CN103440456A - Method and device for evaluating safety of application program - Google Patents
Method and device for evaluating safety of application program Download PDFInfo
- Publication number
- CN103440456A CN103440456A CN2013104047572A CN201310404757A CN103440456A CN 103440456 A CN103440456 A CN 103440456A CN 2013104047572 A CN2013104047572 A CN 2013104047572A CN 201310404757 A CN201310404757 A CN 201310404757A CN 103440456 A CN103440456 A CN 103440456A
- Authority
- CN
- China
- Prior art keywords
- scoring
- application program
- authority
- list
- sandbox system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
The invention is applicable to the technical field of intelligent terminals and provides a method for evaluating the safety of an application program. The method comprises the following steps: putting an application program to be evaluated into a sandbox system; matching the permission of the application program requested to the sandbox system during installation with a preset permission list, so as to obtain a first score; matching the permission of the application program requested to the sandbox system during operation with the preset permission list, so as to obtain a second score; integrating the first score and the second score, so as to obtain a safety evaluation result of the application program. The application program to be evaluated is installed and operated in the sandbox system, the safety scores of the permission of the application program requested to the sandbox system during the installation and operation phases are integrated, the safety evaluation result of the application program is obtained, and the accuracy of evaluating the safety of the application program based on the sandbox system is improved.
Description
Technical field
The invention belongs to the intelligent terminal technical field, relate in particular to a kind of method and device of application security assessment.
Background technology
The Android system, because of its opening, allows any equipment vendors to become its developer and is developed rapidly, has become one of operating system of main flow at present, is widely used on the equipment such as mobile phone, panel computer, TV and camera.For the user, maximum value is that to have the abundant application program based on the Android system available, but also exposed day by day is out for the safety problem of Android application program.
The user wish can the complete detection application program in the security of installation phase and operation phase, but the process detected can not produce and destroy operating system, the sandbox system provides such isolation environment by Intel Virtualization Technology.The file that the sandbox system generates the application program of installation and operation therein and revise by re-positioning technology is directed in a temporary folder, can not exert an influence to the file of origin operation system and registration table etc., after closing the sandbox system, the temporary file produced also can disappear thereupon, can not stay in operating system.The user can in the sandbox system, application programs be carried out safety assessment after, think that this application security does actual installation and use again on operating system.
Existing method of based on sandbox system application programs, carrying out safety assessment is: the operation of analog subscriber randomly in large quantities in the sandbox system, records application program is in the behavior of operation phase or the combination of behavior, and contrasted with the malicious act obtained by empirical statistics or its combination, thereby obtain the safety assessment result of this application program.Because the behavior of application program or the result of its combination results have larger uncertainty, and rogue program can, by changing its behavior or it combines to avoid to detect, easily cause assessment result inaccurate.
Summary of the invention
The object of the present invention is to provide a kind of method of application security assessment, be intended to improve the accuracy of carrying out safety assessment based on sandbox system application programs.
The present invention is achieved in that a kind of method of application security assessment, comprising:
Application program to be assessed is put into to the sandbox system;
Described application program is mated to authority and the default access list of described sandbox system request when mounted, obtained the first scoring;
Described application program is mated to authority and the described default access list of described sandbox system request when moving, obtained the second scoring;
Comprehensive described the first scoring and described second is marked, and obtains the safety assessment result of described application program.
Another object of the present invention is to provide a kind of device of application security assessment, comprising:
Placement unit, put into the sandbox system for the application program by be assessed;
The first scoring unit, for described application program is mated to authority and the default access list of described sandbox system request when mounted, obtain the first scoring;
The second scoring unit, for described application program is mated to authority and the described default access list of described sandbox system request when moving, obtain the second scoring;
Comprehensive unit, for comprehensive described the first scoring and described the second scoring, obtain the safety assessment result of described application program.
In the present invention, installation and operation application program to be assessed in the sandbox system, integrated applications is marked to the safety of the authority of sandbox system request at installation phase and operation phase, obtain the safety assessment result of this application program, improved the accuracy of carrying out safety assessment based on sandbox system application programs.
The accompanying drawing explanation
Fig. 1 is the realization flow figure of the method for a kind of application security assessment that provides of the embodiment of the present invention;
Fig. 2 is the specific implementation process flow diagram of the method step S102 of a kind of application security assessment that provides of the embodiment of the present invention;
Fig. 3 is the specific implementation process flow diagram of the method step S103 of a kind of application security assessment that provides of the embodiment of the present invention;
Fig. 4 is the specific implementation process flow diagram of the method step S104 of a kind of application security assessment that provides of the embodiment of the present invention;
Fig. 5 is the structured flowchart of the device of a kind of application security assessment that provides of the embodiment of the present invention.
Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
In embodiments of the present invention, installation and operation application program to be assessed in the sandbox system, integrated applications is marked to the safety of the authority of sandbox system request at installation phase and operation phase, obtain the safety assessment result of this application program, improved the accuracy of carrying out safety assessment based on sandbox system application programs.
It should be noted that, the method of a kind of application security assessment that the embodiment of the present invention provides can run in the operating systems such as Android system, linux system, Windows system, the embodiment of the present invention describes with the Android system, is not intended to limit the present invention.
The realization flow of the method that a kind of application security that Fig. 1 shows the embodiment of the present invention to be provided is assessed, details are as follows:
In step S101, application program to be assessed is put into to the sandbox system.
The sandbox system utilizes re-positioning technology to provide an environment for detecting virus or evaluate application security, and application program and origin operation system partitioning are wherein opened.In embodiments of the present invention, Android application program to be assessed is put into to the sandbox system, this Android application program and extraneous Android system partitioning are opened, so that the step of follow-up this application program of installation and operation can not exert an influence to the Android system.
In step S102, described application program is mated to authority and the default access list of described sandbox system request when mounted, obtain the first scoring.
For the Android system, no matter application program is to carry out the operations such as access resources or interconnection network, all needs to state its authority, otherwise can't work.For example, during set up applications, need to first state the authority that this application program will use, if the authority of statement all is allowed to, this application program just can be installed in the Android system.
The SDK (Software Development Kit) of Android system (Software Development Kit, SDK) provide the instrument of a set of auxiliary development for the developer, the all authorities that may use of application program have wherein been defined, for example, android.permission.BLUETOOTH means to allow application program to connect the bluetooth equipment matched.In embodiments of the present invention, add up the authority that known rogue program is used, extract 26 authorities according to statistics and form the default access list from SDK, wherein, each authority can also have its corresponding identification number, type, description, the particular content in the Android system and score value etc., and table 1 shows the partial content of default access list:
Table 1
The higher expression of score value is used the possibility that the application program of this authority is rogue program larger, so the authority in the default access list also can be called responsive authority.Score value corresponding to authority in described default access list is to obtain the frequency occurred in malicious application according to described authority and the frequency computation part occurred in security application.A kind of account form wherein can be shown below:
The frequency that wherein this authority occurs at rogue program, frequency and the experience score value occurred at security procedure are by the application program to a large amount of, comprise rogue program and security procedure, carry out statistical study and obtain.
The authority that the application program of putting into the sandbox system is asked when mounted and responsive authority are mated, and obtain assessing one of them parameter of this applications security.As one embodiment of the present of invention, as shown in Figure 2, step S102 is specially:
In S201, described application program is installed in described sandbox system, and extracts configuration file from described application program, comprise described application program in described configuration file when mounted to the first list of the authority of described sandbox system request.
The authority that the Android application program when mounted can statement need to be used, these information are included in the global configuration file of Android application program.In embodiments of the present invention, the Android application program is carried out to decompression, this application program is installed, and extract global configuration file AndroidManifest.xml, resolve AndroidManifest.xml, find the authority part of this application requests, as shown in following code:
<uses-permission?android:name=”android.permission.CALL_PHONE”/>
<uses-permission?android:name=”android.permission.READ_CONTACTS”/>
<uses-permission?android:name=”android.permission.SET_WALLPAPER”/>
Comprise the authority that this application program statement need to be used in the code of " uses-permission " fragment, " CALL_PHONE " means not by dialing of dial user's circle initialization but needs the user confirms, the user is read in " READ_CONTACTS " expression contact data, " SET_WALLPAPER " to mean wallpaper is set, the authority of asking in AndroidManifest.xml is formed to the first list.When the authority of statement, while all being allowed to, this application program just can be installed, and the first list is copied in the sandbox system to the authority when moving after installation.
In S202, by the authority in described the first list one by one with described default access list in authority mated, and read score value corresponding to authority simultaneously be contained in described the first list and described default access list.
In embodiments of the present invention, by the authority in the first list one by one with the default access list in authority contrasted, if relate to responsive authority read corresponding score value; If do not relate to responsive authority skip, continue contrast next.The responsive authority related in the first list is more, illustrates that the danger of this Android application program is larger.
In S203, the cumulative described score value read obtains described the first scoring.
In embodiments of the present invention, the score value read in accumulation step S202, obtain the total scoring of authority that this Android application program is asked when mounted.In addition, also can calculate in other way total scoring, for example the score value read is weighted to summation, at this, not do one by one and limit.
In step S103, described application program is mated to authority and the described default access list of described sandbox system request when moving, obtain the second scoring.
For the Android application program, although the first list meeting is copied in the sandbox system authority when conduct moves after installation, but in the process of application program operation, authority may be employed program and distort, and particularly will note the responsive authority of application program in whether can in the unwitting situation of user, obtaining the default access list.Authority to the request when moving of Android application program is carried out safety assessment, can improve the accuracy of assessment.
Authority and the responsive authority of putting into application program request when moving of sandbox system are mated, obtained assessing another important parameter of this applications security.As one embodiment of the present of invention, as shown in Figure 3, S103 is specially:
In S301, the described application program of operation in described sandbox system, the operation of analog subscriber is carried out repeatedly random test to described application program.
In order to learn the authority of application program request when moving, operation that can analog subscriber is carried out a large amount of random tests to this application program, also referred to as random pressure test, observe the daily record that application program produces simultaneously, record the authority of this application requests in test process.
Rogue program probably only just can expose its danger when meeting specific condition, such as: read associated person information in the specific time, steal the user at the account number of specific payment website and password etc., also just show randomly even under given conditions danger; And, under other condition, can't distinguish the difference of itself and security procedure, therefore, random pressure test should travel through all possible situation as far as possible.In embodiments of the present invention, use the Monkey instrument in Android system automatic testing instrument, write test script file, simulate various possible situations, for example: identical test script file be in the situation that different will the operation repeatedly, and by the authority of this Android application requests in the log recording test process of application program.For example: after certain test finishes, being recorded as in daily record:
android.permission.READ_SMS,3;
android.permission.SEND_SMS,2;
Mean that this Android application program attempts short message reading 3 times in when operation, send note 2 times.
In S302, statistics is the authority to described sandbox system request in application program described in simulation process, forms a plurality of the second lists.
In embodiments of the present invention, the authority of Android application requests in statistical log, to a list of test formation each time.
In S303, by the authority in each described second list respectively one by one with described default access list in authority mated, and read score value corresponding to authority simultaneously be contained in described the second list and described default access list.
In embodiments of the present invention, by the authority in above-mentioned a plurality of lists one by one with the default access list in authority contrasted, process is identical with step S202, does not repeat them here.If the responsive authority related in the second list has been compared and has been increased with the responsive authority related in the first list, illustrate that this Android application program has malice to promote the possibility of authority when operation, and such behavior do not stop by system, mean that the danger of this Android application program increases.
In S304, the cumulative described score value read, and accumulation result is averaging and obtains described the second scoring the number of times of described random test.
In embodiments of the present invention, the score value read in accumulation step S303, because being repeatedly tests, the number of times by the cumulative total score value obtained to test is averaging, and obtains the scoring of this Android application program authority of request when operation.In addition, also can calculate in other way total scoring, at this, not do one by one and limit.
In step S104, comprehensive described the first scoring and described second is marked, and obtains the safety assessment result of described application program.
The first scoring and the second scoring have reflected respectively the responsive authority that the Android application program relates to when moving when mounted, consider the accuracy that responsive authority that two stages relate to can improve safety assessment.As one embodiment of the present of invention, as shown in Figure 4, S104 is specially:
In S401, described the first scoring and described the second scoring are weighted to summation operation.
The first scoring and the second scoring are weighted to summation, in the time of can installing by the size reflection of weights and the authority of request during operation to the significance level of safety assessment, revise final safety assessment result.Known according to statistics, scoring effect when scoring effect during installation slightly is weaker than operation, the ratio of the weights of the first scoring and the second scoring can be decided to be 2:3.In embodiments of the present invention, weights be designed with such characteristics: if described the first scoring is less than described the second scoring, the weights of described the first scoring are less than the weights of described the second scoring; If described the first scoring is greater than described the second scoring, the weights of described the first scoring are greater than the weights of described the second scoring.
If the first scoring is less than the second scoring, illustrate that this Android application program may utilize the recessiveness application of application program maliciously to promote authority after installation, the authority increased is responsive authority, and by system, do not stoped, therefore this Android application program is not controlled, namely unsafe for system, and the weights of the first scoring are less than the weights of the second scoring, as 2:3, final grade form is shown: first scoring * 0.4+ the second scoring * 0.6.
If the first scoring is greater than the second scoring, the authority obtained when authority that this Android application program asks when mounted is more than actual motion is described, some authority of asking is when mounted stoped by system, therefore this Android application program is controlled, the weights of the first scoring are greater than the weights of the second scoring, as 3:2, final grade form is shown: first scoring * 0.6+ the second scoring * 0.4.
If the first scoring equals the second scoring, illustrate that the authority of asking when authority that this Android application program asks when mounted is with actual motion is identical, final scoring can be expressed as: the first scoring or second is marked.
In S402, if the result of described computing is greater than default score value, described application program is unsafe application program.
In embodiments of the present invention, the first scoring and second that the Android application program is obtained with when operation is when mounted marked after weighted sum, obtains final scoring, if final scoring is greater than default score value, is evaluated as danger.For example: final score value is greater than 60 minutes, and this Android application program is dangerous, surpasses 100 minutes and calculates by 100 minutes; Can be also to be divided into several mark sections, the assessment results such as each mark section respectively corresponding " safety ", " safer ", " danger ".After complete to the Android application assessment, this application program of unloading in the sandbox system, the reduction initial environment, above-mentioned institute all can not impact the Android system in steps, the user can, with reference to the safety assessment result, determine whether to use this Android application program.
In embodiments of the present invention, installation and operation application program to be assessed in the sandbox system, integrated applications is marked to the safety of the authority of sandbox system request at installation phase and operation phase, obtain the safety assessment result of this application program, improved the accuracy of carrying out safety assessment based on sandbox system application programs.
The structured flowchart of the device that a kind of application security that Fig. 5 shows the embodiment of the present invention to be provided is assessed, this device can be positioned at smart mobile phone, panel computer, in the equipment such as TV and camera, for carrying out the method for the described a kind of application security assessment of Fig. 1 to Fig. 4 embodiment of the present invention.For convenience of explanation, only show the part relevant to the present embodiment.With reference to Fig. 5, this device comprises:
The first scoring unit 52, mated described application program when mounted to authority and the default access list of described sandbox system request, obtain the first scoring.
The second scoring unit 53 is mated described application program when moving to authority and the described default access list of described sandbox system request, obtain the second scoring.
Alternatively, the first scoring unit 52 comprises:
Extract subelement, described application program is installed in described sandbox system, and extracts configuration file from described application program, comprise described application program in described configuration file when mounted to the first list of the authority of described sandbox system request.
The first coupling subelement, by the authority in described the first list one by one with described default access list in authority mated, and read score value corresponding to authority simultaneously be contained in described the first list and described default access list.
The first cumulative subelement, the cumulative described score value read obtains described the first scoring.
Alternatively, the second scoring unit 53 comprises:
The test subelement, the described application program of operation in described sandbox system, the operation of analog subscriber is carried out repeatedly random test to described application program.
The statistics subelement, statistics is the authority to described sandbox system request in application program described in simulation process, forms a plurality of the second lists.
The second coupling subelement, by the authority in each described second list respectively one by one with described default access list in authority mated, and read score value corresponding to authority simultaneously be contained in described the second list and described default access list.
The second cumulative subelement, the cumulative described score value read, and accumulation result is averaging and obtains described the second scoring the number of times of described random test.
Alternatively, score value corresponding to authority in described default access list is to obtain the frequency occurred in malicious application according to described authority and the frequency computation part occurred in security application.
Alternatively, comprehensive unit 54 comprises:
The weighted sum subelement, be weighted summation operation to described the first scoring and described the second scoring.
Judgment sub-unit, if the result of the described computing of judgement is greater than default score value, described application program is unsafe application program.
Alternatively, if described the first scoring is less than described the second scoring, the weights of described the first scoring are less than the weights of described the second scoring; If described the first scoring is greater than described the second scoring, the weights of described the first scoring are greater than the weights of described the second scoring.
In embodiments of the present invention, installation and operation application program to be assessed in the sandbox system, integrated applications is marked to the safety of the authority of sandbox system request at installation phase and operation phase, obtain the safety assessment result of this application program, improved the accuracy of carrying out safety assessment based on sandbox system application programs.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any modifications of doing within the spirit and principles in the present invention, be equal to and replace and improvement etc., within all should being included in protection scope of the present invention.
Claims (12)
1. the method for an application security assessment, is characterized in that, comprising:
Application program to be assessed is put into to the sandbox system;
Described application program is mated to authority and the default access list of described sandbox system request when mounted, obtained the first scoring;
Described application program is mated to authority and the described default access list of described sandbox system request when moving, obtained the second scoring;
Comprehensive described the first scoring and described second is marked, and obtains the safety assessment result of described application program.
2. the method for claim 1, is characterized in that, described described application program mated to authority and the default access list of described sandbox system request when mounted, obtains the first scoring and comprise:
Described application program is installed in described sandbox system, and extracts configuration file from described application program, comprise described application program in described configuration file when mounted to the first list of the authority of described sandbox system request;
By the authority in described the first list one by one with described default access list in authority mated, and read score value corresponding to authority simultaneously be contained in described the first list and described default access list;
The cumulative described score value read obtains described the first scoring.
3. the method for claim 1, is characterized in that, described described application program the time mated to authority and the described default access list of described sandbox system request in operation, obtains the second scoring and comprise:
The described application program of operation in described sandbox system, the operation of analog subscriber is carried out repeatedly random test to described application program;
Statistics is the authority to described sandbox system request in application program described in simulation process, forms a plurality of the second lists;
By the authority in each described second list respectively one by one with described default access list in authority mated, and read score value corresponding to authority simultaneously be contained in described the second list and described default access list;
The cumulative described score value read, and accumulation result is averaging and obtains described the second scoring the number of times of described random test.
4. as claim 2 or the described method of 3 any one, it is characterized in that,
Score value corresponding to authority in described default access list is to obtain the frequency occurred in malicious application according to described authority and the frequency computation part occurred in security application.
5. the method for claim 1, is characterized in that, described comprehensive described the first scoring and described the second scoring, and the safety assessment result that obtains described application program comprises:
Described the first scoring and described the second scoring are weighted to summation operation;
If the result of described computing is greater than default score value, described application program is unsafe application program.
6. method as claimed in claim 5, is characterized in that,
If described the first scoring is less than described the second scoring, the weights of described the first scoring are less than the weights of described the second scoring;
If described the first scoring is greater than described the second scoring, the weights of described the first scoring are greater than the weights of described the second scoring.
7. the device of an application security assessment, is characterized in that, comprising:
Placement unit, put into the sandbox system for the application program by be assessed;
The first scoring unit, for described application program is mated to authority and the default access list of described sandbox system request when mounted, obtain the first scoring;
The second scoring unit, for described application program is mated to authority and the described default access list of described sandbox system request when moving, obtain the second scoring;
Comprehensive unit, for comprehensive described the first scoring and described the second scoring, obtain the safety assessment result of described application program.
8. device as claimed in claim 7, is characterized in that, described the first scoring unit comprises:
Extract subelement, in described sandbox system, described application program being installed, and extract configuration file from described application program, comprise described application program in described configuration file when mounted to the first list of the authority of described sandbox system request;
The first coupling subelement, for the authority by described the first list one by one with described default access list in authority mated, and read score value corresponding to authority simultaneously be contained in described the first list and described default access list;
The first cumulative subelement, obtain described the first scoring for the cumulative described score value read.
9. device as claimed in claim 7, is characterized in that, described the second scoring unit comprises:
The test subelement, in described sandbox system, moving described application program, the operation of analog subscriber is carried out repeatedly random test to described application program;
The statistics subelement, for adding up in application program described in simulation process the authority to described sandbox system request, form a plurality of the second lists;
The second coupling subelement, for the authority by each described the second list respectively one by one with described default access list in authority mated, and read score value corresponding to authority simultaneously be contained in described the second list and described default access list;
The second cumulative subelement, for the cumulative described score value read, and be averaging accumulation result to obtain described the second scoring to the number of times of described random test.
10. as claim 8 or the described device of 9 any one, it is characterized in that,
Score value corresponding to authority in described default access list is to obtain the frequency occurred in malicious application according to described authority and the frequency computation part occurred in security application.
11. device as claimed in claim 7, is characterized in that, described comprehensive unit comprises:
The weighted sum subelement, for being weighted summation operation to described the first scoring and described the second scoring;
Judgment sub-unit, if be greater than default score value for the result of the described computing of judgement, described application program is unsafe application program.
12. device as claimed in claim 11, is characterized in that,
If described the first scoring is less than described the second scoring, the weights of described the first scoring are less than the weights of described the second scoring;
If described the first scoring is greater than described the second scoring, the weights of described the first scoring are greater than the weights of described the second scoring.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310404757.2A CN103440456B (en) | 2013-09-06 | 2013-09-06 | The method and device that a kind of application security is assessed |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310404757.2A CN103440456B (en) | 2013-09-06 | 2013-09-06 | The method and device that a kind of application security is assessed |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103440456A true CN103440456A (en) | 2013-12-11 |
| CN103440456B CN103440456B (en) | 2017-09-08 |
Family
ID=49694149
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310404757.2A Expired - Fee Related CN103440456B (en) | 2013-09-06 | 2013-09-06 | The method and device that a kind of application security is assessed |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103440456B (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103927482A (en) * | 2014-03-24 | 2014-07-16 | 深圳市中兴移动通信有限公司 | Mobile terminal and application sensitivity permission management method thereof |
| CN104217162A (en) * | 2014-09-05 | 2014-12-17 | 四川长虹电器股份有限公司 | Method and system for detecting malicious software in smart terminal |
| CN104268470A (en) * | 2014-09-26 | 2015-01-07 | 酷派软件技术(深圳)有限公司 | Security control method and security control device |
| CN104317740A (en) * | 2014-11-13 | 2015-01-28 | 北京奇虎科技有限公司 | Method and device for cleaning cache directory/document based on sandbox technology |
| CN105117544A (en) * | 2015-08-21 | 2015-12-02 | 李涛 | Android platform App risk assessment method based on mobile cloud computing and Android platform App risk assessment device based on mobile cloud computing |
| CN105279079A (en) * | 2014-06-25 | 2016-01-27 | 腾讯科技(深圳)有限公司 | Application performance estimating method, apparatus and system |
| CN105740709A (en) * | 2016-01-29 | 2016-07-06 | 博雅网信(北京)科技有限公司 | Authority combination-based Android malicious software detection method |
| CN105740715A (en) * | 2016-01-29 | 2016-07-06 | 广东欧珀移动通信有限公司 | Safety assessment method and terminal equipment |
| CN107563189A (en) * | 2017-08-24 | 2018-01-09 | 东软集团股份有限公司 | One kind applies detection method and terminal |
| CN108280352A (en) * | 2018-01-17 | 2018-07-13 | 西安邮电大学 | A kind of privacy assessment and right management method based on 8.0 authority mechanisms of Android |
| CN109598127A (en) * | 2018-12-07 | 2019-04-09 | 百度在线网络技术(北京)有限公司 | Privacy risk appraisal procedure and device |
| CN111221733A (en) * | 2020-01-06 | 2020-06-02 | 北京小米移动软件有限公司 | Information processing method and device, mobile terminal and storage medium |
| CN111814181A (en) * | 2020-06-30 | 2020-10-23 | 平安科技(深圳)有限公司 | System authority authorization method and device, electronic equipment and storage medium |
| CN112270014A (en) * | 2020-10-16 | 2021-01-26 | 维沃移动通信有限公司 | Application program control method and device and electronic equipment |
| CN114356788A (en) * | 2022-03-21 | 2022-04-15 | 大鲲智联(成都)科技有限公司 | Application program detection method, device, equipment and medium based on user information |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102426639A (en) * | 2011-09-26 | 2012-04-25 | 宇龙计算机通信科技(深圳)有限公司 | Information safety monitoring method and device |
| CN102819715A (en) * | 2012-08-15 | 2012-12-12 | 腾讯科技(深圳)有限公司 | API (application programming interface) monitoring method and device |
| EP2562667A1 (en) * | 2011-08-24 | 2013-02-27 | Pantech Co., Ltd. | Apparatus and method for providing security information on background process |
-
2013
- 2013-09-06 CN CN201310404757.2A patent/CN103440456B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2562667A1 (en) * | 2011-08-24 | 2013-02-27 | Pantech Co., Ltd. | Apparatus and method for providing security information on background process |
| CN102426639A (en) * | 2011-09-26 | 2012-04-25 | 宇龙计算机通信科技(深圳)有限公司 | Information safety monitoring method and device |
| CN102819715A (en) * | 2012-08-15 | 2012-12-12 | 腾讯科技(深圳)有限公司 | API (application programming interface) monitoring method and device |
Non-Patent Citations (1)
| Title |
|---|
| 沈才樑: "Android权限提升漏洞攻击的检测", 《电信科学》 * |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103927482A (en) * | 2014-03-24 | 2014-07-16 | 深圳市中兴移动通信有限公司 | Mobile terminal and application sensitivity permission management method thereof |
| CN105279079A (en) * | 2014-06-25 | 2016-01-27 | 腾讯科技(深圳)有限公司 | Application performance estimating method, apparatus and system |
| CN104217162A (en) * | 2014-09-05 | 2014-12-17 | 四川长虹电器股份有限公司 | Method and system for detecting malicious software in smart terminal |
| CN104268470B (en) * | 2014-09-26 | 2018-02-13 | 酷派软件技术(深圳)有限公司 | Method of controlling security and safety control |
| CN104268470A (en) * | 2014-09-26 | 2015-01-07 | 酷派软件技术(深圳)有限公司 | Security control method and security control device |
| CN104317740B (en) * | 2014-11-13 | 2017-07-07 | 北京奇虎科技有限公司 | The method for cleaning and device of the CACHE DIRECTORY/file based on sandbox technology |
| CN104317740A (en) * | 2014-11-13 | 2015-01-28 | 北京奇虎科技有限公司 | Method and device for cleaning cache directory/document based on sandbox technology |
| CN105117544B (en) * | 2015-08-21 | 2018-09-28 | 李涛 | Android platform App methods of risk assessment and device based on mobile cloud computing |
| CN105117544A (en) * | 2015-08-21 | 2015-12-02 | 李涛 | Android platform App risk assessment method based on mobile cloud computing and Android platform App risk assessment device based on mobile cloud computing |
| CN105740715A (en) * | 2016-01-29 | 2016-07-06 | 广东欧珀移动通信有限公司 | Safety assessment method and terminal equipment |
| CN105740709A (en) * | 2016-01-29 | 2016-07-06 | 博雅网信(北京)科技有限公司 | Authority combination-based Android malicious software detection method |
| CN105740709B (en) * | 2016-01-29 | 2018-09-28 | 博雅网信(北京)科技有限公司 | A kind of Android malware detection method based on permission combination |
| CN107563189A (en) * | 2017-08-24 | 2018-01-09 | 东软集团股份有限公司 | One kind applies detection method and terminal |
| CN108280352A (en) * | 2018-01-17 | 2018-07-13 | 西安邮电大学 | A kind of privacy assessment and right management method based on 8.0 authority mechanisms of Android |
| CN109598127A (en) * | 2018-12-07 | 2019-04-09 | 百度在线网络技术(北京)有限公司 | Privacy risk appraisal procedure and device |
| CN109598127B (en) * | 2018-12-07 | 2023-07-25 | 百度在线网络技术(北京)有限公司 | Privacy risk assessment method and device |
| CN111221733A (en) * | 2020-01-06 | 2020-06-02 | 北京小米移动软件有限公司 | Information processing method and device, mobile terminal and storage medium |
| CN111814181A (en) * | 2020-06-30 | 2020-10-23 | 平安科技(深圳)有限公司 | System authority authorization method and device, electronic equipment and storage medium |
| CN111814181B (en) * | 2020-06-30 | 2023-10-31 | 平安科技(深圳)有限公司 | System authority authorization method and device, electronic equipment and storage medium |
| CN112270014A (en) * | 2020-10-16 | 2021-01-26 | 维沃移动通信有限公司 | Application program control method and device and electronic equipment |
| CN114356788A (en) * | 2022-03-21 | 2022-04-15 | 大鲲智联(成都)科技有限公司 | Application program detection method, device, equipment and medium based on user information |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103440456B (en) | 2017-09-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103440456A (en) | Method and device for evaluating safety of application program | |
| CN109117250B (en) | Simulator identification method, simulator identification equipment and computer readable medium | |
| CN109062667B (en) | Simulator identification method, simulator identification equipment and computer readable medium | |
| US20130117855A1 (en) | Apparatus for automatically inspecting security of applications and method thereof | |
| CN109144665A (en) | A kind of simulator recognition methods, identification equipment and computer-readable medium | |
| CN109145590B (en) | Function hook detection method, detection equipment and computer readable medium | |
| CN103996007A (en) | Testing method and system for Android application permission leakage vulnerabilities | |
| US20140020096A1 (en) | System to profile application software | |
| CN108763951B (en) | Data protection method and device | |
| CN102340398A (en) | Security policy setting and determining method, and method and device for executing operation by application program | |
| KR20140098025A (en) | System and Method For A SEcurity Assessment of an Application Uploaded to an AppStore | |
| CN105069354A (en) | Attack tree model based Android software hybrid detection method | |
| CN103198243B (en) | A kind of method and device identifying mountain vallage application program | |
| CN109302423B (en) | Vulnerability scanning capability testing method and device | |
| CN109815702B (en) | Software behavior safety detection method, device and equipment | |
| CN109325350B (en) | Security assessment system and method for operation environment of electric power mobile terminal | |
| Hwang et al. | Bittersweet adb: Attacks and defenses | |
| CN107122664B (en) | Safety protection method and device | |
| CN117076330B (en) | Access verification method, system, electronic equipment and readable storage medium | |
| CN111783091A (en) | Malicious process detection method, device, terminal and computer readable storage medium | |
| CN106034150B (en) | Application program dynamic pushing method, device and system | |
| CN106095927B (en) | A kind for the treatment of method and apparatus of position data | |
| CN108959931B (en) | Vulnerability detection method and device, information interaction method and equipment | |
| CN111800427B (en) | Internet of things equipment evaluation method, device and system | |
| Kim et al. | Detecting illegally-copied apps on android devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170908 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |