Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Intelligent POS anti-root method based on Android system

An intelligent and file-based technology, which is applied in the directions of instruments, electrical digital data processing, and platform integrity maintenance, etc., can solve problems such as slowing down the system startup speed and affecting system performance, so as to prevent permanent access to root privileges and protect stolen effect

Inactive Publication Date: 2019-11-01
AITIWEIER ELECTRONICS TECH BEIJING
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Among the existing anti-root technologies, one is to block malicious programs from exploiting system vulnerabilities to obtain temporary root privileges by applying security patches; the other is to detect whether system files have been modified, and the system partition will be detected every time the system starts Integrity, if it is modified, it will refuse to start; the first method has more disadvantages, because the security patch is provided by Google, when a new vulnerability appears, if Google cannot immediately develop the corresponding security patch package, or the developed patch The package cannot be upgraded to the system due to various factors such as the network, which will give opportunities for malicious programs to take advantage of it, and cannot prevent it before it happens; the second method will slow down the speed of system startup and affect system performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent POS anti-root method based on Android system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0018] In this embodiment, for the first case, specifically, the detection calls chmod to assign special permissions to files, specifically, detects whether there is a behavior of calling chmod to assign s permissions or S permissions to files, and if so, then Forcibly change the file permissions to values ​​without s permissions and S permissions.

[0019] In this embodiment, the permissions of files under Linux use rwx to represent read, write and execute permissions respectively, and the files also have two special permission bits called SUID permission bits and SGID permission bits. When the SUID or SGID permission bits of a file When it is set and has x executable permission at the same time, it can be said that the file has s permission. When the SUID permission bit or SGID permission bit of the file is set, but there is no x executable permission, it is expressed as S permission. When the file has the s permission, the file will not run with the UID of the caller, but t...

Embodiment 2

[0024] In this embodiment, for the second case, the detection calls chown to grant special permissions to the file, specifically, detects whether there is a call to chown to change the file owner to a high-privilege user, and if so, force the file owner to Change to a low-privileged user.

[0025] In this embodiment, chown is the command name, and its usage authority is root, and the owner of the file can be changed by using the chown command. Generally speaking, this command can only be used by the system administrator (root). General users do not have permission to change the owner of other people's files, nor do they have permission to change the owner of their own files to someone else. Only the system administrator (root) has such authority.

[0026] In this embodiment, each file under Linux has an owner, indicating who owns the file. When the file is set with s permission, the file will obtain the permission of the owner. Therefore, when the behavior of calling chown t...

Embodiment 3

[0028] In this embodiment, for the third case, the detection calls chgrp to assign special permissions to the file, specifically, detects whether there is a behavior of calling chgrp to change the file group to a high-privilege group, and if so, force the file group Change to a low-privilege group.

[0029] In this embodiment, chgrp is the name of the command. The chgrp command can be used to change the group to which files and directories belong. The setting method can be either the group name or the group identification code.

[0030] In this embodiment, each file under Linux also belongs to a certain group, and when the file has the S permission, the file will also have the permission of this group. Therefore, when it is detected that the file group is changed to a high-privilege group by calling chgrp, the file group is also directly changed to a low-privilege group, which can also improve system security.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an intelligent POS anti-root method based on an Android system. The intelligent POS anti-root method comprises the following steps: detecting whether a behavior of calling chmod or chown or chgrp to give a special permission to a file exists or not, and forcibly changing file attributes into a certain fixed low permission value if the behavior of calling chmod or chown or chgrp to give the special permission to the file exists. The intelligent POS anti-root method has the advantages that the terminal software can be protected from being tampered by using the method, andthe terminal data can be protected from being stolen;and meanwhile, the effect of preventing the root permission from being permanently acquired is achieved by preventing setting of special permission bits and attributes for the su.

Description

technical field [0001] The invention relates to the technical field of software security of terminal equipment, in particular to an Android system-based intelligent POS anti-root method. Background technique [0002] The Android system is a smart phone operating system based on the Linux kernel. The permission mechanism of the Android system is the same as that of Linux, that is, the root account is the highest administrator of the system. When a malicious program wants to tamper with the system or sensitive system data, obtaining root privileges is often the first step. [0003] The general steps to obtain root privileges are: use an undisclosed system vulnerability to obtain temporary root privileges, release the su program to the system directory, modify the owner of su to root, and increase the s privilege of su. When calling su next time, su will automatically start with Run with root privileges, so you get a permanent root privilege. [0004] Among the existing anti-...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
CPCG06F21/575
Inventor 胡鹏
Owner AITIWEIER ELECTRONICS TECH BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com