CN112540929B - Detection method, detection device, detection equipment and storage medium - Google Patents

Detection method, detection device, detection equipment and storage medium Download PDF

Info

Publication number
CN112540929B
CN112540929B CN202011561954.1A CN202011561954A CN112540929B CN 112540929 B CN112540929 B CN 112540929B CN 202011561954 A CN202011561954 A CN 202011561954A CN 112540929 B CN112540929 B CN 112540929B
Authority
CN
China
Prior art keywords
installation package
detection result
package
application
obtaining
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011561954.1A
Other languages
Chinese (zh)
Other versions
CN112540929A (en
Inventor
钟普
杜威
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN202011561954.1A priority Critical patent/CN112540929B/en
Publication of CN112540929A publication Critical patent/CN112540929A/en
Application granted granted Critical
Publication of CN112540929B publication Critical patent/CN112540929B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a detection method, a detection device, detection equipment and a storage medium, and relates to the technical fields of cloud computing, big data and intelligent search. The specific implementation scheme is as follows: acquiring an installation package to be detected of an application to be published; acquiring a class name of information to be detected in the installation package; acquiring a detection result of the coincidence condition of the installation package and the release rule according to the category name; and uploading the detection result to a server side, so that the server side can execute the release operation of the application to be released according to the detection result. The method and the device can reduce the total time of transmission and detection of the installation package before the application is released.

Description

Detection method, detection device, detection equipment and storage medium
Technical Field
The disclosure relates to the technical field of computers, in particular to the technical fields of cloud computing, big data and intelligent searching.
Background
With the development of computer technology and various computer terminals, the utilization of computer technology is increasing. For example, in addition to the installation of a computer program on a device such as a computer, the downloading and installation of an application may be performed by a mobile terminal such as a mobile phone, so that operations of network access and information transmission and reception by the installed application are performed on the mobile terminal such as the mobile phone.
Compliance checking of the installation packages of an application is often required before the application is released. Sometimes, due to oversized installation packages, network speed limitation and the like, the transmission time of the installation packages is too long, so that the compliance inspection is too long, and the distribution efficiency of the installation packages is low.
Disclosure of Invention
The present disclosure provides a detection method, apparatus, device, and storage medium.
According to an aspect of the present disclosure, there is provided a detection method including:
acquiring an installation package to be detected of an application to be published;
acquiring a class name of information to be detected in an installation package;
obtaining a detection result of the coincidence condition of the installation package and the release rule according to the category name;
and uploading the detection result to the server side, so that the server side can execute the release operation of the application to be released according to the detection result.
According to another aspect of the present disclosure, there is provided a detection method including:
receiving a request of uploading an installation package of an application to be issued from a client;
based on the request, obtaining a detection result of the condition of the compliance of the installation package and the release rule, wherein the detection result is obtained according to the category name of the information to be detected in the installation package;
and executing the release operation of the application to be released based on the detection result.
According to still another aspect of the present disclosure, there is provided a detection apparatus including:
the installation package obtaining module is used for obtaining an installation package to be detected of the application to be released;
the class name acquisition module is used for acquiring the class name of the information to be detected in the installation package;
the detection result module is used for obtaining a detection result of the coincidence condition of the installation package and the release rule according to the category name;
and the uploading module is used for uploading the detection result to the server side, so that the server side can execute the release operation of the application to be released according to the detection result.
According to still another aspect of the present disclosure, there is provided a detection apparatus including:
the request receiving module is used for receiving a request of uploading an installation package of an application to be issued from a client;
the detection result obtaining module is used for obtaining a detection result of the condition of the coincidence of the installation package and the release rule based on the request, wherein the detection result is obtained according to the category name of the information to be detected in the installation package;
and the response module is used for executing the publishing operation of the application to be published based on the detection result.
According to another aspect of the present disclosure, there is provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of the embodiments of the present disclosure.
According to another aspect of the present disclosure, there is provided a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform the method of any of the embodiments of the present disclosure.
According to another aspect of the present disclosure, there is provided a computer program product comprising a computer program which, when executed by a processor, implements the method in any of the embodiments of the present disclosure.
According to the technology disclosed by the invention, the efficiency of sending and receiving the installation package of the application can be improved, and the operation time of transmitting or detecting the installation package of a sender and a receiver is remarkably reduced.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the disclosure, nor is it intended to be used to limit the scope of the disclosure. Other features of the present disclosure will become apparent from the following specification.
Drawings
The drawings are for a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
FIG. 1 is a schematic diagram of a detection method according to an embodiment of the disclosure;
FIG. 2 is a schematic diagram of a detection method according to another embodiment of the present disclosure;
FIG. 3 is a schematic diagram of a detection method according to an example of the present disclosure;
FIG. 4 is a schematic diagram of a detection device according to an embodiment of the present disclosure;
FIG. 5 is a schematic diagram of a detection device according to another embodiment of the present disclosure;
FIG. 6 is a schematic diagram of a detection device according to yet another embodiment of the present disclosure;
FIG. 7 is a schematic diagram of a detection device according to yet another embodiment of the present disclosure;
FIG. 8 is a schematic diagram of a detection apparatus according to yet another embodiment of the present disclosure;
FIG. 9 is a schematic diagram of a detection device according to yet another embodiment of the present disclosure;
fig. 10 is a block diagram of an electronic device used to implement the detection method of an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and should be considered as merely exemplary. Accordingly, one of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
An embodiment of the present disclosure provides a detection method, as shown in fig. 1, including:
step S11: obtaining an installation package to be detected of an application to be released;
step S12: obtaining a class name of information to be detected in the installation package;
step S13: obtaining a detection result of the coincidence condition of the installation package and the release rule according to the category name;
step S14: and uploading the detection result to the server side, so that the server side can execute the release operation of the application to be released according to the detection result.
In this embodiment, the application to be distributed may be various applications that can be installed at a terminal. Such as a cell phone application, tablet application, smart watch application, smart player application, smart television application, gaming machine application, etc.
The application to be published may be various kinds of applications, such as a game application, a shopping application, a chat application.
The installation package to be detected can be an unpublished installation package or an upgrade package of the application.
The information to be detected in the installation package can be specifically information which possibly does not meet the regulations in the installation package and information which possibly has risks. Specifically, the code of the installation package, the file in the installation package, and the like may be part of the code.
According to the category name, obtaining the detection result of the coincidence condition of the installation package and the release rule specifically may include: and detecting whether the class names accord with the set rule or not, or detecting the class names of all information to be detected, and judging whether the class names which do not accord with the rule exist. A class name that does not conform to a rule may correspond to a certain higher risk file, a certain higher risk code, etc.
According to the category name, obtaining the detection result of the coincidence condition of the installation package and the release rule, and specifically may further include: and determining the coincidence condition of the installation package and the release rule according to the category name and the set category name white list, and obtaining a detection result.
According to the category name, obtaining the detection result of the coincidence condition of the installation package and the release rule, and specifically may further include: and determining the coincidence condition of the installation package and the release rule according to the category name and the set category name blacklist, and obtaining a detection result.
The publication rule may be a rule corresponding to an application scenario of the installation package. The setting can be performed by the server side receiving the installation package and the setting can be issued.
The detection result may include: the installation package accords with the release rule, part of the installation package does not accord with the release rule, all the installation packages do not accord with the release rule, and the like.
The detection result is uploaded to the server, and specifically, the detection result and the corresponding relation between the detection result and the installation package are uploaded to the server. The server side can be a cloud end or a rear end for checking the condition of installing the inclusion rule.
In this embodiment, compliance detection can be performed at one end of the application installation package provider, after detection, the detection result is uploaded to the server, so that when the installation package is uploaded subsequently, whether uploading operation is normally performed or not can be accurately judged according to the detection result, thereby the application installation package provider can perform sufficient inspection when uploading the installation package, whether the installation package needs to be modified or not is judged in advance according to the inspection result, and then the installation package needs to be uploaded to the server again, so that the situation that the uploaded installation package does not meet the specification and needs to be modified and uploaded again is avoided to the greatest extent, and the operation amount of uploading the application installation package is saved.
In one embodiment, obtaining a class name of information to be detected in an installation package includes:
acquiring an application program package file and a core code package in an installation package;
obtaining a virtual machine file format in an application program package file and a core code package;
and analyzing the file format of the virtual machine to obtain the class name.
In this embodiment, the virtual machine file format may be a Dalvik executable file format.
In this embodiment, the virtual machine file format is obtained according to the application package file and the core code package, so that the class name of the information to be detected in the installation package can be obtained according to the virtual machine file format, and further the compliance detection result of the installation package about the application can be obtained according to the class name. Meanwhile, because the third party class name is obtained by directly parsing the file in the embodiment, instead of completely decompiling the whole code details by an external tool, the decompiling process at the minute level is compressed to the second level.
In one embodiment, parsing the virtual machine file format to obtain a class name includes:
analyzing the file format of the virtual machine, and locating a type identifier list of information to be detected in the installation package in the analyzed information;
a class name is obtained from the list of type identifiers.
In this embodiment, obtaining the class name according to the class identifier list may specifically include: and obtaining text plaintext of all the category names of the installation package through the index type identifier list.
In this embodiment, a type identifier list is obtained, and a type name is obtained according to the type identifier list, so that relatively comprehensive information to be detected can be extracted, and a detection result is more accurate.
Illustratively, obtaining the detection result of the coincidence condition of the installation package and the release rule according to the category name comprises:
and determining the coincidence condition of the installation package and the release rule according to whether the category name accords with the set category name rule, and obtaining a detection result.
In one embodiment, uploading the detection result to the server includes:
and binding the Message-Digest Algorithm value (MD 5) of the installation package with the detection result, and uploading the detection result to the server.
In some implementation scenarios, if the detection result is that the installation package accords with the release rule, the information summary algorithm value of the installation package is calculated according to the installation package. Under the condition that the detection result is that the installation package does not accord with or does not accord with the release rule completely, an applied installation package provider can automatically revise the installation package, so that the installation package accords with the release rule.
In other embodiments, the value having the unique correspondence with the content of the installation package may also be calculated by other algorithms, so that when the installation package is uploaded subsequently, the server may perform the conventional server inspection on the installation package according to the detection result of the uploading.
The embodiment of the disclosure also provides a detection method, as shown in fig. 2, including:
step S21: receiving a request of uploading an installation package of an application to be issued from a client;
step S22: based on the request, obtaining a detection result of the condition of the compliance of the installation package and the release rule, wherein the detection result is obtained according to the category name of the information to be detected in the installation package;
step S23: and executing the release operation of the application to be released based on the detection result.
In this embodiment, the client may be an application installation package provider end.
Based on the request, the detection result of the condition of the installation package and the release rule is obtained, the installation package is received based on the request, the information abstract algorithm value is calculated according to the received installation package, and the detection result consistent with the uploaded installation package is obtained by searching in the detection result received by the server according to the calculated information abstract algorithm value.
Based on the request, a detection result of the condition that the installation package accords with the release rule is obtained, or based on the request, a message digest algorithm value of the installation package is obtained, and according to the message digest algorithm value, a detection result consistent with the uploaded installation package is obtained through searching in the detection results received by the server.
Based on the detection result, executing the publishing operation of the application to be published may specifically include, under the condition that the detection result is qualified, skipping the conventional detection process, and executing the publishing operation.
Based on the detection result, executing the publishing operation of the application to be published may specifically include: and under the condition that the detection result is unqualified, executing the traditional detection process, and executing the release operation after the traditional detection result is qualified.
In this embodiment, the server can determine the operation to be executed for the installation package according to the detection result, so that the detection result of the client can perform the reference assistance function for the server, and reduce the data transmission operation of the client and the operation amount of the server.
In one embodiment, based on the request, obtaining a detection result of a condition that the installation package and the release rule conform to includes:
receiving an installation package based on the request;
obtaining an information abstract algorithm value according to the received installation package;
and inquiring the detection result according to the information abstract algorithm value.
In this embodiment, the service end calculates the information summary algorithm value based on the received installation package, so as to ensure that the detection result consistent with the installation package is searched. And the potential safety hazard caused by tampering data when other ends transmit the information abstract algorithm value is avoided.
In one embodiment, based on the detection result, executing the publishing operation of the application to be published includes:
executing release operation based on the received installation package under the condition that the detection result is that the installation package accords with the release rule;
and under the condition that the detection result does not exist or does not accord with the release rule, carrying out service end inspection on the received installation package, and executing release operation based on the service end inspection.
The server side check may be a generally conventional server side check.
And under the condition that the detection result is that the installation package accords with the release rule, receiving the installation package, skipping a server side checking process, and executing release operation.
Performing a publishing operation based on the server-side check may include: and executing the release operation under the condition that the checking result of the server is qualified.
In the case where the installation package is an installation package of a game application, the server side check may include: the game manufacturer uploads the game installation package on the background management interface of the application market and then carries out background detection, and can use tools such as AAPT (Android Asset Packaging Tool, an Zhuozi source package tool), apktool (Android application package tool ), baksmali (a program for assembling/disassembling dex format files in a Java virtual machine dalvik of an Android system), jad (Java Decompiler ) and the like to carry out reverse engineering on the installation package of the game application, decompile codes of the installation package, extract Android manifest configuration, resource information, introduced third party SDK (SoftwareDevelopment Kit, software development package) and the like in the decompiled codes, judge whether all information of the installation package accords with specifications, and finally obtain a management interface display server detection result on a server platform.
In this embodiment, the server can perform different operations on the installation package according to the detection result, so as to save the operation amount of the server and save the processing time of the server.
In one example of the present disclosure, as shown in fig. 3, the detection method includes:
step S31: checking the rule setting. The manager of the server side of the installation package receiving party can set the rule to be checked of the installation package in the background of the checking rule management module of the server side in advance, and can set different rule groups according to different scenes. For example, different rule sets may be set corresponding to scenes of a game, commodity sales, and the like.
Step S32: and acquiring a checking rule. The checking rule management module of the server can issue the rule to the client and store the rule in the memory when the local checking tool of the client is started.
Step S33: and extracting key information. Namely, the key information of the installation package is extracted rapidly. An operator of the client can select an installation package to be checked through a local checking tool interface, directly analyze an apk (Android Asset Packaging, an Zhuozi source package) package file and a core code package class. Dex without using external decompilation tools such as Jad, locate a type identifier list type_ids of the apk package file and the core code package by analyzing a Dalvik executable file format, and further obtain text plaintext of all class names of the installation package through string_ids indexes. Because the direct parse file obtains the third party class name, rather than fully decompiling the entire code details through an external tool, the decompilation process at the minute level is compressed to the second level.
The Dalvik is a virtual machine designed for an Android platform by Google corporation. The Dalvik virtual machine is one of the core components of an Android mobile device platform cooperatively developed by manufacturers such as Google. It can support the running of Java applications that have been converted to a. Dex (i.e., dalvik Executable, dalvik executable) format, a compression format designed specifically for Dalvik, suitable for systems where memory and processor speed are limited. Dalvik is optimized to allow multiple instances of virtual machines to run simultaneously in limited memory, and each Dalvik application executes as a separate Linux process. The independent process can prevent all programs from being closed when the virtual machine crashes.
Step S34: the information is compared to rules. After the step of connecting is carried out to obtain the information such as the key category name and the like, the information is compared with the issued checking rule one by one, if illegal information is found, the comparison flow is terminated, the user is prompted to install the package illegally, and otherwise, the comparison is continued until all the information is compared. After the comparison, if the check is passed, the process proceeds to step S35.
Step S35: and uploading the checking result. The client operator can choose to bind the inspection result with the MD5 value of the installation package on the premise that the inspection result of the installation package is compliant, and upload the inspection result to the inspection result management module of the server.
Step S36: and uploading the installation package. After uploading the detection result, the client operator can upload the installation package, and the server receives the detection result bound with the MD5 value. The client may upload the installation package if the inspection passes or may upload the installation package if the inspection fails.
Step S37: and (5) judging a checking result. Calculating an MD5 value of the installation package, searching a result from the checking result management module through the MD5, and if the checking result is legal, uploading the installation package for the time; if the checking result is not found, the server checking flow of the traditional scheme is carried out.
The embodiment of the disclosure further provides a detection device, as shown in fig. 4, including:
an installation package obtaining module 41, configured to obtain an installation package to be detected of an application to be published;
a class name obtaining module 42, configured to obtain a class name of information to be detected in the installation package;
the detection result module 43 is configured to obtain a detection result of the coincidence condition of the installation package and the release rule according to the category name;
and the uploading module 44 is configured to upload the detection result to the server, so that the server can execute the publishing operation of the application to be published according to the detection result.
In one embodiment, as shown in fig. 5, the category name obtaining module includes:
a file unit 51 for obtaining an application package file and a core code package in the installation package;
a virtual machine file format unit 52 for obtaining the virtual machine file format in the application package file and the core code package;
the parsing unit 53 is configured to parse the file format of the virtual machine to obtain a class name.
In one embodiment, the parsing unit is further configured to:
analyzing the file format of the virtual machine, and locating a type identifier list of information to be detected in the installation package in the analyzed information;
a class name is obtained from the list of type identifiers.
In one embodiment, as shown in fig. 6, the upload module includes:
and the binding unit 61 is used for binding the information abstract algorithm value of the installation package with the detection result and uploading the information abstract algorithm value to the server.
The embodiment of the disclosure further provides a detection device, as shown in fig. 7, including:
a request receiving module 71, configured to receive a request from a client to upload an installation package of an application to be published;
a detection result obtaining module 72, configured to obtain, based on the request, a detection result of a situation where the installation package and the release rule conform to each other, where the detection result is obtained according to a class name of information to be detected in the installation package;
and a response module 73, configured to execute a publishing operation of the application to be published based on the detection result.
In one embodiment, as shown in fig. 8, the detection result obtaining module includes:
an installation package receiving unit 81 for receiving an installation package based on the request;
a message digest algorithm unit 82 for obtaining a message digest algorithm value from the received installation package;
and a query unit 83, configured to query the detection result according to the information summary algorithm value.
In one embodiment, as shown in fig. 9, the response module includes:
a first response unit 91, configured to execute a publishing operation based on the received installation packet, if the detection result is that the installation packet is in accordance with the publishing rule;
and a second response unit 92 for performing a server side check on the received installation package, and performing a publishing operation based on the server side check result, in the case that the detection result does not exist.
The functions of each unit, module or sub-module in each data processing apparatus in the embodiments of the present disclosure may be referred to the corresponding descriptions in the embodiments of the data processing method, which are not repeated herein.
The embodiments of the present disclosure may be applied to various fields, for example, big data, smart search, and cloud computing technology fields.
The embodiment of the disclosure reduces the previous tens of minutes to less than a few seconds for the original game installation inclusion rule inspection, and can be applied to a plurality of fields other than games. Such as: applying market installation package embedded advertisement inspection; application developer Apk security and privacy rights checking; a static test scenario is applied.
According to embodiments of the present disclosure, the present disclosure also provides an electronic device, a readable storage medium and a computer program product.
FIG. 10 illustrates a schematic block diagram of an example electronic device 110 that may be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 10, the device 110 includes a computing unit 111 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 112 or a computer program loaded from a storage unit 118 into a Random Access Memory (RAM) 113. In the RAM113, various programs and data required for the operation of the device 110 may also be stored. The computing unit 111, the ROM 112, and the RAM113 are connected to each other through a bus 114. An input output (I/O) interface 115 is also connected to bus 114.
Various components in device 110 are connected to I/O interface 115, including: an input unit 116 such as a keyboard, a mouse, etc.; an output unit 117 such as various types of displays, speakers, and the like; a storage unit 118 such as a magnetic disk, an optical disk, or the like; and a communication unit 119 such as a network card, a modem, a wireless communication transceiver, and the like. The communication unit 119 allows the device 110 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
The computing unit 111 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of computing unit 111 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, etc. The calculation unit 111 performs the respective methods and processes described above, such as a detection method. For example, in some embodiments, the detection method may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as the storage unit 118. In some embodiments, part or all of the computer program may be loaded and/or installed onto device 110 via ROM 112 and/or communication unit 119. When the computer program is loaded into the RAM113 and executed by the computing unit 111, one or more steps of the detection method described above may be performed. Alternatively, in other embodiments, the computing unit 111 may be configured to perform the detection method by any other suitable means (e.g. by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for carrying out methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus such that the program code, when executed by the processor or controller, causes the functions/operations specified in the flowchart and/or block diagram to be implemented. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the internet.
The computer system may include a client and a server. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps recited in the present disclosure may be performed in parallel, sequentially, or in a different order, provided that the desired results of the disclosed aspects are achieved, and are not limited herein.
The above detailed description should not be taken as limiting the scope of the present disclosure. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present disclosure are intended to be included within the scope of the present disclosure.

Claims (14)

1. A detection method applied to an application installation package provider, comprising:
acquiring an installation package to be detected of an application to be published;
acquiring a class name of information to be detected in the installation package;
obtaining a detection result of the condition of the installation package conforming to the release rule according to the class name;
uploading the detection result to a server side, so that the server side can execute the release operation of the application to be released according to the detection result;
the obtaining the category name of the information to be detected in the installation package comprises the following steps: acquiring an application program package file and a core code package in the installation package; acquiring the file formats of the virtual machine in the application program package file and the core code package; and analyzing the file format of the virtual machine to obtain the class name.
2. The method of claim 1, wherein the parsing the virtual machine file format to obtain the class name comprises:
analyzing the file format of the virtual machine, and locating a type identifier list of information to be detected in the installation package in the analyzed information;
and acquiring the category name according to the category identifier list.
3. The method according to any one of claims 1-2, wherein uploading the detection result to a server side includes:
and binding the information abstract algorithm value of the installation package with the detection result, and uploading the information abstract algorithm value to the server.
4. A detection method for a server side includes:
receiving a request of uploading an installation package of an application to be issued from a client;
based on the request, obtaining a detection result of the condition of the compliance of the installation package and the release rule, wherein the detection result is obtained according to the category name of the information to be detected in the installation package;
executing the release operation of the application to be released based on the detection result;
the detection result is obtained at the client according to the class name of the information to be detected in the installation package, and the obtaining of the class name is to obtain an application package file and a core code package in the installation package; acquiring the file formats of the application program package and the virtual machine in the core code package; and analyzing the file format of the virtual machine to obtain the class name.
5. The method of claim 4, wherein obtaining, based on the request, a detection result of the installation package compliance with a publication rule, comprises:
receiving the installation package based on the request;
obtaining an information abstract algorithm value according to the received installation package;
and inquiring the detection result according to the information abstract algorithm value.
6. The method of claim 4, wherein the performing the publishing operation of the application to be published based on the detection result comprises:
executing release operation based on the received installation package under the condition that the detection result is that the installation package accords with release rules;
and under the condition that the detection result does not exist, carrying out server side detection on the received installation package, and executing release operation based on the server side detection result.
7. A detection apparatus for application installation package provider, comprising:
the installation package obtaining module is used for obtaining an installation package to be detected of the application to be released;
the class name obtaining module is used for obtaining the class name of the information to be detected in the installation package;
the detection result module is used for obtaining a detection result of the coincidence condition of the installation package and the release rule according to the category name;
the uploading module is used for uploading the detection result to a server side, so that the server side can execute the release operation of the application to be released according to the detection result;
wherein, the category name obtaining module comprises: the file unit is used for obtaining an application program package file and a core code package in the installation package; a virtual machine file format unit, configured to obtain a virtual machine file format in the application package file and the core code package; and the analysis unit is used for analyzing the file format of the virtual machine and obtaining the class name.
8. The apparatus of claim 7, wherein the parsing unit is further configured to:
analyzing the file format of the virtual machine, and locating a type identifier list of information to be detected in the installation package in the analyzed information;
and obtaining the category name according to the category identifier list.
9. The apparatus of any of claims 7-8, wherein the upload module comprises:
and the binding unit is used for binding the information abstract algorithm value of the installation package with the detection result and uploading the information abstract algorithm value to the server.
10. A detection apparatus for a server side, comprising:
the request receiving module is used for receiving a request of uploading an installation package of an application to be issued from a client;
the detection result obtaining module is used for obtaining a detection result of the condition that the installation package accords with the release rule based on the request, wherein the detection result is obtained according to the category name of the information to be detected in the installation package;
the response module is used for executing the release operation of the application to be released based on the detection result;
the detection result is obtained at the client according to the class name of the information to be detected in the installation package, and the obtaining of the class name is to obtain an application package file and a core code package in the installation package; acquiring the file formats of the application program package and the virtual machine in the core code package; and analyzing the file format of the virtual machine to obtain the class name.
11. The apparatus of claim 10, wherein the detection result obtaining module comprises:
an installation package receiving unit configured to receive the installation package based on the request;
the information abstract algorithm unit is used for obtaining an information abstract algorithm value according to the received installation package;
and the inquiring unit is used for inquiring the detection result according to the information abstract algorithm value.
12. The apparatus of claim 10, wherein the response module comprises:
the first response unit is used for executing release operation based on the received installation package under the condition that the detection result is that the installation package accords with release rules;
and the second response unit is used for carrying out service end inspection on the received installation package and executing release operation based on the service end inspection result under the condition that the detection result does not exist.
13. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-6.
14. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method of any one of claims 1-6.
CN202011561954.1A 2020-12-25 2020-12-25 Detection method, detection device, detection equipment and storage medium Active CN112540929B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011561954.1A CN112540929B (en) 2020-12-25 2020-12-25 Detection method, detection device, detection equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011561954.1A CN112540929B (en) 2020-12-25 2020-12-25 Detection method, detection device, detection equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112540929A CN112540929A (en) 2021-03-23
CN112540929B true CN112540929B (en) 2024-03-12

Family

ID=75017425

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011561954.1A Active CN112540929B (en) 2020-12-25 2020-12-25 Detection method, detection device, detection equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112540929B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104331376A (en) * 2014-11-14 2015-02-04 北京奇虎科技有限公司 Method and device for clearing installation package stored in mobile terminal
WO2015090153A1 (en) * 2013-12-16 2015-06-25 北京网秦天下科技有限公司 Security detection method, apparatus, and system for application installation package
CN104766008A (en) * 2014-01-07 2015-07-08 腾讯科技(深圳)有限公司 Application program installation package safety detection method and server
WO2018121266A1 (en) * 2016-12-29 2018-07-05 北京奇虎科技有限公司 Method and device for obtaining application and terminal device
CN109933381A (en) * 2019-03-06 2019-06-25 腾讯科技(深圳)有限公司 A kind of loading method and device of kernel
CN110297776A (en) * 2019-07-03 2019-10-01 深圳市腾讯网域计算机网络有限公司 Examining report generation, method of reseptance, device, equipment and storage medium
CN110826068A (en) * 2019-11-01 2020-02-21 海南车智易通信息技术有限公司 Safety detection method and safety detection system
CN110896540A (en) * 2019-11-21 2020-03-20 国网辽宁省电力有限公司电力科学研究院 Mobile internet client security assessment tool, method, computer device and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090327300A1 (en) * 2008-06-26 2009-12-31 Microsoft Corporation Manifest-based enhanced presence publishing

