CN109472132A - Anti- brush machine guard method and device - Google Patents
Anti- brush machine guard method and device Download PDFInfo
- Publication number
- CN109472132A CN109472132A CN201811342322.9A CN201811342322A CN109472132A CN 109472132 A CN109472132 A CN 109472132A CN 201811342322 A CN201811342322 A CN 201811342322A CN 109472132 A CN109472132 A CN 109472132A
- Authority
- CN
- China
- Prior art keywords
- brushed
- configuration file
- system configuration
- file
- machine equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The present invention provides a kind of anti-brush machine guard method and devices, are related to field of computer technology, including the brush machine data packet of extraction is loaded into machine equipment to be brushed, and after machine equipment brush machine to be brushed is restarted, generate the corresponding the first system configuration file of brush machine data packet;Obtain the second system configuration file for the machine equipment to be brushed that background management system backs up in advance;Compare the first system configuration file and second system configuration file distorts degree, distorts grade according to the degree of distorting is corresponding and sends operating instruction to the machine equipment to be brushed after restarting, so that machine equipment to be brushed operation is according to the corresponding movement of operating instruction.This method alleviate conventional method can not omnibearing protection, and can not to machine equipment to be brushed carry out drastic reduction the technical issues of, reached the technical effect protected comprehensively to machine equipment to be brushed.
Description
Technical field
The present invention relates to field of computer technology, more particularly, to a kind of anti-brush machine guard method and device.
Background technique
Currently, smart machine is widely used by user, there are the contents such as a large amount of personal information in equipment.In order to ensure
Smart machine using safe, avoid smart machine system from illegally being distorted, now often utilize binary file and system local school
It tests file and compares the conventional method of verification and carry out the protection of anti-brush machine.
The protection mechanism of the method mainly in machine equipment brush machine to be brushed or starting, utilizes local preset listed files
Verify file and Encryption Algorithm verification carried out to each binary file of system, such as through verifying, in discovery system there are one or
Multiple binary files are destroyed, then machine equipment to be brushed can not be by brush machine or starting.
But for this anti-brush machine guard method, a variety of Open-Source Tools or open source scheme are provided on network, it can will be to be brushed
The system of machine equipment distorts rear reutilization system loophole and carries out camouflage processing to the binary file after change, and there are also some hackers
Local preset listed files verification file can be cracked and forge check code, this makes verification file that can not verify out binary system text
Part has been destroyed, therefore traditional anti-brush machine guard method can not carry out omnibearing protection to machine equipment to be brushed.In addition, machine to be brushed
The system of equipment is after illegally being distorted, and machine equipment to be brushed can not restart or radio upgrade, to machine equipment to be brushed brush again into
Official system can not also make equipment restore to also result in the personal information loss that machine equipment to be brushed has been deposited as before.Either to
The system of brush machine equipment is illegally distorted or personal information is lost, and is all that machine equipment user to be brushed is unwilling to receive.
Summary of the invention
In view of this, the purpose of the present invention is to provide a kind of anti-brush machine guard method and devices, to alleviate tradition side
Method can not omnibearing protection, and can not to machine equipment to be brushed carry out drastic reduction the technical issues of.
In a first aspect, this method is applied to compiler server the embodiment of the invention provides a kind of anti-brush machine guard method,
This method comprises: extracting brush machine data packet, brush machine data packet is loaded into machine equipment to be brushed, in order to machine equipment brush machine weight to be brushed
Qi Hou generates the corresponding the first system configuration file of brush machine data packet;If monitor background management system with restart after to
The communication of brush machine equipment is normal, obtains the second system configuration file for the machine equipment to be brushed that background management system backs up in advance;Wherein,
Second system configuration file be brush machine data packet be loaded into before machine equipment to be brushed, the system configuration file of machine equipment to be brushed it is pre-
Set file;Compare the first system configuration file and second system configuration file distorts degree, usurps according to the degree of distorting is corresponding
Change grade and send operating instruction to the machine equipment to be brushed after restarting, so that machine equipment to be brushed operation is corresponding dynamic according to operating instruction
Make;Wherein, it distorts and is tampered the pre-set grade of file according to degree.
With reference to first aspect, the embodiment of the invention provides the first possible embodiments of first aspect, wherein ratio
What it is to the first system file and second system file includes: to extract the first system configuration file and compile in advance the step of distorting degree
The private key for the background management system translated generates first key;And it extracts second system configuration file and compiles in advance to be brushed
The private key of machine equipment generates the second key;Compare first key and the second key whether consistency;If so, journey is distorted in determination
Degree is distorted for nothing;If not, the differential file list of the first system configuration file and second system configuration file is generated, and according to
Differential file list match distorts degree, wherein differential file list includes the first system configuration file and second system configuration
Grade is distorted belonging to the differential file and differential file of file.
The possible embodiment of with reference to first aspect the first, the embodiment of the invention provides second of first aspect
Possible embodiment, wherein extract the private key of the first system configuration file and the background management system compiled in advance, generation the
The step of one key includes: to extract the first system configuration file, carries out Hash calculation to the first system configuration file, obtains first
Corresponding first cryptographic Hash of system configuration file;First cryptographic Hash and the private key of the background management system compiled in advance are spelled
It connects, Hash calculation is carried out to splicing result and obtains first key;Extract the second system configuration file and compile in advance to
The step of private key of brush machine equipment, the second key of generation includes: to extract second system configuration file, to second system configuration file
Hash calculation is carried out, corresponding second cryptographic Hash of second system configuration file is obtained;By the second cryptographic Hash in advance compile to
The private key of brush machine equipment is spliced, and is carried out Hash calculation to splicing result and is obtained the second key.
With reference to first aspect, the embodiment of the invention provides the third possible embodiments of first aspect, wherein should
Method further include: when monitoring that machine equipment to be brushed is in pattern compiler, in compilation process, the system that generates machine equipment to be brushed
Configuration file, wherein system configuration file is the current corresponding configuration file of operating system of machine equipment to be brushed;By system configuration
File and the brush machine data packet obtained in advance are packaged, and generate second system configuration file, and second system configuration file is sent
Back-up processing is carried out to background management system.
The third possible embodiment with reference to first aspect, the embodiment of the invention provides the 4th kind of first aspect
Possible embodiment, wherein the brush machine data packet obtained by system configuration file and in advance is packaged, and generates second system configuration
The step of file includes: to carry out Hash calculation for each file for including in system configuration file, and it is corresponding to generate each file
Cryptographic Hash;By the corresponding cryptographic Hash of each file and the storage of the file name association of file into specified configuration file;It will match
It sets file and brush machine data packet is packaged and generates second system configuration file.
With reference to first aspect, the embodiment of the invention provides the 5th kind of possible embodiments of first aspect, wherein will
Brush machine data packet is loaded into after machine equipment to be brushed, this method further include: monitoring software is generated, in order to machine equipment brush machine to be brushed
After restarting, the machine equipment to be brushed after restarting is monitored by monitoring software.
The possible embodiment of with reference to first aspect the first, the embodiment of the invention provides the 6th kind of first aspect
Possible embodiment, wherein this method further includes;Differential file list is uploaded to background management system, in order to basis
Differential file list carries out the reparation of version loophole.
Second aspect, the embodiment of the present invention also provide a kind of anti-brush machine protective device, which includes: to insmod, and use
In extracting brush machine data packet, brush machine data packet is loaded into machine equipment to be brushed, after restarting in order to machine equipment brush machine to be brushed, is generated
The corresponding the first system configuration file of brush machine data packet;Monitoring modular, if after for monitoring background management system and restarting
Machine equipment to be brushed communication it is normal, obtain the second system configuration file for the machine equipment to be brushed that background management system backs up in advance;
Wherein, second system configuration file is that brush machine data packet is loaded into before machine equipment to be brushed, the system configuration text of machine equipment to be brushed
The profile of part;Comparison module is distorted degree for compare the first system configuration file and second system configuration file, is pressed
According to the corresponding grade of distorting of the degree of distorting to the machine equipment to be brushed transmission operating instruction after restarting, so that machine equipment to be brushed runs root
According to the corresponding movement of operating instruction;Wherein, it distorts and is tampered the pre-set grade of file according to degree.
In conjunction with second aspect, the embodiment of the invention provides the first possible embodiments of second aspect, wherein should
Device further include: collector, for when monitoring that machine equipment to be brushed is in pattern compiler, in compilation process, generate to
The system configuration file of brush machine equipment, wherein system configuration file is the current corresponding configuration of operating system of machine equipment to be brushed
File;Backup module, the brush machine data packet for obtaining by system configuration file and in advance are packaged, and generate second system configuration text
Part, and second system configuration file is sent to background management system and carries out back-up processing.
The third aspect, the embodiment of the present invention also provide a kind of computer storage medium, and the computer storage medium is for depositing
Computer program instructions are stored up, when computer executes computer program instructions, anti-brush machine described in first aspect strictly according to the facts is executed and protects
Maintaining method.
The embodiment of the present invention bring it is following the utility model has the advantages that
Anti- brush machine guard method provided in an embodiment of the present invention and device, are set by the way that brush machine data packet is loaded into machine to be brushed
It is standby, and after machine equipment brush machine to be brushed is restarted, generate the corresponding the first system configuration file of brush machine data packet;It is to be monitored to arrive backstage
Management system with restart after machine equipment to be brushed communicate it is normal after, obtain the machine equipment to be brushed that background management system backs up in advance
Second system configuration file;Compare the first system configuration file and second system configuration file distorts degree, according to distorting journey
Corresponding grade of distorting is spent to the machine equipment to be brushed transmission operating instruction after restarting, and makes machine equipment operation to be brushed according to operating instruction
Corresponding movement.It, can be effective by obtaining the second system configuration file for the machine equipment to be brushed that background management system backs up in advance
Avoid a possibility that local verification file is cracked and forges.The corresponding grade of distorting of degree is distorted to after restarting by basis
Machine equipment to be brushed send different operating instructions, machine equipment to be brushed can be enabled according to the actual conditions distorted, independently
It chooses whether to restore original system, can preferably protect machine equipment to be brushed.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification
It obtains it is clear that understand through the implementation of the invention.The objectives and other advantages of the invention are in specification and attached drawing
Specifically noted structure is achieved and obtained.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate
Appended attached drawing, is described in detail below.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below
Attached drawing is some embodiments of the present invention, for those skilled in the art, without creative efforts,
It is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of anti-brush machine guard method flow chart provided in an embodiment of the present invention;
Fig. 2 is the flow chart that a kind of machine equipment system to be brushed provided in an embodiment of the present invention is restored;
Fig. 3 is a kind of structural schematic diagram of anti-brush machine protective device provided in an embodiment of the present invention;
Fig. 4 is the structural schematic diagram of the anti-brush machine protective device of another kind provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with attached drawing to the present invention
Technical solution be clearly and completely described, it is clear that described embodiments are some of the embodiments of the present invention, rather than
Whole embodiments.Based on the embodiments of the present invention, those skilled in the art institute without making creative work
The every other embodiment obtained, shall fall within the protection scope of the present invention.
The anti-brush machine guard method of tradition at present can not carry out omnibearing protection to machine equipment to be brushed, and can not set to machine to be brushed
It is standby to carry out system reducing, it is based on this, a kind of anti-brush machine guard method provided in an embodiment of the present invention and device can be in all directions
Machine equipment to be brushed is protected, and there is collection system loophole and recovery system.
For convenient for understanding the present embodiment, first to a kind of anti-brush machine guard method disclosed in the embodiment of the present invention
It describes in detail.
Embodiment one:
With reference to a kind of anti-brush machine guard method flow chart shown in FIG. 1, this method can be applied to compiler server, including
Following steps:
Step S102 extracts brush machine data packet, brush machine data packet is loaded into machine equipment to be brushed, in order to machine equipment to be brushed
After brush machine is restarted, the corresponding the first system configuration file of brush machine data packet is generated;
In actual use, machine equipment to be brushed described in the embodiment of the present invention can be smart phone, tablet computer, palm
Computer etc. has the intelligent terminal of independent operating system, also, above-mentioned steps are usually to be in pattern compiler in machine equipment to be brushed
Lower progress.Using machine equipment to be brushed as smart phone, and, for the operating system of the smart phone is Android system, when this is waited for
After brush machine equipment and compiler server communication connection, it can be configured operation by user, machine equipment to be brushed is made to be in compiling
Mode obtains the brush machine file in brush machine data packet at this point it is possible to be compiled on compiler server to Android source code,
In order to carry out brush machine operation to machine equipment to be brushed.
Further, above-mentioned brush machine data packet may include the brush machine packet and upgrade package of current machine equipment to be brushed, and brush machine packet is used
In carrying out brush machine to machine equipment to be brushed, upgrade package is for upgrading machine equipment to be brushed.
Step S104 obtains backstage if monitoring that background management system communicates normally with the machine equipment to be brushed after restarting
The second system configuration file for the machine equipment to be brushed that management system backs up in advance;
Wherein, second system configuration file is that brush machine data packet is loaded into before machine equipment to be brushed, and machine equipment to be brushed is
The profile of system configuration file;
Step S106, compare the first system configuration file and second system configuration file distorts degree, according to distorting journey
Corresponding grade of distorting is spent to the machine equipment to be brushed transmission operating instruction after restarting, so that machine equipment to be brushed operation refers to according to operation
Enable corresponding movement;
Wherein, it distorts and is tampered the pre-set grade of file according to degree, specifically, user can be in advance to second
The configuration preference level that tampers with a document in system configuration file, for example, can be divided into according to the priority level for being tampered file several
Classification: for example, the vandalisms such as severe viral, allow what machine equipment to be brushed did illegal purposes to be tampered file, it can be provided
Danger classes can be to be brushed after restarting at this point, corresponding file is tampered if compiler server monitors danger classes
Machine equipment sends shutdown command, to forbid the machine equipment to be brushed to use current brush machine data packet;
When file lower for priority is tampered or is deleted, in comparison step S106, compiler server
Updated data package can be generated, include being tampered or deleted file in the updated data package, in order to by by
The process that one system configuration file and second system configuration file are compared carries out the file for including in updated data package extensive
It is multiple, restore order at this point it is possible to send to the machine equipment to be brushed after restarting;
Further, the lesser lower configuration file of priority is influenced for the operating system of machine equipment to be brushed to be tampered
When, compiler server can only inform that user's system configuration file is modified, and then proceed to execute the operation of brush machine, Huo Zheke
Directly to ignore the content etc. distorted, when specific implementation, being tampered the pre-set grade of file can be with reference to current to be brushed
Machine equipment, and equipment is carried out according to the actual situation, it is not limited by the embodiments of the present invention.
Anti- brush machine guard method provided in an embodiment of the present invention and device, are set by the way that brush machine data packet is loaded into machine to be brushed
It is standby, and after machine equipment brush machine to be brushed is restarted, generate the corresponding the first system configuration file of brush machine data packet;It is to be monitored to arrive backstage
Management system with restart after machine equipment to be brushed communicate it is normal after, obtain the machine equipment to be brushed that background management system backs up in advance
Second system configuration file;Compare the first system configuration file and second system configuration file distorts degree, according to distorting journey
Corresponding grade of distorting is spent to the machine equipment to be brushed transmission operating instruction after restarting, and makes machine equipment operation to be brushed according to operating instruction
Corresponding movement.It, can be effective by obtaining the second system configuration file for the machine equipment to be brushed that background management system backs up in advance
Avoid a possibility that local verification file is cracked and forges.The corresponding grade of distorting of degree is distorted to after restarting by basis
Machine equipment to be brushed send different operating instructions, machine equipment to be brushed can be enabled according to the actual conditions distorted, independently
It chooses whether to restore original system, can preferably protect machine equipment to be brushed.
In actual use, it is compared for the ease of the degree of distorting to the first system file and second system file,
The process of above-mentioned steps S106 can be carried out by comparing the private key of the first system file and second system file, specifically, on
Stating step S106 may include following procedure:
(1) private key for extracting the first system configuration file and the background management system compiled in advance, generates first key;
When specific implementation, the first system configuration file is extracted, Hash calculation is carried out to the first system configuration file, obtains the
Corresponding first cryptographic Hash of one system configuration file;
First cryptographic Hash and the private key of the background management system compiled in advance are spliced, Hash is carried out to splicing result
First key is calculated.
(2) private key for extracting second system configuration file and the machine equipment to be brushed compiled in advance, generates the second key;
When specific implementation, second system configuration file is extracted, Hash calculation is carried out to second system configuration file, obtains the
Corresponding second cryptographic Hash of two system configuration file;
Second cryptographic Hash and the private key of the machine equipment to be brushed compiled in advance are spliced, Hash meter is carried out to splicing result
Calculation obtains the second key.
(3) compare above-mentioned first key and the second key whether consistency;If so, determining that degree of distorting is distorted for nothing;
If not, generating the differential file list of the first system configuration file and second system configuration file, and arranged according to differential file
Degree is distorted in table matching, wherein differential file list includes the difference of the first system configuration file and second system configuration file
Grade is distorted belonging to file and differential file.
When specific implementation, above-mentioned grade of distorting may include danger classes, required grade, take as an elective course grade and negligible etc.
Grade.
Wherein, danger classes includes that machine equipment to be brushed is seriously illegally distorted, such as severe viral is implanted into machine equipment to be brushed
In the case of, cause machine equipment to be brushed to be engaged in illegal purposes by vandalism, passively.
When the degree of distorting belongs to danger classes, background management system notice monitoring software closes machine equipment to be brushed simultaneously by force
Forbid machine equipment to be brushed to reuse, to avoid machine equipment to be brushed system contain severe viral in the case where, be illegally used
And it is engaged in illegal act, irremediable loss is brought for user.
Required grade includes that the file of machine equipment to be brushed is distorted by depth, causes to hinder to the operation of machine equipment to be brushed, and/
Or equipment user is caused using difficulty, but and there is no severe virals etc. to endanger in biggish situation.
When the degree of distorting belongs to required grade, need to carry out depth recovery to machine equipment to be brushed, before restoring machine to be brushed
System mode;
When specific implementation, background management system makes differential file packet, wherein differential file according to differential file list
Packet includes being tampered file packet, deleted file packet and being increased file packet in order to restore machine equipment to be brushed to be
It is easy to understand, Fig. 2 shows a kind of flow charts that machine equipment system to be brushed is restored, comprising the following steps:
Step S200 extracts second system configuration file from background management system;
Step S202, according to differential file list, from second system configuration file, downloading is tampered file packet and is deleted
Except file packet, and file packet and deleted file packet boil down to updated data package will be tampered;
Step S204, according to differential file list, from second system configuration file, extraction is increased file, to being increased
Add file and carry out Hash calculation, the corresponding cryptographic Hash of each file is generated, by the text of each file corresponding cryptographic Hash and file
Part name associated storage is to being increased in file packet;
Step S206 downloads updated data package and is increased file packet to machine equipment to be brushed;
Updated data package is installed to machine equipment to be brushed using root authority, and replaces original, and use is deleted by step S208
Except the respective file increased in file packet is deleted in order.
By step shown in Fig. 2, can will be before the associated documents depth recovery to machine to be brushed in differential file packet
System state effectively prevents the problem of user data caused by passive brush machine process is emptied.
Above-mentioned to take as an elective course the file that grade may include machine equipment to be brushed and distorted by moderate, the file distorted will not be to machine to be brushed
The normal operation of equipment causes to hinder, but need equipment user to machine equipment to be brushed carry out new system setting in the case where.
Further, when the degree of distorting, which belongs to, takes as an elective course grade, compiler server differential file list can be sent to
In the running log of brush machine equipment, and machine equipment to be brushed is notified to show that " equipment is tampered " printed words, equipment user can be selected independently
It selects whether to receive and distort, if so, machine equipment to be brushed reception is tampered file, and operated normally under this system;If not, right
Machine equipment to be brushed carries out depth recovery, the system mode before restoring machine to be brushed.In addition, equipment user can also pass through above-mentioned operation
Log, which is checked, distorts details.
Above-mentioned negligible grade includes that the file of machine equipment to be brushed is slightly distorted, and the file distorted will not set machine to be brushed
Standby operation causes to hinder, and, in the case where not influencing equipment user normal use.When the degree of distorting belong to it is negligible etc.
When grade, machine equipment reception to be brushed is tampered file, and operates normally under this system.
When differential file list is negligible grade, machine equipment reception to be brushed is tampered, and machine equipment to be brushed operates normally, with
Guarantee that machine equipment to be brushed still can normal use when slightly being distorted.
When specific implementation, in order to obtain the degree of distorting of the first system configuration file, usually carried out to machine equipment to be brushed
Before brush machine, it is also necessary to carry out some default work, therefore, the above method further include:
When monitoring that machine equipment to be brushed is in pattern compiler, in compilation process, generate above-mentioned machine equipment to be brushed is
System configuration file, wherein system configuration file is the current corresponding configuration file of operating system of machine equipment to be brushed;System is matched
The brush machine data packet setting file and obtaining in advance is packaged, and generates second system configuration file, and second system configuration file is sent out
It send to background management system and carries out back-up processing.
Specifically, generating the process of second system configuration file may include: every for include in system configuration file
A file carries out Hash calculation, generates the corresponding cryptographic Hash of each file;By the text of each file corresponding cryptographic Hash and file
Part name associated storage is into specified configuration file;Configuration file and brush machine data packet are packaged and generate second system configuration text
Part.
Second system configuration file is backed up into background management system in advance, the brush machine process of machine equipment to be brushed can be prevented
It is distorted by force, and, as the standby system of machine equipment to be brushed, it can be used for later period system and restore and later period leak analysis
Reference paper.
In order to which during later maintenance, equipment and system version to the same model of machine equipment to be brushed carry out loophole and repair
It is multiple, the above method further include:
Differential file list is uploaded to background management system, is repaired in order to carry out version loophole according to differential file list
It is multiple.
Specifically, the developer of system version can extract differential file list and second from background management system
System configuration file, by studying the discrepancy in differential file, loophole and problem in available system version, in the later period
Edition upgrading and loophole can targetedly carry out the reparation of version loophole and system maintenance work in repairing.
It should be noted that background management system is using software version number as Service Ticket, to differential file list and
Two system configuration file is stored, at the same time, using software version number as Service Ticket, to differential file list and second
System configuration file extracts.
In general, may include system operating file, data file and kernel file in the system file of machine equipment to be brushed
Etc. various files, kernel file and system operating file are related to the normal operation of each function of machine equipment to be brushed, therefore, this hair
The anti-brush machine guard method that bright embodiment provides also is supported only to protect kernel file and system operating file, specific text
Part list can be preset in background management system.
After having preset document to be protected list in background management system, above-mentioned steps S104 can also include:
According to protection listed files preset in background management system, protection file in extraction system configuration file will be protected
File and the brush machine data packet obtained in advance are packaged, and generate second system configuration file, and second system configuration file is sent
Back-up processing is carried out to background management system.
In the case where second system configuration file in order to avoid that can not obtain background management system for a long time, and there are nothings
Method judges the problem of distorting degree of machine equipment to be brushed, therefore, the above method further include: in first key and the second key agreement
In the case where, the second key can be deposited into the Parameter File of machine equipment to be brushed;If monitor background management system with again
Machine equipment to be brushed after opening can not normal communication when, the second key in the Parameter File of machine equipment to be brushed can be extracted, be used for
Compare the first system configuration file and second system configuration file distorts degree.
It, can not be in machine equipment to be brushed by that can be stored to the second key of the machine equipment to be brushed verified
When background management system normal communication, preferential that the second key passed through was verified using last time, carry out machine equipment to be brushed distorts journey
The judgement of degree avoids influencing the system judgement to machine equipment to be brushed, and then influences the operation of down-stream.
It is worth noting that needing the state to machine equipment to be brushed in machine equipment brush machine to be brushed and the overall process of verification
It is monitored in real time, to prevent machine equipment to be brushed from occurring going offline, Caton or the problems such as crash, therefore, this method further include: generate
Monitoring software after restarting in order to machine equipment brush machine to be brushed, is monitored the machine equipment to be brushed after restarting by monitoring software.
Specifically, monitoring software can select house dog software, in general, house dog software can every certain time judge to
Whether brush machine equipment has new element, if so, house dog software reclocking;If not, house dog software is repeatedly judged
Whether program has new element, and records judgement number, and if there is new element, house dog software reclocking judges that number is zeroed;
If without new element, when judging that number reaches preset maximum value, house dog software restarting machine equipment to be brushed.
For example, house dog software can open a thread, and whether there is new element at interval of 10s determining program, such as
Fruit in 10 minutes internal programs without any movement, then house dog software restarting machine equipment to be brushed.With house dog software monitors in brush machine
Can restart before rear machine equipment to be brushed and background management system for normal communication, if so, carrying out obtaining back-stage management system
The subsequent action of the second system configuration file for the machine equipment to be brushed that system backs up in advance;If not, being monitored in 10 minutes repeatedly
The two whether normal communication, if it is, continuing subsequent action, if it is not, then house dog software restarting machine equipment to be brushed.
In addition, in the method, house dog also monitors the transmission of the operating instruction of background management system,
Specifically, compare complete the first system configuration file and second system configuration file distort degree after, guard the gate
Dog software supervision background management system whether in 10 minutes to after restarting machine equipment to be brushed send operating instruction, if so,
Then machine equipment operating instruction to be brushed, if not, restarting machine equipment to be brushed.
In specific implementation, the new element of program includes all run action in the above method.
Specific monitoring software can select according to the actual situation, and it is not limited by the embodiments of the present invention.
It is worth noting that the equipment that background management system can be stored, can be communicated for computer etc., or net
The type in network cloud, specific background management system can select according to the actual situation, and the embodiment of the present invention is to this without limit
System.
To sum up, anti-brush machine guard method provided in an embodiment of the present invention has the advantages that
It (1), can be effective by obtaining the second system configuration file for the machine equipment to be brushed that background management system backs up in advance
Avoid a possibility that local verification file is cracked and forges;
(2) by according to degree of distorting it is corresponding distort grade and send different operations to the machine equipment to be brushed after restarting refer to
It enables, machine equipment to be brushed can be enabled according to the actual conditions distorted, independently choose whether to restore original system, can preferably protect
Protect machine equipment to be brushed;
(3) by setting danger classes, effectively prevent machine equipment to be brushed and be engaged in unlawful activities, avoid to user with
Carry out irremediable loss;
(4) by utilizing differential file list, machine equipment to be brushed can be restored to the state before brush machine, avoids user
To restore original system and passive brush machine, the risk for causing personal information and data to be emptied;
(5) differential file list is uploaded to background management system, it is poor by studying convenient for the developer of system version
Discrepancy in different article part targetedly carries out the reparation of version loophole and system in later period edition upgrading and loophole are repaired
Maintenance;
(6) by can be stored to the second key of the machine equipment to be brushed verified, can machine equipment to be brushed without
It is preferential that the second key passed through was verified using last time when method and background management system normal communication, it ensure that machine equipment to be brushed
System judgement working efficiency.
(7) this method supports the partial document of machine equipment to be brushed to be tampered, and can according to need selection to all or part
System file carries out verification protection, has better flexibility.
Embodiment two:
Corresponding to method provided by the above embodiment, the embodiment of the invention also provides a kind of anti-brush machine protective device, ginsengs
A kind of structural schematic diagram of anti-brush machine protective device shown in Fig. 3 is examined, which comprises the following modules:
It insmods 10, for extracting brush machine data packet, brush machine data packet is loaded into machine equipment to be brushed, in order to be brushed
After machine equipment brush machine is restarted, the corresponding the first system configuration file of brush machine data packet is generated;
Monitoring modular 20, if obtained for monitoring that background management system communicates normally with the machine equipment to be brushed after restarting
The second system configuration file for the machine equipment to be brushed for taking background management system to back up in advance;Wherein, second system configuration file is
Brush machine data packet is loaded into before machine equipment to be brushed, the profile of the system configuration file of machine equipment to be brushed;
Comparison module 40 distorts degree for compare the first system configuration file and second system configuration file, according to
The corresponding grade of distorting of degree is distorted to the machine equipment to be brushed transmission operating instruction after restarting, so that machine equipment to be brushed runs basis
The corresponding movement of operating instruction;Wherein, it distorts and is tampered the pre-set grade of file according to degree.
When specific implementation, before carrying out brush machine to machine equipment to be brushed, need to carry out some default work.Specifically, it refers to
The structural schematic diagram of the anti-brush machine protective device of another kind shown in Fig. 4, wherein this device further include:
Collector 60, in compilation process, generating to be brushed when monitoring that machine equipment to be brushed is in pattern compiler
The system configuration file of machine equipment, wherein system configuration file is the corresponding configuration text of the current operating system of machine equipment to be brushed
Part;
Backup module 80, the brush machine data packet for obtaining by system configuration file and in advance are packaged, and generate second system
Configuration file, and second system configuration file is sent to background management system and carries out back-up processing.
The technical effect and preceding method embodiment phase of device provided by the embodiment of the present invention, realization principle and generation
Together, to briefly describe, Installation practice part does not refer to place, can refer to corresponding contents in preceding method embodiment.
Anti- brush machine protective device provided in an embodiment of the present invention, with anti-brush machine protective device method provided by the above embodiment
Technical characteristic having the same reaches identical technical effect so also can solve identical technical problem.
It is apparent to those skilled in the art that for convenience and simplicity of description, the device of foregoing description
Specific work process, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
The embodiment of the invention also provides a kind of computer storage mediums to work as calculating for storing computer program instructions
When machine executes computer program instructions, method described in embodiment one is executed.
Finally, it should be noted that above embodiments, only a specific embodiment of the invention, to illustrate skill of the invention
Art scheme, rather than its limitations, scope of protection of the present invention is not limited thereto, although with reference to the foregoing embodiments to the present invention into
Go detailed description, it should be understood by those skilled in the art that: anyone skilled in the art takes off in the present invention
In the technical scope of dew, it can still modify to technical solution documented by previous embodiment or can readily occur in change
Change or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make relevant art
Scheme essence be detached from technical solution of the embodiment of the present invention spirit and scope, should all cover protection scope of the present invention it
It is interior.Therefore, protection scope of the present invention should be subject to the protection scope in claims.
Claims (10)
1. a kind of anti-brush machine guard method, which is characterized in that the method is applied to compiler server, which comprises
Brush machine data packet is extracted, the brush machine data packet is loaded into machine equipment to be brushed, in order to the machine equipment brush machine to be brushed
After restarting, the corresponding the first system configuration file of the brush machine data packet is generated;
If monitoring that background management system communicates normally with the machine equipment to be brushed after restarting, it is pre- to obtain background management system
The second system configuration file of the machine equipment to be brushed first backed up;Wherein, the second system configuration file is the brush machine
Data packet is loaded into before the machine equipment to be brushed, the profile of the system configuration file of the machine equipment to be brushed;
Compare the first system configuration file and the second system configuration file distorts degree, distorts degree according to described
Corresponding grade of distorting is to the machine equipment transmission operating instruction to be brushed after restarting, so that the machine equipment to be brushed runs basis
The corresponding movement of the operating instruction;Wherein, described distort is tampered the pre-set grade of file according to degree.
2. anti-brush machine guard method according to claim 1, which is characterized in that it is described compare the first system file and
The second system file includes: the step of distorting degree
The private key of the first system configuration file and the background management system compiled in advance is extracted, first key is generated;
And
The private key of the machine equipment to be brushed for extracting the second system configuration file and compiling in advance generates the second key;
Compare the first key and the second key whether consistency;
It is distorted if so, distorting degree described in determining for nothing;
If not, generating the differential file list of the first system configuration file and the second system configuration file, and root
Degree is distorted according to described in the differential file list match, wherein the differential file list includes the first system configuration
Grade is distorted belonging to the differential file and the differential file of file and the second system configuration file.
3. anti-brush machine guard method according to claim 2, which is characterized in that described to extract the first system configuration text
The private key of part and the background management system compiled in advance, generate first key the step of include:
The first system configuration file is extracted, Hash calculation is carried out to the first system configuration file, obtains described first
Corresponding first cryptographic Hash of system configuration file;
First cryptographic Hash and the private key of the background management system compiled in advance are spliced, splicing result is carried out
Hash calculation obtains first key;
The private key for extracting the second system configuration file and the machine equipment to be brushed compiled in advance, generates the second key
The step of include:
The second system configuration file is extracted, Hash calculation is carried out to the second system configuration file, obtains described second
Corresponding second cryptographic Hash of system configuration file;
Second cryptographic Hash and the private key of the machine equipment to be brushed compiled in advance are spliced, splicing result is breathed out
It is uncommon that the second key is calculated.
4. the method according to claim 1, wherein the method also includes:
When monitoring that machine equipment to be brushed is in pattern compiler, in compilation process, the system for generating the machine equipment to be brushed is matched
Set file, wherein the system configuration file is the current corresponding configuration file of operating system of the machine equipment to be brushed;
The brush machine data packet obtained by the system configuration file and in advance is packaged, and generates the second system configuration text
Part, and the second system configuration file is sent to the background management system and carries out back-up processing.
5. according to the method described in claim 4, it is characterized in that, the institute obtained by the system configuration file and in advance
Stating the step of brush machine data packet is packaged, generates the second system configuration file includes:
Hash calculation is carried out for each file for including in the system configuration file, generates the corresponding Kazakhstan of each file
Uncommon value;
By each corresponding cryptographic Hash of file and the storage of the file name association of the file into specified configuration file;
The configuration file and the brush machine data packet are packaged and generate the second system configuration file.
6. the method according to claim 1, wherein described be loaded into machine equipment to be brushed for the brush machine data packet
Later, the method also includes:
Monitoring software is generated, after restarting in order to the machine equipment brush machine to be brushed, by the monitoring software to the institute after restarting
Machine equipment to be brushed is stated to be monitored.
7. anti-brush machine guard method according to claim 2, which is characterized in that the method also includes;
The differential file list is uploaded to the background management system, in order to carry out version according to the differential file list
The reparation of this loophole.
8. a kind of anti-brush machine protective device, which is characterized in that described device includes:
Insmod, for extracting brush machine data packet, the brush machine data packet be loaded into machine equipment to be brushed, in order to it is described to
After brush machine equipment brush machine is restarted, the corresponding the first system configuration file of the brush machine data packet is generated;
Monitoring modular, if obtained for monitoring that background management system communicates normally with the machine equipment to be brushed after restarting
The second system configuration file for the machine equipment to be brushed that background management system backs up in advance;Wherein, the second system configuration
File be the brush machine data packet be loaded into before the machine equipment to be brushed, the system configuration file of the machine equipment to be brushed it is pre-
Set file;
Comparison module is distorted degree for compare the first system configuration file and the second system configuration file, is pressed
According to the corresponding grade of distorting of degree of distorting to the machine equipment transmission operating instruction to be brushed after restarting, so that described to be brushed
Machine equipment is run according to the corresponding movement of the operating instruction;Wherein, described distort is tampered file according to degree and sets in advance
The grade set.
9. device according to claim 8, which is characterized in that described device further include:
Collector, in compilation process, generating the machine to be brushed when monitoring that machine equipment to be brushed is in pattern compiler
The system configuration file of equipment, wherein the system configuration file is that the current operating system of the machine equipment to be brushed is corresponding
Configuration file;
Backup module, the brush machine data packet for obtaining by the system configuration file and in advance are packaged, and generate described the
Two system configuration file, and the second system configuration file is sent to the background management system and carries out back-up processing.
10. a kind of computer storage medium, which is characterized in that for storing computer program instructions, described in computer execution
When computer program instructions, method as described in any one of claims 1 to 7 is executed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811342322.9A CN109472132A (en) | 2018-11-12 | 2018-11-12 | Anti- brush machine guard method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811342322.9A CN109472132A (en) | 2018-11-12 | 2018-11-12 | Anti- brush machine guard method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109472132A true CN109472132A (en) | 2019-03-15 |
Family
ID=65672315
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811342322.9A Pending CN109472132A (en) | 2018-11-12 | 2018-11-12 | Anti- brush machine guard method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109472132A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111694612A (en) * | 2020-05-28 | 2020-09-22 | 平安普惠企业管理有限公司 | Configuration checking method, device, computer system and storage medium |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103870745A (en) * | 2014-04-01 | 2014-06-18 | 联想(北京)有限公司 | Electronic equipment and method for safely starting electronic equipment |
CN104506515A (en) * | 2014-12-17 | 2015-04-08 | 北京极科极客科技有限公司 | Firmware protection method and firmware protection device |
CN106446699A (en) * | 2016-09-29 | 2017-02-22 | 广东欧珀移动通信有限公司 | Flashing method and device and terminal |
CN106775834A (en) * | 2016-11-29 | 2017-05-31 | 北京小米移动软件有限公司 | Brush machine verification method and device |
CN106843927A (en) * | 2016-12-21 | 2017-06-13 | 北京奇虎科技有限公司 | Method for upgrading system, device and brush machine method, device |
CN106897606A (en) * | 2015-12-18 | 2017-06-27 | 东莞酷派软件技术有限公司 | A kind of brush machine means of defence and device |
CN106897631A (en) * | 2017-02-03 | 2017-06-27 | 广东欧珀移动通信有限公司 | Data processing method, apparatus and system |
CN108170459A (en) * | 2017-12-08 | 2018-06-15 | 惠州Tcl移动通信有限公司 | Method for upgrading software, intelligent terminal and the device with store function |
CN108319473A (en) * | 2017-01-16 | 2018-07-24 | 深圳兆日科技股份有限公司 | Terminal system starts method and apparatus |
JP2018163446A (en) * | 2017-03-24 | 2018-10-18 | 大日本印刷株式会社 | Electronic information storage medium, ic card, tampering check method, and tampering check program |
-
2018
- 2018-11-12 CN CN201811342322.9A patent/CN109472132A/en active Pending
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103870745A (en) * | 2014-04-01 | 2014-06-18 | 联想(北京)有限公司 | Electronic equipment and method for safely starting electronic equipment |
CN104506515A (en) * | 2014-12-17 | 2015-04-08 | 北京极科极客科技有限公司 | Firmware protection method and firmware protection device |
CN106897606A (en) * | 2015-12-18 | 2017-06-27 | 东莞酷派软件技术有限公司 | A kind of brush machine means of defence and device |
CN106446699A (en) * | 2016-09-29 | 2017-02-22 | 广东欧珀移动通信有限公司 | Flashing method and device and terminal |
CN106775834A (en) * | 2016-11-29 | 2017-05-31 | 北京小米移动软件有限公司 | Brush machine verification method and device |
CN106843927A (en) * | 2016-12-21 | 2017-06-13 | 北京奇虎科技有限公司 | Method for upgrading system, device and brush machine method, device |
CN108319473A (en) * | 2017-01-16 | 2018-07-24 | 深圳兆日科技股份有限公司 | Terminal system starts method and apparatus |
CN106897631A (en) * | 2017-02-03 | 2017-06-27 | 广东欧珀移动通信有限公司 | Data processing method, apparatus and system |
JP2018163446A (en) * | 2017-03-24 | 2018-10-18 | 大日本印刷株式会社 | Electronic information storage medium, ic card, tampering check method, and tampering check program |
CN108170459A (en) * | 2017-12-08 | 2018-06-15 | 惠州Tcl移动通信有限公司 | Method for upgrading software, intelligent terminal and the device with store function |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111694612A (en) * | 2020-05-28 | 2020-09-22 | 平安普惠企业管理有限公司 | Configuration checking method, device, computer system and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105656860A (en) | Safety management and control method, apparatus and system for Android system | |
CN110011848B (en) | Mobile operation and maintenance auditing system | |
CN105683990A (en) | Method and apparatus for protecting dynamic libraries | |
CN105117544A (en) | Android platform App risk assessment method based on mobile cloud computing and Android platform App risk assessment device based on mobile cloud computing | |
CN105825131B (en) | A kind of computer safety start means of defence based on UEFI | |
CN107194256A (en) | Riskless asset baseline reinforcement means and device | |
CN110995825B (en) | Intelligent contract issuing method, intelligent node equipment and storage medium | |
CN102521549A (en) | Security pre-judgment device and method for application program | |
CN110119348B (en) | Software upgrading test method and terminal | |
CN106709281B (en) | Patch granting and acquisition methods, device | |
CN109120584A (en) | Terminal security prevention method and system based on UEFI and WinPE | |
CN116361807A (en) | Risk management and control method and device, storage medium and electronic equipment | |
CN107679423A (en) | Partition integrity inspection method and device | |
CN109472132A (en) | Anti- brush machine guard method and device | |
CN107229977A (en) | A kind of automatic reinforcement means of Host Security baseline and system | |
CN110955897A (en) | Software research and development safety control visualization method and system based on big data | |
CN107315945A (en) | The disk decryption method and device of a kind of electronic equipment | |
CN110414241A (en) | Privacy policy detection method, device, computer equipment and storage medium | |
CN109670296A (en) | A kind of method and apparatus removing iOS backup password | |
CN113961226A (en) | Software development kit repairing method, terminal, server and equipment | |
CN101924794B (en) | Internet based method for monitoring total software operation quantity in real time | |
CN105069357A (en) | Vulnerability scanning method, cloud server and system | |
CN109117162A (en) | A kind of multisystem upgrade method based on Hypervisor | |
CN106411524B (en) | The method of mobile terminal trust computing based on bluetooth | |
CN109474924A (en) | A kind of restoration methods, device, computer equipment and the storage medium of lock network file |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
AD01 | Patent right deemed abandoned | ||
AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20211001 |