CN116170635A

CN116170635A - Video tamper-proof method and device, electronic equipment and readable storage medium

Info

Publication number: CN116170635A
Application number: CN202211624209.6A
Authority: CN
Inventors: 张雪晶
Original assignee: China Telecom Corp Ltd
Current assignee: China Telecom Corp Ltd
Priority date: 2022-12-15
Filing date: 2022-12-15
Publication date: 2023-05-26
Anticipated expiration: 2042-12-15
Also published as: CN116170635B

Abstract

The embodiment of the invention provides a video tamper-proof method, a device, electronic equipment and a readable storage medium, wherein the method comprises the following steps: video sampling is carried out on a video stream to obtain video characteristic information aiming at the video stream; generating verification information according to the video characteristic information, and inserting the verification information into the video stream to obtain a target video stream; determining device identification authentication information and positioning information of the tamper-resistant device of the present level; reporting the target video stream, the device identification authentication information, the positioning information and the verification information of the tamper-resistant device of the current level to tamper-resistant devices and the service platform corresponding to the network segment of the next level; and the service platform is used for determining the tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-resistant device when the fact that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant device is confirmed.

Description

Video tamper-proof method and device, electronic equipment and readable storage medium

Technical Field

The embodiment of the invention relates to the technical field of video tamper resistance, in particular to a video tamper resistance method, a video tamper resistance device, electronic equipment and a computer readable storage medium.

Background

For the anti-tampering technology of IPTV (Internet Protocol Television network protocol television) video live broadcast, a mode of directly using signature information generation and verification is currently applied, namely, signature information is inserted into a video stream and reported or broadcasted, and then step-by-step signature and verification are carried out. However, the method of simply using signature information and verification has the following problems: when an existing transmission line is controlled or stolen by an "intruder," information and results cannot be faithfully fed back.

Meanwhile, the prior step-by-step signature and verification mode is equivalent to the serial verification mode, when the existing transmission line is controlled or stolen by an invader, the serial verification mode cannot be quickly positioned to the position where the tampering occurs, and cannot faithfully feed back information and results, and an optimized space is provided, so that the position where the tampering occurs is quickly positioned, the running and maintenance of an IPTV video live broadcast operator are facilitated, the tampered position can be positioned if one-round detection is performed under the condition that the tampering occurs, and the speed of the equipment for reflecting the tampered information to a control platform can be saved.

Disclosure of Invention

The embodiment of the invention provides a video tamper-proof method, a device, electronic equipment and a computer readable storage medium, which are used for solving or partially solving the problems that when the existing transmission line of a video stream is controlled or stolen by an 'invader', a serial verification mode cannot be rapidly positioned to a tamper-proof position and information and results cannot be fed back faithfully.

The embodiment of the invention discloses a video tamper-proof method, which is applied to a service platform, wherein the service platform comprises a plurality of levels of network segments, tamper-proof devices are respectively deployed in the network segments of different levels, and the tamper-proof devices at least comprise device identification authentication information and positioning information, and the method comprises the following steps:

video sampling is carried out on a video stream to obtain video characteristic information aiming at the video stream;

generating verification information according to the video characteristic information, and inserting the verification information into the video stream to obtain a target video stream;

determining device identification authentication information and positioning information of the tamper-resistant device of the present level;

reporting the target video stream, the device identification authentication information, the positioning information and the verification information of the tamper-resistant device of the current level to tamper-resistant devices and the service platform corresponding to the network segment of the next level; and the service platform is used for determining the tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-resistant device when the fact that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant device is confirmed.

Optionally, the video sampling of the video stream to obtain video feature information for the video stream includes:

video sampling is carried out on a video stream to obtain a video stream PES packet, a video interval frame number and a video time stamp aiming at the video stream;

taking a field value corresponding to a designated field in the PES packet of the video stream as a video stream characteristic value of the video stream;

and taking the video interval frame number, the video time stamp and the video stream characteristic value as video characteristic information.

Optionally, after the reporting the target video stream, the device identification authentication information, the positioning information and the verification information of the tamper-resistant device of the present level to the tamper-resistant device and the service platform corresponding to the network segment of the next level, the method includes:

when the verification information of the target video stream of the tamper-resistant device of the current level is inconsistent with the verification information reported by the tamper-resistant device of the previous level, determining the tamper occurrence position of the video stream of the network segment of the current level according to the device identification authentication information and the positioning information of the tamper-resistant device of the previous level;

generating error reporting information according to the tamper occurrence position of the video stream, and uploading the error reporting information to the service platform.

Optionally, the service platform stores an original video image and an original video segment, and after generating error reporting information according to the tamper occurrence position of the video stream and uploading the error reporting information to the service platform, the method further includes:

the problem video stream corresponding to the error reporting information is transmitted back to the service platform, and the service platform is used for comparing the video image of the problem video stream with the original video image and determining a tampered video image of the problem video stream;

and transmitting the problem video stream corresponding to the error reporting information back to the service platform, wherein the service platform is used for comparing the video segment of the problem video stream with the original video segment and determining the tampered video segment of the problem video stream.

The embodiment of the invention also discloses a video tamper-proof method which is applied to a service platform, wherein the service platform comprises a plurality of levels of network segments, tamper-proof devices are respectively deployed in different levels of network segments, and the tamper-proof devices at least comprise device identification authentication information and positioning information, and the method comprises the following steps:

receiving a target video stream, the equipment identification authentication information, the positioning information and the verification information which are reported by the tamper-resistant equipment; the target video stream comprises the verification information generated aiming at the video characteristic information of the video stream by video sampling of the video stream by the tamper-proof equipment;

When confirming that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant equipment, determining the tamper occurrence position of the video stream according to the equipment identification authentication information and the positioning information of the target tamper-resistant equipment.

