to receive and distort, if so, machine equipment to be brushed reception is tampered file, and operated normally under this system;If not, right Machine equipment to be brushed carries out depth recovery, the system mode before restoring machine to be brushed.In addition, equipment user can also pass through above-mentioned operation Log, which is checked, distorts details.
Above-mentioned negligible grade includes that the file of machine equipment to be brushed is slightly distorted, and the file distorted will not set machine to be brushed Standby operation causes to hinder, and, in the case where not influencing equipment user normal use.When the degree of distorting belong to it is negligible etc. When grade, machine equipment reception to be brushed is tampered file, and operates normally under this system.
When differential file list is negligible grade, machine equipment reception to be brushed is tampered, and machine equipment to be brushed operates normally, with Guarantee that machine equipment to be brushed still can normal use when slightly being distorted.
When specific implementation, in order to obtain the degree of distorting of the first system configuration file, usually carried out to machine equipment to be brushed Before brush machine, it is also necessary to carry out some default work, therefore, the above method further include:
When monitoring that machine equipment to be brushed is in pattern compiler, in compilation process, generate above-mentioned machine equipment to be brushed is System configuration file, wherein system configuration file is the current corresponding configuration file of operating system of machine equipment to be brushed;System is matched The brush machine data packet setting file and obtaining in advance is packaged, and generates second system configuration file, and second system configuration file is sent out It send to background management system and carries out back-up processing.
Specifically, generating the process of second system configuration file may include: every for include in system configuration file A file carries out Hash calculation, generates the corresponding cryptographic Hash of each file;By the text of each file corresponding cryptographic Hash and file Part name associated storage is into specified configuration file;Configuration file and brush machine data packet are packaged and generate second system configuration text Part.
Second system configuration file is backed up into background management system in advance, the brush machine process of machine equipment to be brushed can be prevented It is distorted by force, and, as the standby system of machine equipment to be brushed, it can be used for later period system and restore and later period leak analysis Reference paper.
In order to which during later maintenance, equipment and system version to the same model of machine equipment to be brushed carry out loophole and repair It is multiple, the above method further include:
Differential file list is uploaded to background management system, is repaired in order to carry out version loophole according to differential file list It is multiple.
Specifically, the developer of system version can extract differential file list and second from background management system System configuration file, by studying the discrepancy in differential file, loophole and problem in available system version, in the later period Edition upgrading and loophole can targetedly carry out the reparation of version loophole and system maintenance work in repairing.
It should be noted that background management system is using software version number as Service Ticket, to differential file list and Two system configuration file is stored, at the same time, using software version number as Service Ticket, to differential file list and second System configuration file extracts.
In general, may include system operating file, data file and kernel file in the system file of machine equipment to be brushed Etc. various files, kernel file and system operating file are related to the normal operation of each function of machine equipment to be brushed, therefore, this hair The anti-brush machine guard method that bright embodiment provides also is supported only to protect kernel file and system operating file, specific text Part list can be preset in background management system.
After having preset document to be protected list in background management system, above-mentioned steps S104 can also include: According to protection listed files preset in background management system, protection file in extraction system configuration file will be protected File and the brush machine data packet obtained in advance are packaged, and generate second system configuration file, and second system configuration file is sent Back-up processing is carried out to background management system.
In the case where second system configuration file in order to avoid that can not obtain background management system for a long time, and there are nothings Method judges the problem of distorting degree of machine equipment to be brushed, therefore, the above method further include: in first key and the second key agreement In the case where, the second key can be deposited into the Parameter File of machine equipment to be brushed;If monitor background management system with again Machine equipment to be brushed after opening can not normal communication when, the second key in the Parameter File of machine equipment to be brushed can be extracted, be used for Compare the first system configuration file and second system configuration file distorts degree.
It, can not be in machine equipment to be brushed by that can be stored to the second key of the machine equipment to be brushed verified When background management system normal communication, preferential that the second key passed through was verified using last time, carry out machine equipment to be brushed distorts journey The judgement of degree avoids influencing the system judgement to machine equipment to be brushed, and then influences the operation of down-stream.
It is worth noting that needing the state to machine equipment to be brushed in machine equipment brush machine to be brushed and the overall process of verification It is monitored in real time, to prevent machine equipment to be brushed from occurring going offline, Caton or the problems such as crash, therefore, this method further include: generate Monitoring software after restarting in order to machine equipment brush machine to be brushed, is monitored the machine equipment to be brushed after restarting by monitoring software.
Specifically, monitoring software can select house dog software, in general, house dog software can every certain time judge to Whether brush machine equipment has new element, if so, house dog software reclocking;If not, house dog software is repeatedly judged Whether program has new element, and records judgement number, and if there is new element, house dog software reclocking judges that number is zeroed; If without new element, when judging that number reaches preset maximum value, house dog software restarting machine equipment to be brushed.
For example, house dog software can open a thread, and whether there is new element at interval of 10s determining program, such as Fruit in 10 minutes internal programs without any movement, then house dog software restarting machine equipment to be brushed.With house dog software monitors in brush machine Can restart before rear machine equipment to be brushed and background management system for normal communication, if so, carrying out obtaining back-stage management system The subsequent action of the second system configuration file for the machine equipment to be brushed that system backs up in advance;If not, being monitored in 10 minutes repeatedly The two whether normal communication, if it is, continuing subsequent action, if it is not, then house dog software restarting machine equipment to be brushed.
In addition, in the method, house dog also monitors the transmission of the operating instruction of background management system,
Specifically, compare complete the first system configuration file and second system configuration file distort degree after, guard the gate Dog software supervision background management system whether in 10 minutes to after restarting machine equipment to be brushed send operating instruction, if so, Then machine equipment operating instruction to be brushed, if not, restarting machine equipment to be brushed.
In specific implementation, the new element of program includes all run action in the above method.
Specific monitoring software can select according to the actual situation, and it is not limited by the embodiments of the present invention.
It is worth noting that the equipment that background management system can be stored, can be communicated for computer etc., or net The type in network cloud, specific background management system can select according to the actual situation, and the embodiment of the present invention is to this without limit System.
To sum up, anti-brush machine guard method provided in an embodiment of the present invention has the advantages that
It (1), can be effective by obtaining the second system configuration file for the machine equipment to be brushed that background management system backs up in advance Avoid a possibility that local verification file is cracked and forges;
(2) by according to degree of distorting it is corresponding distort grade and send different operations to the machine equipment to be brushed after restarting refer to It enables, machine equipment to be brushed can be enabled according to the actual conditions distorted, independently choose whether to restore original system, can preferably protect Protect machine equipment to be brushed;
(3) by setting danger classes, effectively prevent machine equipment to be brushed and be engaged in unlawful activities, avoid to user with Carry out irremediable loss;
(4) by utilizing differential file list, machine equipment to be brushed can be restored to the state before brush machine, avoids user To restore original system and passive brush machine, the risk for causing personal information and data to be emptied;
(5) differential file list is uploaded to background management system, it is poor by studying convenient for the developer of system version Discrepancy in different article part targetedly carries out the reparation of version loophole and system in later period edition upgrading and loophole are repaired Maintenance;
(6) by can be stored to the second key of the machine equipment to be brushed verified, can machine equipment to be brushed without It is preferential that the second key passed through was verified using last time when method and background management system normal communication, it ensure that machine equipment to be brushed System judgement working efficiency.
(7) this method supports the partial document of machine equipment to be brushed to be tampered, and can according to need selection to all or part System file carries out verification protection, has better flexibility.
Embodiment two:
Corresponding to method provided by the above embodiment, the embodiment of the invention also provides a kind of anti-brush machine protective device, ginsengs A kind of structural schematic diagram of anti-brush machine protective device shown in Fig. 3 is examined, which comprises the following modules:
It insmods 10, for extracting brush machine data packet, brush machine data packet is loaded into machine equipment to be brushed, in order to be brushed After machine equipment brush machine is restarted, the corresponding the first system configuration file of brush machine data packet is generated;
Monitoring modular 20, if obtained for monitoring that background management system communicates normally with the machine equipment to be brushed after restarting The second system configuration file for the machine equipment to be brushed for taking background management system to back up in advance;Wherein, second system configuration file is Brush machine data packet is loaded into before machine equipment to be brushed, the profile of the system configuration file of machine equipment to be brushed;
Comparison module 40 distorts degree for compare the first system configuration file and second system configuration file, according to The corresponding grade of distorting of degree is distorted to the machine equipment to be brushed transmission operating instruction after restarting, so that machine equipment to be brushed runs basis The corresponding movement of operating instruction;Wherein, it distorts and is tampered the pre-set grade of file according to degree.
When specific implementation, before carrying out brush machine to machine equipment to be brushed, need to carry out some default work.Specifically, it refers to The structural schematic diagram of the anti-brush machine protective device of another kind shown in Fig. 4, wherein this device further include:
Collector 60, in compilation process, generating to be brushed when monitoring that machine equipment to be brushed is in pattern compiler The system configuration file of machine equipment, wherein system configuration file is the corresponding configuration text of the current operating system of machine equipment to be brushed Part;
Backup module 80, the brush machine data packet for obtaining by system configuration file and in advance are packaged, and generate second system Configuration file, and second system configuration file is sent to background management system and carries out back-up processing.
The technical effect and preceding method embodiment phase of device provided by the embodiment of the present invention, realization principle and generation Together, to briefly describe, Installation practice part does not refer to place, can refer to corresponding contents in preceding method embodiment.
Anti- brush machine protective device provided in an embodiment of the present invention, with anti-brush machine protective device method provided by the above embodiment Technical characteristic having the same reaches identical technical effect so also can solve identical technical problem.
It is apparent to those skilled in the art that for convenience and simplicity of description, the device of foregoing description Specific work process, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
The embodiment of the invention also provides a kind of computer storage mediums to work as calculating for storing computer program instructions When machine executes computer program instructions, method described in embodiment one is executed.
Finally, it should be noted that above embodiments, only a specific embodiment of the invention, to illustrate skill of the invention Art scheme, rather than its limitations, scope of protection of the present invention is not limited thereto, although with reference to the foregoing embodiments to the present invention into Go detailed description, it should be understood by those skilled in the art that: anyone skilled in the art takes off in the present invention In the technical scope of dew, it can still modify to technical solution documented by previous embodiment or can readily occur in change Change or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make relevant art Scheme essence be detached from technical solution of the embodiment of the present invention spirit and scope, should all cover protection scope of the present invention it It is interior.Therefore, protection scope of the present invention should be subject to the protection scope in claims.

Claims (10)

1. a kind of anti-brush machine guard method, which is characterized in that the method is applied to compiler server, which comprises
Brush machine data packet is extracted, the brush machine data packet is loaded into machine equipment to be brushed, in order to the machine equipment brush machine to be brushed After restarting, the corresponding the first system configuration file of the brush machine data packet is generated;
If monitoring that background management system communicates normally with the machine equipment to be brushed after restarting, it is pre- to obtain background management system The second system configuration file of the machine equipment to be brushed first backed up;Wherein, the second system configuration file is the brush machine Data packet is loaded into before the machine equipment to be brushed, the profile of the system configuration file of the machine equipment to be brushed;
Compare the first system configuration file and the second system configuration file distorts degree, distorts degree according to described Corresponding grade of distorting is to the machine equipment transmission operating instruction to be brushed after restarting, so that the machine equipment to be brushed runs basis The corresponding movement of the operating instruction;Wherein, described distort is tampered the pre-set grade of file according to degree.
2. anti-brush machine guard method according to claim 1, which is characterized in that it is described compare the first system file and The second system file includes: the step of distorting degree
The private key of the first system configuration file and the background management system compiled in advance is extracted, first key is generated; And
The private key of the machine equipment to be brushed for extracting the second system configuration file and compiling in advance generates the second key;
Compare the first key and the second key whether consistency;
It is distorted if so, distorting degree described in determining for nothing;
If not, generating the differential file list of the first system configuration file and the second system configuration file, and root Degree is distorted according to described in the differential file list match, wherein the differential file list includes the first system configuration Grade is distorted belonging to the differential file and the differential file of file and the second system configuration file.
3. anti-brush machine guard method according to claim 2, which is characterized in that described to extract the first system configuration text The private key of part and the background management system compiled in advance, generate first key the step of include:
The first system configuration file is extracted, Hash calculation is carried out to the first system configuration file, obtains described first Corresponding first cryptographic Hash of system configuration file;
First cryptographic Hash and the private key of the background management system compiled in advance are spliced, splicing result is carried out Hash calculation obtains first key;
The private key for extracting the second system configuration file and the machine equipment to be brushed compiled in advance, generates the second key The step of include:
The second system configuration file is extracted, Hash calculation is carried out to the second system configuration file, obtains described second Corresponding second cryptographic Hash of system configuration file;
Second cryptographic Hash and the private key of the machine equipment to be brushed compiled in advance are spliced, splicing result is breathed out It is uncommon that the second key is calculated.
4. the method according to claim 1, wherein the method also includes:
When monitoring that machine equipment to be brushed is in pattern compiler, in compilation process, the system for generating the machine equipment to be brushed is matched Set file, wherein the system configuration file is the current corresponding configuration file of operating system of the machine equipment to be brushed;
The brush machine data packet obtained by the system configuration file and in advance is packaged, and generates the second system configuration text Part, and the second system configuration file is sent to the background management system and carries out back-up processing.
5. according to the method described in claim 4, it is characterized in that, the institute obtained by the system configuration file and in advance Stating the step of brush machine data packet is packaged, generates the second system configuration file includes:
Hash calculation is carried out for each file for including in the system configuration file, generates the corresponding Kazakhstan of each file Uncommon value;
By each corresponding cryptographic Hash of file and the storage of the file name association of the file into specified configuration file;
The configuration file and the brush machine data packet are packaged and generate the second system configuration file.
6. the method according to claim 1, wherein described be loaded into machine equipment to be brushed for the brush machine data packet Later, the method also includes:
Monitoring software is generated, after restarting in order to the machine equipment brush machine to be brushed, by the monitoring software to the institute after restarting Machine equipment to be brushed is stated to be monitored.
7. anti-brush machine guard method according to claim 2, which is characterized in that the method also includes;
The differential file list is uploaded to the background management system, in order to carry out version according to the differential file list The reparation of this loophole.
8. a kind of anti-brush machine protective device, which is characterized in that described device includes:
Insmod, for extracting brush machine data packet, the brush machine data packet be loaded into machine equipment to be brushed, in order to it is described to After brush machine equipment brush machine is restarted, the corresponding the first system configuration file of the brush machine data packet is generated;
Monitoring modular, if obtained for monitoring that background management system communicates normally with the machine equipment to be brushed after restarting The second system configuration file for the machine equipment to be brushed that background management system backs up in advance;Wherein, the second system configuration File be the brush machine data packet be loaded into before the machine equipment to be brushed, the system configuration file of the machine equipment to be brushed it is pre- Set file;
Comparison module is distorted degree for compare the first system configuration file and the second system configuration file, is pressed According to the corresponding grade of distorting of degree of distorting to the machine equipment transmission operating instruction to be brushed after restarting, so that described to be brushed Machine equipment is run according to the corresponding movement of the operating instruction;Wherein, described distort is tampered file according to degree and sets in advance The grade set.
9. device according to claim 8, which is characterized in that described device further include:
Collector, in compilation process, generating the machine to be brushed when monitoring that machine equipment to be brushed is in pattern compiler The system configuration file of equipment, wherein the system configuration file is that the current operating system of the machine equipment to be brushed is corresponding Configuration file;
Backup module, the brush machine data packet for obtaining by the system configuration file and in advance are packaged, and generate described the Two system configuration file, and the second system configuration file is sent to the background management system and carries out back-up processing.
10. a kind of computer storage medium, which is characterized in that for storing computer program instructions, described in computer execution When computer program instructions, method as described in any one of claims 1 to 7 is executed.
CN201811342322.9A 2018-11-12 2018-11-12 Anti- brush machine guard method and device Pending CN109472132A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811342322.9A CN109472132A (en) 2018-11-12 2018-11-12 Anti- brush machine guard method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811342322.9A CN109472132A (en) 2018-11-12 2018-11-12 Anti- brush machine guard method and device

Publications (1)

Publication Number Publication Date
CN109472132A true CN109472132A (en) 2019-03-15

Family

ID=65672315

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811342322.9A Pending CN109472132A (en) 2018-11-12 2018-11-12 Anti- brush machine guard method and device

Country Status (1)

Country Link
CN (1) CN109472132A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111694612A (en) * 2020-05-28 2020-09-22 平安普惠企业管理有限公司 Configuration checking method, device, computer system and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103870745A (en) * 2014-04-01 2014-06-18 联想(北京)有限公司 Electronic equipment and method for safely starting electronic equipment
CN104506515A (en) * 2014-12-17 2015-04-08 北京极科极客科技有限公司 Firmware protection method and firmware protection device
CN106446699A (en) * 2016-09-29 2017-02-22 广东欧珀移动通信有限公司 Flashing method and device and terminal
CN106775834A (en) * 2016-11-29 2017-05-31 北京小米移动软件有限公司 Brush machine verification method and device
CN106843927A (en) * 2016-12-21 2017-06-13 北京奇虎科技有限公司 Method for upgrading system, device and brush machine method, device
CN106897606A (en) * 2015-12-18 2017-06-27 东莞酷派软件技术有限公司 A kind of brush machine means of defence and device
CN106897631A (en) * 2017-02-03 2017-06-27 广东欧珀移动通信有限公司 Data processing method, apparatus and system
CN108170459A (en) * 2017-12-08 2018-06-15 惠州Tcl移动通信有限公司 Method for upgrading software, intelligent terminal and the device with store function
CN108319473A (en) * 2017-01-16 2018-07-24 深圳兆日科技股份有限公司 Terminal system starts method and apparatus
JP2018163446A (en) * 2017-03-24 2018-10-18 大日本印刷株式会社 Electronic information storage medium, ic card, tampering check method, and tampering check program

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103870745A (en) * 2014-04-01 2014-06-18 联想(北京)有限公司 Electronic equipment and method for safely starting electronic equipment
CN104506515A (en) * 2014-12-17 2015-04-08 北京极科极客科技有限公司 Firmware protection method and firmware protection device
CN106897606A (en) * 2015-12-18 2017-06-27 东莞酷派软件技术有限公司 A kind of brush machine means of defence and device
CN106446699A (en) * 2016-09-29 2017-02-22 广东欧珀移动通信有限公司 Flashing method and device and terminal
CN106775834A (en) * 2016-11-29 2017-05-31 北京小米移动软件有限公司 Brush machine verification method and device
CN106843927A (en) * 2016-12-21 2017-06-13 北京奇虎科技有限公司 Method for upgrading system, device and brush machine method, device
CN108319473A (en) * 2017-01-16 2018-07-24 深圳兆日科技股份有限公司 Terminal system starts method and apparatus
CN106897631A (en) * 2017-02-03 2017-06-27 广东欧珀移动通信有限公司 Data processing method, apparatus and system
JP2018163446A (en) * 2017-03-24 2018-10-18 大日本印刷株式会社 Electronic information storage medium, ic card, tampering check method, and tampering check program
CN108170459A (en) * 2017-12-08 2018-06-15 惠州Tcl移动通信有限公司 Method for upgrading software, intelligent terminal and the device with store function

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111694612A (en) * 2020-05-28 2020-09-22 平安普惠企业管理有限公司 Configuration checking method, device, computer system and storage medium

Similar Documents

Publication Publication Date Title
CN105656860A (en) Safety management and control method, apparatus and system for Android system
CN110011848B (en) Mobile operation and maintenance auditing system
CN105683990A (en) Method and apparatus for protecting dynamic libraries
CN105117544A (en) Android platform App risk assessment method based on mobile cloud computing and Android platform App risk assessment device based on mobile cloud computing
CN105825131B (en) A kind of computer safety start means of defence based on UEFI
CN107194256A (en) Riskless asset baseline reinforcement means and device
CN110995825B (en) Intelligent contract issuing method, intelligent node equipment and storage medium
CN102521549A (en) Security pre-judgment device and method for application program
CN110119348B (en) Software upgrading test method and terminal
CN106709281B (en) Patch granting and acquisition methods, device
CN109120584A (en) Terminal security prevention method and system based on UEFI and WinPE
CN116361807A (en) Risk management and control method and device, storage medium and electronic equipment
CN107679423A (en) Partition integrity inspection method and device
CN109472132A (en) Anti- brush machine guard method and device
CN107229977A (en) A kind of automatic reinforcement means of Host Security baseline and system
CN110955897A (en) Software research and development safety control visualization method and system based on big data
CN107315945A (en) The disk decryption method and device of a kind of electronic equipment
CN110414241A (en) Privacy policy detection method, device, computer equipment and storage medium
CN109670296A (en) A kind of method and apparatus removing iOS backup password
CN113961226A (en) Software development kit repairing method, terminal, server and equipment
CN101924794B (en) Internet based method for monitoring total software operation quantity in real time
CN105069357A (en) Vulnerability scanning method, cloud server and system
CN109117162A (en) A kind of multisystem upgrade method based on Hypervisor
CN106411524B (en) The method of mobile terminal trust computing based on bluetooth
CN109474924A (en) A kind of restoration methods, device, computer equipment and the storage medium of lock network file

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned
AD01 Patent right deemed abandoned

Effective date of abandoning: 20211001