CN113835931A - Data modification discovery method applied to block chain - Google Patents

Data modification discovery method applied to block chain Download PDF

Info

Publication number
CN113835931A
CN113835931A CN202111180533.9A CN202111180533A CN113835931A CN 113835931 A CN113835931 A CN 113835931A CN 202111180533 A CN202111180533 A CN 202111180533A CN 113835931 A CN113835931 A CN 113835931A
Authority
CN
China
Prior art keywords
modification
data
modification request
address
preset
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111180533.9A
Other languages
Chinese (zh)
Other versions
CN113835931B (en
Inventor
焦守赞
崔放
李绍俊
张少卓
庞景秋
齐井春
杨慧仁
陈兴钰
李忆平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Changchun Jiacheng Information Technology Co ltd
Original Assignee
Changchun Jiacheng Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Changchun Jiacheng Information Technology Co ltd filed Critical Changchun Jiacheng Information Technology Co ltd
Priority to CN202111180533.9A priority Critical patent/CN113835931B/en
Publication of CN113835931A publication Critical patent/CN113835931A/en
Application granted granted Critical
Publication of CN113835931B publication Critical patent/CN113835931B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1448Management of the data involved in backup or backup restore
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a data modification discovery method applied to a block chain, which separates a conventional block chain system from a modification operating system, independently encapsulates software for realizing a modification operating function in the block chain system into the modification operating system, and modifies block chain data by modifying the operating system; by tracking the real-time IP address of the modification request and checking the face information and the environment information, the uniformity of the modifier and the modification place is ensured; malicious data is effectively prevented from being added or deleted, and meanwhile, conditions are provided for safely modifying and deleting data; and the modification record is saved, so that the data can be conveniently recalled.

