97results about How to "Avoid hijacking" patented technology

Hijacking of an application is prevented by monitoring control flow transfers during program execution in order to enforce a security policy. At least three basic techniques are used. The first technique, Restricted Code Origins (RCO), can restrict execution privileges on the basis of the origins of instruction executed. This distinction can ensure that malicious code masquerading as data is never executed, thwarting a large class of security attacks. The second technique, Restricted Control Transfers (RCT), can restrict control transfers based on instruction type, source, and target. The third technique, Un-Circumventable Sandboxing (UCS), guarantees that sandboxing checks around any program operation will never be bypassed.

Hijacking of an application is prevented by monitoring control flow transfers during program execution in order to enforce a security policy. At least three basic techniques are used. The first technique, Restricted Code Origins (RCO), can restrict execution privileges on the basis of the origins of instruction executed. This distinction can ensure that malicious code masquerading as data is never executed, thwarting a large class of security attacks. The second technique, Restricted Control Transfers (RCT), can restrict control transfers based on instruction type, source, and target. The third technique, Un-Circumventable Sandboxing (UCS), guarantees that sandboxing checks around any program operation will never be bypassed.

The invention discloses a domain name system DNS secondary recursion resolution method. After a local DNS server receives a domain name resolution request of a user host, whether a resolution result is cached locally or not is firstly checked, if the resolution result is cached locally, a process is directly responded and finished, if the resolution result is not cached locally, the local DNS server carries out recursion resolution, and the user host is prevented from being attacked by address pollution and domain name hijacking; only when the recursion resolution is failed, the domain name resolution request is forwarded to an external recursion resolution server for secondary resolution; and the local DNS server receives a resolution result returned by the external recursion resolution server, sends the resolution result to the user host and records a cache. The cache record is stored in the external recursion resolution server and positions of network nodes are different, so the condition that the user host cannot access a domain name due to a recursion failure resulting from an error occurring in authorized DNS configuration of a searched domain name is not liable to occur. The method provided by the invention is simple and convenient in operation steps, no hardware is increased, only functions of the local DNS server is modified, and the recursion resolution is backed up.

The invention discloses an anti-injection method for a browser, and relates to the technical field of browsers. The method comprises the following steps: loading a window message hook function for intercepting a window message; intercepting a window message in an operating system through the window message hook function; judging whether the window message is a browser-hijacking window message or not; and if the window message is the browser-hijacking window message, stopping transmission of the window message. According to the anti-injection method for the browser disclosed by the invention, the window message in the operating system can be intercepted by loading a global window message hook function, and a judgment on whether the window message is the browser-hijacking window message or not is made, so that the problem of unsafety of the browser due to the injection of dll into the browser through other applications is solved, and the beneficial effects of preventing the other applications from hijacking the browser by injecting unsafe dll into the browser and enhancing the safety of the browser are achieved.

One or more embodiments of the invention disclose an evidence obtaining method and device based on a block chain, and the method comprises the steps: obtaining a network evidence obtaining request ofa user, and obtaining evidence obtaining identification information according to the network forensics request; calling an intelligent contract deployed on a block chain, and controlling nodes in theblock chain to execute evidence obtaining operation according to the evidence obtaining identification information to obtain corresponding evidence obtaining data; and signing the evidence obtaining data, and sending the signed evidence obtaining data to the terminal of the user. According to one or more embodiments of the invention, automatic acquisition of evidence obtaining data is realized, the evidence obtaining time is greatly shortened, the evidence obtaining efficiency is improved, meanwhile, the manpower cost of evidence obtaining is reduced. In addition, the credibility of the network environment and the credibility of the evidence obtaining data are also ensured.

The invention provides a security payment method for a mobile terminal payment application. The method includes steps: monitoring the entrance of the payment application into a payment scenario; detecting whether a mobile terminal is accessed to WiFi to determine whether a security channel is established for the application; sending a connection request to a VPN server through a VPN service pre-registered at a system to establish the security channel with the VPN server; and sending payment data to a remote server based on the security channel to accomplish payment operation. Besides, the invention also provides a security payment apparatus for the mobile terminal payment application, and the apparatus comprises a monitoring module, a security channel establishing module, and a payment module. According to the method or apparatus, the security channel is established, security interaction between the payment application program and the server is realized, the security of user information in a transmission process is guaranteed, and privacy data of users is prevented from being stolen.

The invention provides an anti-hijack communication method of a DNS (Domain Name System), which relies on a router and has excellent security. The anti-hijack communication method comprises the following processes that: a user sends a domain name resolution request, after the router receives the request, the router does not directly forward outwards, instead, the following judgments are made, if the router has no DNS cache or the DNS cache has no relevant record, and an anti-hijack DNS server is arranged in the router, the router is communicated with the anti-hijack DNS server, and a communication process is as follows: if the router and the anti-hijack DNS server perform safety communication handshake, the following process is executed; otherwise, the safety communication handshake is established firstly; and the router and the anti-hijack DNS server both utilize keys established by the safety communication handshake to encrypt and decrypt sending information and receiving information respectively so as to carry out communication, the information, which is sent to the anti-hijack DNS server by the router, at least comprises a requested domain name, and the information, which is sent to the router by the anti-hijack DNS server, is information fed back by the information, which is sent to the anti-hijack DNS server by the router.

The invention provides a method and a device for full-text protection and verification of feedback data. The method comprises the following steps: a server extracts the message abstract of full-text data requested by a client; hash operation is performed on a randomly generated disturbance string and the message abstract by use of a message abstract algorithm to obtain a digital signature; the asymmetrically encrypted disturbance string, the digital signature and the full-text data are combined into the feedback data for feeding back to the client; the client receives the feedback data and decrypts the disturbance string by use of an appointed key; the message abstract of the received full-text data by use of a method appointed with the server; hash operation is performed on the decrypted disturbance string and the message abstract by use of the message abstract algorithm to obtain a digital signature, and then the digital signature is compared with the digital signature in the feedback data, and then the comparison result indicates that the two digital signatures are the same, the full-text data are confirmed to be legal. The invention also provides a device corresponding to the method. The method for full-text protection and verification of feedback data is capable of performing quick and accurate verification on the authenticity of the full-text data.

The invention discloses a refrigerator car or warehouse multipoint monitoring and data returning device. The refrigerator car or warehouse multipoint monitoring and data returning device comprises a monitoring unit, a monitoring data returning unit, a display unit, a keyboard and an alarm unit, wherein the monitoring unit, the monitoring data returning unit, the display unit, the keyboard and the alarm unit are connected with a control unit. Multiple temperature and humidity monitoring points are arranged in a refrigerator car or a warehouse, environment parameters in a compartment or the warehouse can be monitored in an omni-directional manner, when humiture is higher than a preset upper value or lower than a preset lower value, acousto-optic alarm signals are emitted, real-time monitoring data is transmitted to a background management server or a specified mobile phone through a GPRS wireless network, and monitoring personnel is prompted timely to take remedy measures, such that quality safety of vaccines, biological agents, food and the like which are transported by the refrigerator car in a cold chain transport process or quality safety of medicine, food and the like in the warehouse can be fully guaranteed.

The invention relates to a data requesting method, device, a storage medium and electronic equipment. The method comprises steps: a first data requesting message sent by a browser for requesting to acquire target data is received; the first data requesting message is packaged to a second data requesting message corresponding to a first transmission protocol, and the second data requesting messageis sent to a server, wherein the first transmission protocol is a lower layer protocol for an application layer protocol; a first request response message sent by the server according to the second data requesting message is received; the first request response message is analyzed to obtain the target data, and the target data are packaged according to a second transmission protocol, and a secondrequest response message is obtained, wherein the second transmission protocol is the application layer protocol; and the second request response message is sent to the browser, and thus, the browseranalyzes the second request response message to obtain the target data.

Enables a local positioning and response system that allows devices in a defined area to determine their local positions in the area, and to generate individual responses based on their positions, for example based on broadcast messages. Responses can include light, sound, shock, vibration, temperature or any other physical signal. Positioning may use overlapping shaped beam signals that permit each device to determine its local position. Response to broadcast messages with local position dependency enables efficient communication with potentially thousands or millions of response units over limited bandwidth channels. Efficient communication may also be supported by messages containing high-level graphical primitives, with devices determining their individual contributions to an aggregate image. The system may also provide correction for image distortions. Applications include stadium light or sound shows, virtual fences, feedback on performance that requires specific motions or positions, and contests for event spectators.

Enables a local positioning and response system that allows devices in a defined area to determine their local positions in the area, and to generate individual responses based on their positions, for example based on broadcast messages. Responses can include light, sound, shock, vibration, temperature or any other physical signal. Positioning may use overlapping shaped beam signals that permit each device to determine its local position. Response to broadcast messages with local position dependency enables efficient communication with potentially thousands or millions of response units over limited bandwidth channels. Efficient communication may also be supported by messages containing high-level graphical primitives, with devices determining their individual contributions to an aggregate image. The system may also provide correction for image distortions. Applications include stadium light or sound shows, virtual fences, feedback on performance that requires specific motions or positions, and contests for event spectators.