A light guide film-based cross-platform privacy behavior forensics and active defense system and method
By using photoconductive films to achieve cross-platform, privacy-preserving forensics and proactive defense without relying on sensitive permissions, this technology solves the problems of poor compatibility and privacy leakage in existing technologies, and provides a cross-platform compatible and reliable privacy protection solution.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- 常乐
- Filing Date
- 2026-03-20
- Publication Date
- 2026-06-12
AI Technical Summary
Existing privacy monitoring and protection solutions rely on sensitive system permissions, are easily blocked, have poor compatibility, cannot be adapted across multiple systems, lack reliable evidence collection, cannot distinguish between user-initiated operations and covert background calls, and pose a risk of privacy data leakage.
A cross-platform privacy behavior forensics system based on photoconductive film is adopted. Through optical signal transmission and physical interaction, it achieves cross-platform adaptation without sensitive permission dependencies. Combined with precise timestamp alignment and physical micro-deformation to prevent operation, it distinguishes between user-initiated behavior and secret background behavior, follows the principle of data minimization, and avoids privacy leakage.
It enables cross-platform, privacy-preserving forensics and proactive defense against data breaches without relying on sensitive permissions, ensuring the reliability and compliance of forensics, preventing privacy data leaks, and meeting relevant regulatory requirements.
Abstract
Description
Technical Field
[0001] This invention relates to the fields of privacy and security protection, optical interaction, artificial intelligence control, and integrated hardware and software design. Specifically, it relates to a cross-platform privacy behavior forensics and proactive defense system and method based on photoconductive film, applicable to various terminal devices with touch screens, achieving privacy behavior forensics and proactive defense without system-sensitive permission dependencies and with cross-platform compatibility. Terminal devices with touch screens include, but are not limited to, smartphones, tablets, touchscreen laptops, all-in-one computers, industrial control touch screens, and automotive touch screens, and are compatible with operating systems such as HarmonyOS, Android, iOS, Windows, Mac OS, and Linux. Background Technology
[0002] This invention relates to two prior patent applications: one, application number 2026102814971, entitled "A Method for Implementing AI Interaction Without Permissions Based on Optical Tempered Glass Film"; and the other, application number 2026103109757, entitled "An Improved Invention of an AI Command Intelligent Execution System Based on an External Interaction Layer." Existing privacy monitoring and protection solutions generally suffer from the following technical defects: First, they rely on sensitive system permissions, such as system log reading permissions and privacy report access permissions, which are easily blocked by platforms, have poor compatibility, and cannot be universally applied across multiple systems such as iOS, Android, Windows, and macOS. Second, they often use software-simulated clicks and API hooks, which are easily identified as violations by the system, resulting in weak anti-blocking capabilities. Third, they cannot distinguish between user-initiated operations and background covert calls to sensitive permissions, leading to unreliable evidence collection. Fourth, the evidence collection process relies on the system's underlying interfaces, which vary significantly across different platforms, making adaptation difficult and easily triggering system security interception. Fifth, existing solutions are mostly designed for touchscreen terminals, lacking clear adaptation boundaries, easily causing ambiguity in adaptation to non-touchscreen terminals, and failing to avoid the risk of privacy data leakage.
[0003] To address the aforementioned deficiencies, this invention improves upon the core technologies of prior patent applications 2026102814971 and 2026103109757, providing a technical solution that does not rely on sensitive system permissions, involves purely external physical interaction, is adaptable to all-touchscreen terminal platforms, accurately distinguishes between user-initiated behavior and covert background behavior, avoids privacy leakage risks, complies with compliance requirements, adheres to the Personal Information Protection Law of the People's Republic of China, GDPR, and other relevant regulations, follows the principle of data minimization, and achieves effective evidence collection and proactive defense. Summary of the Invention
[0004] I. System Technical Solution A cross-platform privacy behavior forensics and proactive defense system based on photoconductor film, as an improvement on prior patent applications 2026102814971 and 2026103109757, is applicable only to various terminal devices with touch screens and is compatible with operating systems such as HarmonyOS, Android, iOS, Windows, Mac OS, and Linux. The system includes a photoconductor film assembly, an information acquisition unit, an intent determination unit, a proactive defense unit, and an evidence retention unit that work in sequence and collaboratively. It also includes an instruction conversion and scheduling intermediate layer and an authorization management unit, as detailed below: 1. Photoconductor assembly Attached to the surface of the terminal device screen, this is a purely optical structure with no chips, circuits, or power supply. It has no electrical connection to the terminal device, transmitting signals solely through optical coupling. Its core structure includes a grating coupling layer and an optical signal modulation unit. The grating coupling layer couples the optical changes when sensitive event icons appear on the screen to the optical sensors of the terminal device. The optical signal modulation unit encodes the detected sensitive event information into an optical signal through frequency modulation. Sensitive event icons include, but are not limited to, icons displayed on the screen when sensitive permissions are accessed, such as those for cameras, microphones, location services, storage, and contacts. The photoconductor assembly only acts on the touchscreen surface, does not affect the normal touchscreen function, and does not intrude into the internal structure of the terminal device.
[0005] The grating coupling layer employs a 45-degree tilted grating structure, transmitting the visible light (380-780nm) emitted from the screen icon within the photoconductor film via total internal reflection. The transmission path is: screen icon, grating coupling layer, photoconductor film body, and terminal optical sensor. The coupling efficiency is no less than 85%, and the testing standard is GB / T 15489.1-2018. The coupling angle range is 30 to 60 degrees. When the angle exceeds this range, the coupling efficiency is compensated by fine-tuning the grating depth by ±50nm. Frequency modulation encoding uses Manchester encoding: 1kHz corresponds to camera access, 2kHz to microphone access, 3kHz to location access, 4kHz to storage access, and 5kHz to contacts access. Timing synchronization uses a phase-locked loop (PLL) with a synchronization error of no more than 1 microsecond. Optical signal transmission employs an anti-ambient light interference algorithm, an adaptive threshold adjustment algorithm, and a narrowband filtering algorithm, with a filtering bandwidth of 100Hz, ensuring performance within 100,000 lux. It can still transmit stably in strong light environments; the optical signal attenuation compensation is achieved by automatically increasing the power of the optical signal modulation unit for every 1cm of transmission, with a gain range of 1-5dB, to ensure that the signal strength at the sensor receiver is not less than 0.1mW.
[0006] 2 Information Collection Unit Located within the terminal device, this system receives light signals transmitted from the photoconductor assembly via the device's existing ambient light sensor or front-facing camera. After decoding, it obtains the timestamp T1 of the sensitive event. Simultaneously, through conventional interfaces and non-sensitive permission interfaces provided by the terminal device's operating system, such as touch event monitoring interfaces, it acquires the user's touch operation information on the screen. This touch operation information includes touch point coordinates and touch timestamps. It does not read any sensitive system data or collect any user's personal privacy content, including but not limited to SMS messages, contacts, photos, and chat logs. The information collection unit only collects basic data directly related to privacy behavior evidence collection. The entire collection process is perceptible to the user, and the user can terminate the collection at any time through the authorization management unit. The collected data is only used for intent determination. After the determination is completed, the temporary collected data is immediately destroyed within 100ms, strictly adhering to the principle of data minimization and complying with the Personal Information Protection Law of the People's Republic of China and GDPR requirements.
[0007] Optical signal decoding employs coherent demodulation, low-pass filtering, and phase-locked loop timing synchronization. The demodulation carrier frequency is 1-10kHz, and the low-pass filter cutoff frequency is 15kHz. Error correction is achieved through Hamming code 7,4, with a correction capability of 1 bit, ensuring a bit error rate of less than 0.1% in normal environments and less than 0.5% in strong light environments, in accordance with the testing standard GB / T 15489.1-2018. The touch event listening interface uses the UITouch class interface on iOS, the OnTouchListener interface on Android, the WM_TOUCH message interface on Windows, the NSTouch class interface on macOS, and the TouchEvent interface on HarmonyOS. All interfaces are standard public interfaces of the system and do not require the application of sensitive permissions. The call parameters only include touch coordinates with an accuracy of ±1px and touch timestamp with an accuracy of ±1ms.
[0008] 3. Instruction Translation and Scheduling Intermediate Layer It is designed to adapt to different touch screen terminal device platforms, including HarmonyOS, Android, iOS, Windows, Mac OS, and Linux, and provides standard system interfaces to achieve cross-platform command adaptation and stable execution of the information collection unit and the active defense unit. It does not require access to the underlying private interfaces of each platform and does not rely on platform manufacturers to grant special permissions. The middle layer does not store any user privacy data or transmit any sensitive information. It only implements command conversion and scheduling functions, and all command transmissions use AES encryption (AES-128). The key is dynamically generated by the terminal system to prevent commands from being tampered with or stolen.
[0009] The cross-platform adaptation details include a platform interface adaptation module that encapsulates a unified command call interface for each system. The interface name is PrivacyDefenseInterface, and the call parameters include command type collection, judgment, defense, evidence storage, command parameter timestamp, coordinates, etc. The command routing mapping table maps defense commands to UIView touch blocking commands on iOS, ViewGroup touch interception commands on Android, WM_TOUCH message interception commands on Windows, NSView touch blocking commands on macOS, and Component touch interception commands on HarmonyOS. The compatibility strategy uses version adaptation judgment based on the differences in interface versions across platforms. For example, OnTouchListener is used for Android 8.0 and above, and OnTouchEvent is used for Android below 8.0. The exception handling mechanism is to retry 3 times when the command call fails, with each retry 100ms apart. If it still fails, the user is prompted to restart the system.
[0010] 4. Intent Determination Unit The system receives the timestamp T1 and touch operation information transmitted by the information collection unit to determine whether there is a user-initiated touch operation at time T1. If there is no user-initiated touch operation at time T1, the event is marked as a suspected background hidden behavior. The intent determination unit does not actively access the terminal device system log. Only after the user authorizes through the authorization management unit, it obtains the screen display content at time T1 through the external visual recognition method described in the prior application patent 2026103109757. The image data is processed instantaneously in memory, with a processing time of less than 100ms and a memory usage of no more than 10MB. It is not written to non-volatile storage, is not transmitted externally, and is released immediately after processing. It only recognizes application icons and sensitive permission call identifiers, and does not recognize text, images, or other private content on the screen. It locks the specific application that calls sensitive permissions. Throughout the process, it does not access the underlying system API, read the system log database, or collect user privacy data. It strictly follows the principle of data minimization and complies with the Personal Information Protection Law of the People's Republic of China and GDPR requirements.
[0011] The input preprocessing for external visual recognition involves converting the captured screen image to grayscale using a weighted average method (Y=0.3R+0.59G+0.11B), denoising, applying Gaussian filtering (σ=1.0), and normalizing the size to 224x224 pixels. Feature extraction utilizes the first 20 layers of the MobileNet model as the feature extraction network, extracting 128-dimensional feature vectors. The classification logic employs a Softmax classifier with a classification threshold of 0.9; values above the threshold are considered target icons, while values below are considered non-target icons. The federated learning process involves local training using the SGD optimizer with a learning rate of 0.001, a batch size of 32, and 10 training epochs. Gradient encryption uses RSA asymmetric encryption with a 2048-bit key length, compressing the gradient size to 50% of its original value. The aggregation process in the cloud uses the FedAvg aggregation strategy, with aggregation weights allocated according to the proportion of terminal data volume, and an aggregation cycle of 24 hours. Model updates are performed via TLS 1.3. Once the protocol is issued, the terminal replaces the local model without affecting system operation; image segmentation obtains the status bar height through the system API, combines it with the Canny edge detection algorithm to identify the status bar region, and uses bilinear interpolation to upsample to 224x224; multi-scale processing uses three scales: 192x192, 224x224, and 256x256, and takes the maximum value as the result, with a recognition accuracy of no less than 98%, and the test standard is GB / T 33844-2017.
[0012] 5 Active Defense Units When the intent determination unit determines that a suspected background action is being performed, the instruction conversion scheduling middleware adapts to the corresponding platform interface and executes a blocking operation. The blocking operation is based on the external physical triggering method described in prior patent applications 2026102814971 and 2026103109757. It utilizes a photothermal effect to locally generate a 5-50 micrometer reversible elastic micro-deformation in the photoconductive film component, altering the local dielectric properties of the capacitive screen and identifying it as an invalid touch signal. This method does not rely on sensitive system permissions, does not modify terminal system settings, and does not affect the normal operation of the terminal device or other applications. The blocking operation only targets background actions that secretly invoke sensitive permissions, does not interfere with user-initiated operations, and the operation process can be perceived by the user in real time, allowing the user to manually unblock the action.
[0013] The photothermal effect mechanism involves the photoconductive film receiving 10-50mW of optical signal power, converting the light energy into heat energy through the light absorption layer, with a conversion efficiency of no less than 80%. The heat energy causes the polyimide or PMMA material to expand thermally. The coefficient of thermal expansion of polyimide is approximately 20e-6 / K, and that of PMMA is approximately 70e-6 / K, resulting in a reversible micro-deformation of 5 to 50 micrometers. This micro-deformation alters the equivalent dielectric constant of the capacitive screen. A 5-micrometer deformation results in a 0.05 change in dielectric constant and a 5pF change in capacitance. The relationship between deformation and capacitance is ΔC = 0.1 × Δd, where Δd is in micrometers and ΔC is in pF. A ΔC greater than or equal to 3pF is considered an invalid signal. The deformation ranges for different screen types: 5-30 micrometers for LCD screens, 10-40 micrometers for OLED screens, and 5-30 micrometers for flexible foldable screens. The testing standard is GB / T 2423.1-2008.
[0014] 6. Evidence Preservation Unit This is used to align the optical signal timestamp T1 with the timestamps of touch operation information and blocking operation records to form a timestamp-associated record. It is stored locally using the terminal system's built-in symmetric encryption algorithm, without uploading to the cloud, sharing with third parties, reading system logs, or storing user privacy content. The associated record is only used for local evidence collection, and users can manually delete it. The retention period can be set independently to avoid leakage and abuse, and it complies with the principle of data minimization and relevant regulatory requirements.
[0015] Timestamp alignment uses T1 as the baseline, sets a sliding window of ±50ms, calculates the time difference Δt, and calculates the confidence level C=exp(-Δt² / 2σ²) using a Gaussian function, where σ=20ms. A confidence level greater than or equal to 0.8 indicates a successful match. Conflict handling selects the record with the highest confidence level or the smallest time difference. The NTP calibration cycle is 1 hour, with a threshold of 1ms. If the deviation is greater than 1ms, synchronization is performed and the record is recorded. If the deviation is greater than 5ms or time tampering is detected, the time is marked as suspicious, and tampering-related information is recorded. The record embeds and encrypts unique hardware identifiers such as IMEI and MAC to ensure the authenticity of the evidence. Tampered records are permanently stored in a secure area.
[0016] 7 Authorization Management Unit This system guides users to authorize access to the terminal device's camera or ambient light sensor to receive light signals transmitted through the photoconductor film. The authorization process clearly states the scope, content, and purpose, without inducing or forcing authorization, and provides a one-click withdrawal option. After the user withdraws the authorization, the system immediately stops data collection, judgment, and defense, and the photoconductor film returns to its normal optical transmission state without affecting normal use. The authorization management unit records the entire authorization and withdrawal operation, forming an operation log that is stored locally and not leaked, complying with data minimization and regulatory requirements.
[0017] II. Methods and Technical Solutions A cross-platform privacy behavior forensics and proactive defense method based on photoconductive film, applied to the above system, includes the following steps: S1 converts the optical changes when the sensitive event icon appears on the screen into light signals and transmits them to the terminal device through the light guide film assembly; the light guide film assembly is based on the pure optical structure of the prior patent application 2026102814971, without chips or circuits, and transmits light to the optical sensor through edge-in-light coupling, without establishing an electrical connection with the terminal.
[0018] The S2 terminal device receives and decodes light signals through its own ambient light sensor or front-facing camera to obtain the sensitive event timestamp T1. At the same time, it obtains user touch operation information and screen display status through the system's regular non-sensitive permission interface. It does not read system logs, call underlying interfaces, or collect privacy data. The data is only used for judgment and is destroyed within 100ms after judgment, which complies with compliance requirements.
[0019] S3 determines whether there is a user-initiated operation at time T1 based on touch operation information; at the same time, after user authorization, it obtains the displayed content by combining the screen status with the external visual recognition method of the prior patent application 2026103109757, only recognizes application icons and sensitive permission marks, does not recognize privacy content, locks the application being called, and does not access logs, request sensitive permissions, or disclose privacy throughout the process.
[0020] When S4 is identified as a suspected background activity, it executes a blocking operation through the instruction conversion scheduling intermediate layer and the platform interface. The blocking operation generates a 5 to 50 micrometer reversible photothermal micro-deformation at a designated location using a photoconductive film, changing the local capacitance characteristics and triggering the capacitive touchscreen to recognize the operation as invalid. This does not affect the device operation or interfere with the user's operation. The micro-deformation is achieved through the photothermal effect, with a light energy conversion efficiency of no less than 80%. The relationship between the deformation amplitude and the light power and irradiation time is Δd = 0.5 × P × t, where Δd is in micrometers, P is in mW, and t is in ms.
[0021] The S5 stores the timestamp T1, touch information, blocking records, and screen content, including only application icons and permission identifiers, locally using a terminal encryption mechanism. The evidence retention unit completes the timestamp alignment to form an immutable associated record for evidence collection. The record does not contain private data, is not uploaded or shared, and is managed by the user.
[0022] The innovation of this method lies in its combination of pure optical signal transmission, permissionless data collection, precise timestamp alignment, and physical micro-deformation prevention. This enables cross-platform privacy forensics and proactive defense without relying on sensitive permissions. Unlike existing software solutions, the core improvement is the use of pure optical transmission to avoid electrical compatibility issues, the combination of timestamps with NTP calibration and anti-tampering to ensure reliability, the physical deformation prevention to resist blocking without relying on the underlying interface, and the complete absence of privacy collection and storage to comply with regulatory requirements and adhere to the principle of data minimization. Detailed Implementation
[0023] 1. Structure and working principle of photoconductor film assembly The photoconductive film is attached to the screen surface, using the pure optical structure of prior patent 2026102814971. It has no chips, circuits, power supply, or electrical connections, and transmits signals through optical coupling. The core consists of a grating coupling layer and an optical signal modulation unit. The grating period is 500nm to 2 micrometers, the duty cycle is 1:1, the depth is 100-500nm, and the material is polyimide or PMMA. The optical changes of the sensitive icons are coupled to the sensor, the modulation frequency is 1-10kHz, and the single encoding time is less than 10ms, which does not affect the display and touch control.
[0024] The optical signal decoding employs coherent demodulation, low-pass filtering, phase-locked loop synchronization, and Hamming code error correction, with a typical bit error rate of less than 0.1%. It supports independent control of multiple areas and parallel operation of multiple events, with priorities of camera, microphone, positioning, storage, and contacts, which can be customized.
[0025] Performance data are as follows: light transmittance not less than 92%, haze less than 1%; operating temperature -20 to 70 degrees Celsius, humidity 10%-90%, UV decay less than 5% / year; coefficient of thermal expansion of polyimide approximately 20e-6 / K, PMMA approximately 70e-6 / K; surface hardness of polyimide 3H, PMMA 2H, 6H after hardening; low-temperature adhesion not less than 8N / 25mm; aging at 85 degrees Celsius and 85% humidity for 1000 hours, coupling efficiency decay less than 10%, deformation decay less than 5%; photothermal conversion efficiency not less than 80%, power 10-50mW, time 10-50ms, meeting deformation range requirements.
[0026] 2. Information Acquisition Unit Implementation Light signals are received via an ambient light sensor or front-facing camera, and T1 is obtained locally without interacting with the underlying system or transmitting data. Coordinates and timestamps are obtained through the system's regular touch interface. No sensitive data is read or private content is collected. The data is only used for judgment and is destroyed within 100ms, following the principle of data minimization. All interfaces used are public interfaces and do not require sensitive permissions.
[0027] 3. Implementation of the instruction translation and scheduling intermediate layer Adopting the architecture of prior patent 2026103109757, it includes platform adaptation and instruction routing modules, encapsulates a unified interface, does not access private interfaces, does not rely on special permissions, and avoids violation judgment; the routing module converts upper-layer instructions into platform-executable instructions, ensuring stable cross-platform operation; it features a low-power design, does not store user data, and transmits instructions with AES encryption.
[0028] 4. Implementation of the Intent Determination Unit The system determines whether there is active operation based on T1 and touch information. If no operation is found, it marks suspected background behavior, which is clear and unambiguous. After authorization, a lightweight MobileNet CNN is used to run locally with a 224x224 input and 28 layers. The dataset covers icons of mainstream applications, and new icons are updated incrementally through federated learning without uploading the original images. The status bar area is segmented before recognition, and only the icon is recognized. The application name is output without saving the image. The entire process does not access the underlying API, read logs, or collect privacy information to avoid interception and violations.
[0029] 5. Implementation of active defense units After detecting background behavior, it generates a reversible micro-deformation of 5 to 50 micrometers through photothermal effect, triggering an invalid signal on the capacitive screen; the deformation conforms to the quantization relationship Δd=0.5×P×t; the single energy is less than 0.5mJ, the temperature rise is less than 0.1 degrees Celsius, which meets the safety standards for the human eye; it is noiseless, does not damage the oleophobic layer, and leaves no visible marks, making it compatible with tempered glass and foldable screens; the deformation transfer efficiency on a 0.3mm tempered glass film is higher than 80%, it can withstand 100,000 folds without cracking, and the coupling efficiency decay is less than 5%.
[0030] 6. Implementation of the Evidence Preservation Unit The system uses a sliding window of ±50ms to align timestamps and calculates confidence using a Gaussian function; NTP calibration error is less than 1ms, and times exceeding the limit are marked as suspicious; it uses native terminal encryption for storage, with keys managed in a secure area, and records contain only timestamps, application identifiers, and operation types, with no private content; users can set a retention period of 1-365 days, which is automatically deleted upon expiration, or can be manually deleted.
[0031] 7. Authorization Management Unit Implementation Only request authorization for cameras or ambient light sensors, clearly specifying the purpose, and support one-click revocation; after revocation, processing stops, and the photoconductor membrane returns to normal state; the authorization log contains time and status, stored in a secure area, and cannot be tampered with or leaked.
[0032] 8. Cross-platform adaptation implementation The middle layer ensures compatibility across all systems, while only being compatible with touchscreen terminals. Mobile terminals use miniature patch light sources, and desktop terminals integrate light sources into the bezel, with edge-coupled light input without altering the structure. No plugins are required; simply apply a film and authorize it once to use. Example
[0033] Example 1: iOS Touch Terminal Implementation After the screen protector is applied, the app calls the camera in the background to make the icon appear. The light guide film is coupled to the ambient light sensor and encoded as a 1kHz light pulse. The information acquisition unit decodes the signal to T1. The camera runs at low resolution and low frame rate, and the memory does not save the processed signal. Touch information is obtained through UITouch. If no active operation is detected, suspected behavior is marked. The intermediate layer maps the UIView to block commands, generating a 20-micron micro-deformation to prevent the call. Evidence is encrypted and stored locally via Keychain. Authorization management supports authorization and revocation, in accordance with iOS specifications.
[0034] Example 2: Implementation on an Android Touch Terminal After the screen protector is applied, the background calls the microphone to make the icon appear, and the light signal is received through the front camera; T1 is decoded, and touch information is obtained through OnTouchListener; after determining that there is no active operation, the application is identified; the intermediate layer maps the ViewGroup to intercept the instruction, generating a 30-micron micro-deformation to prevent it; the evidence is encrypted and stored through Keystore, which complies with Android specifications.
[0035] Example 3: Implementation on a Windows Touch Terminal After the screen protector is applied, the background calls the location function to make the icon appear, and the light signal is received by the camera; T1 is decoded, and touch information is obtained through WM_TOUCH; after determining that there is no active operation, the intermediate layer maps the message to intercept the command, generating a 25-micron micro-deformation to prevent it; the evidence is encrypted and stored through BitLocker, and is not connected to the event viewer, which complies with Windows specifications.
[0036] Example 4: Mac OS Touch Terminal Implementation Consistent with Windows logic, optical signal transmission is decoded to obtain T1 and touch information; after identifying suspected behavior, blocking is executed, with a deformation of 35 micrometers; evidence is encrypted and stored via FileVault, without accessing the Activity Monitor, in compliance with Mac OS specifications. Industrial applicability
[0037] This invention is based on prior patented core technologies and adopts pure external optical interaction. It does not rely on sensitive permissions, does not access underlying APIs, and does not read system logs. It has clear adaptation boundaries, can be mass-produced, and is ready to use after being attached. It complies with the Personal Information Protection Law of the People's Republic of China, GDPR and other regulations, and can be widely used in privacy protection scenarios such as personal, industrial control and automotive, and has industrial applicability. Best practice
[0038] The preferred embodiment of this invention employs a prior-patented pure optical light guide film and instruction scheduling architecture. External visual recognition icons and photothermal micro-deformation invalidate touch responses, while local encrypted evidence storage is implemented. Only necessary sensor authorizations are required, achieving permission-free, cross-platform, compliant, and secure privacy-preserving evidence collection and defense. The light guide film uses polyimide with a grating period of 1 micrometer, a light signal encoded in Manchester at 1-10kHz, and a deformation of 5 to 50 micrometers, conforming to Δd=0.5×P×t. Intent determination uses MobileNet and FedAvg aggregation through federated learning. Evidence is natively encrypted on the terminal, with sliding window time alignment, ensuring reliable evidence collection and effective defense, strictly adhering to data minimization, and meeting compliance requirements.
Claims
1. A cross-platform privacy behavior forensics and proactive defense system based on photoconductive film, as an improvement on prior patent applications (application numbers: 2026102814971, 2026103109757), characterized in that, It is only applicable to terminal devices with touch screens and is compatible with operating systems such as HarmonyOS, Android, iOS, Windows, Mac OS, and Linux, including: The photoconductor film assembly is a purely optical structure with no chips, circuits, or power supply. It is attached to the surface of the terminal screen and is used to convert the optical changes of sensitive event icons into light signals through grating coupling. Manchester encoding is used for frequency modulation with a modulation frequency of 1-10kHz. Stable transmission is achieved through an anti-ambient light interference algorithm (adaptive threshold adjustment algorithm + narrowband filtering algorithm). The information acquisition unit is used to receive light signals through the terminal's ambient light sensor or front-facing camera, decode them using coherent demodulation and Hamming code error correction to obtain the timestamp T1, and acquire user touch operation information (touch point coordinates, touch timestamp) through the system's regular touch event listening interface. It does not collect or store user privacy data; the collected data is only used for intent determination and is destroyed immediately after determination. The instruction conversion and scheduling middleware layer is used to adapt to the common interfaces of various platforms, encapsulate a unified instruction call interface, and realize cross-platform instruction conversion through instruction routing mapping. It does not rely on the underlying private interface and special permissions, and the instruction transmission adopts AES encryption. The intent determination unit is used to determine whether the touch operation at time T1 is a suspected background behavior. After user authorization, the application is locked by external visual recognition. The image data is only processed in memory for a short time (processing time <100ms), and is not stored, transmitted, or destroyed immediately after processing. The active defense unit is used to induce a reversible photothermal micro-deformation of 5–50 μm in the photoconductive film assembly through the photothermal effect, thereby changing the local capacitive coupling characteristics and triggering the capacitive screen to identify the operation as invalid, thus blocking background behavior without affecting the normal operation of the terminal. The quantitative relationship between the micro-deformation and the optical power and irradiation time is Δd = 0.5 × P × t, where Δd is the deformation amplitude in μm; P is the optical power in mW; and t is the irradiation time in ms. The evidence retention unit is used to align multiple sets of timestamps to form associated records using a sliding window algorithm. Combined with NTP time calibration and anti-tampering mechanism, it is stored locally on the terminal using the system's native symmetric encryption algorithm. It does not upload to the cloud and does not contain private data. The authorization management unit is used for user authorization and authorization revocation management. It clearly informs users of the scope and purpose of authorization, does not induce or force authorization, and supports one-click revocation.
2. The system according to claim 1, characterized in that, The photoconductor assembly includes a grating coupling layer and an optical signal modulation unit. The grating coupling layer is a 45° tilted grating structure with a grating period of 500nm-2μm, a duty cycle of 1:1, a grating depth of 100-500nm, and is made of polyimide or PMMA with a coupling efficiency of ≥85%. The optical signal modulation unit uses Manchester encoding, and timing synchronization is achieved using a phase-locked loop with a synchronization error of ≤1μs. Optical signal attenuation is compensated by automatic power gain compensation.
3. The system according to claim 1, characterized in that, The system interfaces used by the information collection unit are: the iOS platform UITouch class interface, the Android platform OnTouchListener interface, the Windows platform WM_TOUCH message interface, the macOS platform NSTouch class interface, and the HarmonyOS platform TouchEvent interface. All of these are non-sensitive permission interfaces and do not read sensitive system data.
4. The system according to claim 1, characterized in that, The intent determination unit uses a lightweight CNN model (MobileNet) for icon recognition. The input image is preprocessed by grayscale conversion, noise reduction, and size normalization. The status bar area is upsampled using bilinear interpolation. Multi-scale input is used to improve the recognition accuracy, which is ≥98%. Model updates employ federated learning, with gradients uploaded after being encrypted asymmetrically using RSA. The FedAvg aggregation strategy is used, and the original image data is not uploaded.
5. The system according to claim 1, characterized in that, The active defense unit generates reversible micro-deformation through the photothermal effect, with a light power of 10-50mW and an irradiation time of 10-50ms. The deformation amplitude is linearly related to the light power, with a single irradiation energy of <0.5mJ and a local temperature rise of <0.1℃, meeting the GB / T 30117-2013 human eye safety standard. The micro-deformation changes the equivalent dielectric constant of the capacitive screen; when the capacitance change is ≥3pF, it is identified as an invalid interference signal. The energy conversion efficiency of the photothermal effect is ≥80%, and the micro-deformation is achieved by combining the thermal expansion characteristics of the photoconductive film component material. The thermal expansion coefficient of polyimide is approximately 20×10⁻. 6 / K, PMMA approximately 70×10⁻ 6 / K.
6. The system according to claim 1, characterized in that, The instruction conversion and scheduling middleware layer includes a platform interface adaptation module and an instruction routing module. The platform interface adaptation module encapsulates a unified "PrivacyDefenseInterface" interface for each operating system. The instruction routing module converts upper-layer instructions into regular executable instructions for the corresponding platform through a mapping table, and has version adaptation and exception retry mechanisms.
7. The system according to claim 1, characterized in that, The timestamp alignment of the evidence retention unit adopts a ±50ms sliding window, and the confidence level is calculated using a Gaussian function (σ=20ms). A confidence level ≥0.8 is considered a successful match. The NTP calibration cycle is 1 hour, the calibration threshold is 1ms, and when the system time is abnormal, it is marked as "time suspicious". The associated record is embedded with the unique identifier of the terminal hardware to ensure authenticity.
8. The system according to claim 1, characterized in that, The sensitive event icons include, but are not limited to, icons for accessing sensitive permissions such as camera, microphone, location, storage, and contacts. Optical changes include changes in brightness and color when the icon is lit up.
9. A cross-platform privacy behavior forensics and proactive defense method based on photoconductive film, applied to the system described in any one of claims 1-8, characterized in that, Including the following steps: S1: The optical changes of the sensitive event icon are converted into optical signals by grating coupling through a pure optical light guide film assembly. After being modulated by Manchester encoding frequency, the signals are transmitted to the terminal optical sensor through edge-in light coupling without establishing an electrical connection with the terminal. S2: The terminal receives light signals through an ambient light sensor or a front-facing camera, decodes them using coherent demodulation and Hamming code error correction to obtain a timestamp T1, and obtains touch operation information through the system's regular touch interface. It does not read logs, call the underlying layer, or collect privacy data. The collected data is only used for intent determination and is destroyed immediately after the determination is completed. S3: Determine whether the touch operation at time T1 is a user-initiated action. After user authorization, lock the application through external visual recognition (preprocessing → feature extraction → classification recognition). Only the icon and permission identifier are recognized, and the image data is only processed in memory for a short time. S4: When suspected background behavior is detected, a 5–50 μm reversible photothermal micro-deformation is generated through the photoconductor film component to change the local capacitive coupling characteristics, triggering invalid operation of the capacitive screen to prevent permission calls without affecting the normal operation of the terminal; the quantitative relationship between the micro-deformation and the optical power and irradiation time is Δd=0.5×P×t, where Δd is the deformation amplitude in μm; P is the optical power in mW; t represents the irradiation time, in milliseconds (ms). S5: It uses a sliding window algorithm to align timestamps, touch information, and blocking records to form associated records. Combined with NTP calibration and anti-tampering mechanisms, it uses the system's native encryption algorithm to store the data locally on the terminal, without containing privacy data or uploading it to the cloud.
10. The method according to claim 9, characterized in that, During external visual recognition, the camera operates at the lowest resolution (≤320x240) and the lowest frame rate (≤1fps). Data is processed only momentarily in memory (processing time <100ms), without being saved or transmitted externally. Camera resources are released immediately after processing is complete.
11. The method according to claim 9, characterized in that, The touch operation information includes coordinates (accuracy ±1px) and timestamps (accuracy ±1ms), which are obtained through the system's regular touch interface. It does not contain sensitive data or privacy content, and is only used for intent determination after collection. It is destroyed immediately after the determination is completed.
12. A computer-readable storage medium storing a computer program, characterized in that, When the program is executed by the processor, it implements the method of any one of claims 9-11, and needs to cooperate with the photoconductor film assembly. It is specifically used for privacy behavior evidence collection and active defense of terminal devices with touch screens, and is not used for non-touch screen terminals or other purposes.