Optionally, the method further comprises:

after receiving error reporting information of a first tamper-proof device, the service platform determines a second tamper-proof device which operates normally and has a network segment adjacent to the network segment of the first tamper-proof device;

reestablishing a link between the second tamper-resistant device and the first tamper-resistant device; the link is used to transmit the video stream.

The embodiment of the invention also discloses a video tamper-proof device which is applied to a service platform, wherein the service platform comprises a plurality of levels of network segments, tamper-proof equipment is respectively deployed in different levels of network segments, the tamper-proof equipment at least comprises equipment identification authentication information and positioning information, and the device comprises:

the video sampling module is used for carrying out video sampling on the video stream to obtain video characteristic information aiming at the video stream;

the verification information generation module is used for generating verification information according to the video characteristic information and inserting the verification information into the video stream to obtain a target video stream;

The device identification authentication module is used for identifying the tamper-proof device at the current level according to the device identification authentication information and the positioning information;

the first tamper occurrence position determining module is used for reporting the target video stream, the device identification authentication information, the positioning information and the verification information of the tamper-resistant device of the current level to tamper-resistant devices and the service platform corresponding to the network segment of the next level; and the service platform is used for determining the tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-resistant device when the fact that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant device is confirmed.

Optionally, the video sampling module is specifically configured to:

Optionally, the apparatus further comprises:

The tamper-proofing device comprises a tamper-proofing device of the current level, a tamper-proofing position determining module and a tamper-proofing position determining module, wherein the tamper-proofing device of the current level is used for determining the tamper-proofing position of the video stream of a network segment of the current level according to device identification authentication information and positioning information of the tamper-proofing device of the previous level when the verification information of the target video stream of the tamper-proofing device of the current level is inconsistent with the verification information reported by the tamper-proofing device of the previous level;

and the error reporting information reporting module is used for generating error reporting information according to the tamper occurrence position of the video stream and uploading the error reporting information to the service platform.

Optionally, the apparatus further comprises:

the video image determining module is used for transmitting the problem video stream corresponding to the error reporting information back to the service platform, and the service platform is used for comparing the video image of the problem video stream with the original video image to determine the tampered video image of the problem video stream;

the video segment determining module is used for transmitting the problem video stream corresponding to the error reporting information back to the service platform, and the service platform is used for comparing the video segment of the problem video stream with the original video segment to determine the tampered video segment of the problem video stream.

the information receiving module is used for receiving the target video stream, the equipment identification authentication information, the positioning information and the verification information which are reported by the tamper-proof equipment; the target video stream comprises the verification information generated aiming at the video characteristic information of the video stream by video sampling of the video stream by the tamper-proof equipment;

and the second tamper occurrence position determining module is used for determining the tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-resistant device when the fact that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant device is confirmed.

Optionally, the apparatus further comprises:

the second tamper-proof equipment determining module is used for determining second tamper-proof equipment which operates normally and has a network segment adjacent to the network segment of the first tamper-proof equipment after the service platform receives the error reporting information of the first tamper-proof equipment;

A link reset module for reestablishing a link between the second tamper resistant device and the first tamper resistant device; the link is used to transmit the video stream.

The embodiment of the invention also discloses electronic equipment, which comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus;

the memory is used for storing a computer program;

the processor is configured to implement the method according to the embodiment of the present invention when executing the program stored in the memory.

Embodiments of the present invention also disclose a computer-readable storage medium having instructions stored thereon, which when executed by one or more processors, cause the processors to perform the method according to the embodiments of the present invention.

The embodiment of the invention has the following advantages:

in the embodiment of the invention, tamper resistance of a video stream is mainly applied to a service platform, the service platform comprises a plurality of levels of network segments, tamper resistance devices are respectively deployed in different levels of network segments, the tamper resistance devices at least comprise device identification authentication information and positioning information, firstly, video sampling is carried out on the video stream to obtain video characteristic information of the video stream, verification information is further generated according to the video characteristic information, verification information is inserted into the video stream to obtain a target video stream, device identification authentication information and positioning information of the tamper resistance device of the level are determined, the target video stream, the device identification authentication information, the positioning information and the verification information of the tamper resistance device of the level are reported to tamper resistance devices and the service platform corresponding to the next level of network segments, and the service platform is used for determining tamper occurrence positions of the video stream according to the device identification authentication information and the positioning information of the target tamper resistance device when the verification information of the target video stream is confirmed to be inconsistent with the verification information reported by the target tamper resistance device. By adopting a parallel verification mode, the video stream is verified and transmitted by utilizing the tamper-proof equipment, and verification information is reported to the service platform, so that not only can the video stream be verified in each network segment, but also the video stream can be verified again on the service platform, the verification reliability is ensured, and the coping capacity of the video stream under the tamper risk is improved; and the device can rapidly locate the tampered position of the video stream through the device identification authentication information and the locating information, thereby being beneficial to operators to monitor and maintain the operation of the service platform and improving the reflecting speed of the tamper-proof device for reflecting the tampered information to the service platform.

Drawings

FIG. 1 is a flow chart of steps of a video tamper-proof method provided in an embodiment of the present invention;

fig. 2 is a schematic structural diagram of a service platform according to an embodiment of the present invention;

FIG. 3 is a schematic diagram of a tamper-resistant device provided in an embodiment of the present invention;

FIG. 4 is a schematic diagram of extracted stream ID and PES packet length bytes provided in an embodiment of the invention;

FIG. 5 is a schematic diagram of extracting PTS and pre-PES CRC bytes provided in an embodiment of the invention;

FIG. 6 is a flow chart of steps of a video tamper-resistant method provided in an embodiment of the present invention;

FIG. 7 is a schematic flow chart of tamper recovery provided in an embodiment of the invention;

FIG. 8 is a block diagram of a video tamper resistant device provided in an embodiment of the present invention;

FIG. 9 is a block diagram of a video tamper resistant device provided in an embodiment of the present invention;

fig. 10 is a schematic diagram of a hardware structure of an electronic device implementing various embodiments of the invention.

Detailed Description

In order that the above-recited objects, features and advantages of the present invention will become more readily apparent, a more particular description of the invention will be rendered by reference to the appended drawings and appended detailed description.

As an example, for the anti-tampering technology of IPTV (Internet Protocol Television network protocol television) live video, a method of directly using signature information generation and verification is currently widely used, that is, signature information is inserted into a video stream and reported or broadcasted, and then step-by-step signature and verification are performed. However, the method of simply using signature information and verification has the following problems: when an existing transmission line is controlled or stolen by an "intruder," information and results cannot be faithfully fed back. Meanwhile, the prior step-by-step signature and verification mode is equivalent to the serial verification mode, when the existing transmission line is controlled or stolen by an invader, the serial verification mode cannot be quickly positioned to the position where the tampering occurs, information and results cannot be faithfully fed back, and an optimized space is provided, so that the position where the tampering occurs is quickly positioned, the running and maintenance of an IPTV video live broadcast operator are facilitated, the tampered position can be positioned if one-round detection is performed under the condition that the tampering occurs, and the reflecting speed of the equipment for reflecting the tampered information to a control platform can be saved.

In view of the above, one of the core inventions of the present invention is that a service platform includes a plurality of levels of network segments, tamper-proof devices are deployed in the network segments of different levels, the tamper-proof devices at least include device identification authentication information and positioning information, firstly, video sampling is performed on a video stream to obtain video characteristic information for the video stream, and further verification information is generated according to the video characteristic information, and verification information is inserted into the video stream to obtain a target video stream, device identification authentication information and positioning information of the tamper-proof device of the present level are determined, and the target video stream, the device identification authentication information, the positioning information and the verification information of the tamper-proof device of the present level are reported to tamper-proof devices and the service platform corresponding to the network segments of the next level, where the service platform is configured to determine a tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-proof device when it is confirmed that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-proof device. By adopting a parallel verification mode, the video stream is verified and transmitted by utilizing the tamper-proof equipment, and verification information is reported to the service platform, so that not only can the video stream be verified in each network segment, but also the video stream can be verified again on the service platform, the verification reliability is ensured, and the coping capacity of the video stream under the tamper risk is improved; and the device can rapidly locate the tampered position of the video stream through the device identification authentication information and the locating information, thereby being beneficial to operators to monitor and maintain the operation of the service platform and improving the reflecting speed of the tamper-proof device for reflecting the tampered information to the service platform.

Referring to fig. 1, a step flow chart of a video tamper-proof method provided in an embodiment of the present invention is shown and applied to a service platform, where the service platform includes a plurality of levels of network segments, tamper-proof devices are deployed on the different levels of network segments, and the tamper-proof devices at least include device identification authentication information and positioning information, and may specifically include the following steps:

step 101, video sampling is carried out on a video stream to obtain video characteristic information aiming at the video stream;

wherein, for the service platform, it can be an IPTV service platform; for IPTV, it may be an interactive network television, and it may be a system for transmitting television information using a broadband network (broadband) as a medium, that is, a new technology for providing various interactive services including digital television to home users by integrating various technologies such as internet, multimedia, and communication with a broadband cable television network. The user can enjoy IPTV service in home, and experience of the user is improved.

Referring to fig. 2, a schematic structural diagram of a service platform provided in an embodiment of the present invention is shown, and as can be seen from the figure, the video tamper-proof method provided in the embodiment of the present invention can be applied to an application environment as shown in fig. 2. Specifically, the service platform may be divided into five network segments, where the network segments are a program content source, an IPTV backbone network, a metropolitan area network, an access network, and a home terminal according to transmission levels, that is, IPTV video is transmitted from the program content source to the home terminal for viewing by a user through the backbone network, the metropolitan area network, and the access network. In the embodiment of the present invention, the IPTV video is mainly an IPTV video for provincial regions, and it can be understood that the program content source may be a provincial program content source.

It should be noted that, regarding the scope of the program content source, those skilled in the art may adjust the scope according to the actual situation, which is not limited by the embodiment of the present invention.

As can be seen from fig. 2, tamper-proof devices can be deployed in several network segments, including provincial program content sources, IPTV backbones, metropolitan area networks, access networks, and home terminals (e.g., set-top boxes for spot check, etc.). Specifically, the tamper-resistant device may be deployed at each interface of the transmission and processing device of each network segment, for example, the tamper-resistant device is accessed by using a plurality of redundant interfaces reserved by the IPTV backbone network, the access network, and the like, as shown in fig. 2, where the device deployment point is a location where the tamper-resistant device is connected.

The tamper-proof equipment can be movable equipment, can be flexibly and implicitly arranged, is convenient for a user to install and saves the space of the device.

Referring to fig. 3, a schematic structural diagram of a tamper-resistant device provided in an embodiment of the present invention is shown, where it can be known that the tamper-resistant device may include a signature information generation module, a signature information verification module, a positioning module, a device authentication identification module, a video extraction module, and a 5G (5 th-Generation Mobile Communication Technology fifth generation mobile communication technology) wireless transmission module. The signature information generation module can be used for generating signature information; the signature information verification module can be used for verifying the signature information; the video extraction module can be used for abstracting and outputting the characteristic value of the video image; the 5G wireless transmission module can be used for transmitting image characteristics, signature information, positioning information and equipment identification authentication information and returning IPTV video; for the positioning module, a Beidou satellite positioning chip or a GPS (Global Positioning System global positioning system) positioning chip can be built in, the tampered IPTV video position can be positioned through the Beidou satellite positioning chip or the GPS positioning chip, positioning information is generated, and then the positioning information is reported to an IPTV service platform through a 5G wireless transmission module; for the device authentication identification module, the device authentication identification module can store the MAC (Media Access Control medium/media access control) address of all legal devices, the international mobile equipment identification code IMEI (International Mobile Equipment Identity international mobile equipment identification code) and the product Serial Number SN (Serial Number/machine code) code, the device authentication identification information in the device authentication identification module can be used for transmitting signature information and identification and authentication before signature verification information, and meanwhile, the unique device authentication identification information can be positioned to the exact position where tampering occurs, namely, the tampering position positioned by the positioning module can be in error, but the position where tampering occurs can be accurately positioned by the device authentication identification information in the device authentication identification module, so that the IPTV video operator can monitor and maintain the operation of the service platform, and the reflection speed of the tamper-proof device for reflecting the tampering information to the service platform is improved.

Wherein for a video stream it can be understood as video, since the video is in the form of a video stream, the video and the video stream can be represented to each other; the video stream in the embodiment of the invention is an IPTV video stream, and can be aimed at the IPTV video stream of the provincial domain.

For video sampling, the video sampling module in the tamper-proof equipment can sample video of provincial program content sources, IPTV backbone networks, metropolitan area networks, access networks and home terminals, so as to obtain video characteristic information.

It should be noted that, for the period of video sampling, it may be performed according to a fixed period or manually making spot check time, and those skilled in the art may set this according to actual situations, which is not limited in the embodiments of the present invention.

In a specific implementation, the IPTV service platform may include multiple levels of network segments, where the network segments may be a program content source, an IPTV backbone network, a metropolitan area network, an access network, and a home terminal according to transmission levels, and tamper-proof devices are deployed in the network segments of different levels, where the tamper-proof devices may include a signature information generating module, a signature information verifying module, a positioning module, a device authentication identifying module, a video extracting module, and a 5G wireless transmission module, and the video extracting module in the tamper-proof device may sample videos of the provincial program content source, the IPTV backbone network, the metropolitan area network, the access network, and the home terminal, so as to obtain video feature information.

In an alternative embodiment, the video extraction module may sample the video stream to obtain a video stream PES (Packet Elementary Stream) packet, a video interval frame number and a video time stamp for the video stream, specifically, a field value corresponding to a specified field in the video stream PES packet is taken as a video stream feature value of the video stream, so that the video interval frame number, the video time stamp and the video stream feature value may be taken as video feature information. In one example, the video extraction module in the tamper resistant device may sample video of provincial program content sources, IPTV backbones, metropolitan area networks, access networks, and home terminals, where the video sampling of the various segments may be performed simultaneously. Referring to fig. 4, a schematic diagram of extracting a Stream ID and a PES packet length byte is shown, where it can be known that, by decomposing a video Stream PES packet obtained by sampling, a Stream ID (Stream ID in the figure) field and a PES packet length (PES packet length in the figure) field can be extracted from each PES packet, where the number of extracted bytes is 4 bytes; referring to fig. 5, a schematic diagram of extracting PTS and pre-PES CRC bytes provided in the embodiment of the present invention is shown, and it can be understood from the figure that, by decomposing a sampled video stream PES packet, further, a stream PTS field may be extracted from each PES packet, where the number of bytes extracted is 8 bytes, and a pre-PES CRC field (Privious PES CRC in the figure) is also included, where the number of bytes extracted is also 8 bytes, so that, by using a field value corresponding to the above-mentioned specified field extracted from the video stream PES packet as a video stream feature value of the video stream, the video interval frame number, the video timestamp, and the video stream feature value may be used as video feature information. In one example, assuming that there is currently a video frame of 25 frames for 1 second, 25 sets of video stream feature values and verification information corresponding to the video stream feature values may be abstracted.

The video stream PES packet may be a packetized elementary stream, which is formed by dividing the elementary stream ES (Elementary Stream) into packets of unequal lengths as required and adding a packet header, where the ES stream is also called an elementary stream and includes a continuous stream of video, audio, or data; for the Stream ID (Identity) which may be the Stream ID in fig. 4, the Stream ID is the unique ID of the audio-video Stream, and if a Stream has both an audio packet and a video packet, the Stream ID of the audio packet of the Stream is the same as the Stream ID of the other video packet; for stream PTS (Presentation Time Stamp), it may be a display timestamp, which may be used to guide the behavior of the playback end; for PES CRCs, it may be used to check or check for multi-bit errors.

In the embodiment of the invention, the IPTV service platform may include a plurality of levels of network segments, where the network segments may be a program content source, an IPTV backbone network, a metropolitan area network, an access network, and a home terminal according to transmission levels, and tamper-proof devices are deployed in the network segments of different levels, where the tamper-proof devices may include a signature information generating module, a signature information verifying module, a positioning module, a device authentication identifying module, a video extracting module, and a 5G wireless transmission module, and the video extracting module in the tamper-proof device may sample video of the provincial program content source, the IPTV backbone network, the metropolitan area network, the access network, and the home terminal, to obtain a video stream PES packet, a video interval frame number, and a video timestamp for a video stream, and specifically, a field value corresponding to a specified field in the video stream PES packet is used as a video stream feature value of the video stream, so that the video interval frame number, the video timestamp, and the video stream feature value are used as video feature information.

102, generating verification information according to the video characteristic information, and inserting the verification information into the video stream to obtain a target video stream;

as for the verification information, which may contain signature information and signature verification information, the verification information is information for verifying whether the signature information is correct generated based on the video feature information, and illustratively, if the signature information and the signature verification information are inconsistent in the access network, the position may be considered as tampered; the verification information can be obtained through a signature information generation module in the tamper-proof equipment; for the target video stream, it may be a video stream containing verification information.

In a specific implementation, the verification information may be generated according to the number of video interval frames, the video time stamp and the video stream characteristic value, and the verification information is inserted into the video stream to obtain the target video stream.

Step 103, determining device identification authentication information and positioning information of the tamper-resistant device of the present level;

the device identification authentication information can comprise the MAC address of all legal devices, the international mobile equipment identification code IMEI and the product serial number SN code, the device identification authentication information is stored in the device identification authentication module, the device identification authentication information can be used for identity identification and authentication before signature information and signature verification information are transmitted, and meanwhile, the unique device identification information can be used for positioning to the exact tamper position; for the positioning information, the positioning information can be positioning information generated by positioning the tampered position of the IPTV video by a Beidou satellite positioning chip or a GPS positioning chip which is arranged in the positioning module. The position where the tampering position occurs can be accurately positioned through the equipment identification authentication information and the positioning information, which is beneficial to the IPTV video operators to monitor and maintain the operation of the service platform, and improves the reflecting speed of the tamper-proof equipment to reflect the tampering information to the service platform.

In one example, assuming that the network part is currently located in the IPTV backbone network, the device identification authentication information of the present level may be determined by accessing the device identification authentication module of the tamper-resistant device in the IPTV backbone network, and likewise, the positioning information of the present level may be determined by the positioning module of the tamper-resistant device; specifically, when the signature verification information module in the IPTV backbone network detects that verification information in a video stream sent to the IPTV backbone network by a program content source is inconsistent, the video stream can be considered to be tampered, meanwhile, the positioning module can position the tampered position of the IPTV video through a built-in Beidou satellite positioning chip or GPS positioning chip and generate positioning information, and further, the tampered position can be further positioned through equipment identification authentication information in the equipment identification authentication module.

104, reporting the target video stream, the device identification authentication information, the positioning information and the verification information of the tamper-resistant device of the present level to tamper-resistant devices and the service platform corresponding to the network segment of the next level; and the service platform is used for determining the tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-resistant device when the fact that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant device is confirmed.

In a specific implementation, after the target video stream, the device identification authentication information, the positioning information and the verification information of the tamper-proof device of the present level are reported to the tamper-proof device corresponding to the network segment of the next level, whether the video stream is tampered or not can be verified at the tamper-proof device of the next level, specifically, when the verification information of the target video stream of the tamper-proof device of the present level is inconsistent with the verification information reported by the tamper-proof device of the previous level, the tamper-proof position of the video stream of the network segment of the present level is determined according to the device identification authentication information and the positioning information of the tamper-proof device of the previous level, so that error reporting information is generated according to the tamper-proof position of the video stream, and the error reporting information is uploaded to the IPTV service platform.

Further, after the target video stream, the device identification authentication information, the positioning information and the verification information of the tamper-resistant device at the present level are reported to the IPTV service platform, the service platform may be configured to determine, when it is confirmed that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant device, a tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-resistant device, and at the same time, check again whether the video stream is tampered at the IPTV service platform, specifically, after the 5G wireless transmission module of the tamper-resistant device generates error reporting information according to the tamper occurrence position of the video stream and uploads the error reporting information to the IPTV service platform, the IPTV service platform may further detect the video stream according to the verification information, the device identification authentication information and the positioning information that are stored originally, thereby improving the accuracy of verification.

In one example, assuming that a current video stream reaches a part of an access network, the access network can receive a target video stream, verification information, equipment identification authentication information and positioning information from a metropolitan area network, meanwhile, a video extraction module of tamper-resistant equipment in the access network can extract a video characteristic value from the target video stream to generate verification information containing signature information and signature verification information, when the verification information of the target video stream of the tamper-resistant equipment of an access network level is inconsistent with the verification information reported by the tamper-resistant equipment of a previous level metropolitan area network, the tamper-occurrence position of the target video stream of the access network of the level can be determined according to the equipment identification authentication information and the positioning information of the tamper-resistant equipment of the metropolitan area network of the previous level, so that error reporting information can be generated according to the tamper-occurrence position of the video stream, and the error reporting information is uploaded to an IPTV service platform; meanwhile, whether the video stream is tampered or not can be checked again in the IPTV service platform, specifically, as the verification information, the equipment identification authentication information and the positioning information of each network segment can be uploaded to the IPTV service platform through the 5G wireless transmission module of the tamper-resistant equipment, the IPTV service platform can further check the video stream according to the stored verification information, the equipment identification authentication information and the positioning information, the tampered occurrence position of the video stream is positioned again, and a parallel verification mode is formed through double verification of the tamper-resistant equipment and the IPTV service platform, so that the detection time is saved, and the verification accuracy is improved.

In an optional embodiment, the service platform stores an original video image and an original video segment, and after generating error reporting information according to the tamper occurrence position of the video stream and uploading the error reporting information to the service platform, the method further includes:

For video images, the video images can be video images corresponding to video time stamps in a video stream, wherein the original video images are video images of the video stream extracted at a program content source by an IPTV service platform; as for the video segment, it may be a video segment corresponding to the number of video interval frames in the video stream, and similarly, the original video segment is a video segment of the video stream extracted by the IPTV service platform at the program content source, and since the video stream of the program content source is difficult to be tampered, it may be understood that the video stream stored in the IPTV service platform is difficult to be tampered, which is usually easy to be tampered during the network transmission of the video stream, so that the original video stream of the program content source may be used as a verification standard.

For a problem video stream, it may be a tampered video stream.

In a specific implementation, after generating error reporting information according to a tamper occurrence position of a video stream and uploading the error reporting information to an IPTV service platform, the tamper resistant device can also transmit a problem video stream corresponding to the error reporting information back to the IPTV service platform, and the IPTV service platform can be used for comparing a video image of the problem video stream with an original video image stored by the IPTV service platform to determine a tampered video image of the problem video stream; similarly, the IPTV service platform may be further configured to compare a video segment of the problem video stream with an original video segment, and determine a tampered video segment of the problem video stream. By determining tampered video images and video segments of the problem video stream, the tampered position of the IPTV video can be accurately positioned.

It should be noted that, for the feedback duration of the problem video stream, it may be 3 seconds to 3 minutes, where the feedback of the problem video stream may be set to a fixed period or considered to be performed at a specific spot check time, and those skilled in the art may adjust the feedback duration according to the actual situation, which is not limited in the embodiment of the present invention; for comparison of video images and video segments, special tool software may be used for comparison, and in practical application, a person skilled in the art may use appropriate special tool software for comparison, which is not limited in the embodiment of the present invention.

In addition, in the comparison process, clock synchronization is needed, a comparison period (for example, 5 seconds) is flexibly set according to timeliness, sampling time (for example, x years, x months, x days, x minutes, x seconds) is needed to take on each group of comparison information, in the practical application situation, multistage network delay may exist, so that clock errors are brought, in the embodiment of the invention, comparison can be carried out according to the duration of 5 seconds, a certain degree of matching failure rate can be allowed, and in this way, the comparison can be adjusted according to the practical situation by a person skilled in the art, and the embodiment of the invention is not limited.

In addition, in the embodiment of the invention, signature and verification information of each key node, namely verification information, equipment identification authentication information and positioning information are returned to the IPTV service platform through the 5G wireless network channel, meanwhile, the problem video stream is returned and compared, and the response capability of the IPTV system under the tampering risk is generally improved through the wireless return mechanism.

Referring to fig. 6, a step flow chart of a video tamper-proof method provided in an embodiment of the present invention is shown and applied to a service platform, where the service platform includes a plurality of levels of network segments, tamper-proof devices are deployed on the different levels of network segments, and the tamper-proof devices at least include device identification authentication information and positioning information, and may specifically include the following steps:

step 601, receiving a target video stream, the device identification authentication information, the positioning information and the verification information, which are reported by the tamper-resistant device; the target video stream comprises the verification information generated aiming at the video characteristic information of the video stream by video sampling of the video stream by the tamper-proof equipment;

in a specific implementation, a service platform receives a target video stream, device identification authentication information, positioning information and verification information, wherein the target video stream comprises verification information generated by video characteristic information of the video stream obtained by video sampling of the video stream by tamper-resistant device, and the verification information is used for judging whether the target video stream is tampered or not.

Step 602, when confirming that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant device, determining a tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-resistant device.

In the specific implementation, when the fact that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant device is confirmed, determining the tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-resistant device.

In an alternative embodiment, further comprising:

The first tamper-proof device is a device which generates error information when tamper occurs, and the second tamper-proof device is a superior device of the first tamper-proof device, wherein the second tamper-proof device is a device which does not occur tamper. For links, it may be used to transmit video streams.

In a specific implementation, after receiving error reporting information of the first tamper-proof device, the service platform determines a second tamper-proof device which operates normally and has a network segment close to that of the first tamper-proof device, and reestablishes a link between the second tamper-proof device and the first tamper-proof device, so that normal playing of a video is restored, and user experience is improved.

In an example, referring to fig. 7, a schematic flow diagram of tamper recovery provided in an embodiment of the present invention is shown, and it is assumed that after an IPTV service platform receives video stream error information of a home terminal, the IPTV service platform may traverse and retrieve link nodes corresponding to normal operation information stored in the IPTV service platform in sequence according to the sequence of a neighboring access network, a neighboring metropolitan area network, and a neighboring IPTV backbone network, and notify the link nodes to the IPTV service platform, and then, the IPTV service platform reestablishes a new path between the home terminal reporting an abnormal data stream and a normal video stream, so as to ensure playing.

In addition, the embodiment of the invention also provides a tamper recovery mechanism, which is beneficial to improving the experience of IPTV users.

It should be noted that, for simplicity of description, the method embodiments are shown as a series of acts, but it should be understood by those skilled in the art that the embodiments are not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the embodiments. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred embodiments, and that the acts are not necessarily required by the embodiments of the invention.

Referring to fig. 8, a block diagram of a video tamper-proof device provided in an embodiment of the present invention is shown and applied to a service platform, where the service platform includes a plurality of levels of network segments, and tamper-proof devices are deployed on the different levels of network segments, where the tamper-proof devices include at least device identification authentication information and positioning information, and may specifically include the following modules:

the video sampling module 801 is configured to perform video sampling on a video stream to obtain video feature information for the video stream;

A verification information generating module 802, configured to generate verification information according to the video feature information, and insert the verification information into the video stream to obtain a target video stream;

the present level information determining module 803 is configured to determine device identification authentication information and positioning information of the tamper resistant device of the present level;

a first tamper occurrence location determining module 804, configured to report the target video stream, the device identification authentication information, the positioning information, and the verification information of the tamper resistant device of the present level to a tamper resistant device and the service platform corresponding to a network segment of a next level; and the service platform is used for determining the tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper-resistant device when the fact that the verification information of the target video stream is inconsistent with the verification information reported by the target tamper-resistant device is confirmed.

In an alternative embodiment, the video sampling module 801 is specifically configured to:

In an alternative embodiment, the apparatus further comprises:

Referring to fig. 9, a block diagram of a video tamper-proof device provided in an embodiment of the present invention is shown and applied to a service platform, where the service platform includes a plurality of levels of network segments, and tamper-proof devices are deployed on the different levels of network segments, where the tamper-proof devices include at least device identification authentication information and positioning information, and may specifically include the following modules:

the information receiving module 901 is configured to receive the target video stream, the device identification authentication information, the positioning information, and the verification information, which are reported by the tamper resistant device; the target video stream comprises the verification information generated aiming at the video characteristic information of the video stream by video sampling of the video stream by the tamper-proof equipment;

and the second tamper occurrence position determining module 902 is configured to determine a tamper occurrence position of the video stream according to the device identification authentication information and the positioning information of the target tamper resistant device when it is determined that there is a discrepancy between the verification information of the target video stream and the verification information reported by the target tamper resistant device.

In an alternative embodiment, the apparatus further comprises:

For the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points.

In addition, the embodiment of the invention also provides electronic equipment, which comprises: the processor, the memory, store the computer program on the memory and can run on the processor, this computer program realizes each process of the above-mentioned video anti-tampering method embodiment when being carried out by the processor, and can reach the same technical result, in order to avoid repetition, will not be repeated here.

The embodiment of the invention also provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor, realizes the processes of the video tamper-proof method embodiment, and can achieve the same technical effects, and in order to avoid repetition, the description is omitted. Wherein the computer readable storage medium is selected from Read-Only Memory (ROM), random access Memory (Random Access Memory, RAM), magnetic disk or optical disk.

The embodiment of the present invention further provides a computer program product, which is stored in a storage medium, and the program product is executed by at least one processor to implement the respective processes of the video tamper-proof method embodiment, and the same technical effects can be achieved, so that repetition is avoided, and a detailed description is omitted here.

Fig. 10 is a schematic diagram of a hardware structure of an electronic device implementing various embodiments of the present invention.

The electronic device 1000 includes, but is not limited to: radio frequency unit 1001, network module 1002, audio output unit 1003, input unit 1004, sensor 1005, display unit 1006, user input unit 1007, interface unit 1008, memory 1009, processor 1010, and power supply 1011. It will be appreciated by those skilled in the art that the electronic device structure shown in fig. 10 is not limiting of the electronic device and that the electronic device may include more or fewer components than shown, or may combine certain components, or a different arrangement of components. In the embodiment of the invention, the electronic equipment comprises, but is not limited to, a mobile phone, a tablet computer, a notebook computer, a palm computer, a vehicle-mounted terminal, a wearable device, a pedometer and the like.

It should be understood that, in the embodiment of the present invention, the radio frequency unit 1001 may be used to receive and send information or signals during a call, specifically, receive downlink data from a base station, and then process the downlink data with the processor 1010; and, the uplink data is transmitted to the base station. In general, the radio frequency unit 1001 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like. In addition, the radio frequency unit 1001 may also communicate with networks and other devices through a wireless communication system.

The electronic device provides wireless broadband internet access to the user via the network module 1002, such as helping the user to send and receive e-mail, browse web pages, and access streaming media, etc.

The audio output unit 1003 may convert audio data received by the radio frequency unit 1001 or the network module 1002 or stored in the memory 1009 into an audio signal and output as sound. Also, the audio output unit 1003 may also provide audio output (e.g., a call signal reception sound, a message reception sound, etc.) related to a specific function performed by the electronic apparatus 1000. The audio output unit 1003 includes a speaker, a buzzer, a receiver, and the like.

The input unit 1004 is used for receiving an audio or video signal. The input unit 1004 may include a graphics processor (Graphics Processing Unit, GPU) 10041 and a microphone 10042, the graphics processor 10041 processing image data of still pictures or video obtained by an image capturing apparatus (e.g., a camera) in a video capturing mode or an image capturing mode. The processed image frames may be displayed on the display unit 1006. The image frames processed by the graphics processor 10041 may be stored in the memory 1009 (or other storage medium) or transmitted via the radio frequency unit 1001 or the network module 1002. Microphone 10042 may receive sound and may be able to process such sound into audio data. The processed audio data may be converted into a format output that can be transmitted to the mobile communication base station via the radio frequency unit 1001 in the case of a telephone call mode.

The electronic device 1000 also includes at least one sensor 1005, such as a light sensor, a motion sensor, and other sensors. Specifically, the light sensor includes an ambient light sensor and a proximity sensor, wherein the ambient light sensor can adjust the brightness of the display panel 10061 according to the brightness of ambient light, and the proximity sensor can turn off the display panel 10061 and/or the backlight when the electronic device 1000 moves to the ear. As one of the motion sensors, the accelerometer sensor can detect the acceleration in all directions (generally three axes), and can detect the gravity and direction when stationary, and can be used for recognizing the gesture of the electronic equipment (such as horizontal and vertical screen switching, related games, magnetometer gesture calibration), vibration recognition related functions (such as pedometer and knocking), and the like; the sensor 1005 may further include a fingerprint sensor, a pressure sensor, an iris sensor, a molecular sensor, a gyroscope, a barometer, a hygrometer, a thermometer, an infrared sensor, etc., which are not described herein.

The display unit 1006 is used to display information input by a user or information provided to the user. The display unit 1006 may include a display panel 10061, and the display panel 10061 may be configured in the form of a liquid crystal display (Liquid Crystal Display, LCD), an Organic Light-Emitting Diode (OLED), or the like.

The user input unit 1007 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the electronic device. Specifically, the user input unit 1007 includes a touch panel 10071 and other input devices 10072. Touch panel 10071, also referred to as a touch screen, may collect touch operations thereon or thereabout by a user (e.g., operations of the user on touch panel 10071 or thereabout using any suitable object or accessory such as a finger, stylus, or the like). The touch panel 10071 can include two portions, a touch detection device and a touch controller. The touch detection device detects the touch azimuth of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch detection device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 1010, and receives and executes commands sent by the processor 1010. In addition, the touch panel 10071 may be implemented in various types such as resistive, capacitive, infrared, and surface acoustic wave. The user input unit 1007 may include other input devices 10072 in addition to the touch panel 10071. Specifically, other input devices 10072 may include, but are not limited to, a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a track ball, a mouse, and a joystick, which are not described herein.

Further, the touch panel 10071 may be overlaid on the display panel 10061, and when the touch panel 10071 detects a touch operation thereon or thereabout, the touch operation is transmitted to the processor 1010 to determine a type of touch event, and then the processor 1010 provides a corresponding visual output on the display panel 10061 according to the type of touch event. Although in fig. 10, the touch panel 10071 and the display panel 10061 are two independent components for implementing the input and output functions of the electronic device, in some embodiments, the touch panel 10071 and the display panel 10061 may be integrated to implement the input and output functions of the electronic device, which is not limited herein.

The interface unit 1008 is an interface to which an external device is connected to the electronic apparatus 1000. For example, the external devices may include a wired or wireless headset port, an external power (or battery charger) port, a wired or wireless data port, a memory card port, a port for connecting a device having an identification module, an audio input/output (I/O) port, a video I/O port, an earphone port, and the like. The interface unit 1008 may be used to receive input (e.g., data information, power, etc.) from an external device and transmit the received input to one or more elements within the electronic apparatus 1000 or may be used to transmit data between the electronic apparatus 1000 and an external device.

The memory 1009 may be used to store software programs as well as various data. The memory 1009 may mainly include a storage program area which may store an operating system, an application program required for at least one function (such as a sound playing function, an image playing function, etc.), and a storage data area; the storage data area may store data (such as audio data, phonebook, etc.) created according to the use of the handset, etc. In addition, the memory 1009 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.

The processor 1010 is a control center of the electronic device, connects various parts of the entire electronic device using various interfaces and lines, and performs various functions of the electronic device and processes data by running or executing software programs and/or modules stored in the memory 1009, and calling data stored in the memory 1009, thereby performing overall monitoring of the electronic device. The processor 1010 may include one or more processing units; preferably, the processor 1010 may integrate an application processor that primarily handles operating systems, user interfaces, applications, etc., with a modem processor that primarily handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 1010.

The electronic device 1000 may also include a power supply 1011 (e.g., a battery) for powering the various components, and preferably the power supply 1011 may be logically connected to the processor 1010 via a power management system whereby charge, discharge, and power consumption management functions are performed by the power management system.

In addition, the electronic device 1000 includes some functional modules that are not shown, and will not be described in detail herein.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present invention.

The embodiments of the present invention have been described above with reference to the accompanying drawings, but the present invention is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many forms may be made by those having ordinary skill in the art without departing from the spirit of the present invention and the scope of the claims, which are to be protected by the present invention.

Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.

In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.

The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.

The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk, etc.

The foregoing is merely illustrative of the present invention, and the present invention is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.

Claims

1. The video tamper-proof method is characterized by being applied to a service platform, wherein the service platform comprises a plurality of levels of network segments, tamper-proof devices are respectively deployed on the network segments of different levels, and the tamper-proof devices at least comprise device identification authentication information and positioning information, and the method comprises the following steps:

2. The method of claim 1, wherein video sampling the video stream to obtain video feature information for the video stream comprises:

3. The method according to claim 1, wherein after the reporting the target video stream of the tamper-resistant device of the present level, the device identification authentication information, the positioning information, and the check information to the tamper-resistant device and the service platform corresponding to the network segment of the next level, the method comprises:

4. The method according to claim 3, wherein, after the service platform stores an original video image and an original video segment, generating error reporting information according to the tamper occurrence position of the video stream, and uploading the error reporting information to the service platform, the method further comprises:

5. The video tamper-proof method is characterized by being applied to a service platform, wherein the service platform comprises a plurality of levels of network segments, tamper-proof devices are respectively deployed on the network segments of different levels, and the tamper-proof devices at least comprise device identification authentication information and positioning information, and the method comprises the following steps:

6. The method of claim 5, wherein the method further comprises:

7. A video tamper-proof device, characterized in that it is applied to a service platform, where the service platform includes a plurality of levels of network segments, tamper-proof devices are deployed on the network segments at different levels, where the tamper-proof devices at least include device identification authentication information and positioning information, and the device includes:

8. A video tamper-proof device, characterized in that it is applied to a service platform, where the service platform includes a plurality of levels of network segments, tamper-proof devices are deployed on the network segments at different levels, where the tamper-proof devices at least include device identification authentication information and positioning information, and the device includes:

9. An electronic device comprising a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory communicate with each other via the communication bus;

the memory is used for storing a computer program;

the processor is configured to implement the method according to any one of claims 1-6 when executing a program stored on a memory.

10. A computer-readable storage medium having instructions stored thereon, which when executed by one or more processors, cause the processors to perform the method of any of claims 1-6.