CN111639332A - Software installation method and device, electronic equipment and storage medium - Google Patents
Software installation method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN111639332A CN111639332A CN202010395279.3A CN202010395279A CN111639332A CN 111639332 A CN111639332 A CN 111639332A CN 202010395279 A CN202010395279 A CN 202010395279A CN 111639332 A CN111639332 A CN 111639332A
- Authority
- CN
- China
- Prior art keywords
- installation
- installation package
- software
- type
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the invention discloses a software installation method, a software installation device, electronic equipment and a storage medium, which are used for solving the problem of silent software installation of the electronic equipment. The method comprises the following steps: when a first process of a first installation package for installing first software is monitored, pausing the first process, and acquiring a file path of the first installation package according to the first process; acquiring first file information of the first installation package according to the file path; determining a first installation type of the first installation package according to the first file information; and if the first installation type is an abnormal installation type and the first software does not belong to a preset white list, displaying first selection prompt information of the first installation package. By adopting the embodiment of the invention, the safety of the electronic equipment can be improved.
Description
Technical Field
The present invention relates to the field of computer applications, and in particular, to a software installation method and apparatus, an electronic device, and a storage medium.
Background
With the development of information technology, more and more application software is installed in electronic devices. And the electronic device may also have malicious application software (e.g., bundled software, rogue software, etc.) installed without the user's knowledge. However, installation of malicious application software is then confusing. For example, the bundled software may not be the application software desired by the user, occupy memory space of the electronic device after installation, and even affect the use of the electronic device. Rogue software may include advertising to promote personal products, monitoring user internet habits, or stealing user account passwords or automatic networking, which may threaten the security of the electronic device.
Disclosure of Invention
Embodiments of the present invention provide a software installation method, an apparatus, an electronic device, and a storage medium, which are used to solve the problem of silent software installation of an electronic device, and can perform installation processing based on an installation type of software to be installed, thereby improving accuracy of installation processing and facilitating improvement of security of the electronic device.
In a first aspect, the present invention provides a software installation method, including:
when a first process of a first installation package for installing first software is monitored, pausing the first process, and acquiring a file path of the first installation package according to the first process;
acquiring first file information of the first installation package according to the file path;
determining a first installation type of the first installation package according to the first file information;
and if the first installation type is an abnormal installation type and the first software does not belong to a preset white list, displaying first selection prompt information of the first installation package.
With reference to the first aspect of the embodiment of the present invention, in a first possible implementation manner of the first aspect of the embodiment of the present invention, the determining, according to the first file information, a first installation type of the first installation package includes:
identifying the first file information according to a preset rule to obtain characteristic information of the first installation package;
and determining a first installation type of the first installation package according to the characteristic information.
With reference to the first possible implementation manner of the first aspect of the embodiment of the present invention, in a second possible implementation manner of the first aspect of the embodiment of the present invention, if the feature information is a first order of the first file information, the determining, according to the feature information, a first installation type of the first installation package includes:
searching a second sequence of preset target file information, wherein the target file information is file information of a target installation package corresponding to the first installation package;
when the first ordering is inconsistent with the second ordering, determining that the first installation type of the first installation package is an abnormal installation type.
With reference to the first possible implementation manner of the first aspect of the embodiment of the present invention, in a third possible implementation manner of the first aspect of the embodiment of the present invention, the determining, according to the feature information, a first installation type of the first installation package includes:
determining a second installation type of a second process in the process chain of the first process;
if the process chain of the first process comprises a second process of a second installation package for installing second software, determining a third installation type of the second installation package;
and if the second installation type is different from the third installation type, determining that the first installation type of the first installation package is an abnormal installation type.
With reference to the first aspect of the embodiment of the present invention, the first possible implementation manner of the first aspect, the second possible implementation manner of the first aspect, or the third possible implementation manner of the first aspect, in a fourth possible implementation manner of the first aspect of the embodiment of the present invention, the displaying the first selection prompt information of the first installation package includes:
determining malicious information in the first installation package;
generating first selection prompt information according to the malicious information;
and displaying the first selection prompt message.
With reference to the first aspect of the embodiment of the present invention, the first possible implementation manner of the first aspect, the second possible implementation manner of the first aspect, or the third possible implementation manner of the first aspect, in a fifth possible implementation manner of the first aspect of the embodiment of the present invention, the method further includes:
and if an installation permission instruction sent by the user aiming at the first selection prompt message is received, continuing to execute the first process, and adding the first software into the preset white list.
With reference to the first aspect of the embodiment of the present invention, the first possible implementation manner of the first aspect, the second possible implementation manner of the first aspect, or the third possible implementation manner of the first aspect, in a sixth possible implementation manner of the first aspect of the embodiment of the present invention, the method further includes:
if the first installation type is a normal installation type, or,
if the first installation type is an abnormal installation type and the first software belongs to the preset white list, determining the application type of the first software;
searching for third software which is installed in the electronic equipment and is consistent with the application type;
acquiring comparison information between the first software and the third software;
generating second selection prompt information according to the comparison information;
and displaying the second selection prompt message.
In a second aspect, the present invention provides a software installation apparatus, including:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for pausing a first process of a first installation package for installing first software when the first process is monitored, and acquiring a file path of the first installation package according to the first process; acquiring first file information of the first installation package according to the file path;
the determining unit is used for determining a first installation type of the first installation package according to the first file information;
and the execution unit is used for displaying first selection prompt information of the first installation package if the first installation type is an abnormal installation type and the first software does not belong to a preset white list.
With reference to the second aspect of the embodiment of the present invention, in a first possible implementation manner of the second aspect of the embodiment of the present invention, the determining unit is specifically configured to identify the first file information according to a preset rule, so as to obtain feature information of the first installation package; and determining a first installation type of the first installation package according to the characteristic information.
With reference to the first possible implementation manner of the second aspect of the present embodiment, in the second possible implementation manner of the second aspect of the present embodiment, if the feature information is the first ranking of the first file information, the determining unit is specifically configured to search a second ranking of preset target file information, where the target file information is file information of a target installation package corresponding to the first installation package; when the first ordering is inconsistent with the second ordering, determining that the first installation type of the first installation package is an abnormal installation type.
With reference to the first possible implementation manner of the second aspect of the embodiment of the present invention, in a third possible implementation manner of the second aspect of the embodiment of the present invention, the determining unit is specifically configured to determine the second installation type of the first installation package according to the feature information; when the process chain of the first process comprises a second process of a second installation package for installing second software, determining a third installation type of the second installation package; and if the second installation type is different from the third installation type, determining that the first installation type of the first installation package is an abnormal installation type.
With reference to the second aspect of the embodiment of the present invention, the first possible implementation manner of the second aspect, the second possible implementation manner of the second aspect, or the third possible implementation manner of the second aspect, in a fourth possible implementation manner of the second aspect of the embodiment of the present invention, the execution unit is specifically configured to determine malicious information in the first installation package; generating first selection prompt information according to the malicious information; and displaying the first selection prompt message.
With reference to the second aspect of the present invention, the first possible implementation manner of the second aspect, the second possible implementation manner of the second aspect, or the third possible implementation manner of the second aspect, in a fifth possible implementation manner of the second aspect of the present invention, the execution unit is further configured to, if an installation permission instruction sent by a user for the first selection prompt information is received, continue to execute the first process, and add the first software to the preset white list.
With reference to the second aspect of the present invention, the first possible implementation manner of the second aspect, the second possible implementation manner of the second aspect, or the third possible implementation manner of the second aspect, in a sixth possible implementation manner of the second aspect of the present invention, the execution unit is further configured to determine an application type of the first software if the first installation type is a normal installation type, or if the first installation type is an abnormal installation type and the first software belongs to the preset white list; searching for second software which is installed in the electronic equipment and is consistent with the application type; acquiring comparison information between the first software and the third software; generating second selection prompt information according to the comparison information; and displaying the second selection prompt message.
A third aspect of embodiments of the present invention provides an electronic device, including: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory, so as to execute the software installation method provided by the first aspect of the embodiment of the present invention.
A fourth aspect of the embodiments of the present invention provides a non-transitory computer-readable storage medium, where the storage medium is used to store a computer program, and the computer program, when executed by a processor, implements the software installation method provided in the first aspect of the embodiments of the present invention.
By implementing the embodiment of the invention, when the first process of the first installation package for installing the first software is monitored, the file path of the first installation package is obtained according to the first process. And then acquiring first file information of the first installation package according to the file path, and determining a first installation type of the first installation package according to the first file information. And if the first installation type is determined to be the abnormal installation type and the first software does not belong to the preset white list, displaying first selection prompt information of the first installation package. Therefore, the user can determine whether to continue to install the first installation package according to the first selection prompt message, the accuracy of installation processing can be improved, and the safety of the electronic equipment is improved conveniently.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a flow chart illustrating a software installation method according to an embodiment of the present invention;
FIG. 2 is a diagram illustrating a process chain according to an embodiment of the present invention;
FIG. 3 is a flow chart illustrating another software installation method provided by the embodiment of the invention;
FIG. 4 is a schematic structural diagram of a software installation apparatus provided in an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," and "third," etc. in the description and claims of the invention and the accompanying drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
The electronic device described in the embodiment of the present invention may include a smart phone (such as an Android phone), a tablet computer, a palmtop computer, a notebook computer, a Mobile Internet device (MID, Mobile Internet Devices), a wearable device, and the like, and the electronic device is merely an example, and is not exhaustive and includes, but is not limited to, an electronic device.
Embodiments of the present invention provide a software installation method, an apparatus, an electronic device, and a storage medium, which are used to solve the problem of silent installation of malicious application software by an electronic device, and can perform installation processing based on an installation type of software to be installed, thereby improving accuracy of the installation processing and facilitating improvement of security of the electronic device.
In order to better understand the scheme of the embodiments of the present application, the following first introduces the related terms and concepts that the embodiments of the present application can refer to.
(1) Installation package
An installation package (Install pack), i.e., a software installation package, is a collection of files that can be decompressed by itself. Including all files for the software installation. When the installation package (executable file) is operated, all files of the software can be released to a hard disk, and the work of modifying a registry, modifying system settings, creating shortcuts and the like is completed. Most of the installation package files are in an exe format.
The installation package may include the following information: the method comprises the steps of obtaining a package name, a version number, a developer signature, Android component receiver characteristics, Android component service characteristics, Android component activity characteristics, instructions or character strings in an executable file, and Message digest algorithm (MD 5) values of files in an installation package directory. Wherein the executable file comprises a Dex file, and/or an ELF file. Dex files include classes.
In a computer system, the information is compiled by a development tool and then converted into binary byte codes (bytecodes) to obtain a binary file, so that a computer program can execute the binary file, namely, an installation package is installed, and after the installation, an application program corresponding to the installation package can be run on the electronic device.
(2)Yara
Yara may submit to a file or an on-the-fly process, and create a description of the malware family based on textual or binary patterns, with an open source tool aimed at helping malware researchers identify and classify malware samples. The description is essentially a Yara rule consisting of two parts, a string area and a condition area, wherein the condition area must exist and the string area may or may not exist. The conditional area may be a boolean expression.
Referring to fig. 1, fig. 1 is a schematic flow chart illustrating a software installation method according to an embodiment of the present invention. The method is applied to an electronic device, and as shown in fig. 1, the method in the embodiment of the invention includes:
s101: when a first process of a first installation package for installing first software is monitored, the first process is paused, and a file path of the first installation package is obtained according to the first process.
S102: and acquiring first file information of the first installation package according to the file path.
In this embodiment of the application, the first process is used for installing a first installation package of the first software, that is, when the electronic device installs the first software according to the first installation package, the first process is invoked. And when the execution of the first process is completed, the first software is successfully installed. The file information of the first file information includes the package name, the version number, the developer signature, the characteristics of the Android component receiver, the characteristics of the Android component service, the characteristics of the Android component activity, the instruction or the character string in the executable file, the MD5 value of each file in the installation package directory, and the like. According to the method and the device, the file path of the first installation package is obtained according to the first process, the first file information of the first installation package is obtained, and the accuracy of obtaining information can be improved.
S103: and determining a first installation type of the first installation package according to the first file information.
In the embodiment of the present application, the installation type includes an abnormal installation type and a normal installation type. The installation package corresponding to the normal installation type is an installation package safe for the electronic device or the user, and may include an upgrade package of application software installed in the electronic device, an installation package of application software downloaded in an application market or an official website, an installation package actively installed by the user, and the like, which are not limited herein.
The abnormal installation type is opposite to the normal installation type, and the installation package corresponding to the abnormal installation type is an installation package corresponding to application software which may cause certain trouble to the electronic device or the user, and may include an installation package corresponding to malicious application software, such as rogue software, bundled software, and the like. The abnormal installation type also includes an installation package obtained by performing decompiling on the installation package of the normal installation type and then adding other application software, advertisements, malicious codes and the like for secondary packaging, and the like, which is not limited herein.
For example, when a first installation package is installed, if the first installation package is bound with a second installation package, it is determined that the first installation package and the second installation package are both of an abnormal installation type. And if the first installation package relates to a third installation package and the third installation package contains malicious programs such as viruses or trojans, determining that the first installation package and the third installation package are of abnormal installation types. And if the first installation package carries the malicious program, the first installation package, the second installation package and the third installation package are all of abnormal installation types.
It should be noted that the upgrade installation type is one of the normal installation types. That is, when the first installation package is of the upgrade installation type, it indicates that the user corresponding to the electronic device has allowed the application software corresponding to the first installation package to run on the electronic device, and allows the upgrade installation of the application software. Therefore, whether the first installation package carries the malicious program or not, the first installation package, the second installation package and the third installation package are determined to be of abnormal installation types.
The present application is not limited to the method for determining the installation type, and in a possible example, the determining the first installation type of the first installation package includes: identifying the first text information according to a preset rule to obtain the characteristic information of the first installation package; and determining a first installation type of the first installation package according to the characteristic information.
The preset rule may be a rule written by a developer according to the Yara rule as described above, or may be a rule written by other grammars, and the like, which is not limited herein. The characteristic information may include information with a certain identifier, such as a package name, a version number, a developer signature, etc., of the installation package, may also include MD5 of files under the object of the installation package, may also include the ordering of each file, etc., and is not limited herein.
As previously described, the installation package exists as a binary file in the computer system for execution by the computer program. When the installation package is the installation package corresponding to the malicious application software, the identification can be carried out through the identification information in the binary file of the installation package. The identification information of the installation package is fixed or characterized. For example, the identification information is a package name, and the obfuscated character string is added on the basis of the original package name. Thus, the identification information can be used as characteristic information and uploaded to a database. After the identification information of the first installation package is extracted according to the preset rule, the identification information can be judged based on the database to determine whether the first installation package is an installation package corresponding to the malicious application software.
When the installation package is obtained by secondary packaging, because a new program is added in the secondary packaging process, the binary file of the installation package comprises a calling program of a non-original application program. And because the new program added by the malicious application software has certain characteristics, such as acquiring privacy data in the electronic equipment, adding commercial information such as advertisements and games, and the like. Therefore, programs, keywords, or predetermined algorithm derived values (e.g., MD5) in the binary file may be stored as feature information in the database. After the electronic device extracts the feature information of the first installation package according to the preset rule, the feature information can be judged based on the database to determine whether the first installation package is the installation package corresponding to the malicious application software.
In a first possible embodiment, if the characteristic information is the first ranking of the first file information, searching a second ranking of preset target file information; when the first ordering is inconsistent with the second ordering, determining that the first installation type of the first installation package is an abnormal installation type.
The first ordering may be an ordering of each file in the first file information, or may be a set of each data item in a designated file. The target file information is file information of a target installation package corresponding to the first installation package. The target installation package may be the same version of the installation package as the first installation package in the resources of the official website or authorized application store. The sequencing of the file information in the installation packages of the various versions can be predetermined by an official website or an authorized application store and then stored in the corresponding server. In this way, the electronic device can search the second rank from the server according to the identifier of the first installation package.
As mentioned above, after the installation package is packaged for the second time, the calling relationship of the data therein is necessarily changed. When the first sequence of the first file information of the current first installation package is inconsistent with the preset second sequence of the target file information of the target installation package, determining that the first installation package is packaged for the second time, namely the first installation type of the first installation package is an abnormal installation type. Optionally, when the first ordering is consistent with the second ordering, it is determined that the first installation type is a normal installation type.
In a first possible embodiment, the first ordering is compared with a preset second ordering to determine whether the first installation package is packaged for the second time, so that the accuracy of determining the installation type can be improved.
In a second possible embodiment, a second installation type of the first installation package is determined according to the characteristic information; if the process chain of the first process comprises a second process of a second installation package for installing second software, determining a third installation type of the second installation package; and if the second installation type is different from the third installation type, determining that the first installation type of the first installation package is an abnormal installation type.
Wherein, the process chain is used for describing the dependency relationship of the process. As shown in fig. 2, the process chain includes process 201, process 202, process 203, and process 204. Process 201 is the parent process of process 202, process 203 is the child process of process 202, and the child process of process 203 is process 204. It can be seen that the source of the first process can be determined by the process chain by the parent process of the first process or by a parent process or the like. And whether other software is bound or not can be determined according to the sub-process or the processes after the sub-process and the like,
In this embodiment, the second process may process any process of the chain that installs the package other than the first process. Optionally, the second process is a parent process or a child process of the first process. And if the first installation type of the first installation package is determined to be the abnormal installation type according to the current parent process or the current child process, no further judgment is made. If the current parent process or the child process determines that the first installation type of the first installation package is the normal installation type, the first installation type can be determined through the parent process or the child process of the current parent process, so that the first installation type is determined to be the normal installation type when the installation types of all the installation packages are determined to be the normal installation types, or the first installation type is determined to be the abnormal installation type when the installation type of one installation package is determined to be the abnormal installation type. The second installation type of the first installation package and the third installation type of the second installation package may be determined with reference to the description of the first possible embodiment, and are not described herein again.
For example, referring to fig. 2, when the first process is the process 203, if the installation type of the process 203 is determined to be the normal installation type and the installation type of the process 204 is determined to be the abnormal installation type, the process 203 is determined to be the abnormal installation type, and the process 201, the process 202, and the process 204 are all the abnormal installation types. If the installation type of process 203 is determined to be a normal installation type and the installation type of process 204 is determined to be a normal installation type, then it is determined whether process 202 is an abnormal installation type. If yes, process 201, process 202, process 203, and process 204 are all determined to be of the exception install type. Otherwise, it is determined whether process 201 is of the exception mount type. If it is determined that the process 201 is the abnormal installation type, the process 203 is determined to be the abnormal installation type, and the process 201, the process 202, the process 203 and the process 204 are all the abnormal installation types. Otherwise, process 201, process 202, process 203, and process 204 are all determined to be of a normal installation type.
In a second possible embodiment, the installation type of the first installation package is determined according to the installation type of the installation package in the process chain, so that the accuracy of determining the installation type can be further improved.
S104: and if the first installation type is an abnormal installation type and the first software does not belong to a preset white list, displaying first selection prompt information of the first installation package.
In this embodiment of the application, the preset white list may include applications installed in the electronic device, and may exclude an abnormal prompt for upgrading and installing the applications. The preset white list may also include application software registered in an application store, and may also include application software added by the user, and the like, which is not limited herein.
In this embodiment of the application, the selection prompt information may include an installation type, and may also include related information of the installation package, for example, version information, malicious type, function information, preview image, rating or evaluation information, associated application program, and the like, which is not limited herein. The selection prompt information may be displayed directly in a pop-up window manner, may be displayed in an information bar in an audio prompt manner, and the like, and is not limited herein. The first selection prompt information is used for prompting that the first installation package of the first software is of an abnormal installation type so that a user can select whether to install the first installation package.
The method for displaying the first selection prompt message is not limited, and in an optional implementation manner, malicious information in the first installation package is determined; generating first selection prompt information according to the malicious information; and displaying the prompt information.
The malicious information may include an abnormal installation type, and may also include installation information of the application software corresponding to the first installation package, for example, the memory size and the resource occupied by the electronic device are occupied. The monitoring type of the application software corresponding to the first installation package may also be included, for example, privacy information such as a user account password, a user browsing habit, an address book, and the like is monitored. Popularization information of the application software corresponding to the first installation package can be further included, such as advertisements, games, news and the like.
It is to be appreciated that the first selection prompt displays malicious information of the first installation package. Therefore, the user can know the specific malicious content of the first installation package besides determining that the first installation package is of the abnormal installation type, so that the user can conveniently determine whether to continue to install the first installation package, and the display efficiency is improved.
In the method shown in fig. 1, when a first process of a first installation package for installing first software is monitored, a file path of the first installation package is obtained according to the first process. And then acquiring first file information of the first installation package according to the file path, and determining a first installation type of the first installation package according to the first file information. And if the first installation type is determined to be the abnormal installation type and the first software does not belong to the preset white list, displaying first selection prompt information of the first installation package. Therefore, the user can determine whether to continue to install the first installation package according to the first selection prompt message, the accuracy of installation processing can be improved, and the safety of the electronic equipment is improved conveniently.
In a possible embodiment, the method further comprises: and if an installation permission instruction sent by the user aiming at the first selection prompt message is received, continuing to execute the first process, and adding the first software into the preset white list.
Wherein the installation allowing instruction is used for instructing the electronic device to install the first installation package, namely executing the first process. It can be understood that, if an installation permission instruction sent by the user for the first selection prompt message is received, the first process is continuously executed, and the first software is added into the preset white list. Therefore, when the first software is upgraded and installed or reinstalled, the abnormal prompt can be avoided.
Referring to fig. 3, fig. 3 is a schematic flowchart illustrating another software installation method according to an embodiment of the present invention. The method is applied to an electronic device, and as shown in fig. 3, the method in the embodiment of the invention includes:
s301: when a first process of a first installation package for installing first software is monitored, the first process is paused, and a file path of the first installation package is obtained according to the first process.
S302: and acquiring first file information of the first installation package according to the file path.
S303: and determining a first installation type of the first installation package according to the first file information.
The steps S301 to S303 can refer to the description of the steps S101 to S103, and are not described herein again.
S304: and if the first installation type is a normal installation type, or if the first installation type is an abnormal installation type and the first software belongs to a preset white list, determining the application type of the first software.
The application types may be classified according to the uses, such as entertainment, tools, and the like. The classification may be performed according to privacy, for example, privacy class, general class, etc., and is not limited herein.
When the first installation type is a normal installation type, or when the first installation type is an abnormal installation type and the first software belongs to a preset white list, it indicates that the first software does not affect the security of the electronic device, or the first installation package is within a normal installation range of the electronic device.
S305: and searching the third software which is installed in the electronic equipment and is consistent with the application type.
S306: and acquiring comparison information between the first software and the third software.
S307: and generating second selection prompt information according to the comparison information.
S308: and displaying the second selection prompt message.
In the embodiment of the application, the third software is software in the electronic device, which is consistent with the application type of the first software. The comparison information may include information of multiple dimensions such as download amount, evaluation value, software developer, and feature function in the first software and the third software, which is not limited herein. Further, the comparison information may include operational instructions between the same functions. The second selection prompt message is used for prompting comparison information between the first software and the third software so that a user can select whether to install the first installation package. The display method of the second selection prompt message may refer to the description of the first selection prompt message, and is not described herein again.
In the method shown in fig. 3, when a first process of a first installation package for installing first software is monitored, a file path of the first installation package is obtained according to the first process. And then acquiring first file information of the first installation package according to the file path, and determining a first installation type of the first installation package according to the first file information. If the first installation type is determined to be an abnormal installation type, the first software belongs to a preset white list, or the first installation type is a normal installation type, determining the application type of the first software, and searching for third software which is installed in the electronic equipment and is consistent with the application type. Then, obtaining comparison information between the first software and the third software, generating second selection prompt information according to the comparison information, and displaying the second selection prompt information. In this way, the user can determine whether to install similar application software on the basis of the installed application software according to the comparison information in the second selection prompt information, so as to prevent the installation of repeated types of application software.
Referring to fig. 4, fig. 4 is a structural diagram of a software installation apparatus according to an embodiment of the present invention. As shown in fig. 4, the apparatus 400 may include:
an obtaining unit 401, configured to, when a first process of a first installation package for installing first software is monitored, suspend the first process, and obtain a file path of the first installation package according to the first process; acquiring first file information of the first installation package according to the file path;
a determining unit 402, configured to determine a first installation type of the first installation package according to the first file information;
an executing unit 403, configured to display a first selection prompt message of the first installation package if the first installation type is an abnormal installation type and the first software does not belong to a preset white list.
As an optional embodiment, the determining unit 402 is specifically configured to identify the first file information according to a preset rule, so as to obtain feature information of the first installation package; and determining a first installation type of the first installation package according to the characteristic information.
As an optional embodiment, if the characteristic information is a first ranking of the first file information, the determining unit 402 is specifically configured to search a second ranking of preset target file information, where the target file information is file information of a target installation package corresponding to the first installation package; when the first ordering is inconsistent with the second ordering, determining that the first installation type of the first installation package is an abnormal installation type.
As an optional embodiment, the determining unit 402 is specifically configured to determine, according to the feature information, a second installation type of the first installation package; when the process chain of the first process comprises a second process of a second installation package for installing second software, determining a third installation type of the second installation package; and if the second installation type is different from the third installation type, determining that the first installation type of the first installation package is an abnormal installation type.
As an optional embodiment, the execution unit 403 is specifically configured to determine malicious information in the first installation package; generating first selection prompt information according to the malicious information; and displaying the first selection prompt message.
As an optional embodiment, the executing unit 403 is further configured to, if an installation permission instruction sent by the user for the first selection prompt information is received, continue to execute the first process, and add the first software to the preset white list.
As an optional embodiment, the execution unit 403 is further configured to determine an application type of the first software if the first installation type is a normal installation type, or if the first installation type is an abnormal installation type and the first software belongs to the preset white list; searching for second software which is installed in the electronic equipment and is consistent with the application type; acquiring comparison information between the first software and the third software; generating second selection prompt information according to the comparison information; and displaying the second selection prompt message.
In the software installation apparatus described in fig. 4, when a first process of a first installation package for installing first software is monitored, a file path of the first installation package is acquired according to the first process. And then acquiring first file information of the first installation package according to the file path, and determining a first installation type of the first installation package according to the first file information. And if the first installation type is determined to be the abnormal installation type and the first software does not belong to the preset white list, displaying first selection prompt information of the first installation package. Therefore, the user can determine whether to continue to install the first installation package according to the first selection prompt message, the accuracy of installation processing can be improved, and the safety of the electronic equipment is improved conveniently.
Referring to fig. 5, fig. 5 is an electronic device according to an embodiment of the invention. The software installation method is suitable for electronic equipment such as mobile phones and tablet computers. As shown in fig. 5, the electronic device may include a housing 510, a processor 520, a memory 530, a circuit board 540, and a power circuit 550, wherein the circuit board 540 is disposed inside a space enclosed by the housing, and the processor 520 and the memory 530 are disposed on the circuit board 540; a power supply circuit 550 for supplying power to each circuit or device of the electronic apparatus; memory 530 is used to store executable program code; the processor 520 runs a program corresponding to the executable program code by reading the executable program code stored in the memory 530, for performing the steps of:
when a first process of a first installation package for installing first software is monitored, pausing the first process, and acquiring a file path of the first installation package according to the first process;
acquiring first file information of the first installation package according to the file path;
determining a first installation type of the first installation package according to the first file information;
and if the first installation type is an abnormal installation type and the first software does not belong to a preset white list, displaying first selection prompt information of the first installation package.
As an alternative embodiment, in the aspect of determining the first installation type of the first installation package according to the first file information, the processor 520 is specifically configured to perform the following operations:
identifying the first file information according to a preset rule to obtain characteristic information of the first installation package;
and determining a first installation type of the first installation package according to the characteristic information.
As an optional embodiment, if the characteristic information is the first order of the first file information, in terms of determining the first installation type of the first installation package according to the characteristic information, the processor 520 is specifically configured to perform the following operations:
searching a second sequence of preset target file information, wherein the target file information is file information of a target installation package corresponding to the first installation package;
when the first ordering is inconsistent with the second ordering, determining that the first installation type of the first installation package is an abnormal installation type.
As an alternative embodiment, in the aspect of determining the first installation type of the first installation package according to the feature information, the processor 520 is specifically configured to perform the following operations:
determining a second installation type of a second process in the process chain of the first process;
if the process chain of the first process comprises a second process of a second installation package for installing second software, determining a third installation type of the second installation package;
and if the second installation type is different from the third installation type, determining that the first installation type of the first installation package is an abnormal installation type.
As an optional embodiment, in the aspect of displaying the first selection prompt message of the first installation package, the processor 520 is specifically configured to perform the following operations:
determining malicious information in the first installation package;
generating first selection prompt information according to the malicious information;
and displaying the first selection prompt message.
As an alternative embodiment, the processor 520 is further configured to perform the following operations:
and if an installation permission instruction sent by the user aiming at the first selection prompt message is received, continuing to execute the first process, and adding the first software into the preset white list.
As an alternative embodiment, the processor 520 is further configured to perform the following operations:
if the first installation type is a normal installation type, or,
if the first installation type is an abnormal installation type and the first software belongs to the preset white list, determining the application type of the first software;
searching for third software which is installed in the electronic equipment and is consistent with the application type;
acquiring comparison information between the first software and the third software;
generating second selection prompt information according to the comparison information;
and displaying the second selection prompt message.
In the electronic device described in fig. 5, when a first process of a first installation package for installing first software is monitored, a file path of the first installation package is acquired according to the first process. And then acquiring first file information of the first installation package according to the file path, and determining a first installation type of the first installation package according to the first file information. And if the first installation type is determined to be the abnormal installation type and the first software does not belong to the preset white list, displaying first selection prompt information of the first installation package. Therefore, the user can determine whether to continue to install the first installation package according to the first selection prompt message, the accuracy of installation processing can be improved, and the safety of the electronic equipment is improved conveniently.
In one embodiment, a non-transitory computer-readable storage medium is provided, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the aforementioned software installation method.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, a module or a unit may be divided into only one logical function, and may be implemented in other ways, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware or a form of software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, a network device, or the like) or a processor (processor) to execute all or part of the steps of the method of the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A software installation method, comprising:
when a first process of a first installation package for installing first software is monitored, pausing the first process, and acquiring a file path of the first installation package according to the first process;
acquiring first file information of the first installation package according to the file path;
determining a first installation type of the first installation package according to the first file information;
and if the first installation type is an abnormal installation type and the first software does not belong to a preset white list, displaying first selection prompt information of the first installation package.
2. The method of claim 1, wherein said determining a first installation type of the first installation package from the first file information comprises:
identifying the first file information according to a preset rule to obtain characteristic information of the first installation package;
and determining a first installation type of the first installation package according to the characteristic information.
3. The method of claim 2, wherein if the characteristic information is the first order of the first file information, the determining the first installation type of the first installation package according to the characteristic information comprises:
searching a second sequence of preset target file information, wherein the target file information is file information of a target installation package corresponding to the first installation package;
when the first ordering is different from the second ordering, determining that the first installation type of the first installation package is an abnormal installation type.
4. The method of claim 2, wherein said determining a first installation type of the first installation package based on the characteristic information comprises:
determining a second installation type of the first installation package according to the characteristic information;
if the process chain of the first process comprises a second process of a second installation package for installing second software, determining a third installation type of the second installation package;
and if the second installation type is different from the third installation type, determining that the first installation type of the first installation package is an abnormal installation type.
5. The method of any of claims 1-4, wherein the displaying a first selection prompt for the first installation package comprises:
determining malicious information in the first installation package;
generating first selection prompt information according to the malicious information;
and displaying the first selection prompt message.
6. The method of any one of claims 1-4, further comprising:
and if an installation permission instruction sent by the user aiming at the first selection prompt message is received, continuing to execute the first process, and adding the first software into the preset white list.
7. The method of any one of claims 1-4, further comprising:
if the first installation type is a normal installation type, or,
if the first installation type is an abnormal installation type and the first software belongs to the preset white list, determining the application type of the first software;
searching for third software which is installed in the electronic equipment and is consistent with the application type;
acquiring comparison information between the first software and the third software;
generating second selection prompt information according to the comparison information;
and displaying the second selection prompt message.
8. A software installation apparatus, comprising:
the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for pausing a first process of a first installation package for installing first software when the first process is monitored, and acquiring a file path of the first installation package according to the first process; acquiring first file information of the first installation package according to the file path;
the determining unit is used for determining a first installation type of the first installation package according to the first file information;
and the execution unit is used for displaying first selection prompt information of the first installation package if the first installation type is an abnormal installation type and the first software does not belong to a preset white list.
9. An electronic device, comprising: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor runs a program corresponding to the executable program code by reading the executable program code stored in the memory for performing the method according to any one of claims 1 to 7.
10. A non-transitory computer-readable storage medium having stored thereon a computer program, wherein the computer program, when executed by a processor, implements the method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010395279.3A CN111639332A (en) | 2020-05-11 | 2020-05-11 | Software installation method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010395279.3A CN111639332A (en) | 2020-05-11 | 2020-05-11 | Software installation method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111639332A true CN111639332A (en) | 2020-09-08 |
Family
ID=72328602
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010395279.3A Pending CN111639332A (en) | 2020-05-11 | 2020-05-11 | Software installation method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111639332A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113569206A (en) * | 2021-06-30 | 2021-10-29 | 深信服科技股份有限公司 | Software identification method, system, equipment and computer readable storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104346562A (en) * | 2013-08-01 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Method and device for recognizing invisible application programs |
| US20150163232A1 (en) * | 2013-07-30 | 2015-06-11 | Tencent Technology (Shenzhen) Co., Ltd. | Method, device and system for detecting malware in a mobile terminal |
| CN105138366A (en) * | 2015-08-24 | 2015-12-09 | 百度在线网络技术(北京)有限公司 | Recognition software silent installation method and device |
| CN105243324A (en) * | 2015-10-20 | 2016-01-13 | 珠海市君天电子科技有限公司 | Method and device for identifying malicious software in user terminal and user terminal |
| WO2016019893A1 (en) * | 2014-08-07 | 2016-02-11 | 北京奇虎科技有限公司 | Application installation method and apparatus |
| CN110392095A (en) * | 2019-06-19 | 2019-10-29 | 深圳壹账通智能科技有限公司 | Method for uploading, device, server and the storage medium of installation package file |
-
2020
- 2020-05-11 CN CN202010395279.3A patent/CN111639332A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150163232A1 (en) * | 2013-07-30 | 2015-06-11 | Tencent Technology (Shenzhen) Co., Ltd. | Method, device and system for detecting malware in a mobile terminal |
| CN104346562A (en) * | 2013-08-01 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Method and device for recognizing invisible application programs |
| WO2016019893A1 (en) * | 2014-08-07 | 2016-02-11 | 北京奇虎科技有限公司 | Application installation method and apparatus |
| CN105138366A (en) * | 2015-08-24 | 2015-12-09 | 百度在线网络技术(北京)有限公司 | Recognition software silent installation method and device |
| CN105243324A (en) * | 2015-10-20 | 2016-01-13 | 珠海市君天电子科技有限公司 | Method and device for identifying malicious software in user terminal and user terminal |
| CN110392095A (en) * | 2019-06-19 | 2019-10-29 | 深圳壹账通智能科技有限公司 | Method for uploading, device, server and the storage medium of installation package file |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113569206A (en) * | 2021-06-30 | 2021-10-29 | 深信服科技股份有限公司 | Software identification method, system, equipment and computer readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10152594B2 (en) | Method and device for identifying virus APK | |
| Almomani et al. | A comprehensive analysis of the android permissions system | |
| CN105068932B (en) | A kind of detection method of Android application programs shell adding | |
| Wei et al. | Permission evolution in the android ecosystem | |
| US20150012924A1 (en) | Method and Device for Loading a Plug-In | |
| US20150052611A1 (en) | Method and device for extracting characteristic code of apk virus | |
| JP7131946B2 (en) | Method and system for assessing application security | |
| CN104517054A (en) | Method, device, client and server for detecting malicious APK | |
| CN104424423B (en) | The permission of application program determines method and apparatus | |
| KR20110124342A (en) | Method and apparatus to vet an executable program using a model | |
| Bala et al. | A study on smartphone based operating system | |
| CN105630518A (en) | Method and device for updating resources of Android application software | |
| CN104462971A (en) | Malicious application program recognition method and device according to application program declaration characteristics | |
| CN112749088B (en) | Application program detection method and device, electronic equipment and storage medium | |
| Alfalqi et al. | Android platform malware analysis | |
| JP5296627B2 (en) | Terminal protection system and terminal protection method | |
| CN108304697B (en) | Method and device for detecting APP secondary packaging and mobile terminal | |
| CN109145589B (en) | Application program acquisition method and device | |
| CN111639332A (en) | Software installation method and device, electronic equipment and storage medium | |
| CN114282212A (en) | Rogue software identification method and device, electronic equipment and storage medium | |
| CN114398673A (en) | Application compliance detection method and device, storage medium and electronic equipment | |
| Khari et al. | AndroSet: An automated tool to create datasets for android malware detection and functioning with WoT | |
| US9953157B2 (en) | Method and apparatus for protecting application program | |
| CN106778270B (en) | Malicious application detection method and system | |
| CN106648671B (en) | Application upgrading method and terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |