技术领域technical field
本发明涉及信息安全技术领域,尤其涉及一种应用程序监控方法及终端。The invention relates to the technical field of information security, in particular to an application program monitoring method and a terminal.
背景技术Background technique
随着通信技术的不断发展,多种多样的终端应用软件也随之发展,例如各种即时通信应用软件、游戏应用软件,影音应用软件。用户可以通过终端使用这些应用软件进行商务活动、联系亲朋好友、分享个人生活状态信息等,极大地方便了用户的工作和日常生活。与此同时终端中携带的隐私数据也越来越多,如:联系人电话、联系人住址、通话录音和各种支付账号及密码等等,因此保护隐私加强个人信息安全逐渐受到用户重视。如今,终端中的有些应用软件,已可以在用户完全不知情的情况下,在终端后台使用特殊的权限去访问用户个人数据,甚至将访问得到的数据通过网络输出给不法分子,使用户的个人信息泄露,严重时甚至会给用户带来重大的经济损失。With the continuous development of communication technology, a variety of terminal application software also develops accordingly, such as various instant messaging application software, game application software, and audio-visual application software. Users can use these application software to carry out business activities, contact relatives and friends, share personal life status information, etc. through the terminal, which greatly facilitates the work and daily life of users. At the same time, more and more privacy data are carried in the terminal, such as: contact phone number, contact address, call recording, various payment account numbers and passwords, etc. Therefore, protecting privacy and strengthening personal information security is gradually valued by users. Nowadays, some application software in the terminal can use special authority to access the user's personal data in the background of the terminal without the user's complete knowledge, and even output the accessed data to criminals through the network, making the user's personal data In severe cases, information leakage may even bring significant economic losses to users.
发明内容Contents of the invention
本发明实施例提供了一种应用程序监控方法及终端,可监控并记录应用程序程序执行的威胁用户数据安全的行为,从而防止终端中存储的数据被盗取,以提高终端的安全性。The embodiment of the present invention provides an application program monitoring method and a terminal, which can monitor and record the behavior of threatening user data security executed by the application program, so as to prevent the data stored in the terminal from being stolen and improve the security of the terminal.
本发明实施例提供了一种应用程序监控方法,所述方法包括:An embodiment of the present invention provides an application program monitoring method, the method comprising:
检测到发生待监控行为时,获取执行所述待监控行为的目标应用程序的标识信息,所述待监控行为包括读取联系人信息、读取短信信息、使用录音功能、读取通话记录、修改网页主页、启用定位功能、读取邮件、使用数据流量和/或读取应用登录账号中的至少一种;When the behavior to be monitored is detected, the identification information of the target application program that executes the behavior to be monitored is obtained, and the behavior to be monitored includes reading contact information, reading SMS information, using the recording function, reading call records, modifying At least one of the homepage of the web page, enabling the location function, reading emails, using data traffic and/or reading application login accounts;
根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序;judging whether the target application is a preset monitored application according to the identification information of the target application;
若是,根据所述目标应用程序,记录所述待监控行为。If yes, record the behavior to be monitored according to the target application program.
相应的,本发明实施例提供了一种终端,所述终端包括:Correspondingly, an embodiment of the present invention provides a terminal, and the terminal includes:
信息获取单元,用于检测到发生待监控行为时,获取执行所述待监控行为的目标应用程序的标识信息,所述待监控行为包括读取联系人信息、读取短信信息、使用录音功能、读取通话记录、修改网页主页、启用定位功能、读取邮件、使用数据流量和/或读取应用登录账号中的至少一种;An information acquisition unit, configured to acquire the identification information of the target application program that executes the behavior to be monitored when it is detected that the behavior to be monitored occurs, and the behavior to be monitored includes reading contact information, reading short message information, using a recording function, At least one of reading call records, modifying the home page of a webpage, enabling location functions, reading emails, using data traffic and/or reading application login accounts;
程序判断单元,用于根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序;A program judging unit, configured to judge whether the target application program is a preset monitored application program according to the identification information of the target application program;
行为记录单元,用于所述目标应用程序是预设的被监控应用程序时,根据所述目标应用程序,记录所述待监控行为。The behavior recording unit is configured to record the behavior to be monitored according to the target application program when the target application program is a preset monitored application program.
本发明实施例,可在检测到发生待监控行为时,获取执行所述待监控行为的目标应用程序的标识信息;还可根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序;进而在判断结果为是时,根据所述目标应用程序,记录所述待监控行为,其中所述待监控行为包括读取联系人信息、读取短信信息、使用录音功能、读取通话记录、修改网页主页、启用定位功能、读取邮件、使用数据流量和/或读取应用登录账号中的至少一种,可监控并记录应用程序程序执行的威胁用户数据安全的行为,从而防止终端中存储的数据被盗取,以提高终端的安全性。In the embodiment of the present invention, when the behavior to be monitored is detected, the identification information of the target application program that executes the behavior to be monitored can be obtained; it can also be determined whether the target application program is The preset monitored application program; and then when the judgment result is yes, record the behavior to be monitored according to the target application program, wherein the behavior to be monitored includes reading contact information, reading short message information, using recording functions, reading call records, modifying the homepage of webpages, enabling location functions, reading emails, using data traffic, and/or reading application login accounts, which can monitor and record applications that threaten user data security. Behavior, thereby preventing the data stored in the terminal from being stolen, so as to improve the security of the terminal.
附图说明Description of drawings
为了更清楚地说明本发明实施例技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solutions of the embodiments of the present invention more clearly, the drawings that need to be used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following description are some embodiments of the present invention. Ordinary technicians can also obtain other drawings based on these drawings on the premise of not paying creative work.
图1是本发明实施例提供的一种应用程序监控方法流程示意图;Fig. 1 is a schematic flow chart of an application program monitoring method provided by an embodiment of the present invention;
图2是本发明实施例提供的另一种应用程序监控方法流程示意图;Fig. 2 is a schematic flow chart of another application program monitoring method provided by an embodiment of the present invention;
图3是本发明实施例提供的又一种应用程序监控方法流程示意图;Fig. 3 is a schematic flow chart of another application program monitoring method provided by an embodiment of the present invention;
图4是本发明实施例提供的一种终端结构示意图;FIG. 4 is a schematic structural diagram of a terminal provided by an embodiment of the present invention;
图5是本发明实施例提供的信息获取单元结构示意图;Fig. 5 is a schematic structural diagram of an information acquisition unit provided by an embodiment of the present invention;
图6是本发明实施例提供的监控行为信息记录表示意图。Fig. 6 is a schematic diagram of a monitoring behavior information recording table provided by an embodiment of the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.
具体实现中,本发明实施例中所提及的终端包括但不限于:智能手机(如Android手机、IOS手机)、平板电脑、笔记本电脑、掌上电脑或穿戴式智能设备等电子设备。In specific implementation, the terminals mentioned in the embodiments of the present invention include, but are not limited to: electronic devices such as smart phones (such as Android phones, IOS phones), tablet computers, notebook computers, palmtop computers, or wearable smart devices.
下面将结合图1到图6对本发明实施例提供的一种应用程序监控方法及终端进行具体描述。An application program monitoring method and a terminal provided in an embodiment of the present invention will be described in detail below with reference to FIG. 1 to FIG. 6 .
参见图1,是本发明实施例提供的一种应用程序监控方法流程示意图,如图所示的应用程序监控方法可包括以下步骤:Referring to FIG. 1 , it is a schematic flowchart of an application program monitoring method provided by an embodiment of the present invention. The application program monitoring method as shown in the figure may include the following steps:
S101,检测到发生待监控行为时,获取执行所述待监控行为的目标应用程序的标识信息。S101. Acquire identification information of a target application that executes the behavior to be monitored when it is detected that the behavior to be monitored occurs.
待监控行为通常为读取终端存储的个人数据或者开启一些终端需收费的功能,本实施例所提及的待监控行为包括但不限于:读取联系人信息、读取短信信息、使用录音功能、读取通话记录、修改网页主页、启用定位功能、读取邮件、使用数据流量和/或读取应用登录账号中的至少一种。The behavior to be monitored is usually reading personal data stored in the terminal or enabling some terminal functions that require a fee. The behavior to be monitored in this embodiment includes but is not limited to: reading contact information, reading SMS information, and using the recording function At least one of , reading call records, modifying the home page of a webpage, enabling a location function, reading emails, using data traffic and/or reading application login accounts.
具体实现中,可提供给用户设置待监控的应用程序行为(即待监控行为)的设置选项,例如提供可监控行为列表给用户,该列表中包括读取联系人信息、读取短信信息和启用定位功能三个可监控行为,终端可默认为该列表中陈列的所有可监控行为都是待监控行为,也可根据用户自身意愿选择列表中的一些可监控行为作为待监控行为。当终端检测到发生待监控行为时,便获取执行待监控行为的应用程序的标识信息,然后执行步骤S102到步骤S103,以记录该待监控行为给用户查阅参考。In a specific implementation, the user can be provided with setting options for setting the application program behavior to be monitored (that is, the behavior to be monitored), such as providing a list of monitorable behaviors to the user, including reading contact information, reading SMS information, and enabling The positioning function has three monitorable behaviors. The terminal can default that all the monitorable behaviors displayed in the list are to-be-monitored behaviors, or select some of the monitorable behaviors in the list as the to-be-monitored behaviors according to the user's own wishes. When the terminal detects that the behavior to be monitored occurs, it obtains the identification information of the application executing the behavior to be monitored, and then executes steps S102 to S103 to record the behavior to be monitored for reference by the user.
目标应用程序的标识信息为目标应用程序的数字签名,也可以为其他用以标识应用程序的唯一身份的内容,例如在安卓操作系统下,安卓应用程序的标识信息为应用配置文件中AndroidManifest.xml文件里<manifest>中android:sharedUserId的内容或者<application>中android:process的内容。The identification information of the target application program is the digital signature of the target application program, and can also be other content used to identify the unique identity of the application program. For example, under the Android operating system, the identification information of the Android application program is AndroidManifest.xml in the application configuration file The content of android:sharedUserId in <manifest> or the content of android:process in <application> in the file.
S102,根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序。S102. Determine whether the target application program is a preset monitored application program according to the identification information of the target application program.
具体实现中,可提供给用户监控应用程序设置选项供用户选择需要被监控的应用程序,在设置待监控行为时也可设置被监控应用程序,若用户没有指定被监控应用程序,终端可默认为终端内安装的所有应用程序都需要被监控。例如可提供可监控应用程序列表给用户,该列表中包括应用程序A、应用程序B和应用程序C,终端可默认为该列表中陈列的所有应用程序都为被监控应用程序,也可根据用户自身意愿选择列表中的一些应用程序作为被监控应用程序。In the specific implementation, the user can be provided with monitoring application setting options for the user to select the application to be monitored. When setting the behavior to be monitored, the monitored application can also be set. If the user does not specify the monitored application, the terminal can default to All applications installed in the terminal need to be monitored. For example, a list of applications that can be monitored can be provided to the user. The list includes application A, application B, and application C. The terminal can assume that all applications displayed in the list are monitored applications by default, and can also be monitored according to the user's Some application programs in the self-willing selection list are used as monitored application programs.
终端预先将设置的被监控应用程序的标识信息存储起来,当获取到执行待监控行为的目标应用程序的标识信息时,便判断该目标应用程序的标识信息跟预存的被监控应用程序的标识信息是否匹配(即判断预存的被监控应用程序的标识信息中是否有目标应用程序的标识信息)。若匹配,则说明目标应用程序是被监控程序,需要记录该目标应用程序发生的待监控行为;若不匹配,则说明该目标应用程序不是被监控程序,它所执行的待监控行为不需要被监控和记录。The terminal stores the identification information of the monitored application program in advance, and when the identification information of the target application program that executes the behavior to be monitored is obtained, it judges that the identification information of the target application program is different from the pre-stored identification information of the monitored application program. Whether it matches (that is, it is judged whether there is the identification information of the target application program in the identification information of the pre-stored monitored application program). If it matches, it means that the target application program is a monitored program, and it is necessary to record the behavior to be monitored of the target application program; if it does not match, it means that the target application program is not a monitored program, and the behavior to be monitored by it does not need to be monitored Monitoring and logging.
S103,若是,根据所述目标应用程序,记录所述待监控行为。S103, if yes, record the behavior to be monitored according to the target application program.
具体实现中,在发了待监控行为,并确定执行待监控行为的目标应用程序为被监控应用程序时,终端可将该目标应用程序及执行的待监控行为对应记录下来。进一步的,还可对应的记录待监控行为的执行参数,该执行参数包括但不限于:执行待监控行的执行时间、执行次数和/或执行内容。例如,参见图6所示,图6是本发明实施例提供的监控行为信息记录表示意图,图6中记录了终端监控应用程序A、应用程序B和应用程序C发生的待监控行为的执行时间、执行次数或执行内容中的至少一种。用户可查看该监控行为信息记录表,根据监控行为信息记录表去判断哪些应用程序是危险应用程序,从而及时的去卸载或删除危险应用程序,防止隐私数据被窃取。In a specific implementation, when the behavior to be monitored is sent and the target application program executing the behavior to be monitored is determined to be the monitored application program, the terminal may correspondingly record the target application program and the behavior to be monitored. Further, the execution parameters of the behavior to be monitored can also be correspondingly recorded, and the execution parameters include but not limited to: execution time, execution times and/or execution content of the execution of the behavior to be monitored. For example, referring to FIG. 6, FIG. 6 is a schematic diagram of a monitoring behavior information record table provided by an embodiment of the present invention, and FIG. 6 records the execution time of the behaviors to be monitored that occur in the terminal monitoring application program A, application program B, and application program C. , at least one of execution times or execution content. Users can view the monitoring behavior information record table, and judge which applications are dangerous applications according to the monitoring behavior information record table, so as to uninstall or delete dangerous applications in time to prevent privacy data from being stolen.
本发明实施例,可在检测到发生待监控行为时,获取执行所述待监控行为的目标应用程序的标识信息;并根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序;当判断结果为是时,根据所述目标应用程序,记录所述待监控行为,可监控并记录应用程序程序执行的威胁用户数据安全的行为,从而防止终端中存储的数据被盗取,以提高终端的安全性。In the embodiment of the present invention, when the behavior to be monitored is detected, the identification information of the target application that executes the behavior to be monitored can be acquired; and according to the identification information of the target application, it can be judged whether the target application The monitored application program is set; when the judgment result is yes, according to the target application program, the behavior to be monitored can be recorded, and the behavior that threatens the security of user data performed by the application program can be monitored and recorded, so as to prevent the data stored in the terminal from Data is stolen to improve the security of the terminal.
参见图2,是本发明实施例提供的另一种应用程序监控方法流程示意图,如图所示的应用程序监控方法可包括以下步骤:Referring to FIG. 2 , it is a schematic flowchart of another application program monitoring method provided by an embodiment of the present invention. The application program monitoring method as shown in the figure may include the following steps:
S201,发生操作行为事件时,根据所述操作行为事件的权限判断所述操作行为事件是否为待监控行为。S201. When an operation behavior event occurs, judge whether the operation behavior event is a behavior to be monitored according to the authority of the operation behavior event.
具体实现中,若终端采用的是安卓操作系统,在应用程序执行某一行为时,必须向安卓操作系统声明这个行为将会用到的权限,否则安卓操作系统将会拒绝该应用程序执行这个行为。因此,可预先在终端中设置待监控行为时,获取待监控行为的权限存储起来,之后便可以根据应用程序执行操作行为所声明的权限来确定该操作行为是否为待监控行为。例如,某输入法发应用程序提供输入联系人拼音的某些字母,便自动显示与该拼音相关的联系人,因此在实际操作过程中,要实现此功能,在查找与该拼音相关的联系人时,输入法应用程序需首先向安卓操作系统请求读取用户联系人的权限,然后输入法应用程序才能读取用户联系人,并进一步显示与该拼音相关的联系人。In the specific implementation, if the terminal uses the Android operating system, when the application program performs a certain behavior, it must declare to the Android operating system the permissions that this behavior will use, otherwise the Android operating system will refuse the application program to perform this behavior . Therefore, when the behavior to be monitored can be set in the terminal in advance, the permission of the behavior to be monitored can be obtained and stored, and then whether the operation behavior is the behavior to be monitored can be determined according to the permission declared by the application program to execute the operation behavior. For example, if an input method provides some letters of the pinyin of the input contacts, the contacts related to the pinyin will be automatically displayed. Therefore, in the actual operation process, to realize this function, when looking for the contacts , the input method application needs to first request permission to read the user's contacts from the Android operating system, and then the input method application can read the user's contacts and further display the contacts related to the pinyin.
S202,若是,获取执行所述待监控行为的目标应用程序的标识信息。S202, if yes, acquire identification information of a target application that executes the behavior to be monitored.
具体实现中,目标应用程序的标识信息为目标应用程序的数字签名,也可以为其他用以标识应用程序的唯一身份的内容,例如在安卓操作系统下,安卓应用程序的标识信息为应用配置文件中AndroidManifest.xml文件里<manifest>中android:sharedUserId的内容或者<application>中android:process的内容。In specific implementation, the identification information of the target application program is the digital signature of the target application program, or other content used to identify the unique identity of the application program. For example, under the Android operating system, the identification information of the Android application program is the application configuration file The content of android:sharedUserId in <manifest> or the content of android:process in <application> in the AndroidManifest.xml file.
S203,根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序。S203. Determine whether the target application program is a preset monitored application program according to the identification information of the target application program.
具体实现中,终端预先将设置的被监控应用程序的标识信息存储起来,当获取到执行待监控行为的目标应用程序的标识信息时,便判断该目标应用程序的标识信息跟预存的被监控应用程序的标识信息是否匹配(即判断预存的被监控应用程序的标识信息中是否有目标应用程序的标识信息)。若匹配,则说明目标应用程序是被监控程序,需要记录该目标应用程序发生的待监控行为;若不匹配,则说明该目标应用程序不是被监控程序,它所执行的待监控行为不需要被监控和记录。In the specific implementation, the terminal stores the identification information of the monitored application program in advance, and when the identification information of the target application program that executes the behavior to be monitored is obtained, it judges that the identification information of the target application program is consistent with the pre-stored monitored application program. Whether the identification information of the program matches (that is, it is judged whether there is identification information of the target application program in the pre-stored identification information of the monitored application program). If it matches, it means that the target application program is a monitored program, and it is necessary to record the behavior to be monitored of the target application program; if it does not match, it means that the target application program is not a monitored program, and the behavior to be monitored by it does not need to be monitored Monitoring and logging.
S204,若是,将所述目标应用程序、所述待监控行为及所述待监控行为的执行参数对应添加到预设的监控记录表中。S204, if yes, correspondingly add the target application program, the behavior to be monitored, and the execution parameters of the behavior to be monitored to a preset monitoring record table.
具体实现中,所述执行参数包括但不限于:执行时间、执行次数和/或执行内容中的至少一种。参见图6所示,图6是本发明实施例提供的监控行为信息记录表示意图,图6中记录了终端监控应用程序A、应用程序B和应用程序C发生的待监控行为的执行时间、执行次数或执行内容中的至少一种。用户可查看该监控记录表,根据监控记录表去判断哪些应用程序是危险应用程序,从而及时的去卸载或删除危险应用程序,防止隐私数据被窃取。In a specific implementation, the execution parameters include but are not limited to: at least one of execution time, execution times, and/or execution content. Referring to FIG. 6, FIG. 6 is a schematic diagram of a monitoring behavior information record table provided by an embodiment of the present invention. FIG. 6 records the execution time, execution time, and At least one of the number of times or execution content. Users can view the monitoring record table, and judge which applications are dangerous applications according to the monitoring record table, so as to uninstall or delete dangerous applications in time to prevent privacy data from being stolen.
本发明实施例,在发生操作行为事件时,根据所述操作行为事件的权限判断所述操作行为事件是否为待监控行为;进而获取执行所述待监控行为的目标应用程序的标识信息,并根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序;当判断结果为是时,将所述目标应用程序、所述待监控行为及所述待监控行为的执行参数对应添加到预设的监控记录表中,可监控并记录应用程序程序执行的威胁用户数据安全的行为,从而防止终端中存储的数据被盗取,以提高终端的安全性。In the embodiment of the present invention, when an operation behavior event occurs, judge whether the operation behavior event is a behavior to be monitored according to the authority of the operation behavior event; and then obtain the identification information of the target application program that executes the behavior to be monitored, and The identification information of the target application program, judging whether the target application program is a preset monitored application program; when the judgment result is yes, the target application program, the behavior to be monitored and the behavior to be monitored The corresponding execution parameters are added to the preset monitoring record table, which can monitor and record the behaviors that threaten the user data security executed by the application program, so as to prevent the data stored in the terminal from being stolen and improve the security of the terminal.
参见图3,是本发明实施例提供的又一种应用程序监控方法流程示意图,如图所示的应用程序监控方法可包括以下步骤:Referring to FIG. 3 , it is a schematic flowchart of another application program monitoring method provided by an embodiment of the present invention. The application program monitoring method as shown in the figure may include the following steps:
S301,运行目标应用程序时,根据所述目标应用程序的标识信息判断所述目标应用程序是否为预设的信任应用程序。S301. When running a target application program, judge whether the target application program is a preset trusted application program according to the identification information of the target application program.
具体实现中,可提供给用户信任应用程序设置选项,用户可通过该设置选项设置自己长期信任的应用程序并保存这些信任应用程序的标识信息,信任应用程序不需要进行监控。当终端中的目标应用程序在运行时,便获取目标应用程序的标识信息,判断目标应用程序不是用户设置的信任应用程序时,执行步骤S302,将目标应用程序设置为被监控应用程序。In a specific implementation, the user may be provided with a setting option of trusted applications, through which the user may set long-term trusted applications and save the identification information of these trusted applications, and the trusted applications do not need to be monitored. When the target application program in the terminal is running, the identification information of the target application program is obtained, and when it is judged that the target application program is not a trusted application program set by the user, step S302 is executed to set the target application program as a monitored application program.
S302,将所述目标应用程序设置为被监控应用程序。S302. Set the target application program as a monitored application program.
S303,检测到发生待监控行为时,获取执行所述待监控行为的目标应用程序的标识信息。S303. Acquire identification information of a target application that executes the behavior to be monitored when it is detected that the behavior to be monitored occurs.
待监控行为通常为读取终端存储的个人数据或者开启一些终端需收费的功能,本实施例所提及的待监控行为包括但不限于:读取联系人信息、读取短信信息、使用录音功能、读取通话记录、修改网页主页、启用定位功能、读取邮件、使用数据流量和/或读取应用登录账号中的至少一种。目标应用程序的标识信息为目标应用程序的数字签名,也可以为其他用以标识应用程序的唯一身份的内容。The behavior to be monitored is usually reading personal data stored in the terminal or enabling some terminal functions that require a fee. The behavior to be monitored in this embodiment includes but is not limited to: reading contact information, reading SMS information, and using the recording function At least one of , reading call records, modifying the home page of a webpage, enabling a location function, reading emails, using data traffic and/or reading application login accounts. The identification information of the target application program is the digital signature of the target application program, and may also be other content used to identify the unique identity of the application program.
S304,根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序。S304. Determine whether the target application is a preset monitored application according to the identification information of the target application.
终端可预先将设置的被监控应用程序的标识信息存储起来,当获取到执行待监控行为的目标应用程序的标识信息时,便判断该目标应用程序的标识信息跟预存的被监控应用程序的标识信息是否匹配(即判断预存的被监控应用程序的标识信息中是否有目标应用程序的标识信息)。若匹配,则说明目标应用程序是被监控程序,需要记录该目标应用程序发生的待监控行为;若不匹配,则说明该目标应用程序不是被监控程序,它所执行的待监控行为不需要被监控和记录。The terminal can store the identification information of the monitored application program in advance, and when the identification information of the target application program that executes the behavior to be monitored is obtained, it can judge whether the identification information of the target application program is consistent with the pre-stored identification information of the monitored application program. Whether the information matches (that is, it is judged whether there is the identification information of the target application program in the identification information of the pre-stored monitored application program). If it matches, it means that the target application program is a monitored program, and it is necessary to record the behavior to be monitored of the target application program; if it does not match, it means that the target application program is not a monitored program, and the behavior to be monitored by it does not need to be monitored Monitoring and logging.
终端还可判断目标应用程序的标识信息与步骤S301中预存的信任应用程序的标识信息是否匹配(即判断预存的信任应用程序的标识信息中是否有目标应用程序的标识信息),若匹配,则说明目标应用程序为信任应用程序不需要进监控,若不匹配,则说明目标应用程序是被监控应用程序,它所执行的待监控行为需要被监控和记录。The terminal can also judge whether the identification information of the target application matches the identification information of the trusted application stored in step S301 (that is, judge whether there is identification information of the target application in the identification information of the pre-stored trusted application), and if it matches, then It indicates that the target application program is a trusted application program and does not need to be monitored. If it does not match, it indicates that the target application program is a monitored application program, and the behavior to be monitored performed by it needs to be monitored and recorded.
S305,若是,将所述目标应用程序、所述待监控行为及所述待监控行为的执行参数对应添加到预设的监控记录表中。S305. If yes, correspondingly add the target application program, the behavior to be monitored, and the execution parameters of the behavior to be monitored to a preset monitoring record table.
具体实现中,所述执行参数包括但不限于:执行时间、执行次数和/或执行内容中的至少一种。参见图6所示,图6是本发明实施例提供的监控行为信息记录表示意图,图6中记录了终端监控应用程序A、应用程序B和应用程序C发生的待监控行为的执行时间、执行次数或执行内容中的至少一种。用户可查看该监控记录表,根据监控记录表去判断哪些应用程序是危险应用程序,从而及时的去卸载或删除危险应用程序,防止隐私数据被窃取。In a specific implementation, the execution parameters include but are not limited to: at least one of execution time, execution times, and/or execution content. Referring to FIG. 6, FIG. 6 is a schematic diagram of a monitoring behavior information record table provided by an embodiment of the present invention. FIG. 6 records the execution time, execution time, and At least one of the number of times or execution content. Users can view the monitoring record table, and judge which applications are dangerous applications according to the monitoring record table, so as to uninstall or delete dangerous applications in time to prevent privacy data from being stolen.
在另一可选实施例中,执行步骤S305之后,所述方法还包括:根据所述待监控行为的执行参数,分析所述待监控行为的危险等级;当所述危险等级达到预设值时,执行预设的预警策略。In another optional embodiment, after step S305 is performed, the method further includes: analyzing the danger level of the behavior to be monitored according to the execution parameters of the behavior to be monitored; when the danger level reaches a preset value , execute the preset early warning strategy.
具体实现中,终端预先根据待监控行为的执行参数的设置待监控行为的危险等级,因此可在目标应用程序执行待监控行为时,根据执行参数判断待监控行为的危险等级,当危险等级达到预设值时,便执行预设的预警策略,即时提醒用户查看是否有必要卸载该应用程序,以防止个人数据被盗取。例如,可预设读取联系人信息次数小于2次危险等级为1级,次数达到3次危险等级为2级,次数达到4次危险等级为3级,并预设当危险等级达到2级时便执行预设的预警策略(危险等级数字越大代表危险性越高);因此若终端中的被监控的目标应用程序执行了待监控行为(读取联系人信息),且判断到当前读取联系人信息的次数为4次时,可知该目标应用程序的危险等级为3级,已经达到了预设的2级,此时便执行预警策略。所述预警策略包括但不限于:发出文字提醒信息、发出声音提醒信息和发出信号灯提醒信息等。In the specific implementation, the terminal sets the risk level of the behavior to be monitored according to the execution parameters of the behavior to be monitored in advance, so when the target application program executes the behavior to be monitored, it can judge the risk level of the behavior to be monitored according to the execution parameters. When the value is set, the preset early warning strategy will be implemented to immediately remind the user to check whether it is necessary to uninstall the application to prevent personal data from being stolen. For example, it can be preset that the danger level of reading contact information is less than 2 times, the danger level is 1, the number of times reaches 3 times, the danger level is 2, and the frequency reaches 4 times, the danger level is 3, and it can be preset when the danger level reaches level 2 Execute the preset early warning strategy (the larger the number of the danger level represents the higher the danger); therefore, if the monitored target application program in the terminal executes the behavior to be monitored (reading contact information), and it is judged that the currently read When the number of times of contact information is 4, it can be known that the danger level of the target application program is level 3, which has reached the preset level 2, and the early warning strategy is executed at this time. The early warning strategy includes, but is not limited to: issuing text reminder information, sending out sound reminder information, sending out signal light reminder information, and the like.
本发明实施例,在运行目标应用程序时,根据所述目标应用程序的标识信息判断所述目标应用程序不为预设的信任应用程序时,将所述目标应用程序设置为被监控应用程序;进而检测到发生待监控行为时,获取执行所述待监控行为的目标应用程序的标识信息,并根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序;从而在判断结果为是时,将所述目标应用程序、所述待监控行为及所述待监控行为的执行参数对应添加到预设的监控记录表中,可监控并记录应用程序程序执行的威胁用户数据安全的行为,从而防止终端中存储的数据被盗取,以提高终端的安全性。In the embodiment of the present invention, when the target application program is running, when it is judged according to the identification information of the target application program that the target application program is not a preset trusted application program, the target application program is set as the monitored application program; Further, when it is detected that the behavior to be monitored occurs, the identification information of the target application program that executes the behavior to be monitored is obtained, and according to the identification information of the target application program, it is judged whether the target application program is a preset monitored application program ; Thus, when the judgment result is yes, correspondingly add the target application program, the behavior to be monitored and the execution parameters of the behavior to be monitored to the preset monitoring record table, which can monitor and record the execution of the application program Behaviors that threaten the security of user data, so as to prevent the data stored in the terminal from being stolen, so as to improve the security of the terminal.
参见图4,本发明实施例提供的一种终端结构示意图,如图所示终端至少可以包括:信息获取单元401、程序判断单元402和行为记录单元403。Referring to FIG. 4 , a schematic structural diagram of a terminal provided by an embodiment of the present invention, as shown in the figure, the terminal may at least include: an information acquisition unit 401 , a program judgment unit 402 and a behavior recording unit 403 .
信息获取单元401,用于检测到发生待监控行为时,获取执行所述待监控行为的目标应用程序的标识信息。The information acquiring unit 401 is configured to acquire identification information of a target application that executes the behavior to be monitored when it is detected that the behavior to be monitored occurs.
待监控行为通常为读取终端存储的个人数据或者开启一些终端需收费的功能,本实施例所提及的待监控行为包括但不限于:读取联系人信息、读取短信信息、使用录音功能、读取通话记录、修改网页主页、启用定位功能、读取邮件、使用数据流量和/或读取应用登录账号中的至少一种。The behavior to be monitored is usually reading personal data stored in the terminal or enabling some terminal functions that require a fee. The behavior to be monitored in this embodiment includes but is not limited to: reading contact information, reading SMS information, and using the recording function At least one of , reading call records, modifying the home page of a webpage, enabling a location function, reading emails, using data traffic and/or reading application login accounts.
具体实现中,可提供给用户设置待监控的应用程序行为(即待监控行为)的设置选项,例如提供可监控行为列表给用户,该列表中包括读取联系人信息、读取短信信息和启用定位功能三个可监控行为,终端可默认为该列表中陈列的所有可监控行为都是待监控行为,也可根据用户自身意愿选择列表中的一些可监控行为作为待监控行为。当终端检测到发生待监控行为时,信息获取单元401便获取执行待监控行为的应用程序的标识信息。In a specific implementation, the user can be provided with setting options for setting the application program behavior to be monitored (that is, the behavior to be monitored), such as providing a list of monitorable behaviors to the user, including reading contact information, reading SMS information, and enabling The positioning function has three monitorable behaviors. The terminal can default that all the monitorable behaviors displayed in the list are to-be-monitored behaviors, or select some of the monitorable behaviors in the list as the to-be-monitored behaviors according to the user's own wishes. When the terminal detects that the behavior to be monitored occurs, the information acquiring unit 401 acquires the identification information of the application program that executes the behavior to be monitored.
目标应用程序的标识信息为目标应用程序的数字签名,也可以为其他用以标识应用程序的唯一身份的内容,例如在安卓操作系统下,安卓应用程序的标识信息为应用配置文件中AndroidManifest.xml文件里<manifest>中android:sharedUserId的内容或者<application>中android:process的内容。The identification information of the target application program is the digital signature of the target application program, and can also be other content used to identify the unique identity of the application program. For example, under the Android operating system, the identification information of the Android application program is AndroidManifest.xml in the application configuration file The content of android:sharedUserId in <manifest> or the content of android:process in <application> in the file.
进一步的,参见图5,图5是本发明实施例提供的信息获取单元结构示意图,如图所述的信息获取单元401可包括:行为判断子单元4101和信息获取子单元4102。Further, refer to FIG. 5 , which is a schematic structural diagram of an information acquisition unit provided by an embodiment of the present invention. The information acquisition unit 401 as shown in the figure may include: a behavior judgment subunit 4101 and an information acquisition subunit 4102 .
行为判断子单元4101,用于发生操作行为事件时,根据所述操作行为事件的权限判断所述操作行为事件是否为待监控行为。The behavior judgment subunit 4101 is configured to judge whether the operation behavior event is a behavior to be monitored according to the authority of the operation behavior event when an operation behavior event occurs.