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015090153A1 (en) * 2013-12-16 2015-06-25 北京网秦天下科技有限公司 Security detection method, apparatus, and system for application installation package
CN104766008A (en) * 2014-01-07 2015-07-08 腾讯科技(深圳)有限公司 Application program installation package safety detection method and server
CN104331376A (en) * 2014-11-14 2015-02-04 北京奇虎科技有限公司 Method and device for clearing installation package stored in mobile terminal
WO2018121266A1 (en) * 2016-12-29 2018-07-05 北京奇虎科技有限公司 Method and device for obtaining application and terminal device
CN109933381A (en) * 2019-03-06 2019-06-25 腾讯科技(深圳)有限公司 A kind of loading method and device of kernel
CN110297776A (en) * 2019-07-03 2019-10-01 深圳市腾讯网域计算机网络有限公司 Examining report generation, method of reseptance, device, equipment and storage medium
CN110826068A (en) * 2019-11-01 2020-02-21 海南车智易通信息技术有限公司 Safety detection method and safety detection system
CN110896540A (en) * 2019-11-21 2020-03-20 国网辽宁省电力有限公司电力科学研究院 Mobile internet client security assessment tool, method, computer device and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Android平台恶意应用程序静态检测方法;蒋煦;张长胜;戴大蒙;慕德俊;;计算机***应用(04);全文 *
基于类别SVM的Android***恶意软件检测研究;管飞诗;徐夫田;;科技风(21);全文 *

Also Published As

Publication number Publication date
CN112540929A (en) 2021-03-23

Similar Documents

Publication Publication Date Title
CN106156186B (en) Data model management device, server and data processing method
CN107506256B (en) Method and device for monitoring crash data
CN110149298B (en) Hijacking detection method and device
CN105389177A (en) Software version confirmation method, device and system
CN105354488A (en) Application installation method, related apparatus and application installation system
CN111522738A (en) Test method and device of micro-service system, storage medium and electronic equipment
CN107645546B (en) File monitoring method based on android system, intelligent device and storage medium
CN108111364B (en) Service system testing method and device
CN110244963B (en) Data updating method and device and terminal equipment
CN111367531B (en) Code processing method and device
CN113641544B (en) Method, apparatus, device, medium and product for detecting application state
CN114139161A (en) Method, device, electronic equipment and medium for batch vulnerability detection
CN112540929B (en) Detection method, detection device, detection equipment and storage medium
CN113138768A (en) Application package generation method and device, electronic equipment and readable storage medium
CN111538542A (en) System configuration method and related device
CN107247661B (en) Method and system for supporting automatic verification of installation package of application
US20240031166A1 (en) Web-side data signature method and apparatus and computer device
CN112379967B (en) Simulator detection method, device, equipment and medium
AU2013206622B2 (en) Download management method and device based on Android browser
CN116401113B (en) Environment verification method, device and medium for heterogeneous many-core architecture acceleration card
CN116954689A (en) Identification generation and identification verification methods, devices, electronic equipment and storage medium
CN106021367B (en) Method and terminal for searching backup data
CN115617675A (en) Automatic testing method, device and equipment of application program and storage medium
CN114296980A (en) Method and system for identifying, detecting and extracting file system based on damaged squarshfs
CN113343238A (en) Application program identification method, device, storage medium and terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant