阅读说明：本技术 一种应用程序防护方法、装置、电子设备和存储介质 (Application program protection method and device, electronic equipment and storage medium ) 是由 魏贺生 范丽 单国军 周晚晴 谢宇 于 2021-08-09 设计创作，主要内容包括：本申请涉及计算机技术领域,尤其涉及一种应用程序防护方法、装置、电子设备和存储介质,用以简单高效的提高程序安全性。其中,方法包括：在目标应用程序调用目标函数时,将所述目标应用程序对应的文件信息进行加密,获得文件加密信息；将所述文件加密信息发送给目标函数,通过所述目标函数将所述文件加密信息与所述目标函数对应的预存加密信息进行比对；根据比对结果确定是否加载所述目标函数。由于本申请通过目标函数将文件加密信息与目标函数对应的预存加密信息进行比对,并根据比对结果确定是否加载目标函数,可以简单快速的防止程序的非法调用,防止入侵事件的发生,实现了对系统的全面保护,提高系统可靠性,具有更高的实用性。(The present application relates to the field of computer technologies, and in particular, to a method and an apparatus for protecting an application program, an electronic device, and a storage medium, so as to improve program security simply and efficiently. The method comprises the following steps: when a target application program calls a target function, encrypting file information corresponding to the target application program to obtain file encryption information; sending the file encryption information to a target function, and comparing the file encryption information with prestored encryption information corresponding to the target function through the target function; and determining whether to load the target function according to the comparison result. According to the method and the device, the file encryption information is compared with the pre-stored encryption information corresponding to the target function through the target function, and whether the target function is loaded or not is determined according to the comparison result, so that illegal calling of a program can be simply and quickly prevented, an invasion event is prevented, comprehensive protection of a system is realized, the reliability of the system is improved, and the method and the device have higher practicability.)

1. An application protection method, comprising:

when a target application program calls a target function, encrypting file information corresponding to the target application program to obtain file encryption information;

sending the file encryption information to a target function, and comparing the file encryption information with prestored encryption information corresponding to the target function through the target function;

and determining whether to load the target function according to the comparison result.

2. The method of claim 1, wherein the determining whether to load the objective function according to the comparison result comprises:

if the comparison result is consistent, loading the target function;

and if the comparison result is inconsistent, forbidding to load the target function, and exiting the target application program.

3. The method of claim 2, wherein the pre-storing encryption information comprises: the system comprises a program name of a loadable application program and a second check code corresponding to each application program, wherein the second check code is used for uniquely identifying the application program and is used for representing that the application program is not modified; the comparing the file encryption information with pre-stored encryption information through the target function includes:

acquiring a program name of a loadable application program in pre-stored encryption information corresponding to the target function;

and if the target application program is determined to belong to the loadable application program based on the program name, comparing a first check code in the file encryption information with a second check code corresponding to the target application program in the pre-stored encryption information.

4. The method of claim 3, wherein the alignment is determined to be consistent by:

and if the first check code is consistent with a second check code corresponding to the target application program in the pre-stored encrypted information, determining that the comparison result is consistent.

5. The method of claim 3, wherein the inconsistency of the alignment is determined by:

if the first check code is inconsistent with a second check code corresponding to the target application program in the pre-stored encrypted information, determining that the comparison result is inconsistent; or

And if the target application program is determined not to belong to the loadable application program based on the program name, determining that the comparison result is inconsistent.

6. The method according to any one of claims 1 to 5, wherein the encrypting the file information corresponding to the target application to obtain the file encryption information comprises:

encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program;

and taking the program name of the target application program and the first check code as the file encryption information.

7. An application guard, the apparatus comprising:

the encryption unit is used for encrypting the file information corresponding to the target application program when the target application program calls the target function to obtain file encryption information;

the sending unit is used for sending the file encryption information to a target function and comparing the file encryption information with prestored encryption information corresponding to the target function through the target function;

and the determining unit is used for determining whether the target function is loaded or not according to the comparison result.

8. The apparatus of claim 7, wherein the determination unit is specifically configured to:

if the comparison result is consistent, loading the target function;

and if the comparison result is inconsistent, forbidding to load the target function, and exiting the target application program.

9. An electronic device, comprising a processor and a memory, wherein the memory stores program code which, when executed by the processor, causes the processor to perform the steps of the method of any of claims 1 to 6.

10. A computer-readable storage medium, characterized in that it comprises program code for causing an electronic device to carry out the steps of the method according to any one of claims 1 to 6, when said storage medium is run on said electronic device.

Technical Field

The present application relates to the field of computer technologies, and in particular, to an application program protection method and apparatus, an electronic device, and a storage medium.

Background

With the continuous progress of science and technology, the C + + function has malicious calls of a plurality of malicious software, so that a source program is damaged, and the society is seriously influenced.

In the related technology, aiming at the problem of malicious calling of a C + + function, a system calling entry is mainly obtained through an assembly instruction, a system calling linked list pointer is obtained through the system calling entry, and the system calling pointer is processed through a fingerprint algorithm. However, the method can only be applied to the Linux system, solves the problem of the kernel-mode intrusion event of the Linux system, and has poor applicability and complex implementation process.

Disclosure of Invention

The embodiment of the application program protection method and device, the electronic equipment and the storage medium are used for simply and efficiently improving program safety.

The first application program protection method provided by the embodiment of the application includes:

when a target application program calls a target function, encrypting file information corresponding to the target application program to obtain file encryption information;

sending the file encryption information to a target function, and comparing the file encryption information with prestored encryption information corresponding to the target function through the target function;

and determining whether to load the target function according to the comparison result.

In the above embodiment, when the target application calls the target function, the file information corresponding to the target application is encrypted, after the file encryption information is obtained, the file encryption information is sent to the target function, the file encryption information is compared with the pre-stored encryption information corresponding to the target function through the target function, and whether the target function is loaded is determined according to the comparison result. By the method, the illegal calling of the program can be simply and quickly prevented, the occurrence of an intrusion event is prevented, the comprehensive protection of the system is realized, and the safety and the reliability of the system are improved. Moreover, the method is not only suitable for the Linux system, and has higher practicability.

An optional implementation manner is that the determining whether to load the objective function according to the comparison result includes:

if the comparison result is consistent, loading the target function;

and if the comparison result is inconsistent, forbidding to load the target function, and exiting the target application program.

In the above embodiment, whether the target function is loaded is determined by comparing the results, if the comparison results are consistent, the target function is loaded, and if the comparison results are inconsistent, the target function is prohibited from being loaded, and the target application program is exited.

In an optional implementation manner, the pre-stored encryption information includes: the system comprises a program name of a loadable application program and a second check code corresponding to each application program, wherein the second check code is used for uniquely identifying the application program and is used for representing that the application program is not modified; the comparing the file encryption information with pre-stored encryption information through the target function includes:

acquiring a program name of a loadable application program in pre-stored encryption information corresponding to the target function;

and if the target application program is determined to belong to the loadable application program based on the program name, comparing a first check code in the file encryption information with a second check code corresponding to the target application program in the pre-stored encryption information.

In the above embodiment, the file encryption information is compared with the pre-stored encryption information through the target function, the program name of the application program that can be loaded in the pre-stored encryption information corresponding to the target function is firstly obtained, and if it is determined that the target application program belongs to the application program that can be loaded based on the program name, the first check code in the file encryption information is compared with the second check code corresponding to the target application program in the pre-stored encryption information, so that the illegal calling of the program can be simply and quickly prevented, the occurrence of an intrusion event is prevented, the comprehensive protection of the system is realized, the reliability of the system is improved, and the practicability is very high.

In an alternative embodiment, the alignment result is determined to be consistent by:

and if the first check code is consistent with a second check code corresponding to the target application program in the pre-stored encrypted information, determining that the comparison result is consistent.

In the above embodiment, if the first check code is consistent with the second check code corresponding to the target application program in the pre-stored encrypted information, it is determined that the comparison result is consistent, and normal calling of the program can be ensured.

In an alternative embodiment, the inconsistency of the alignment results is determined by:

if the first check code is inconsistent with a second check code corresponding to the target application program in the pre-stored encrypted information, determining that the comparison result is inconsistent; or

And if the target application program is determined not to belong to the loadable application program based on the program name, determining that the comparison result is inconsistent.

In the above embodiment, if the first check code is inconsistent with the second check code corresponding to the target application program in the pre-stored encrypted information, or it is determined that the target application program does not belong to the loadable application program based on the program name, it is determined that the comparison result is inconsistent, so that illegal calling of the program can be simply and quickly prevented, an intrusion event is prevented, and a system is comprehensively protected.

An optional implementation manner is that, encrypting file information corresponding to the target application to obtain file encryption information includes:

encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program;

and taking the program name of the target application program and the first check code as the file encryption information.

In the above embodiment, the file information is encrypted by the asymmetric encryption method to obtain the first check code corresponding to the target application program, and the program name and the first check code of the target application program are used as the file encryption information, so that the information security is ensured, and the illegal calling of the program is effectively prevented.

An application program protection device provided in an embodiment of the present application includes:

the encryption unit is used for encrypting the file information corresponding to the target application program when the target application program calls the target function to obtain file encryption information;

the sending unit is used for sending the file encryption information to a target function and comparing the file encryption information with prestored encryption information corresponding to the target function through the target function;

and the determining unit is used for determining whether the target function is loaded or not according to the comparison result.

Optionally, the determining unit is specifically configured to:

if the comparison result is consistent, loading the target function;

and if the comparison result is inconsistent, forbidding to load the target function, and exiting the target application program.

Optionally, the pre-stored encryption information includes: the system comprises a program name of a loadable application program and a second check code corresponding to each application program, wherein the second check code is used for uniquely identifying the application program and is used for representing that the application program is not modified; the sending unit is specifically configured to:

acquiring a program name of a loadable application program in pre-stored encryption information corresponding to the target function;

and if the target application program is determined to belong to the loadable application program based on the program name, comparing a first check code in the file encryption information with a second check code corresponding to the target application program in the pre-stored encryption information.

Optionally, the determining unit is further configured to determine that the comparison results are consistent through the following method:

and if the first check code is consistent with a second check code corresponding to the target application program in the pre-stored encrypted information, determining that the comparison result is consistent.

Optionally, the determining unit is further configured to determine that the comparison result is inconsistent through the following method:

if the first check code is inconsistent with a second check code corresponding to the target application program in the pre-stored encrypted information, determining that the comparison result is inconsistent; or

And if the target application program is determined not to belong to the loadable application program based on the program name, determining that the comparison result is inconsistent.

Optionally, the encryption unit is specifically configured to:

encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program;

and taking the program name of the target application program and the first check code as the file encryption information.

An electronic device provided by an embodiment of the present application includes a processor and a memory, where the memory stores program codes, and when the program codes are executed by the processor, the processor is caused to execute the above step of application program protection.

An embodiment of the present application provides a computer-readable storage medium, which includes program code for causing an electronic device to execute the steps of the above-mentioned application program protection method when the storage medium is run on the electronic device.

Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the application. The objectives and other advantages of the application may be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:

fig. 1 is a schematic view of an application scenario of an application protection method according to an embodiment of the present application;

fig. 2 is a flowchart illustrating an application protection method according to an embodiment of the present application;

fig. 3 is a working block diagram of an application protection method according to an embodiment of the present application;

fig. 4 is a schematic flowchart illustrating an application protection method according to an embodiment of the present application;

FIG. 5 is a diagram illustrating an application protection device according to an embodiment of the present application;

fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments, but not all embodiments, of the technical solutions of the present application. All other embodiments obtained by a person skilled in the art without any inventive step based on the embodiments described in the present application are within the scope of the protection of the present application.

Some concepts related to the embodiments of the present application are described below.

1. In the embodiment of the present application, the term "and/or" describes an association relationship of associated objects, and means that there may be three relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.

2. The term "application" in the embodiments of the present application is a computer program for performing one or more specific tasks, which is run in a user mode, can interact with a user, and has a visual user interface. The application programs are generally divided into two parts, namely a graphical user interface and an engine, each application program runs in an independent process, and the application programs have independent address spaces. The application programs in the embodiments of the present application are computer programs, software, applets, and the like that can call C + + functions.

3. In the embodiment of the application, the term "asymmetric encryption" is a secret method of a key. Asymmetric encryption algorithms require two keys: a public key and a private key. The public key and the private key are a pair, and if data is encrypted by the public key, the data can be decrypted only by the corresponding private key. This method is called asymmetric encryption because two different keys are used for encryption and decryption. In the embodiment of the application, file information is encrypted by an asymmetric encryption method.

4. In the embodiments of the present application, the term "check code" is usually the last digit of a group of digits, which is derived from the previous digit by some operation to check the correctness of the group of digits. The code with check code consists of two parts, including main code and check code, the main code is the number representing the coded object, and the check code is the number attached to the back of the main code for checking the accuracy of the main code in the input process. Each body code only has one check code, and the check codes are obtained through specified mathematical relations. The check code in the embodiment of the application is used for comparing whether the transmitted file information is consistent with the pre-stored encrypted information or not, and is obtained by encrypting the file information corresponding to the target application program.

The following briefly introduces the design concept of the embodiments of the present application:

with the continuous progress of science and technology, the C + + function has malicious calls of a plurality of malicious software, so that a source program is damaged, and the society is seriously influenced.

In the related art, for the problem of malicious calling of a C + + function, in addition to the methods listed in the background art, the call of a load function may be monitored by using a hook function, and whether the load function is in a malicious dynamic link library or a white list is determined, so that the load function is rejected or allowed. However, the above method is complex in implementation process, or only applicable to Linux system, or needs to set hook function for each called system.

In view of the foregoing problems, embodiments of the present application provide an application program protection method, apparatus, electronic device, and storage medium. According to the embodiment of the application, when the target application calls the target function, the file information corresponding to the target application is encrypted, after the file encryption information is obtained, the file encryption information is sent to the target function, the file encryption information is compared with the pre-stored encryption information corresponding to the target function through the target function, and whether the target function is loaded or not is determined according to the comparison result. According to the method and the device, the file encryption information is compared with the pre-stored encryption information to determine whether the target function is loaded or not, so that illegal calling of a program can be simply and quickly prevented, an invasion event is prevented, comprehensive protection of a system is realized, the reliability of the system is improved, and the method and the device have high practicability.

The preferred embodiments of the present application will be described below with reference to the accompanying drawings of the specification, it should be understood that the preferred embodiments described herein are merely for illustrating and explaining the present application, and are not intended to limit the present application, and that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.

As shown in fig. 1, an application scenario diagram of an application program protection method provided in an embodiment of the present application is shown, and a specific implementation flow of the method is as follows: when the target application program 10 calls the target function 20, encrypting the file information corresponding to the target application program 10 to obtain file encryption information, sending the file encryption information to the target function 20, comparing the file encryption information with the pre-stored encryption information corresponding to the target function 20 through the target function 20, and determining whether to load the target function 20 according to the comparison result.

As shown in fig. 2, an embodiment of the present application provides an application program protection method, including the following steps:

s21: when the target application program calls the target function, encrypting file information corresponding to the target application program to obtain file encryption information;

the target function may be a C + + function. When the application program is started and certain functions are realized based on the application program, some C + + functions are called, and in order to ensure the security of the system, identity verification needs to be performed on the application program.

In an optional implementation manner, the file information is encrypted by an asymmetric encryption method to obtain a first check code corresponding to the target application program, and the program name and the first check code of the target application program are used as the file encryption information.

The file information includes information such as a program name and a path of the application program.

For example, the asymmetric encryption method may be an MD5 algorithm, and after file information of a target application is obtained, an MD5 algorithm may be used to calculate an MD5 value of the file information, that is, a first check code, and MD5 values of different file information are different, so that if anyone changes the target application, the MD5 value changes. By comparing whether the MD5 value provided by the target function side in advance is the same, whether the target application program is tampered can be judged, uniqueness check is carried out on the target application program, and safety and integrity of the program can be guaranteed.

S22: sending the file encryption information to a target function, and comparing the file encryption information with prestored encryption information corresponding to the target function through the target function;

in an optional implementation manner, the pre-stored encryption information is pre-stored on the target function side, and includes a program name of a loadable application program, that is, a program name of an application program that allows the target function to be loaded, and a second check code corresponding to each application program. Wherein each second check code is used for uniquely identifying an application program and is used for representing that the application program is not modified.

The pre-stored encryption information corresponding to different objective functions may be the same or different.

For example, the pre-stored encryption information corresponding to the target function 1 includes program names of 5 loadable application programs, which are respectively: APP1, APP2, APP3, APP4, APP5, the check code that each can load the application program respectively corresponds is: app1, app2, app3, app4, app 5.

For another example, the pre-stored encryption information corresponding to the target function 2 includes program names of 3 loadable application programs, which are respectively: APP1, APP3, APP6, the check code corresponding to each loadable application is: app1, app3, app 6.

For another example, the pre-stored encryption information corresponding to the target function 3 includes program names of 4 loadable application programs, which are respectively: APP7, APP8, APP9, APP0, the check code that each loadable application respectively corresponds to is: app7, app8, app9, app 0.

In the embodiment of the application, when comparing the file encryption information with the pre-stored encryption information, firstly, a program name of a loadable application program in the pre-stored encryption information corresponding to the target function needs to be acquired, if the name of the application program is consistent with the name of the loadable program, the application program belongs to the loadable program, and a first check code in the file encryption information is continuously compared with a second check code corresponding to the target application program in the pre-stored encryption information; if the name of the application program is inconsistent with the name of the loadable program, the application program belongs to the unloadable program, and the program is directly exited without the following comparison.

For example, the program name of the application program a is APP1, and the check code obtained after encryption based on the MD5 algorithm is APP 1; the program name of the loadable application program contained in the pre-stored encryption information corresponding to the target function 1 is: APP1, APP2, APP3, APP4, APP 5; the respective check codes corresponding to the application programs are as follows: app1, app2, app3, app4, app 5.

By inquiring the program name of the loadable application program contained in the pre-stored encryption information, the program name of the application program a belongs to the loadable application program. Then, the check code app1 obtained by encrypting the application program a is compared with the second check code of the target application program, and it can be known through comparison that the first check code of the application program a is consistent with the corresponding second check code, so that the application program a is allowed to load the target function 1.

S23: and determining whether to load the target function according to the comparison result.

In the embodiment of the application, the file encryption information is compared with the pre-stored encryption information corresponding to the target function through the target function, whether the target function is loaded or not is determined according to the comparison result, illegal calling of a program can be simply and quickly prevented, an intrusion event is prevented, comprehensive protection on a system is achieved, safety and reliability of the system are improved, the method is not only suitable for a Linux system, but also suitable for various operating systems, and the method has higher practicability.

In an optional implementation manner, whether the target function is loaded is determined according to the comparison result, and if the comparison result is consistent, the target function is loaded; and if the comparison result is inconsistent, forbidding loading the target function, and quitting the target application program.

For example, taking the target function as a C + + function as an example, the file encryption information of the application program is compared with the encryption information prestored in the C + + function, if the comparison result is consistent, the C + + function is loaded, and if the comparison result is inconsistent, the target function is prohibited from being loaded, and the application program is exited, so that the illegal calling of the program can be simply and efficiently prevented, the overall protection of the system is realized, and the reliability of the system is improved.

In an optional implementation manner, if the first check code is consistent with the second check code corresponding to the target application program in the pre-stored encrypted information, it is determined that the comparison result is consistent.

For example, the program name of the application a is APP1, and the program name of the loadable application included in the pre-stored encryption information corresponding to the C + + function is: APP1, APP2, APP3, APP4 and APP5, the application program A belongs to a loadable application program, the first check code of the application program A is APP1, the corresponding second check code in the pre-stored encrypted information is APP1, the result is consistent through comparison, the application program A is allowed to be loaded, and normal calling of the program can be guaranteed.

In an optional implementation manner, if the first check code is inconsistent with the second check code corresponding to the target application program in the pre-stored encrypted information, or it is determined that the target application program does not belong to the loadable application program based on the program name, it is determined that the comparison result is inconsistent.

For example, the program name of the application B is APP2, and the program name of the loadable application included in the pre-stored encryption information corresponding to the C + + function is: APP1, APP2, APP3, APP4 and APP5, wherein the application program B belongs to a loadable application program, the first check code of the application program B is APP2, the second check code corresponding to the prestored encryption information is APP6, and the application program B is not permitted to be loaded if the first check code is inconsistent with the second check code by comparison; for another example, the program name of the application program C is APP0, and the program name of the loadable application program contained in the pre-stored encryption information corresponding to the C + + function is: APP1, APP2, APP3, APP4, APP5 can know according to the program name, and application program C does not belong to loadable application program, then the comparison result is inconsistent, quits the program, can prevent the illegal calling of program that simple and quick like this, prevents the emergence of invasion event, has realized the comprehensive protection to the system.

As shown in fig. 3, for a working block diagram of an application program protection method provided in the embodiment of the present application, a working logic is specifically introduced below by taking an objective function as a C + + function as an example:

when the application program calls the C + + function, the information of the self program is encrypted through an asymmetric encryption method and then transferred to the C + + function, the transferred file encryption information is compared with the pre-stored encryption information through the C + + function, when the transferred information is consistent with the pre-stored encryption information, loading is allowed, and when the transferred information is inconsistent with the pre-stored encryption information, loading is forbidden.

As shown in fig. 4, a specific flowchart of an application program protection method provided in the embodiment of the present application is shown, which includes the following steps:

s400: encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program;

s401: taking the program name of the target application program and the first check code as file encryption information;

s402: sending the file encryption information to a target function;

s403: judging whether the target application program belongs to a loadable application program, if so, executing a step S404; if not, go to step S407;

s404: comparing the first check code with a second check code corresponding to a target application program in the pre-stored encrypted information;

s405: comparing whether the comparison result is consistent, if so, executing step S406; if not, go to step S407.

S406: the loading is allowed.

S407: and exiting the program.

The method and the device can ensure the safety and integrity of the program, can limit the calling of malicious software, realize the comprehensive protection of the system, improve the reliability of the system and have high use value.

Based on the same inventive concept, the embodiment of the application also provides an application program protection device. Fig. 5 is a schematic diagram of an application protection apparatus 500 according to an embodiment of the present application, including:

the encryption unit 501 is configured to encrypt file information corresponding to a target application program when the target application program calls a target function, and obtain file encryption information;

a sending unit 502, configured to send the file encryption information to the target function, and compare the file encryption information with pre-stored encryption information corresponding to the target function through the target function;

a determining unit 503, configured to determine whether to load the target function according to the comparison result.

Optionally, the determining unit 503 is specifically configured to:

if the comparison result is consistent, loading the target function;

and if the comparison result is inconsistent, forbidding loading the target function, and quitting the target application program.

Optionally, the pre-stored encryption information includes: the system comprises a program name of a loadable application program and second check codes corresponding to the application programs, wherein the second check codes are used for uniquely identifying the application programs and are used for representing that the application programs are not modified; the sending unit 502 is specifically configured to:

acquiring a program name of a loadable application program in pre-stored encryption information corresponding to the target function;

and if the target application program is determined to belong to the loadable application program based on the program name, comparing the first check code in the file encryption information with the second check code corresponding to the target application program in the pre-stored encryption information.

Optionally, the determining unit 503 is further configured to determine that the comparison results are consistent through the following manners:

and if the first check code is consistent with a second check code corresponding to the target application program in the pre-stored encrypted information, determining that the comparison result is consistent.

Optionally, the determining unit 503 is further configured to determine that the comparison result is inconsistent by:

if the first check code is inconsistent with a second check code corresponding to the target application program in the pre-stored encrypted information, determining that the comparison result is inconsistent; or

And if the target application program is determined not to belong to the loadable application program based on the program name, determining that the comparison result is inconsistent.

Optionally, the encryption unit 501 is specifically configured to:

encrypting the file information by an asymmetric encryption method to obtain a first check code corresponding to the target application program;

and taking the program name of the target application program and the first check code as file encryption information.

For convenience of description, the above parts are separately described as modules (or units) according to functional division. Of course, the functionality of the various modules (or units) may be implemented in the same one or more pieces of software or hardware when implementing the present application.

As will be appreciated by one skilled in the art, aspects of the present application may be embodied as a system, method or program product. Accordingly, various aspects of the present application may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.

The electronic equipment is based on the same inventive concept as the method embodiment, and the embodiment of the application also provides the electronic equipment. In this embodiment, the electronic device may be configured as shown in fig. 6, and include a memory 601, a communication module 603, and one or more processors 602.

A memory 601 for storing computer programs executed by the processor 602. The memory 601 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, a program required for running an instant messaging function, and the like; the storage data area can store various instant messaging information, operation instruction sets and the like.

The memory 601 may be a volatile memory (volatile memory), such as a random-access memory (RAM); the memory 601 may also be a non-volatile memory (non-volatile memory), such as a read-only memory (rom), a flash memory (flash memory), a hard disk (HDD) or a solid-state drive (SSD); or memory 601 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory 601 may be a combination of the above memories.

The processor 602 may include one or more Central Processing Units (CPUs), a digital processing unit, and the like. A processor 602, configured to implement the application protection method when the computer program stored in the memory 601 is called.

The communication module 603 is used for communicating with the terminal and other servers.

The embodiment of the present application does not limit the specific connection medium among the memory 601, the communication module 603, and the processor 602. In the embodiment of the present application, the memory 601 and the processor 602 are connected through a bus 604 in fig. 6, the bus 604 is depicted by a thick line in fig. 6, and the connection manner between other components is merely illustrative and is not limited thereto. The bus 604 may be divided into an address bus, a data bus, a control bus, and the like. For ease of description, only one thick line is depicted in fig. 6, but only one bus or one type of bus is not depicted.

The memory 601 stores a computer storage medium, and the computer storage medium stores computer-executable instructions for implementing the application program protection method according to the embodiment of the present application. The processor 602 is configured to perform the application protection method described above, as shown in fig. 2.

An application guard device according to the present application may include at least a processor and a memory. The memory has stored therein program code which, when executed by the processor, causes the processor to perform the steps of the application protection method according to various exemplary embodiments of the present application described in the specification. For example, a processor may perform the steps as shown in fig. 2.

In some possible embodiments, the various aspects of the application protection method provided in the present application may also be implemented in the form of a program product including program code for causing a computer device to perform the steps in the application protection method according to various exemplary embodiments of the present application described above in this specification when the program product is run on the computer device, for example, the computer device may perform the steps as shown in fig. 2.

The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

The program product of the application guard of embodiments of the present application may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a computing device. However, the program product of the present application is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with a command execution system, apparatus, or device.

A readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with a command execution system, apparatus, or device.

Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

Program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user computing device, partly on the user equipment, as a stand-alone software package, partly on the user computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).

It should be noted that although several units or sub-units of the apparatus are mentioned in the above detailed description, such division is merely exemplary and not mandatory. Indeed, the features and functions of two or more units described above may be embodied in one unit, according to embodiments of the application. Conversely, the features and functions of one unit described above may be further divided into embodiments by a plurality of units.

Further, while the operations of the methods of the present application are depicted in the drawings in a particular order, this does not require or imply that these operations must be performed in this particular order, or that all of the illustrated operations must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.

As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.

It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.