信息获取子单元4102,用于所述行为判断子单元的判断结果为是时,获取执行所述待监控行为的目标应用程序的标识信息。The information acquisition subunit 4102 is configured to acquire the identification information of the target application program that executes the behavior to be monitored when the determination result of the behavior determination subunit is yes.
具体实现中,若终端采用的是安卓操作系统,在应用程序执行某一行为时,必须向安卓操作系统声明这个行为将会用到的权限,否则安卓操作系统将会拒绝该应用程序执行这个行为。因此,可预先在终端中设置待监控行为时,获取待监控行为的权限存储起来,之后行为判断子单元4101便可以根据应用程序执行操作行为所声明的权限来确定该操作行为是否为待监控行为。例如,某输入法发应用程序提供输入联系人拼音的某些字母,便自动显示与该拼音相关的联系人,因此在实际操作过程中,要实现此功能,在查找与该拼音相关的联系人时,输入法应用程序需首先向安卓操作系统请求读取用户联系人的权限,然后输入法应用程序才能读取用户联系人,并进一步显示与该拼音相关的联系人。In the specific implementation, if the terminal uses the Android operating system, when the application program performs a certain behavior, it must declare to the Android operating system the permissions that this behavior will use, otherwise the Android operating system will refuse the application program to perform this behavior . Therefore, when the behavior to be monitored can be set in the terminal in advance, the permission of the behavior to be monitored can be obtained and stored, and then the behavior judgment subunit 4101 can determine whether the operation behavior is the behavior to be monitored according to the permission declared by the application program to execute the operation behavior . For example, if an input method provides some letters of the pinyin of the input contacts, the contacts related to the pinyin will be automatically displayed. Therefore, in the actual operation process, to realize this function, when looking for the contacts , the input method application needs to first request permission to read the user's contacts from the Android operating system, and then the input method application can read the user's contacts and further display the contacts related to the pinyin.
程序判断单元402,用于根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序。The program judging unit 402 is configured to judge whether the target application program is a preset monitored application program according to the identification information of the target application program.
具体实现中,可提供给用户监控应用程序设置选项供用户选择需要被监控的应用程序,在设置待监控行为时也可设置被监控应用程序,若用户没有指定被监控应用程序,终端可默认为终端内安装的所有应用程序都需要被监控。例如可提供可监控应用程序列表给用户,该列表中包括应用程序A、应用程序B和应用程序C,终端可默认为该列表中陈列的所有应用程序都为被监控应用程序,也可根据用户自身意愿选择列表中的一些应用程序作为被监控应用程序。In the specific implementation, the user can be provided with monitoring application setting options for the user to select the application to be monitored. When setting the behavior to be monitored, the monitored application can also be set. If the user does not specify the monitored application, the terminal can default to All applications installed in the terminal need to be monitored. For example, a list of applications that can be monitored can be provided to the user. The list includes application A, application B, and application C. The terminal can assume that all applications displayed in the list are monitored applications by default, and can also be monitored according to the user's Some application programs in the self-willing selection list are used as monitored application programs.
终端预先将设置的被监控应用程序的标识信息存储起来,信息获取单元401当获取到执行待监控行为的目标应用程序的标识信息时,程序判断单元402便判断该目标应用程序的标识信息跟预存的被监控应用程序的标识信息是否匹配(即判断预存的被监控应用程序的标识信息中是否有目标应用程序的标识信息)。若匹配,则说明目标应用程序是被监控程序,需要记录该目标应用程序发生的待监控行为;若不匹配,则说明该目标应用程序不是被监控程序,它所执行的待监控行为不需要被监控和记录。The terminal stores the identification information of the monitored application program in advance. When the information acquisition unit 401 acquires the identification information of the target application program that executes the behavior to be monitored, the program judgment unit 402 determines that the identification information of the target application program is the same as the pre-stored application program. Whether the identification information of the monitored application program matches (that is, it is judged whether there is identification information of the target application program in the pre-stored identification information of the monitored application program). If it matches, it means that the target application program is a monitored program, and it is necessary to record the behavior to be monitored of the target application program; if it does not match, it means that the target application program is not a monitored program, and the behavior to be monitored by it does not need to be monitored Monitoring and logging.
行为记录单元403,用于所述目标应用程序是预设的被监控应用程序时,根据所述目标应用程序,记录所述待监控行为。The behavior recording unit 403 is configured to record the behavior to be monitored according to the target application when the target application is a preset monitored application.
具体实现中,在发了待监控行为,并确定执行待监控行为的目标应用程序为被监控应用程序时,行为记录单元403可将该目标应用程序及执行的待监控行为对应记录下来。用户可查看目标应用程序及其相应的执行的待监控行为,以此判断哪些应用程序是危险应用程序,从而及时的去卸载或删除危险应用程序,防止隐私数据被窃取。In specific implementation, when the behavior to be monitored is issued and the target application executing the behavior to be monitored is determined to be the monitored application, the behavior recording unit 403 may record the target application and the behavior to be monitored correspondingly. Users can view target applications and their corresponding behaviors to be monitored, so as to determine which applications are dangerous applications, so as to uninstall or delete dangerous applications in time to prevent privacy data from being stolen.
进一步的,所述行为记录单元403具体用于:将所述目标应用程序、所述待监控行为及所述待监控行为的执行参数对应添加到预设的监控记录表中,所述执行参数包括执行时间、执行次数和/或执行内容。Further, the behavior recording unit 403 is specifically configured to: correspondingly add the target application program, the behavior to be monitored, and the execution parameters of the behavior to be monitored to a preset monitoring record table, the execution parameters include Execution time, number of executions, and/or content of executions.
具体实现中,例如参见图6所示,图6是本发明实施例提供的监控行为信息记录表示意图,图6中记录了终端监控应用程序A、应用程序B和应用程序C发生的待监控行为的执行时间、执行次数或执行内容中的至少一种。用户可查看该监控行为信息记录表,根据监控行为信息记录表去判断哪些应用程序是危险应用程序,从而及时的去卸载或删除危险应用程序,防止隐私数据被窃取。In the specific implementation, see, for example, as shown in FIG. 6, which is a schematic diagram of a monitoring behavior information recording table provided by an embodiment of the present invention. FIG. 6 records the behaviors to be monitored that occur in the terminal monitoring application program A, application program B, and application program C. At least one of the execution time, execution times, or execution content of the Users can view the monitoring behavior information record table, and judge which applications are dangerous applications according to the monitoring behavior information record table, so as to uninstall or delete dangerous applications in time to prevent privacy data from being stolen.
在另一可选实施例中,所述程序判断单元402,还用于判断所述目标应用程序是否为预设的被监控应用程序之前,在运行所述目标应用程序时,根据所述目标应用程序的标识信息判断所述目标应用程序是否为预设的信任应用程序。In another optional embodiment, the program judging unit 402 is further configured to: before judging whether the target application program is a preset monitored application program, when running the target application program, according to the The identification information of the program determines whether the target application program is a preset trusted application program.
相应的,所述终端还包括:程序设置单元404,用于所述目标应用程序不是预设的信任应用程序时,将所述目标应用程序设置为所述被监控应用程序。Correspondingly, the terminal further includes: a program setting unit 404, configured to set the target application as the monitored application when the target application is not a preset trusted application.
具体实现中,可提供给用户信任应用程序设置选项,用户可通过该设置选项设置自己长期信任的应用程序并保存这些信任应用程序的标识信息,信任应用程序不需要进行监控。当终端中的目标应用程序在运行时,信息获取单元401便获取目标应用程序的标识信息,程序判断单元402根据目标应用程序的标识信息判断目标应用程序不是用户设置的信任应用程序时,程序设置单元404将目标应用程序设置为被监控应用程序。In a specific implementation, the user may be provided with a setting option of trusted applications, through which the user may set long-term trusted applications and save the identification information of these trusted applications, and the trusted applications do not need to be monitored. When the target application program in the terminal is running, the information acquisition unit 401 acquires the identification information of the target application program, and the program judging unit 402 judges that the target application program is not a trusted application program set by the user according to the identification information of the target application program. Unit 404 sets the target application program as the monitored application program.
在又一可选实施例中,所述终端还包括:等级分析单元405,用于根据所述待监控行为的执行参数,分析所述待监控行为的危险等级。In yet another optional embodiment, the terminal further includes: a level analysis unit 405, configured to analyze the risk level of the behavior to be monitored according to the execution parameters of the behavior to be monitored.
预警执行单元406,用于当所述危险等级达到预设值时,执行预设的预警策略。The early warning execution unit 406 is configured to execute a preset early warning strategy when the danger level reaches a preset value.
具体实现中,终端预先根据待监控行为的执行参数的设置待监控行为的危险等级,因此等级分析单元405可在目标应用程序执行待监控行为时,根据执行参数判断待监控行为的危险等级,当危险等级达到预设值时,预警执行单元406便执行预设的预警策略,即时提醒用户查看是否有必要卸载该应用程序,以防止个人数据被盗取。In a specific implementation, the terminal sets the risk level of the behavior to be monitored according to the execution parameters of the behavior to be monitored in advance, so the level analysis unit 405 can judge the risk level of the behavior to be monitored according to the execution parameters when the target application program executes the behavior to be monitored. When the danger level reaches a preset value, the warning execution unit 406 executes a preset warning strategy to immediately remind the user to check whether it is necessary to uninstall the application program to prevent personal data from being stolen.
本发明实施例,信息获取单元401可在检测到发生待监控行为时,获取执行所述待监控行为的目标应用程序的标识信息;程序判断单元402可根据所述目标应用程序的标识信息,判断所述目标应用程序是否为预设的被监控应用程序;当判断结果为是时,行为记录单元403根据所述目标应用程序,记录所述待监控行为,可监控并记录应用程序程序执行的威胁用户数据安全的行为,从而防止终端中存储的数据被盗取,以提高终端的安全性。In the embodiment of the present invention, the information acquisition unit 401 can acquire the identification information of the target application program that executes the behavior to be monitored when detecting that the behavior to be monitored occurs; the program judgment unit 402 can determine the Whether the target application program is a preset monitored application program; when the judgment result is yes, the behavior recording unit 403 records the behavior to be monitored according to the target application program, and can monitor and record the threat of application program execution The behavior of user data security, so as to prevent the data stored in the terminal from being stolen, so as to improve the security of the terminal.
对于前述的各个方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本申请并不受所描述的动作顺序的限制,因为依据本申请,某一些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和单元并不一定是本申请所必须的。For the foregoing method embodiments, for the sake of simple description, they are expressed as a series of action combinations, but those skilled in the art should know that the present application is not limited by the described action order, because according to the present application, Certain steps may be performed in other orders or simultaneously. Secondly, those skilled in the art should also know that the embodiments described in the specification belong to preferred embodiments, and the actions and units involved are not necessarily required by this application.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)或随机存取存储器(Random Access Memory,简称RAM)等。Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be implemented through computer programs to instruct related hardware, and the programs can be stored in a computer-readable storage medium. During execution, it may include the processes of the embodiments of the above-mentioned methods. Wherein, the storage medium may be a magnetic disk, an optical disk, a read-only memory (Read-Only Memory, ROM) or a random access memory (Random Access Memory, RAM for short).
以上对本发明实施例公开的一种应用程序监控方法及终端进行了详细介绍,以上所揭露的仅为本发明较佳实施例而已,当然不能以此来限定本发明之权利范围,因此依本发明权利要求所作的等同变化,仍属本发明所涵盖的范围。The application program monitoring method and terminal disclosed in the embodiments of the present invention have been introduced in detail above. What is disclosed above is only a preferred embodiment of the present invention. Of course, it cannot be used to limit the scope of the present invention. The equivalent changes made by the claims still belong to the scope covered by the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510293056.5ACN104915599A (en) | 2015-05-30 | 2015-05-30 | Application program monitoring method and terminal |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510293056.5ACN104915599A (en) | 2015-05-30 | 2015-05-30 | Application program monitoring method and terminal |
| Publication Number | Publication Date |
|---|---|
| CN104915599Atrue CN104915599A (en) | 2015-09-16 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510293056.5APendingCN104915599A (en) | 2015-05-30 | 2015-05-30 | Application program monitoring method and terminal |
| Country | Link |
|---|---|
| CN (1) | CN104915599A (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871556A (en)* | 2016-03-28 | 2016-08-17 | 联想(北京)有限公司 | Information processing method and system, electronic equipment and server |
| CN105893845A (en)* | 2016-04-05 | 2016-08-24 | 北京金山安全软件有限公司 | Data processing method and device |
| CN106127063A (en)* | 2016-06-12 | 2016-11-16 | 乐视控股(北京)有限公司 | A kind of mobile device navigation management method and device |
| CN106325993A (en)* | 2016-08-22 | 2017-01-11 | 宇龙计算机通信科技(深圳)有限公司 | Freezing method of application program and terminal |
| CN107491695A (en)* | 2017-08-10 | 2017-12-19 | 佛山市三水区彦海通信工程有限公司 | A kind of critical data reads recording method |
| CN108549576A (en)* | 2018-04-19 | 2018-09-18 | Oppo广东移动通信有限公司 | File monitoring method and device, electronic equipment and storage medium |
| CN109753265A (en)* | 2019-01-08 | 2019-05-14 | 合肥联宝信息技术有限公司 | A kind of control method and electronic equipment |
| CN109815701A (en)* | 2018-12-29 | 2019-05-28 | 360企业安全技术(珠海)有限公司 | Detection method, client, system and the storage medium of software security |
| CN110059071A (en)* | 2019-03-13 | 2019-07-26 | 平安普惠企业管理有限公司 | Data comparison monitoring method, system, equipment and medium based on storing process |
| CN110297738A (en)* | 2019-05-21 | 2019-10-01 | 深圳壹账通智能科技有限公司 | Monitoring method, device, equipment and the storage medium of system service |
| CN110309653A (en)* | 2019-04-25 | 2019-10-08 | 维沃移动通信有限公司 | A security protection processing method and terminal |
| CN113297149A (en)* | 2021-06-21 | 2021-08-24 | 中国农业银行股份有限公司 | Method and device for monitoring data processing request |
| CN114969743A (en)* | 2022-06-22 | 2022-08-30 | 深圳市沃特沃德信息有限公司 | Detection method, device, device and medium for malicious application |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102110220A (en)* | 2011-02-14 | 2011-06-29 | 宇龙计算机通信科技(深圳)有限公司 | Application program monitoring method and device |
| CN102915417A (en)* | 2012-09-18 | 2013-02-06 | 鸿富锦精密工业(深圳)有限公司 | Application monitoring system and application monitoring method |
| CN104021062A (en)* | 2013-03-01 | 2014-09-03 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN104462961A (en)* | 2014-12-24 | 2015-03-25 | 北京奇虎科技有限公司 | Mobile terminal and privacy permission optimizing method thereof |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102110220A (en)* | 2011-02-14 | 2011-06-29 | 宇龙计算机通信科技(深圳)有限公司 | Application program monitoring method and device |
| CN102915417A (en)* | 2012-09-18 | 2013-02-06 | 鸿富锦精密工业(深圳)有限公司 | Application monitoring system and application monitoring method |
| CN104021062A (en)* | 2013-03-01 | 2014-09-03 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN104462961A (en)* | 2014-12-24 | 2015-03-25 | 北京奇虎科技有限公司 | Mobile terminal and privacy permission optimizing method thereof |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871556A (en)* | 2016-03-28 | 2016-08-17 | 联想(北京)有限公司 | Information processing method and system, electronic equipment and server |
| CN105893845A (en)* | 2016-04-05 | 2016-08-24 | 北京金山安全软件有限公司 | Data processing method and device |
| CN105893845B (en)* | 2016-04-05 | 2019-05-10 | 珠海豹趣科技有限公司 | A kind of data processing method and device |
| CN106127063A (en)* | 2016-06-12 | 2016-11-16 | 乐视控股(北京)有限公司 | A kind of mobile device navigation management method and device |
| CN106325993A (en)* | 2016-08-22 | 2017-01-11 | 宇龙计算机通信科技(深圳)有限公司 | Freezing method of application program and terminal |
| CN107491695A (en)* | 2017-08-10 | 2017-12-19 | 佛山市三水区彦海通信工程有限公司 | A kind of critical data reads recording method |
| CN108549576A (en)* | 2018-04-19 | 2018-09-18 | Oppo广东移动通信有限公司 | File monitoring method and device, electronic equipment and storage medium |
| CN109815701A (en)* | 2018-12-29 | 2019-05-28 | 360企业安全技术(珠海)有限公司 | Detection method, client, system and the storage medium of software security |
| CN109815701B (en)* | 2018-12-29 | 2022-04-22 | 奇安信安全技术(珠海)有限公司 | Software security detection method, client, system and storage medium |
| CN109753265A (en)* | 2019-01-08 | 2019-05-14 | 合肥联宝信息技术有限公司 | A kind of control method and electronic equipment |
| CN110059071A (en)* | 2019-03-13 | 2019-07-26 | 平安普惠企业管理有限公司 | Data comparison monitoring method, system, equipment and medium based on storing process |
| CN110059071B (en)* | 2019-03-13 | 2024-05-31 | 深圳市大梦龙途网络科技有限公司 | Data comparison monitoring method, system, equipment and medium based on storage process |
| CN110309653A (en)* | 2019-04-25 | 2019-10-08 | 维沃移动通信有限公司 | A security protection processing method and terminal |
| CN110297738A (en)* | 2019-05-21 | 2019-10-01 | 深圳壹账通智能科技有限公司 | Monitoring method, device, equipment and the storage medium of system service |
| CN113297149A (en)* | 2021-06-21 | 2021-08-24 | 中国农业银行股份有限公司 | Method and device for monitoring data processing request |
| CN114969743A (en)* | 2022-06-22 | 2022-08-30 | 深圳市沃特沃德信息有限公司 | Detection method, device, device and medium for malicious application |
| Publication | Publication Date | Title |
|---|---|---|
| CN104915599A (en) | Application program monitoring method and terminal | |
| US10846425B2 (en) | Data protection based on user input during device boot-up, user login, and device shut-down states | |
| US10554805B2 (en) | Information processing method, terminal, and computer-readable storage medium | |
| CN103368904B (en) | The detection of mobile terminal, questionable conduct and decision-making system and method | |
| US9953161B2 (en) | Method, device and system for processing notification bar message | |
| CN104468611B (en) | The data safety processing method and device switched based on dual system | |
| EP3089068A1 (en) | Application program management method, device, terminal, and computer storage medium | |
| CN108763951B (en) | Data protection method and device | |
| CN111259382A (en) | Malicious behavior identification method, device and system and storage medium | |
| CN104866770B (en) | Sensitive data scanning method and system | |
| WO2016197461A1 (en) | Application software permission recommendation method, apparatus and system, and storage medium | |
| CN107944292B (en) | A kind of privacy data protection method and system | |
| Liccardi et al. | Improving mobile app selection through transparency and better permission analysis | |
| CN106648384A (en) | Method and device for invoking a service | |
| CN116108435A (en) | On-demand opening method and device of mobile terminal security aspect | |
| Liccardi et al. | Improving user choice through better mobile apps transparency and permissions analysis | |
| US20170372311A1 (en) | Secure payment-protecting method and related electronic device | |
| WO2015123227A1 (en) | Systems and methods for informing users about applications available for download | |
| CN112905971A (en) | Method and device for processing information | |
| US12326934B2 (en) | Detecting suspicious activation of an application in a computer device | |
| US9203850B1 (en) | Systems and methods for detecting private browsing mode | |
| CN108092795A (en) | A kind of reminding method, terminal device and computer-readable medium | |
| WO2022193142A1 (en) | Behavior monitoring method and apparatus, terminal device, and computer readable storage medium | |
| Kaur et al. | PeMo: Modifying application's permissions and preventing information stealing on smartphones | |
| CN106453057A (en) | Method and terminal for preventing short message from being stolen |
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication | Application publication date:20150916 |