32results about How to "Protect against malicious attacks" patented technology

The invention provides a method, apparatus and system for decrypting a cloud payment limiting key. The method comprises the following steps: separately performing iteration on a plurality of private key fragments to restore an elliptic curve point, and performing private key decryption. The operation result of separate iteration of the plurality of private key fragments is equivalent operation result of the corresponding private key, and no complete private key occurs in the decryption process, thereby effectively defending the attack of privacy data access beyond the authority. The technology of separate iteration of a plurality of fragment is adopted, no complete private key occurs in the decryption process, thereby solving the security problem that the private key of a mobile terminal is leaked; and on the basis that the problem that the security problem that the private key of a mobile terminal is leaked is solved, secure allocation and use of the cloud payment limiting key is realized, and thus the security problem of Access PIN and symmetrical encryption protection limiting key are effectively solved.

The invention provides a writing balancing method of a phase change memory. The method comprises the following steps of: dividing a high-capacity phase change memory system into a plurality of memory regions, wherein each region comprises a plurality of memory arrays, each array comprises a plurality of memory rows, and each memory row is composed of a plurality of bytes and located in the same region; storing file data by a striping method to increase a mapping discretization degree of data address mapping; performing writing balancing via a neighbored copying algorithm in the array, namely maintaining a blank row pointer, and copying the data of an upper line neighboring to the pointer into the position directed by the pointer, thereby realizing the writing balance of the two memory rows; mapping the blank rows of all the arrays to a special array via an interlaced mapping mode so as to improve the discretization degree of the special array. The method can increase the discretization degree of the data address mapping, and can resist the malicious attack of repeatedly writing the same memory unit more effectively so as to realize the writing balance of the whole memory system, thereby prolonging the service life and increasing the utilization rate of the memory system.

The invention provides an access request processing method and system. An access request sent by a user cannot be directly sent to any one or all website servers; firstly, the affiliated request typeneeds to be recognized; the delivery decision of the current access request is determined; then, the current access request can be delivered to the corresponding website server to be processed according to the delivery decision. Therefore for different kinds of access requests, different website servers are used for processing; the independent processing on the dynamic resource request of possiblyexisting pathogens is realized; the influence on the processing of static resources on the website servers of other types of access requests is avoided; the safety of the static resources on the website servers can be improved; the hostile attack of the user websites is effectively resisted; the influence of dark chains on the user access is avoided to a certain degree.

The invention discloses a portable security computer system based on encrypted hash tag protection. The portable security computer implements security isolation from the Internet based on a data block encrypted hash tag protection mechanism, and adopts a secure TFTP protocol to realize communication with mobile intelligence. The secure exchange of confidential files between terminals implements a single device function restriction on the USB HID interface to prevent attacks from the interface. The present invention adopts data block encryption hash tag protection mechanism, secure transmission protocol control mechanism and USB HID interface single device function restriction mechanism, etc. These security mechanisms together provide strict security isolation protection for the operating environment of the portable computer, which can not only provide All processing links involving sensitive files provide a secure computing environment that is also resistant to various possible malicious attacks.

Based on text coding, the method for detecting message of ultra long signaling includes steps: (1) based on signaling protocol of text coding to construct function for identifying ultra long message; (2) using the identifying function to identify whether the received signaling message is a ultra long message or not; (3) if yes, filtering it out; otherwise, continuing other processes. The identifying function includes character interval table, which denotes allowed maximal interval between two character separators, and constraint relation table for character separators, which denotes whether two character separators are allowed to appear continuously and repeatedly. Being implemented by software or hardware, the method is in use for detecting ultra long message at network entry. Replacing or adjusting corresponding parameters in the said two tables, the method is suitable to all text typed signaling message. The method prevents attack and destruction from hijacker.

The invention discloses a perceptual hashing-based practical and safe image forensic system and a perceptual hashing-based practical and safe image forensic method. The system comprises a certificate authority (CA), forensics computing platform (FCP) and a forensic center (FC). The method comprises the following steps that: the CA provides a certificate for a user, the FCP and the FC and distributes and manages a control key of a hash function for the FCP and the FC; the FCP calculates a characteristic value and generates a hash value of an image at a registration or forensics stage; the FC manages an image hash value from the FCP and provides retrieval and forensics services; the user submits the image to the FCP, extracts an image retrieval characteristic by using the FCP, calculates the hash value of an image segment by using a key distributed by the CA and submits the hash value to an FC database; and when the user needs an authentication image, the image is also submitted to the FCP, the retrieval characteristic is extracted to retrieve the most coincident original image from the FC, the image is segmented and the hash value is calculated by using the same key and the difference between the image and the hash value is compared so as to determine a position on which content tampering occurs. The system achieves high balanced performance in the aspects of safety, robustness, sensibility, rapid retrieval and the like.