Description

Data modification discovery method applied to block chain
Technical Field
The invention relates to the technical field of data security protection, in particular to a data modification discovery method applied to a block chain.
Background
The blockchain can effectively prevent data from being tampered, and with the expanding application of the blockchain technology, some blockchain scenes are separated from a P2P mode pointed by data, namely the data are pointed to a machine by a human, so that the purpose of changing or withdrawing through negotiation does not exist in the scenes; since most data in the current blockchain scene can only be deleted and modified by suspending the operation of the blockchain and re-transmitting the blockchain, i.e. reconstructing the blockchain, this method is very time-consuming and resource-consuming, and frequent reconstruction affects the stability of blockchain service, and even causes data loss, and weakens the reliability and integrity of the blockchain, so that some appropriate modification rights need to be given to the blockchain.
However, if the data modification authority is abnormally used, the data may be modified or maliciously deleted by internal personnel in an unqualified way, and the existing operating system is difficult to prevent the data modification or deletion operation, so that huge loss is generated to the company; the wider the range of the influence of the abnormal use on the data operation authority is, the longer the duration is, the more loss is brought; therefore, it is desirable to provide a method for detecting abnormal operation of the blockchain data in time and performing trace back.
Disclosure of Invention
The invention mainly aims to provide a data modification discovery method applied to a block chain, aiming at discovering abnormal operation of block chain data and tracing back the data.
In order to achieve the purpose, the technical scheme provided by the invention is as follows: a data modification discovery method applied to a blockchain comprises the following steps:
when a modification operating system receives a modification request aiming at data in a block chain system sent by a user, intercepting the modification request and acquiring a modification request source IP address, wherein the modification operating system is in signal connection with the block chain system;
comparing the source IP address with a preset IP address;
if the source IP address is not the preset IP address, refusing to modify, and sending a first warning signal to an alarm system, wherein the alarm system reminds a manager that the block chain system is illegally modified according to the first warning signal; if the source IP address is the preset IP address, awakening the detection system, and acquiring the face information and the environment information of the source IP address through the detection system;
comparing the acquired face information with preset face information, and comparing the acquired environment information with preset environment information;
if the face information is the same as the preset face information and the environment information is the same as the preset environment information, continuing the modification process and storing the modification record; and if the face information is different from the preset face information or the environment information is different from the preset environment information, refusing to modify, and sending a second warning signal to the alarm system, wherein the alarm system reminds the manager that the block chain system is illegally modified according to the second warning signal.
Preferably, the step of intercepting the modification request and checking the source IP address of the modification request includes:
intercepting a write-in function of the modification request when the modification request is issued;
acquiring a process ID number of a write-in function process according to parameters transmitted when the write-in function is called by a modified operating system;
acquiring a corresponding process object through the process ID number;
reading a return address of the write-in function through the process stack, and performing recursive analysis through the return address to obtain an original calling function of the process object;
the source IP address is obtained by the original call function.
Preferably, there are a plurality of the preset IP addresses, and one preset IP address corresponds to one preset environment information and one preset face information; the detection system is in signal connection with the cameras corresponding to the preset IP addresses and is used for collecting and verifying environmental information and face information.
Preferably, the detection system comprises a face information verification model and an environment verification model; the step of obtaining the face information and the environment information of the source IP address through the detection system comprises the following steps:
acquiring environment information and face information of a source IP address through a camera;
the step of comparing the acquired face information with preset face information and comparing the acquired environment information with preset environment information comprises the following steps:
inputting the acquired face information into a face information verification model so as to compare the face information with preset face information in the face information verification model;
and inputting the acquired environmental information into the environmental verification model so as to compare the environmental information with preset environmental information in the environmental verification model.
Preferably, before the step of intercepting the modification request and acquiring the source IP address of the modification request when the modification operating system receives the modification request for data in the blockchain system sent by the user, the method further includes:
a first time period is set that allows a modification request to be issued.
Preferably, the step of intercepting the modification request and acquiring the source IP address of the modification request when the modification operating system receives the modification request for the data in the blockchain system sent by the user includes:
when the modification operating system receives a modification request aiming at data in the block chain system sent by a user, comparing the time of sending the modification request with a first time period;
if the time for sending the modification request is not within the first time period, stopping sending the modification request and recording operation information;
if the time for sending the modification request is within the first time period, executing the step of intercepting the modification request and acquiring the source IP address of the modification request.
Preferably, the step of saving the modification record includes:
judging the type of the modification request;
correspondingly backing up corresponding data according to the type of the modification request;
performing corresponding data audit according to the type of the modification request;
if the audit result is qualified, allowing modification and storing modification records;
and if the audit result is not qualified, refusing to modify, and sending a third warning signal to remind the manager that the block chain system is illegally modified.
Preferably, the modification request type includes an addition operation and a deletion operation;
the step of correspondingly backing up the corresponding data according to the type of the modification request comprises the following steps:
when the modification request type is an adding operation, adding an extra attribute to the data in the block chain system corresponding to the adding operation;
when the extra attribute changes, recording the changed attribute name;
when the extra attribute changes again, checking whether the attribute name related to the change is recorded;
if not, the attribute name is additionally recorded;
the step of correspondingly backing up the corresponding data according to the type of the modification request comprises the following steps:
when the modification request type is a deletion operation, storing all deleted data in the block chain system corresponding to the deletion operation;
and recording the deletion operation information.
Preferably, the step of performing corresponding data audit according to the type of the modification request includes:
by means of traversal, each piece of data in various types of data is compared from a first block of a block chain system to a current latest block through audit;
if the audit result is qualified, the modification is allowed, and the modification record is stored, including:
when the attribute name of the modified data is found to be recorded, determining that the auditing result is qualified;
when the auditing result is qualified, allowing the adding operation;
and if the audit result is not qualified, refusing to modify, and sending a third warning signal to remind a manager that the block chain system is illegally modified, wherein the steps comprise:
when finding that the attribute name of the modified data is not recorded, judging that the audit result is unqualified;
and when the auditing result is not qualified, refusing to modify, and sending a third warning signal to remind a manager that the block chain system is illegally modified.
Preferably, the additional attribute of the add operation is recorded in the updated attribute storage area; the data of the deletion operation is stored in a deletion data storage area.
Compared with the prior art, the invention at least has the following beneficial effects:
in the technical scheme of the invention, a conventional block chain system and a modification operation system are separated, software for realizing the modification operation function in the block chain system is independently packaged into the modification operation system, and block chain data is required to be modified by modifying the operation system; by tracking the real-time IP address of the modification request and checking the face information and the environment information, the uniformity of the modifier and the modification place is ensured; malicious data is effectively prevented from being added or deleted, and meanwhile, conditions are provided for safely modifying and deleting data; and the modification record is saved, so that the data can be conveniently recalled.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the structures shown in the drawings without creative efforts.
Fig. 1 is a flowchart of a first embodiment of a data modification discovery method applied to a block chain according to the present invention;
FIG. 2 is a schematic diagram of the additive operation of the present invention;
fig. 3 is a schematic diagram of the deletion operation in the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that all the directional indicators (such as up, down, left, right, front, and rear … …) in the embodiment of the present invention are only used to explain the relative position relationship between the components, the movement situation, etc. in a specific posture (as shown in the drawing), and if the specific posture is changed, the directional indicator is changed accordingly.
In addition, the descriptions related to "first", "second", etc. in the present invention are only for descriptive purposes and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present invention, "a plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.
In the present invention, unless otherwise expressly stated or limited, the terms "connected," "secured," and the like are to be construed broadly, and for example, "secured" may be a fixed connection, a removable connection, or an integral part; can be mechanically or electrically connected; they may be directly connected or indirectly connected through intervening media, or they may be connected internally or in any other suitable relationship, unless expressly stated otherwise. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
In addition, the technical solutions in the embodiments of the present invention may be combined with each other, but it must be based on the realization of those skilled in the art, and when the technical solutions are contradictory or cannot be realized, such a combination of technical solutions should not be considered to exist, and is not within the protection scope of the present invention.
The invention provides a data modification discovery method applied to a block chain, which comprises the following steps:
s10: when a modification operating system receives a modification request aiming at data in a block chain system sent by a user, intercepting the modification request and acquiring a modification request source IP address, wherein the modification operating system is in signal connection with the block chain system;
s20: comparing the source IP address with a preset IP address;
s30: if the source IP address is not the preset IP address, refusing to modify, and sending a first warning signal to an alarm system, wherein the alarm system reminds a manager that the block chain system is illegally modified according to the first warning signal;
s40: if the source IP address is the preset IP address, awakening the detection system, and acquiring the face information and the environment information of the source IP address through the detection system;
s50: comparing the acquired face information with preset face information, and comparing the acquired environment information with preset environment information;
s60: if the face information is the same as the preset face information and the environment information is the same as the preset environment information, continuing the modification process and storing the modification record;
s70: and if the face information is different from the preset face information or the environment information is different from the preset environment information, refusing to modify, and sending a second warning signal to the alarm system, wherein the alarm system reminds the manager that the block chain system is illegally modified according to the second warning signal.
In the technical scheme of the invention, a conventional block chain system and a modification operation system are separated, software for realizing the modification operation function in the block chain system is independently packaged into the modification operation system, and block chain data is required to be modified by modifying the operation system; by tracking the real-time IP address of the modification request and checking the face information and the environment information, the uniformity of the modifier and the modification place is ensured; malicious data is effectively prevented from being added or deleted, and meanwhile, conditions are provided for safely modifying and deleting data; and the modification record is saved, so that the data can be conveniently recalled.
Specifically, the block chain system is connected with the modification operating system through an intranet; further, the alarm system is used for warning a manager after receiving any warning signal and the data packet packaged by the modified operating system;
in step S30, the data packet packed by the modification system includes the source IP address of the illegal modification operation and the message data of the illegal modification;
in step S70, the data packet packed by the modification system includes the source IP address of the illegal modification operation, the message data modified illegally, the face picture, and the environment picture.
Based on the first embodiment of the data modification discovery method applied to the blockchain and the second embodiment of the data modification discovery method applied to the blockchain, in the data modification discovery method applied to the blockchain, the step of intercepting the modification request and acquiring the source IP address of the modification request includes:
s80: intercepting a write function of a modification request;
s90: acquiring a process ID number of a write-in function process according to parameters transmitted when the write-in function is called by a modified operating system;
s100: acquiring a corresponding process object through the process ID number;
s110: reading a return address of the write-in function through the process stack, and performing recursive analysis through the return address to obtain an original calling function of the process object;
s120: the source IP address is obtained by the original call function.
Monitoring an input action by intercepting a modification request, intercepting as long as a writing action exists, continuing inputting after acquiring corresponding verification information, obtaining an operator IP (Internet protocol) through an original request function corresponding to the input action by using a reverse recursion method at the moment, and thus, only using a modification operating system to modify data of a block chain system, recording and forming a traceable recording file; the method has the advantages that the method achieves a very good monitoring effect regardless of external attack or internal modification.
Preferably, there are a plurality of the preset IP addresses, and one preset IP address corresponds to one preset environment information and one preset face information; the detection system is in signal connection with the cameras corresponding to the preset IP addresses and is used for collecting and verifying environmental information and face information.
Specifically, one IP address corresponds to a computer capable of logging in and modifying an operating system; one camera correspondingly shoots a computer which can log in and modify an operating system; the shooting system of the camera is not directly connected with an external network.
Based on the first embodiment of the data modification discovery method applied to the block chain, and the third embodiment of the data modification discovery method applied to the block chain, in the data modification discovery method applied to the block chain, the detection system includes a face information verification model and an environment verification model; the step of obtaining the face information and the environment information of the source IP address through the detection system comprises the following steps:
s130: acquiring environment information and face information of a source IP address through a camera;
s140: the step of comparing the acquired face information with preset face information and comparing the acquired environment information with preset environment information comprises the following steps:
s150: inputting the acquired face information into a face information verification model so as to compare the face information with preset face information in the face information verification model;
s160: and inputting the acquired environmental information into the environmental verification model so as to compare the environmental information with preset environmental information in the environmental verification model.
The checking environment information comprises whether the checking computer is started or not, whether the ambient picture of the computer is matched with the preset environment information of the environment checking model or not, and the environment checking model can be built by utilizing the neural network system, so that the data modification of the block chain system can be carried out only in the corresponding place under the operation of the corresponding computer and the corresponding person, and the safety of the block chain system is greatly improved.
Based on the third embodiment of the data modification discovery method applied to the blockchain of the present invention and the fourth embodiment of the data modification discovery method applied to the blockchain of the present invention, in the data modification discovery method applied to the blockchain of the present invention, before the steps of intercepting a modification request and acquiring a source IP address of the modification request when the modification operating system receives the modification request for data in the blockchain system sent by a user, the method further includes:
s170: a first time period is set that allows a modification request to be issued.
Further, the method comprises the following steps of; the invention also provides a data backup system, which is used for backing up the information of the block chain system in real time; the data backup system is also used for backing up data information (in the last working day) at a preset time before the first time period, and the information is recorded and filed and sealed by an optical disc at the end of each working day so as to ensure that the information cannot be modified.
Based on the fourth embodiment of the data modification discovery method applied to the blockchain, and the fifth embodiment of the data modification discovery method applied to the blockchain, in the data modification discovery method applied to the blockchain, when the modification operating system receives a modification request for data in the blockchain system sent by a user, the step of intercepting the modification request and acquiring a source IP address of the modification request includes:
s180: when the modification operating system receives a modification request aiming at data in the block chain system sent by a user, comparing the time of sending the modification request with a first time period;
s190: if the time for sending the modification request is not within the first time period, stopping sending the modification request and recording operation information;
s200: if the time for sending the modification request is within the first time period, executing the modification request interception and obtaining a modification request source IP address; specifically, since the modification requirement of the blockchain data is very little, only a preset time period needs to be set to provide modification service, so that the modification risk which may occur is further reduced, and the tracing back when the subsequent modification operation occurs is facilitated.
Based on the fifth embodiment of the data modification discovery method applied to a blockchain of the present invention and the sixth embodiment of the data modification discovery method applied to a blockchain of the present invention, in the data modification discovery method applied to a blockchain, the step of saving a modification record includes:
s210: judging the type of the modification request;
s220: correspondingly backing up corresponding data according to the type of the modification request;
s230: performing corresponding data audit according to the type of the modification request;
s240: if the audit result is qualified, allowing modification and storing modification records;
s250: and if the audit result is not qualified, refusing to modify, and sending a third warning signal to remind the manager that the block chain system is illegally modified.
Specifically, the source IP address needs to be backtracked and checked for the second time in the auditing process, and if the source IP address is back-tracked and checked for two times, the source IP address needs to be backtracked and checked for two times
Based on the sixth embodiment of the data modification discovery method applied to the blockchain, and the seventh embodiment of the data modification discovery method applied to the blockchain, in the data modification discovery method applied to the blockchain, the modification request types include an addition operation and a deletion operation;
s260: the step of correspondingly backing up the corresponding data according to the type of the modification request comprises the following steps:
s270: when the modification request type is an adding operation, adding an extra attribute to the data in the block chain system corresponding to the adding operation;
s280: when the extra attribute changes, recording the changed attribute name;
s290: when the extra attribute changes again, checking whether the attribute name related to the change is recorded;
s300: if not, the attribute name is additionally recorded;
s310: the step of correspondingly backing up the corresponding data according to the type of the modification request comprises the following steps:
s320: when the modification request type is a deletion operation, storing all deleted data in the block chain system corresponding to the deletion operation;
s330: and recording the deletion operation information.
Specifically, the deletion operation information and the additional attribute information of the addition operation are recorded so as to facilitate the subsequent recovery of the data; meanwhile, when an alarm needs to be sent out, the data is conveniently packaged by the alarm system;
for the adding operation, the warning system can obtain the modified data of the block chain only by additionally packing and recording the attribute names, so that the warning system does not have the authority of accessing the data of the block chain system, and the possibility of data access caused by the fact that the warning system is used due to overlarge authority is effectively reduced;
similarly, for deleting operation, the warning system only needs to extract the deleting operation information.
Based on the seventh embodiment of the data modification discovery method applied to the blockchain, and the eighth embodiment of the data modification discovery method applied to the blockchain, in the data modification discovery method applied to the blockchain, the step of performing the corresponding data audit according to the modification request type includes:
s340: by means of traversal, each piece of data in various types of data is compared from a first block of a block chain system to a current latest block through audit;
s350: if the audit result is qualified, the modification is allowed, and the modification record is stored, including:
s360: when the attribute name of the modified data is found to be recorded, determining that the auditing result is qualified;
s370: when the auditing result is qualified, allowing the adding operation;
s380: and if the audit result is not qualified, refusing to modify, and sending a third warning signal to remind a manager that the block chain system is illegally modified, wherein the steps comprise:
s390: when finding that the attribute name of the modified data is not recorded, judging that the audit result is unqualified;
s400: and when the audit result is not qualified, refusing to modify, and sending a third warning signal to a warning system to remind a manager that the block chain system is illegally modified.
Specifically, in step S400, the source IP address of the illegal modification operation, the data position of the illegal modification, the face picture, the environmental picture, and the data information of the illegal modification are packaged into a data packet to the modification operating system;
furthermore, the prompt information adopted by the warning system is mostly conventional operation, such as means of alarm bell, information prompt and the like, and the autonomous selection is specifically required according to objective conditions such as internal requirements, safety protection requirements and personnel configuration.
Preferably, the additional attribute of the add operation is recorded in the updated attribute storage area; the data of the deletion operation is stored in a deletion data storage area.
Specifically, for modify class data operations: adding an additional attribute (updated attribute) to data of each type (similar to each database table) of the blockchain system, recording whether the value of one or more attributes of a certain piece of data in the data is changed, if so, recording the corresponding attribute name into the data of the updated attribute, if the piece of data is changed again, firstly checking whether the attribute related to the change is recorded in the updated attribute, if so, not processing, and if not, adding the attribute to the value of the updated attribute of the record finally.
And simultaneously displaying data change in the updated attribute column: when data is displayed, an attribute name is obtained from the 'updated attribute' of the data, if the attribute name is not obtained, the data is not processed, if one or more attribute names are obtained, the data is highlighted and prompted when the data is displayed, and whether the data is modified or not needs to be checked.
The auditing step of the adding operation comprises the following steps: and comparing each piece of data in various types of data from the first block of the block chain to the current latest block in a traversal mode, and if the attribute name of the modified data is not recorded in the updated attribute, performing alarm pushing: "data is illegally modified, and data compliance review is necessary", and when data is displayed, the whole attribute is emphatically reminded: "data is illegally modified and data compliance review is necessary".
Specifically, for deleting data, all the deleted data are stored in a unified 'deleted data storage area', and the data and relevant information of a deleting process, including deleting time, a deleter (obtained by face information identification) and a deleter IP, are recorded;
furthermore, all deleted data are displayed in a unified way, and besides the deleted data are displayed, the metadata of the operation of deleting the data are also displayed together
The auditing step of the deletion operation comprises: and comparing each piece of data in various types of data from the first block of the block chain to the current latest block in a traversal mode, and if the deleted data is not recorded in a deleted data storage area, performing alarm pushing: "data is illegally deleted, and data compliance review is required", and a reminder is emphasized when the deleted data is displayed: "data is illegally deleted and data compliance inspection is necessary".
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention, and all modifications and equivalents of the present invention, which are made by the contents of the present specification and the accompanying drawings, or directly/indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. A data modification discovery method applied to a blockchain is characterized by comprising the following steps:
when a modification operating system receives a modification request aiming at data in a block chain system sent by a user, intercepting the modification request and acquiring a modification request source IP address, wherein the modification operating system is in signal connection with the block chain system;
comparing the source IP address with a preset IP address;
if the source IP address is not the preset IP address, refusing to modify, and sending a first warning signal to an alarm system, wherein the alarm system reminds a manager that the block chain system is illegally modified according to the first warning signal; if the source IP address is the preset IP address, awakening the detection system, and acquiring the face information and the environment information of the source IP address through the detection system;
comparing the acquired face information with preset face information, and comparing the acquired environment information with preset environment information;
if the face information is the same as the preset face information and the environment information is the same as the preset environment information, continuing the modification process and storing the modification record; and if the face information is different from the preset face information or the environment information is different from the preset environment information, refusing to modify, and sending a second warning signal to the alarm system, wherein the alarm system reminds the manager that the block chain system is illegally modified according to the second warning signal.
2. The method as claimed in claim 1, wherein the step of intercepting the modification request and checking the IP address of the source of the modification request when the modification operating system receives a modification request for data in the blockchain system from a user comprises:
when a modification operating system receives a modification request aiming at data in a block chain system sent by a user, intercepting a write-in function of the modification request;
acquiring a process ID number of a write-in function process according to parameters transmitted when the write-in function is called by a modified operating system;
acquiring a corresponding process object through the process ID number;
reading a return address of the write-in function through the process stack, and performing recursive analysis through the return address to obtain an original calling function of the process object;
the source IP address is obtained by the original call function.
3. The method according to claim 1, wherein there are a plurality of preset IP addresses, and one preset IP address corresponds to one preset environment information and one preset face information; the detection system is in signal connection with the cameras corresponding to the preset IP addresses and is used for collecting and verifying environmental information and face information.
4. The method for discovering data modification applied to a blockchain according to claim 3, wherein the detection system comprises a face information verification model and an environment verification model; the step of obtaining the face information and the environment information of the source IP address through the detection system comprises the following steps:
acquiring environment information and face information of a source IP address through a camera;
the step of comparing the acquired face information with preset face information and comparing the acquired environment information with preset environment information comprises the following steps:
inputting the acquired face information into a face information verification model so as to compare the face information with preset face information in the face information verification model;
and inputting the acquired environmental information into the environmental verification model so as to compare the environmental information with preset environmental information in the environmental verification model.
5. The method as claimed in claim 3, wherein before the step of intercepting the modification request and obtaining the source IP address of the modification request when the modification operating system receives a modification request for data in the blockchain system from a user, the method further comprises:
a first time period is set that allows a modification request to be issued.
6. The method as claimed in claim 5, wherein the step of intercepting the modification request and obtaining the source IP address of the modification request when the modification operating system receives a modification request for data in the blockchain system from a user comprises:
when the modification operating system receives a modification request aiming at data in the block chain system sent by a user, comparing the time of sending the modification request with a first time period;
if the time for sending the modification request is not within the first time period, stopping sending the modification request and recording operation information;
if the time for sending the modification request is within the first time period, executing the step of intercepting the modification request and acquiring the source IP address of the modification request.
7. The method as claimed in claim 6, wherein if the face information is the same as the preset face information and the environment information is the same as the preset environment information, the step of continuing the modification process and saving the modification record further comprises:
judging the type of the modification request;
correspondingly backing up corresponding data according to the type of the modification request;
performing corresponding data audit according to the type of the modification request;
if the audit result is qualified, allowing modification and storing modification records;
and if the audit result is not qualified, refusing to modify, and sending a third warning signal to a warning system to remind the manager that the block chain system is illegally modified.
8. The method of claim 7, wherein the type of modification request includes an add operation and a delete operation;
the step of correspondingly backing up the corresponding data according to the type of the modification request comprises the following steps:
when the modification request type is an adding operation, adding an extra attribute to the data in the block chain system corresponding to the adding operation;
when the extra attribute changes, recording the changed attribute name;
when the extra attribute changes again, checking whether the attribute name related to the change is recorded;
if not, the attribute name is additionally recorded;
the step of correspondingly backing up the corresponding data according to the type of the modification request comprises the following steps:
when the modification request type is a deletion operation, storing all deleted data in the block chain system corresponding to the deletion operation;
and recording the deletion operation information.
9. The method as claimed in claim 8, wherein the step of performing corresponding data audit according to modification request type includes:
by means of traversal, each piece of data in various types of data is compared from a first block of a block chain system to a current latest block through audit;
if the audit result is qualified, the modification is allowed, and the modification record is stored, including:
when the attribute name of the modified data is found to be recorded, determining that the auditing result is qualified;
when the auditing result is qualified, allowing the adding operation;
and if the audit result is not qualified, refusing to modify, and sending a third warning signal to remind a manager that the block chain system is illegally modified, wherein the steps comprise:
when finding that the attribute name of the modified data is not recorded, judging that the audit result is unqualified;
and when the auditing result is not qualified, refusing to modify, and sending a third warning signal to remind a manager that the block chain system is illegally modified.
10. The method according to claim 8, wherein the additional attribute of the add operation is recorded in the updated attribute storage area; the data of the deletion operation is stored in a deletion data storage area.
CN202111180533.9A 2021-10-11 2021-10-11 Data modification discovery method applied to block chain Active CN113835931B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111180533.9A CN113835931B (en) 2021-10-11 2021-10-11 Data modification discovery method applied to block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111180533.9A CN113835931B (en) 2021-10-11 2021-10-11 Data modification discovery method applied to block chain

Publications (2)

Publication Number Publication Date
CN113835931A true CN113835931A (en) 2021-12-24
CN113835931B CN113835931B (en) 2022-08-26

Family

ID=78968324

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111180533.9A Active CN113835931B (en) 2021-10-11 2021-10-11 Data modification discovery method applied to block chain

Country Status (1)

Country Link
CN (1) CN113835931B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114578737A (en) * 2022-03-09 2022-06-03 南京华脉科技股份有限公司 Intelligent security monitoring system based on 5G network

Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105930740A (en) * 2016-04-15 2016-09-07 重庆鑫合信科技有限公司 Source tracing method during modification of software file, monitoring method and restoration method and system
CN106708660A (en) * 2016-12-05 2017-05-24 郑州云海信息技术有限公司 System and method for automatically backing up modification file in K-UX operation system
CN107911395A (en) * 2017-12-30 2018-04-13 世纪龙信息网络有限责任公司 Login validation method and system, computer-readable storage medium and equipment
CN108234480A (en) * 2017-12-29 2018-06-29 北京奇虎科技有限公司 Intrusion detection method and device
CN108446407A (en) * 2018-04-12 2018-08-24 北京百度网讯科技有限公司 Database audit method based on block chain and device
CN109213900A (en) * 2018-09-18 2019-01-15 百度在线网络技术(北京)有限公司 A kind of data modification method, device, equipment and the medium of block chain
CN109800354A (en) * 2019-01-09 2019-05-24 考拉征信服务有限公司 A kind of resume modification intension recognizing method and system based on the storage of block chain
CN110765434A (en) * 2019-10-23 2020-02-07 上海商汤智能科技有限公司 Identity authentication method and device, electronic equipment and storage medium
US20200092301A1 (en) * 2018-09-14 2020-03-19 Daniel L. Coffing Fact management system
CN111125776A (en) * 2019-12-12 2020-05-08 成都四方伟业软件股份有限公司 Operation data tamper-proofing method based on block chain
CN111666553A (en) * 2020-07-17 2020-09-15 江苏荣泽信息科技股份有限公司 Block chain identity authority management method based on distributed PKI
CN111724159A (en) * 2020-06-04 2020-09-29 江苏荣泽信息科技股份有限公司 Authority management method and system based on blockchain transaction
CN112464117A (en) * 2020-12-08 2021-03-09 平安国际智慧城市科技股份有限公司 Request processing method and device, computer equipment and storage medium
CN112995356A (en) * 2021-04-19 2021-06-18 浙江工商大学 Domain name resolution service system and method based on block chain
CN113094754A (en) * 2021-05-08 2021-07-09 重庆银行股份有限公司 Big data platform data modification system and modification, response, cache and verification method
CN113094753A (en) * 2021-05-08 2021-07-09 重庆银行股份有限公司 Big data platform hive data modification method and system based on block chain
CN113297628A (en) * 2021-05-26 2021-08-24 杭州安恒信息技术股份有限公司 Modification behavior auditing method, device, equipment and readable storage medium

Patent Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105930740A (en) * 2016-04-15 2016-09-07 重庆鑫合信科技有限公司 Source tracing method during modification of software file, monitoring method and restoration method and system
CN106708660A (en) * 2016-12-05 2017-05-24 郑州云海信息技术有限公司 System and method for automatically backing up modification file in K-UX operation system
CN108234480A (en) * 2017-12-29 2018-06-29 北京奇虎科技有限公司 Intrusion detection method and device
CN107911395A (en) * 2017-12-30 2018-04-13 世纪龙信息网络有限责任公司 Login validation method and system, computer-readable storage medium and equipment
CN108446407A (en) * 2018-04-12 2018-08-24 北京百度网讯科技有限公司 Database audit method based on block chain and device
US20200092301A1 (en) * 2018-09-14 2020-03-19 Daniel L. Coffing Fact management system
CN109213900A (en) * 2018-09-18 2019-01-15 百度在线网络技术(北京)有限公司 A kind of data modification method, device, equipment and the medium of block chain
CN109800354A (en) * 2019-01-09 2019-05-24 考拉征信服务有限公司 A kind of resume modification intension recognizing method and system based on the storage of block chain
CN110765434A (en) * 2019-10-23 2020-02-07 上海商汤智能科技有限公司 Identity authentication method and device, electronic equipment and storage medium
CN111125776A (en) * 2019-12-12 2020-05-08 成都四方伟业软件股份有限公司 Operation data tamper-proofing method based on block chain
CN111724159A (en) * 2020-06-04 2020-09-29 江苏荣泽信息科技股份有限公司 Authority management method and system based on blockchain transaction
CN111666553A (en) * 2020-07-17 2020-09-15 江苏荣泽信息科技股份有限公司 Block chain identity authority management method based on distributed PKI
CN112464117A (en) * 2020-12-08 2021-03-09 平安国际智慧城市科技股份有限公司 Request processing method and device, computer equipment and storage medium
CN112995356A (en) * 2021-04-19 2021-06-18 浙江工商大学 Domain name resolution service system and method based on block chain
CN113094754A (en) * 2021-05-08 2021-07-09 重庆银行股份有限公司 Big data platform data modification system and modification, response, cache and verification method
CN113094753A (en) * 2021-05-08 2021-07-09 重庆银行股份有限公司 Big data platform hive data modification method and system based on block chain
CN113297628A (en) * 2021-05-26 2021-08-24 杭州安恒信息技术股份有限公司 Modification behavior auditing method, device, equipment and readable storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114578737A (en) * 2022-03-09 2022-06-03 南京华脉科技股份有限公司 Intelligent security monitoring system based on 5G network
CN114578737B (en) * 2022-03-09 2023-10-17 国网上海市电力公司超高压分公司 Intelligent security monitoring system based on 5G network

Also Published As

Publication number Publication date
CN113835931B (en) 2022-08-26

Similar Documents

Publication Publication Date Title
CN108446407B (en) Database auditing method and device based on block chain
TWI754795B (en) Evidence collection method, system, device and computer equipment based on blockchain evidence
US20210160053A1 (en) Merkle tree construction methods and apparatuses and simplified payment verification methods and apparatuses
US11108547B2 (en) Methods and apparatuses for reading blockchain data
TWI706282B (en) Method and device for concealing transactions written in blockchain, blockchain system, and computer equipment
CN114124552B (en) Threat level acquisition method, device and storage medium for network attack
JP2008171101A (en) Policy improvement system
CN113835931B (en) Data modification discovery method applied to block chain
CN112818307A (en) User operation processing method, system, device and computer readable storage medium
CN109639726A (en) Intrusion detection method, device, system, equipment and storage medium
CN114531304B (en) Session processing method and system based on data packet
CN112306753A (en) Data restoration method, device and system
CN109656825B (en) Method and device for processing art resources, electronic equipment and storage medium
CN111241198A (en) Data synchronization method and device and data processing equipment
JP2002312205A (en) Saving processing method for access log information, saving processing device for the same and processing program for the same
CN111385511B (en) Video data processing method and device and video recording equipment
CN114547501A (en) Page back-off method and device based on vue management and computer equipment
CN113515740B (en) Timestomp type attack detection method, timestomp type attack detection device and medium
CN113360568A (en) Method and system for shielding alliance link data and computer readable storage medium
CN114978963B (en) Network system monitoring analysis method and device, electronic equipment and storage medium
CN112364040B (en) Data checking method, device, medium and electronic equipment
CN112764974B (en) Information asset online management method and system
WO2021052220A1 (en) Cloud storage interface test method and apparatus
CN117093452A (en) File floor monitoring method and device, computer equipment and storage medium
CN116432173A (en) Method, device and medium for preventing malicious encryption of object storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant