Method and device for detecting software-tampering

摘要

A method and system for detecting software tampering includes: at a device having one or more processors and memory: receiving a software verification instruction from a server, the software verification instruction comprising a verification parameter dynamically selected by the server for verifying whether particular software stored at the device contains unauthorized modifications; executing a respective verification procedure corresponding to the verification parameter to obtain a first verification data value; and returning the first verification data value to the server, wherein the server compares the first verification data value to a second verification data value to determine whether the particular software stored at the device contains unauthorized modifications.

主权项

1. A method of detecting software tampering, comprising:
at a device having one or more processors and memory: sending a software verification request of a first software to a server in connection with executing the first software at the device, wherein the software verification request identifies at least one information item selected from (1) identification information of the first software, (2) an operation to be performed to the first software, and (3) a verification history associated with the first software; receiving a software verification instruction from the server, the software verification instruction comprising a verification parameter generated by the server based on the at least one information item identified in the software verification request for verifying whether the first software stored at the device contains unauthorized modifications, wherein the verification parameter includes executable code for invoking a function of the first software; executing a respective verification procedure corresponding to the verification parameter to obtain a first verification data value, further comprising executing the executable code to invoke the function of the first software at the device to generate an output as the first verification data value based on data currently present at the device; and returning the first verification data value to the server, wherein the server compares the first verification data value to a second verification data value to determine whether the first software stored at the device contains unauthorized modifications.