CN114782942A - Risk content display detection method - Google Patents

Risk content display detection method Download PDF

Info

Publication number
CN114782942A
CN114782942A CN202210466184.5A CN202210466184A CN114782942A CN 114782942 A CN114782942 A CN 114782942A CN 202210466184 A CN202210466184 A CN 202210466184A CN 114782942 A CN114782942 A CN 114782942A
Authority
CN
China
Prior art keywords
content
view
risk
detected
risk content
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210466184.5A
Other languages
Chinese (zh)
Other versions
CN114782942B (en
Inventor
张志坤
戴旭东
陈东升
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Zhiyuan Youxue Education Technology Co ltd
Original Assignee
Shenzhen Zhiyuan Youxue Education Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Zhiyuan Youxue Education Technology Co ltd filed Critical Shenzhen Zhiyuan Youxue Education Technology Co ltd
Priority to CN202210466184.5A priority Critical patent/CN114782942B/en
Publication of CN114782942A publication Critical patent/CN114782942A/en
Application granted granted Critical
Publication of CN114782942B publication Critical patent/CN114782942B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities

Landscapes

  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Economics (AREA)
  • Operations Research (AREA)
  • Game Theory and Decision Science (AREA)
  • Development Economics (AREA)
  • Marketing (AREA)
  • Educational Administration (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a method for displaying and detecting risk content, which takes the content drawing of display equipment as a starting point, the display equipment carries out risk detection on the content to be displayed before displaying the content to be displayed, and shields the risk content before displaying, thereby achieving the purpose of intercepting the risk content.

Description

Risk content display detection method
Technical Field
The invention relates to the technical field of risk content detection, in particular to a method for displaying and detecting risk content on learning equipment.
Background
China has more than 11 hundred million internet users, and the rise of online education enables children to be more exposed to internet contents earlier than traditional education. However, the contents on the internet are irregular, and some risk information and the like are threatening the health and growth of children all the time.
In view of the above, some means for detecting the risk content are available in the market, for example, analyzing the web content by image recognition, character recognition (OCR), etc., comparing the accessed website with a risk library, etc., and determining whether the content accessed by the user is the risk content.
At present, two methods for detecting the risk content in the market are available:
according to the first scheme, the webpage content is detected, for example, the live broadcast content is detected in the live broadcast field, and more applications are applied to the webpage aiming at a mode of carrying out risk judgment according to image recognition and character OCR. However, since the developer can freely customize the display content on the mobile application APP, some dangerous content may be directly shown to the user, and this way cannot prevent the occurrence of the dangerous content.
According to the second scheme, the accessed websites are detected, if the accessed websites are risk websites, interception prompt is carried out, and the method for carrying out risk judgment according to the websites at present depends on a rich risk website library.
Disclosure of Invention
The present invention is directed to a method for detecting a risk content display to solve the above-mentioned problems.
The invention achieves the above purpose through the following technical scheme:
the invention provides a method for displaying and detecting risk content, which comprises the following steps:
s11, establishing a filtering rule, adding the safe content identifier conforming to the filtering rule into a white list view, and adding the content not conforming to the filtering rule into a black list view;
s12, comparing the view in the received content to be displayed with the white list view, and directly displaying the compared safe content on the equipment;
s13, comparing the view in the received content to be displayed with the blacklist view, hiding the risk content passing the comparison and not displaying on the screen and displaying the risk prompt information;
s14, comparing the view in the received content to be displayed with the white list view and the black list view, and adding the unmatched unknown risk content into the content view to be detected;
s21, obtaining the width and height parameters of the content view to be detected which is not passed through the comparison in the step S14, and determining the format type of the image object to be drawn;
s22, calling a painting brush to finish the image drawing of the content view to be detected and generate a content screenshot object to be detected according to the width and height parameters of the content view to be detected, the type of the image object to be drawn and the information of the picture to be displayed in the content view to be detected;
s23, converting the data of the content screenshot object to be detected, and transmitting the converted data to a risk content detection engine for detection;
s3, according to the detection result of the view detected by the risk content detection engine in the step S23, if the view is the safe content view, the view is directly displayed on the device; when the device is a risk content view, the shielding with the same size is drawn at the same position according to the size and the coordinates of the view, the risk content shielding view with the risk content function is warned, and the risk content shielding view is covered on the risk content view in a floating window mode and is displayed on the device.
Preferably, according to step S23, the data conversion of the content screenshot object to be detected is to perform data conversion on the content screenshot object to be detected to generate the feature data of the content screenshot image to be detected in the form of byte stream, and output the byte stream to the byte array.
Preferably, the data after conversion is transmitted to a risk content detection engine for detection, and the data is the feature data of the screenshot image of the content to be detected in the form of byte stream and is transmitted to the risk content detection engine.
Preferably, the image feature data is data content stored in a byte format and having a mapping relationship established based on image feature information, the risk detection engine is an image recognition engine with a risk content feature library, and the risk content feature library is a collection with a large amount of risk content image feature information.
Preferably, the feature data of the screenshot image of the content to be detected is matched with the feature information of the image of the risk content in the risk content feature library, if the matching fails, the screenshot image of the content to be detected is judged to be a safe content view, and if the matching fails, the screenshot image of the content to be detected is directly displayed on equipment; and if the matching is successful, judging that the content view to be detected is a risk content view, and not directly displaying the risk content view on the equipment.
Preferably, according to step S3, when the risk content shielding view is generated by drawing according to the risk content view, the coordinate point and the width and the height of the object of the screenshot of the content to be detected corresponding to the risk content view, which need to be drawn, are obtained first, the drawing of the image which is consistent with the position and the size of the risk content view is completed to generate a blank non-visual risk content shielding view object, shielding information is written in the blank risk content shielding view object to generate a visual risk content shielding view, and then the risk content shielding view is overlaid on the risk content view in the form of a floating window and displayed on the device.
Preferably, the coordinate points drawn by the content screenshot object to be detected are determined for the content view to be detected based on the specific pixel positions of the upper, left, lower and right sides of the screen of the display device.
Preferably, according to step S3, if the detection result of the content view to be detected by the risk content detection engine is risk content, the risk content view loaded with risk content is not displayed on the screen and displays risk prompt information, and the risk content view is added to the blacklist view; and if the detected result of the content view to be detected is the safe content, displaying the safe content on the equipment, and adding the safe content into the white list view.
Preferably, the adding of the content view to be detected to the blacklist view is adding an identity identifier corresponding to the content view to be detected to the blacklist view.
Preferably, the adding of the content view to be detected into the white list view is to add the identity identifier corresponding to the content view to be detected into the white list view.
Preferably, the identity identifier is composed of a package name, class name, resource-id.
The invention has the beneficial effects that:
compared with the prior art, the method and the device have the advantages that risk content detection is carried out on the content to be displayed before the content to be displayed is displayed, the risk content is shielded before the content to be displayed is displayed, and the purpose of risk content interception is achieved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and do not limit the invention. In the drawings:
FIG. 1 is a schematic flow chart of a method for detecting risk content display according to the present invention;
FIG. 2 is a user interface and corresponding daemon logic interface view in the setup function of the handheld device in an embodiment of the present invention;
FIG. 3 is a flowchart of a method for obtaining the position of a risk content view in a screen according to an embodiment of the present invention;
fig. 4 is a flowchart of a method for acquiring content data of a content view to be detected, performing data conversion on the content data, and transmitting the content data to a risk content detection engine for detection in the embodiment of the present invention;
fig. 5 is a flowchart of a method for drawing a risk content mask view according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The noun interpretation:
1. view (View): views, referred to simply as "views" or "views," the system contains or receives for rendering a presentation specific picture, which in this document includes the following views: the system comprises a content view to be displayed, a white list view, a black list view, a content view to be detected, a risk content view and a safety content view.
2. Layout (container for view): the container of views, abbreviated as "Layout", is used for determining the position and size of a target View on a screen, one Layout can load a plurality of views, the number of views depends on the design logic of an application, and if the Layout (View container) is compared with a picture frame, the View (View) can be compared with a specific picture, and the picture can be displayed only by being mounted in the picture frame.
3. Image feature data: the byte data content in byte format is exemplified as follows in the present embodiment:
a byte array is used for storing hexadecimal byte data, for example, byte [ ] ═ 0x00,0x01,0x02.
4. And the content view to be displayed: all the content views to be displayed received by the system, each of which is a specific View, have unique identity identifiers, the View coordinate position and the width and height can be obtained by the method described in fig. 3, all the content views to be displayed received by the system refer to the content to be displayed in real time, the content to be displayed is not identical to a visual picture and belongs to a specific View, the system provides a View object, the specific View and a corresponding Layout View container (View container) correspond to each other, and the method shown in fig. 3 obtains the View size and the coordinate position.
5. White list view: the white list view is a group of trusted view identity identifier sets, each white list view has a unique identity identifier, and the system directly displays the received content view to be displayed with the same identity identifier in the white list view set without risk detection.
6. And (3) black list view: a set of identifiers for all risk content views, each blacklisted view having a unique identifier.
7. And the content view to be detected: the system receives the content views of which the identity identifiers corresponding to the views are not in the blacklist view and the whitelist view in the content views to be displayed, and each content view to be detected has a unique identity identifier.
8. Risk content View: and after being detected by the risk detection engine, the content view to be displayed is judged to be the view with risk content, and each risk content view has a unique identity identifier.
9. Identity identifier: the Layout of the id may be composed of "package name) -class name-resource-id", and the values of the C area "package, class and resource-id" in fig. 2 are combined to form a unique id. For example, in the identifier of the video class view in application a, package (package name) is com.noah.a, class (class name) is VideoView, and resource-id (resource identifier) is 0x00, so that in the case that package (package name) and class (class name) are the same, application a can distinguish the identifier of different resources of the video class view in application a through the change of resource-id (resource identifier); similarly, the package name of the web page class view in the application B is com.noah.b, the class name is WebView, and the resource-id (resource identifier) is 0x01, so that when the package name and the class name are the same, the application B can distinguish the identity identifiers of different resources in the web page class view in the application B through the change of the resource-id (resource identifier), and can distinguish different specific views corresponding to each different identity identifier through the above method. The identifier of a view is fixed and no new identifiers are generated as the content of the view changes.
10. package (package name): the package names are the names of the applications, e.g., the package names of application a and application B are com. The package (packet name) is mainly applied to black and white list filtering. Because the filtering of the black and white list is designed for the third-party application, the system can prevent or allow the loading of the black and white list application by identifying the package name when the system starts to load the application, even prevent the downloading and the installation of the black list user, and achieve the effect of filtering the risk application content. According to the estimated risk, a black list (blackList) and a white list (whiteList) can be configured in advance.
11. class (class name): for example, the name corresponding to the class part in the id of the navigation bar is "com. class (class name) needs to be used in conjunction with package (package name) and is mainly applied to black and white list filtering.
12. resource-id (resource identification): the identifier is an identifier corresponding to a specific View, and each specific View corresponds to a unique identifier, for example, the identifier corresponding to the resource-id (resource identifier) part in the identity identifier of the status bar is "android-id/status bar", that is, the identifier indicating the View corresponding to the status bar is "android-id/status bar". resource-id needs to be used in combination with package and class, and is mainly applied to black and white list filtering.
13. A risk detection engine: the system comprises a risk content feature library and a detection engine capable of identifying whether detected image features contain risk content, wherein the risk content feature library is a set of risk content which is learned by using an AI algorithm through a large amount of training, image feature data converted from screenshots of content to be detected can be transmitted to a third-party risk detection engine through an interface provided by the third-party risk detection engine by the system for detection, then the system receives a detection result of the third-party risk detection engine to judge whether the content view to be detected is the risk content, the third-party risk detection engine can be developed and used by the third-party risk detection engine, such as a text content security risk detection engine provided by Tencent, a content security detection engine provided by centuries, a content security detection engine provided by Internet, and the like.
As shown in fig. 1-2, an embodiment of the present invention provides a method for detecting risk content display, including the following steps:
s11, establishing a filtering rule, adding the safe content identifier conforming to the filtering rule into a white list view, and adding the content not conforming to the filtering rule into a black list view;
s12, comparing the view in the received content to be displayed with the white list view, and directly displaying the compared safe content on the equipment;
s13, comparing the view in the received content to be displayed with the blacklist view, hiding the risk content passing the comparison and not displaying on the screen and displaying risk prompt information;
s14, comparing the view in the received content to be displayed with the white list view and the black list view, and adding the unmatched unknown risk content into the view of the content to be detected;
s21, obtaining the width and height parameters of the content view to be detected which is not passed through the comparison in the step S14, and determining the format type of the image object to be drawn;
s22, calling a painting brush to finish the image drawing of the content view to be detected and generate a content screenshot object to be detected according to the width and height parameters of the content view to be detected, the type of the image object to be drawn and the information of the picture to be displayed in the content view to be detected;
s23, converting the data of the screenshot object of the content to be detected, and transmitting the converted data to the risk content detection engine for detection;
s3, according to the detection result of the view detected by the risk content detection engine in the step S23, if the view is a safe content view, the view is directly displayed on the device; when the device is a risk content view, the shielding with the same size is drawn at the same position according to the size and the coordinates of the view, the risk content shielding view with the risk content function is warned, and the risk content shielding view is covered on the risk content view in a floating window mode and is displayed on the device.
As shown in fig. 2, the area B and the area C on the right side of the background program logic interface View are invisible to the user and include all Layout and View of the user interface, the area a on the left side is a visual user setting interface correspondingly loaded in the area B on the right side, the area B shows a background program View of the area a of the visual user setting interface, the area C shows View attributes corresponding to a currently selected area part in the area a, and if "network and internet" is selected in the area a in fig. 2, the area C shows View attributes corresponding to the selected part "network and internet":
package, com.android.settings; class, android, widget, relative layout, and the like.
Specifically, as shown in the area B in fig. 2, it can be seen that the logic interface is implemented by nesting layers of relative Layout, linear Layout, ImageView, and the like, and each Layout and View have their own identity identifiers; in the area C of fig. 2, resource-id, class, package, etc. in the Node Detail interface can be used as the id. The display position of each Layout and View on the screen is determined by two sets of coordinate values, the display position of LinearLayout pointed by B1 in fig. 2 is [208, 317] [714, 374], which is the Top, Left, Bottom, Right relative to the View of the previous layer, since each Layout and View has a corresponding display coordinate, the positions of the Layout and View in the screen can be determined by the method of fig. 3 according to the resolution of the screen or the topmost Layout and View coordinates, and the position coordinates of each Layout and View relative to the screen can be obtained by invoking an interface related to the display device, as shown in fig. 3, a flowchart of a method for obtaining the position of the risky content View in the screen after the content View to be detected is detected by a risky content detection engine and determined as the risky content View.
Through the View illustration in fig. 2, the identifier of each Layout and View may be obtained, and the position coordinates of each Layout and View may be displayed, so that the content of each Layout and View may be obtained, and after the content of the View is converted into image feature data in byte format of byte stream, whether the content is a risk content may be determined according to a risk detection engine, as shown in fig. 4, a flow chart of a method for obtaining content data of a content View to be detected, performing data conversion on the content data, and transmitting the content data to the risk content detection engine for detection is shown.
If the result of the judgment is the risk content, the view is a risk content view, the risk content view is hidden, and according to the obtained position coordinates, a new view with the same size as the view can be drawn on the position coordinates of the risk content view, which is called a risk content mask view, the risk content mask view covers the risk content view and is displayed to the user to achieve the effect of shielding the risk content view, and fig. 5 is a flowchart of a method for drawing the risk content mask view shielding the risk content view.
The user setting interface is formed by nesting a plurality of Layout and View, the system loads the Layout of the outermost layer according to the principle that the Layout is from top to bottom and from outside to inside, and continuously loads the Layout of the inner layer after the Layout of the outer layer is progressively loaded layer by layer until the View of the innermost layer is loaded.
On an application or a web page, when a video or a browsed web page is viewed, the video and the web page have corresponding views, each view has a corresponding view identity identifier, for example, the identity identifier of the video view is video, and the identity identifier of the web page view is Webview. The position parameters of the risk content view, i.e. the abscissa, ordinate, width and height of the risk content view, can be obtained by the method described in fig. 3. As can be seen from fig. 3, the method for obtaining the position of the risky content view in the screen after the content view to be detected is detected by the risky content detection engine and is determined as the risky content view is as follows:
s31: the system initializes a four-dimensional shaping array for storing coordinate information of the left lower corner of the risk content view relative to the abscissa and the ordinate of the screen and the width and the height of the risk content view;
s32: the system acquires the horizontal coordinate and the vertical coordinate of the lower left corner of the risk content view relative to the screen and stores the horizontal coordinate and the vertical coordinate in the zero position and the first position of the four-dimensional shaping array;
s33: the system acquires the width and the height of a risk content view, and stores the width and the height in a second position and a third position of a four-dimensional shaping array;
s34: the system acquires data stored in the four-dimensional shaping array, namely acquires the abscissa, the ordinate, the width and the height of the lower left corner of the risk content view relative to the screen.
As can be seen from the foregoing definitions, the risk content View in FIG. 3 is a View View.
The system receives the content views to be displayed, acquires the identity identifier of each content view to be displayed, compares the identity identifier with the view identity identifiers in the white list view, identifies the content view to be displayed corresponding to the identity identifier as safe content if the identity identifiers are consistent in comparison, and directly displays the content view to be displayed on the equipment; if the comparison is inconsistent, comparing the identity identifier with the view identity identifier in the blacklist view, if the comparison is consistent, identifying the content view to be displayed corresponding to the identity identifier as risk content, and not displaying the content view to be displayed on a screen and displaying risk prompt information; if the identity identifiers of the content views to be displayed are not consistent with the identity identifiers corresponding to the views in the white list view and the black list view in comparison, regarding the content views to be displayed as the content views to be detected, adding the content views to be detected into a content view list to be detected, drawing a new view according to the position information of the content views to be detected and the information of the pictures to be displayed in the content views to be detected to generate a content screenshot object to be detected, then performing data conversion on the content screenshot object to be detected, and finally transmitting the converted data to a risk content detection engine for detection, wherein the specific method flow for acquiring the content data of the content views to be detected, transmitting the content data to be detected to the risk content detection engine for detection after data conversion is shown in fig. 4:
the S41 system acquires a specific content view to be detected;
s42: the system acquires the width and height parameters of a content view to be detected and determines the type of an image object to be drawn;
s43: the system initializes a painting brush according to the parameters of the content view to be detected and the type of the image object to be drawn;
s44: the system combines the parameters of the content view to be detected, the type of the image object to be drawn and the information of the picture to be displayed in the content view to be detected, calls a painting brush, and finishes the image drawing of the content view to be detected to generate a non-visual content screenshot object to be detected;
s45: the system carries out data conversion on the content screenshot object to be detected to generate characteristic data of the content screenshot image to be detected in a byte stream form, and outputs the byte stream to a byte array;
s46: the system transmits the characteristic data of the screenshot image of the content to be detected in the form of the byte stream to a risk content detection engine for detection.
In the method flow of fig. 4, in step S41, the View of the content to be detected is a View; in step S42, the parameters of the content view to be detected refer to the abscissa, ordinate, width, and height of the lower left corner of the content view relative to the screen, and the type of the image object to be drawn is the ARGB _8888 color mode; the brush initialized in step S43 is Canvas; step S44, drawing the generated to-be-detected content screenshot object, which may be a system image object, a JPG, a PNG, or other format image object, which is equivalent to converting the to-be-detected content view into a system image object, a JPG, a PNG, or other format image object, it is worth mentioning that the non-visual to-be-detected content screenshot object generated in step S44 may be only the image data of the to-be-detected content screenshot, and does not need to generate a visual system image object or a specific image in a JPG or PNG format or other format image, and the image data of the to-be-detected content screenshot includes the image information that is to be displayed in the to-be-detected content view; and S45 and S46, performing data conversion on the generated content screenshot object to be detected to generate byte stream-form content screenshot image characteristic data to be detected, outputting the byte stream to a byte array, and transmitting the byte stream-form content screenshot image characteristic data to be detected to a risk content detection engine for detection.
As mentioned above, the risk detection engine includes a risk content feature library, and is capable of identifying whether detected image feature data is included in the risk content feature library, the risk content feature library is a set of risk contents that are trained and learned in a large number by using an AI algorithm, and image feature data converted from screenshots of the contents to be detected can be transmitted to a third-party risk detection engine through an interface provided by a third party for detection, and then the system receives a detection result of the third-party risk detection engine to determine whether a corresponding content view to be detected is risk content, where the third-party risk detection engine is, for example, a text content security risk detection engine provided by Tencent, a content security detection engine provided by hundred degrees, a content security detection engine provided by Internet, or the like.
When the detection result returned by the risk detection engine indicates that the content view to be detected is a safe content view, the content view to be detected is directly displayed on the equipment; and if the view is a risk content view, hiding the risk content view, drawing a shielding view with the same size at the same position on the display device according to the size and the coordinates of the view, and warning that the risk content shielding view with the risk content function exists, wherein the risk content shielding view is covered on the risk content view in a floating window mode and is displayed on the device. The method for drawing the risk content shielding view shielding the risk content view is shown in fig. 5:
s51: the system acquires position data information stored in a four-dimensional shaping array corresponding to the risk content view when the risk content view is not displayed on the equipment, and determines the type of an image object to be drawn;
s52: the system initializes a painting brush according to the position data information of the risk content view and the type of an image object to be drawn;
s53: the system combines the position data information of the risk content view and the type of the image object to be drawn, calls a painting brush, and finishes image drawing consistent with the position and the size of the risk content view to generate a blank non-visual risk content shielding view object;
s54: and writing shielding information in the blank risk content shielding view object to generate a visualized risk content shielding view, and overlaying the risk content shielding view on the device in the form of a floating window.
S55: and completing the shielding of the risk content view and the displaying of the risk content shielding view.
In step S51, when the risky content view is not displayed on the device, the system acquires the position data information stored in the four-dimensional shaping array corresponding to the risky content view by acquiring the abscissa, ordinate, width, and height of the lower left corner of the risky content view relative to the screen by the method of fig. 3, and determines that the type of the image object to be drawn is the ARGB _8888 color mode.
In step S52, the initialized brush is a Canvas brush.
In step S53, the blank non-visualized risk content mask view object is a system image object or an image in the format of PNG, JPG, or the like.
In step S54, the mask information content written in the blank risk content mask view object may be text, geometric figure, dotted line, etc., such as writing the text "Warning! The content is risk content, and the system has shielded! ".
In step S55, the risk content view mask and the risk content mask view display are completed, that is, the risk content view is masked and not displayed to the user on the device, but the risk content mask view with the same position and size as the risk content view is displayed on the device to prompt the user.
1. Filtering rules of the white list:
according to the description of fig. 2, each view has its own identity identifier, e.g. package name, class name, resource-ID, with the following rules:
all views contained in each application in all applications entering the white list view are regarded as secure content views, and each application sets a unique package field as a part of an identity identifier of the application, for example: settings and camera applications in the system, which are named "com.
“whiteList”:{
“package”:[“com.android.settings”,“com.android.camera”];
}
If a new white list application needs to add a filtering rule, a unique package value corresponding to the application is directly added to data corresponding to the package.
White list filtering rules are exemplified: the screen of the handheld device is provided with small components such as a status bar and a navigation bar, and the small components are displayed on the screen when the application runs under the condition of not being actively hidden. This type of view needs to be added to the white list filtering rules. For example, the package names of two applications are "com.android.settings" and "com.android.camera", respectively, the View name corresponding to the class name part in the id of the navigation bar of an application is com.android.systemi.navigationbar, and the resource-id part in the id of the status bar of an application is android-id/status bar, then the white list filtering rules of the navigation bar and the status bar are set as follows:
Figure BDA0003624227690000161
according to the setting, the following technical effects can be realized:
1. no risk content detection is performed in two applications, package name "com.android.settings" and "com.android.camera";
2. in two applications, package name, com.android.settings and com.android.camera, no risk content detection is performed for class name "com.android.systemi.navigationbar";
3. in both applications, package name, "com.android.settings" and "com.android.camera," no risk content detection is performed for class (class name) "com.android.system.navigationbar" and resource-id (resource identification) "android-id/status bar".
And if the application is a trusted application, adding the package value of the application into the white list view whiteList. When the system loads the view, the view with the view identity identifier in the white list whiteList is directly displayed to the user without risk content detection.
The above is a partial example implementation of the white list filtering rules.
2. Filtering rules of the blacklist:
the filtering rule of the blacklist is designed for third-party application, loading is prevented when the system just starts to load the blacklist application, even downloading and installation of a blacklist user are prevented, and the effect of filtering risk application content is achieved.
For the risk application estimated and determined, a blackList is configured in advance, for example, a unique package field is set for the risk application as an identity identifier of the application, such as a certain risk application named "com.
Example blacklist filtering rules: for example, if a risk application package is "com. burn. hub", class is "com. burn. webview", and resource-id is "0 x 01", the corresponding blacklist filtering rule for the application is set as:
Figure BDA0003624227690000171
according to the setting, the following technical effects can be achieved:
1. intercepting the application start according to the package name com.porn.hub when the application starts;
2. masking the view when the application package (package name) is com.
3. A view with package name com.
The above is a partial example implementation of the filter rule applied by the blacklist.
3. And (3) updating the black and white list view:
adding the content view to be detected into the blacklist view means adding the identity identifier corresponding to the content view to be detected into the blacklist view, and adding the content view to be detected into the whitelist view means adding the identity identifier corresponding to the content view to be detected into the whitelist view.
The filtering rules of the white list view and the black list view can be configured in the cloud server. The latest filtering rules are obtained when the device is powered on.
Before the display device system loads the view, the identity identifier of the view to be loaded is compared with the filtering rules.
The drawing process of the application view comprises the following three stages: three stages of measurement, positioning and drawing. The measurement stage is to calculate the size of the view to be drawn, the positioning stage is to calculate the placement position of the view to be drawn on the screen, and the drawing stage is to draw the view. After these three phases are completed, the view is displayed on the device screen, which is now visible to the user.
And acquiring the identity identifier of the view to be displayed to be drawn in the positioning stage, and comparing the identity identifier with the filtering rule. If the view identity identifier needing to be drawn is in the white list filtering rule, directly displaying the view; and if the view needing to be drawn is in the blacklist filtering rule, executing drawing stopping operation or stopping continuous running of the application, and informing a system to remind the user of the risk through a popup window and other forms.
The filtering rule storage mode comprises a local storage and a cloud storage;
localized storage: a filter rule file is created in the display device, said filter rule file comprising the above-mentioned filter rules of the white list and the filter rules of the black list.
Cloud storage: and a filtering rule file is created at the cloud end of the server, the filtering rule file is downloaded and stored locally when the display equipment is networked, and the filtering rule of the filtering rule file is consistent with a local configuration scheme.
In fig. 1, according to step S2, the data conversion of the content screenshot object to be detected generated after the capture is performed, that is, the data conversion of the content screenshot object to be detected is performed to generate byte stream type feature data of the content screenshot image to be detected, and the byte stream is output to the byte array, and then the byte stream type feature data of the content screenshot image to be detected is transmitted to the risk content detection engine.
Preferably, the risk detection engine is an image recognition engine with a risk content feature library, the risk content feature library is a set with a large amount of risk content image feature information, and the image feature information is data content which is stored in a byte format or other formats and establishes a mapping relationship based on the image feature information.
According to step S3, when the risk content view is drawn to generate the risk content mask view, the coordinate point and the width and height of the to-be-detected content screenshot object corresponding to the risk content view, which need to be drawn, are first obtained, image drawing consistent with the position and size of the risk content view is completed to generate a blank non-visual risk content mask view object, shielding information is written in the blank risk content mask view object to generate a visual risk content mask view, and then the risk content mask view is overlaid on the risk content view in the form of a floating window and displayed on the device.
Preferably, the coordinate points drawn by the content screenshot to be detected are determined by the positions of the upper, left, lower and right specific pixels of the screen of the display device for the content view to be detected.
The location of the risky content mask view is determined by the location of the content view to be detected, and the system provides specific pixel locations for the screen-based Top, Left, Bottom, Right of the view, and for the screen-based Top, Left, Bottom, Right of the Layout.
The purpose of drawing the risk content shielding view is to cover the content of the risk content view, so that the purposes of shielding the risk content and prompting the user of the risk content are achieved, and therefore the image content only needs to achieve the purposes of shielding the risk content and prompting the user of the risk content.
According to step S3, if the detection result of the view detected by the risk content detection engine is risk content, according to a preset rule, the risk content view loading the risk content is not displayed on the screen and displays risk prompt information, and the risk content view is added to the blacklist view; and if the detected result of the content view to be detected is the safe content, displaying the safe content on the equipment according to a preset rule, and adding the safe content into the white list view.
In step 2, the identifier of the view to be drawn is not in the white list filtering rule, the view to be drawn is subjected to data conversion in the drawing stage (fig. 4 illustrates a flow chart of a method for acquiring content data of a content view to be detected, performing data conversion on the content data, and transmitting the content data to a risk content detection engine for detection), and the converted data is transmitted to the risk content detection engine. The example of fig. 4 is a method for converting a view into image feature data, and transmitting the converted image feature data in the form of a byte stream to a risk detection engine, where the image feature information is data content in a byte format or other formats for establishing a mapping relationship based on feature information, the risk detection engine is an image recognition engine with a risk content feature library, and the risk content feature library is a set having a large amount of risk content image feature information, the system matches the captured image feature data of the content to be detected with the risk content image feature information in the risk content feature library, and if the matching fails, it determines that the content to be detected is a secure content view, and then the secure content view is directly displayed on a device; and if the matching is successful, judging that the content view to be detected is a risk content view, and not directly displaying the risk content view on the equipment. The risk detection engine can be used for detecting a third-party risk detection engine, and can also be developed and used by self, the system receives a detection result of the third-party risk detection engine so as to judge whether the content view to be detected is risk content, and the third-party risk detection engine comprises a text content security risk detection engine provided by Tencent, a content security detection engine provided by Baidu, a content security detection engine provided by Internet Exchequer and other risk detection engines.
When the current content view to be detected is drawn and is not on the view in the white list, acquiring coordinate points and width height which need to be drawn of a content screenshot object to be detected corresponding to the risk content view, finishing image drawing consistent with the position and size of the risk content view to generate a blank non-visual risk content shielding view object, writing shielding information in the blank risk content shielding view object to generate a visual risk content shielding view, covering the risk content shielding view on the content view to be detected which is judged as the risk content view in a floating window mode and displaying the risk content shielding view on equipment, wherein the coordinate points drawn by the content screenshot to be detected are determined by the content screenshot view to be detected based on the specific pixel positions of the upper, the left, the lower and the right of the screen.
Displaying on the device when it is a secure content view according to the detection result of the view detected by the risky content detection engine in step S3; and when the view is the risk content view, drawing a risk content shielding view according to the size of the detected view, covering the risk content shielding view in a floating window mode and displaying the risk content shielding view on the device.
According to the step S3, when the interception or risk prompt is made to the content view to be detected according to the detection result, if the detection result of the content view to be detected is risk content, according to a preset rule, the risk view loaded with the risk content is not displayed on the screen and displays risk prompt information; and if the detection result of the content view to be detected is normal content, canceling the coverage of the floating window at the position of the content view to be detected loaded with the risk content according to a preset rule, displaying the normal content on the equipment, and adding the normal content into the white list view.
For example: let region a in fig. 2 be the risk content and the application be a third party application that is not in the white list filtering rules and not in the black list filtering rules.
According to the preset rule, when the interface of fig. 2 is opened (at this time, the interface is not visualized yet, and the user draws and updates the interface according to the preset rule when opening the web page), the system will start the drawing process from the Layout at the topmost layer of the area B in fig. 2, when the first layer view is loaded, because the view identity identifiers package, class and resource-id are not in the white list filtering, position coordinates of the view of the first layer are acquired, the contents of the view are acquired by the method as in fig. 4, the view is data-converted by step S2 of fig. 1 and it is detected whether it is a risky content in step S3, when the a area (risky content view) of fig. 2 is not drawn yet, and the area A is still blank, the detection result of the first layer view is normal at this time, the next layer view is continuously loaded, and the next layer view is still normal according to the preset rule (at this time, the area A is not drawn yet). And continuing loading until loading the area A is started, detecting that the area A view has risk content according to a preset rule, according to the step S3 in fig. 1, acquiring the position coordinates and the width and height information of the area A view by the method in fig. 3, drawing a risk content shielding view according to the size of the detected view by the method in fig. 5, covering the risk content shielding view on the risk content view in a floating window manner, and displaying the risk content shielding view on the device, so that the effect of risk content interception is realized.
It should be noted that, in step S13 in fig. 1, the view in the received content to be displayed is compared with the blacklist view, the risk content that passes the comparison is hidden and not displayed on the screen, and the risk prompt information is displayed, where the method for hiding and risk prompting that is adopted to hide and not display the risk content that passes the comparison on the screen and display the risk prompt information is implemented by the method described in fig. 5, at this time, the content view that passes the comparison with the blacklist view in step S13 is regarded as the risk content view in fig. 5, and the risk prompt information displayed in step S13 is regarded as the risk content mask view in fig. 5.
In summary, the present invention takes risk content detection as a starting point, before displaying display content, the device performs risk detection on the content to be displayed, and shields the risk content before displaying, so as to achieve the purpose of risk content interception.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention.

Claims (11)

1. A method for detecting risk content display is characterized by comprising the following steps:
s11, establishing a filtering rule, adding the safe content identifier conforming to the filtering rule into a white list view, and adding the content not conforming to the filtering rule into a black list view;
s12, comparing the view in the received content to be displayed with the white list view, and directly displaying the compared safe content on the equipment;
s13, comparing the view in the received content to be displayed with the blacklist view, hiding the risk content passing the comparison and not displaying on the screen and displaying the risk prompt information;
s14, comparing the view in the received content to be displayed with the white list view and the black list view, and adding the unmatched unknown risk content into the content view to be detected;
s21, obtaining the width and height parameters of the content view to be detected which is not passed through the comparison in the step S14, and determining the format type of the image object to be drawn;
s22, calling a painting brush to finish the image drawing of the content view to be detected and generate a content screenshot object to be detected according to the width and height parameters of the content view to be detected, the type of the image object to be drawn and the information of the picture to be displayed in the content view to be detected;
s23, converting the data of the content screenshot object to be detected, and transmitting the converted data to a risk content detection engine for detection;
s3, according to the detection result of the view detected by the risk content detection engine in the step S23, if the view is a safe content view, the view is directly displayed on the device; and when the view is a risk content view, drawing shielding with the same size at the same position according to the size and the coordinates of the view, and warning the risk content shielding view with risk content function, wherein the risk content shielding view is covered on the risk content view in a floating window form and is displayed on the equipment.
2. The method for detecting risk content display of claim 1, wherein according to step S23, the data conversion of the screenshot object to be detected is to perform data conversion on the screenshot object to be detected to generate the feature data of the screenshot image to be detected in a byte stream form, and output the byte stream to the byte array.
3. The method according to claim 2, wherein the step of transmitting the converted data to the risk content detection engine for detection is transmitting feature data of a screenshot of the content to be detected in a byte stream form to the risk content detection engine.
4. The method of claim 3, wherein the image feature data is data content stored in a byte format and having a mapping relationship based on image feature information, the risk detection engine is an image recognition engine with a risk content feature library, and the risk content feature library is a collection with a large amount of risk content image feature information.
5. The method according to claim 1 or 4, wherein the image feature data of the screenshot of the content to be detected is matched with the image feature information of the risky content in the risky content feature library, and if the matching fails, the view of the content to be detected is determined to be a safe view of the content, and the view of the content to be detected is directly displayed on the device; and if the matching is successful, judging that the content view to be detected is a risk content view, and not directly displaying the risk content view on the equipment.
6. The method for displaying and detecting risk content according to claim 5, wherein according to step S3, when the risk content shielding view is generated by drawing according to the risk content view, the coordinate point and the width and the height of the object of the screenshot of the content to be detected corresponding to the risk content view, which need to be drawn, are obtained first, the image drawing that is consistent with the position and the size of the risk content view is completed to generate a blank non-visual risk content shielding view object, shielding information is written into the blank risk content shielding view object to generate a visual risk content shielding view, and then the risk content shielding view is overlaid on the risk content view in a floating window manner and displayed on the device.
7. The method according to claim 6, wherein coordinate points drawn by the screenshot object of content to be detected are determined for the content view to be detected based on the specific pixel positions of the upper, left, lower and right sides of the screen of the display device.
8. The method for detecting risk content display of claim 7, wherein according to step S3, if the detection result of the content view to be detected by the risk content detection engine is risk content, the risk content view loaded with risk content is not displayed on the screen and displays risk prompt information, and the risk content view is added to the blacklist view; and if the detected result of the content view to be detected is the safe content, displaying the safe content on the equipment, and adding the safe content into the white list view.
9. The method of claim 8, wherein the step of adding the view of contents to be detected to the blacklist view comprises adding an identity identifier corresponding to the view of contents to be detected to the blacklist view.
10. The method of claim 9, wherein the step of adding the view of contents to be detected into a white list view comprises adding an identity identifier corresponding to the view of contents to be detected into the white list view.
11. The method of claim 10, wherein the id is comprised of package name class id.
CN202210466184.5A 2022-04-29 2022-04-29 Risk content display detection method Active CN114782942B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210466184.5A CN114782942B (en) 2022-04-29 2022-04-29 Risk content display detection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210466184.5A CN114782942B (en) 2022-04-29 2022-04-29 Risk content display detection method

Publications (2)

Publication Number Publication Date
CN114782942A true CN114782942A (en) 2022-07-22
CN114782942B CN114782942B (en) 2024-05-28

Family

ID=82434279

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210466184.5A Active CN114782942B (en) 2022-04-29 2022-04-29 Risk content display detection method

Country Status (1)

Country Link
CN (1) CN114782942B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103092832A (en) * 2011-10-27 2013-05-08 腾讯科技(深圳)有限公司 Website risk detection processing method and website risk detection processing device
WO2015081900A1 (en) * 2013-12-06 2015-06-11 北京奇虎科技有限公司 Method, device, and system for cloud-security-based blocking of advertisement programs
CN105100119A (en) * 2015-08-31 2015-11-25 百度在线网络技术(北京)有限公司 URL detection method and device
CN109344275A (en) * 2018-08-21 2019-02-15 深圳市致远优学教育科技有限公司 Resource acquisition device and method based on picture recognition

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103092832A (en) * 2011-10-27 2013-05-08 腾讯科技(深圳)有限公司 Website risk detection processing method and website risk detection processing device
WO2015081900A1 (en) * 2013-12-06 2015-06-11 北京奇虎科技有限公司 Method, device, and system for cloud-security-based blocking of advertisement programs
CN105100119A (en) * 2015-08-31 2015-11-25 百度在线网络技术(北京)有限公司 URL detection method and device
CN109344275A (en) * 2018-08-21 2019-02-15 深圳市致远优学教育科技有限公司 Resource acquisition device and method based on picture recognition

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王持恒;陈晶;陈祥云;杜瑞颖;: "基于证据链生成的Android勒索软件检测方法", 计算机学报, no. 10, 29 December 2017 (2017-12-29) *
韦俊琳;段海新;白宇;季姝廷;张皓宇;: "使用网页元素随机化方法的广告******", 小型微型计算机***, no. 05, 15 May 2020 (2020-05-15) *

Also Published As

Publication number Publication date
CN114782942B (en) 2024-05-28

Similar Documents

Publication Publication Date Title
CN110502984B (en) Drawing review method and device, computer equipment and storage medium
AU2006326465B2 (en) Detecting and rejecting annoying documents
US11861810B2 (en) Image dehazing method, apparatus, and device, and computer storage medium
CN112000024B (en) Method, device and equipment for controlling household appliance
CN104834382A (en) Mobile terminal application program response system and method
KR101761513B1 (en) Method and system for detecting counterfeit and falsification using image
CN112102207A (en) Method and device for determining temperature, electronic equipment and readable storage medium
CN114782942A (en) Risk content display detection method
CN111125433A (en) Popup window management method and device, electronic equipment and readable storage medium
JP2017123015A (en) Information processing apparatus, image processing method, and program
KR20200051014A (en) System, server, program and method for confirming object acquisition
CN112087661A (en) Video collection generation method, device, equipment and storage medium
KR20210003547A (en) Method, apparatus and program for generating website automatically using gan
CN106846351B (en) Image processing method and client
CN112000413B (en) Screenshot method and system capable of protecting information and intelligent terminal
WO2021032160A1 (en) Image processing method and apparatus, and content sharing method and device
JP6154545B2 (en) Information processing device
CN114358098A (en) Information sharing method and device, electronic equipment and readable storage medium
CN113780260B (en) Barrier-free character intelligent detection method based on computer vision
US20240094885A1 (en) Systems and methods of determining contrast for accessibility
CN112115941B (en) Fire detection method, device, equipment and storage medium
CN115114557B (en) Page data acquisition method and device based on block chain
CN113132796B (en) AI edge terminal safe playing method based on PID algorithm and related equipment
JP5320007B2 (en) Information filter device
CN117975470A (en) Image detection method, device, electronic equipment and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant