CN-121980628-A - Mobile terminal sensitive information interception preventing method and system based on interface rendering interception

Abstract

A mobile terminal sensitive information interception preventing method and system based on interface rendering interception is characterized in that an interception hook is implanted in a mobile terminal graphic rendering pipeline to capture a rendering instruction stream and identify a sensitive information area, and when risk behaviors such as screen capturing, screen recording or screen throwing are detected by combining a rendering target context sensing technology, differential rendering processing is performed on the sensitive information area, such as injection of false data for resisting disturbance noise to interfere OCR recognition and generating semantic simulation to display or physical elimination of sensitive content by utilizing a hardware layer isolation technology. The scheme realizes the security balance of the authenticity of the local screen display and the information under the non-local scene, and effectively resists the risks of automatic privacy stealing and manual screenshot disclosure aiming at the application interface of the mobile terminal.

Inventors

• DONG BO

Assignees

• 辽宁大学

Dates

Publication Date

20260505

Application Date

20260113

Claims (8)

1. 1. The mobile terminal sensitive information interception preventing method based on interface rendering interception is characterized by comprising the following steps of: Step 1), implanting a rendering interception hook in a graphic rendering pipeline of the mobile terminal; Step 2), capturing a rendering instruction stream or a layer composition request of the current interface; step 3) analyzing the rendering instruction stream or the graphics layer composition request, and identifying sensitive information areas contained in the rendering instruction stream or the graphics layer composition request; Step 4), detecting the current rendering target context in real time, and judging whether intercepting behavior of non-local physical screen display exists or not; Step 5), if the intercepting behavior is judged to exist, performing differentiated rendering treatment on the sensitive information area according to a preset security policy to generate treated rendering data different from original rendering data; And 6) outputting the processed rendering data to a rendering buffer area corresponding to the intercepting behavior, and simultaneously keeping outputting the original rendering data to a local physical screen.
2. 2. The method for preventing interception of mobile terminal sensitive information based on interface rendering interception as recited in claim 1, wherein in said step 1), the implantation position of the rendering interception hook comprises at least one of a graphics layer composition loop entry of a graphics composition component SurfaceFlinger, a drawing instruction call interface of a graphics drawing library Skia, and a command buffer commit interface of a graphics driver layer Vulkan or OpenGLES.
3. 3. The method for preventing interception of mobile terminal sensitive information based on interface rendering interception according to claim 1, wherein the method is characterized in that Characterized in that in the step 5), the differentiated rendering treatment comprises one or any combination of the following treatment modes: Step 5.1) anti-disturbance processing, namely calculating text texture characteristics of the sensitive information area, generating anti-sample noise based on a neural network, and adding the anti-sample noise into textures of the sensitive information area, wherein the superimposed sensitive information area keeps a natural display effect in human eyes, vision quality loss is within a preset threshold value, and the feature extraction of an optical character recognition OCR algorithm on the sensitive information area can be interfered; Step 5.2) semantic level simulation desensitization processing, namely analyzing semantic categories of original data in a sensitive information area, wherein the semantic categories comprise at least one of amount, name, identity card number, bank card number, mobile phone number and address; Step 5.3) hardware level layer separation processing, namely marking the sensitive information area as a protected hardware layer by utilizing the hardware synthesis capability of the display controller, and configuring the filtering rule of the hardware synthesizer to ensure that the protected hardware layer is only output to a local physical screen and automatically removed or filled into preset confusion content by hardware when writing a write-back buffer area or a frame buffer area.
4. 4. The method for preventing mobile terminal sensitive information from being intercepted based on interface rendering according to claim 1, wherein the security level of the sensitive information dynamically selects the type of differentiated rendering treatment, and the higher the security level is, the higher the corresponding rendering protection intensity is.
5. 5. An anti-interception system adopted by a mobile terminal sensitive information anti-interception method based on interface rendering interception according to any one of claims 1-3 is characterized by comprising a rendering pipeline interception module, a sensitive recognition engine, a context detection unit and a differentiation processing engine, wherein the rendering pipeline interception module is used for implanting an interceptor in a graphic rendering pipeline to capture a rendering instruction stream or a graphic layer composition request, the sensitive recognition engine is used for analyzing the rendering instruction stream or the graphic layer composition request and recognizing a sensitive information area contained in the rendering instruction stream or the graphic layer composition request, the context detection unit is used for monitoring the state of a rendering target in real time and judging whether interception behaviors of non-local physical screen display exist or not, and the differentiation processing engine is used for performing differentiation rendering processing on the sensitive information area according to a preset security policy when the interception behaviors are judged to exist, wherein the differentiation rendering processing comprises disturbance resisting injection processing, simulation data replacement processing or hardware graphic layer isolation.
6. 6. The anti-intercept system as in claim 5, wherein said differencing processing engine comprises an anti-noise generation sub-module for generating anti-noise for a particular OCR engine by generating an anti-network model, and a simulation data generation sub-module for generating simulation data meeting the requirements of the original data format and performing instruction level substitution.
7. 7. An electronic device comprising a memory and a processor, wherein the processor implements the method of any of claims 1 to 3 when executing a computer program stored in the memory.
8. 8. A computer readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method according to any one of claims 1 to 4.

Description

Mobile terminal sensitive information interception preventing method and system based on interface rendering interception Technical Field The invention relates to the field of intersection of mobile terminal information security and computer graphics, in particular to a mobile terminal sensitive information interception preventing method and system based on interface rendering interception. Background With the deep popularization of the mobile internet, the intelligent terminal bears massive high-value personal data. Preventing sensitive information from being illegally intercepted (screen capturing, screen recording and screen throwing) is an important subject of information security. Currently, existing mobile-end protection schemes mainly include global interception based on system labels and local masking based on application layers. Global interception scheme, such as flag_security mark of Android system. According to the scheme, the screen capturing action is forbidden at the level of the window manager, so that screen recording and screen capturing attacks can be effectively prevented. However, the scheme has the problem of 'one-touch', namely, once the scheme is started, the scheme is full-screen and black, so that a user cannot share a non-sensitive area, and experience is poor in remote collaboration, online education or Bug feedback and other scenes. Local masking schemes, such as overlaying color blocks based on application layer code. The scheme maintains the visibility of a non-sensitive area, but has single defense means. Analysis of the prior art shows that although CN110334522A provides a watermark protection scheme, the protection capability on OCR attacks is limited, and CN111177770A adopts image layer coverage to realize privacy protection, but the protection of the bottom layer is insufficient. According to the invention, disturbance is resisted by combining the interception of the rendering pipeline, so that the protection capability is improved while the user experience is maintained. Furthermore, U.S. patent 2020/0210606A1 proposes a Screen capture protection scheme, but it does not adequately deal with the consistency of the multiplexed output (main Screen display and intercept path). The bottom layer is not protected enough, so that malicious software can directly read the video memory through being mounted on the bottom layer Framebuffer or intercept data by utilizing a virtual display technology. The invention is different from the prior art in that full-link interception of rendering pipeline level is realized, the natural and machine messy code of human eyes is introduced to resist disturbance, and a 'double-track rendering synchronization' mechanism of local and intercepting ends is constructed. Disclosure of Invention In order to solve the technical problems, the invention realizes the protection strategy of 'local real display and non-local differential processing' by implanting an interception mechanism in the depth of a graphics rendering pipeline and combining the panoramic context perception technology. The method for preventing the interception of the mobile terminal sensitive information based on the interface rendering interception comprises the following steps: Step 1), implanting a rendering interception hook in a graphic rendering pipeline of the mobile terminal; the implantation location of the render intercept hook includes at least one of a graphics composition loop entry of the graphics composition component SurfaceFlinger, a draw instruction call interface of the graphics draw library Skia, and a command buffer commit interface of the graphics driver layer Vulkan or OpenGLES. Step 2), capturing a rendering instruction stream or a layer composition request of the current interface; step 3) analyzing the rendering instruction stream or the graphics layer composition request, and identifying sensitive information areas contained in the rendering instruction stream or the graphics layer composition request; Step 4), detecting the current rendering target context in real time, and judging whether intercepting behavior of non-local physical screen display exists or not; And step 5), if the intercepting behavior is judged to exist, performing differentiated rendering processing on the sensitive information area according to a preset security policy to generate processed rendering data different from original rendering data, and if the intercepting behavior is judged not to exist, maintaining a normal original layer synthesis and display flow. In the step 5), the differential rendering processing includes one or any combination of the following processing modes: Step 5.1) anti-disturbance processing, namely calculating text texture characteristics of the sensitive information area, generating anti-sample noise based on a neural network, and adding the anti-sample noise into textures of the sensitive information area, wherein the superimposed sensitive information area