CN106693366A - Method to verify legitimacy ofoperation and equipment and installation package reinforcement method and device - Google Patents
Method to verify legitimacy ofoperation and equipment and installation package reinforcement method and device Download PDFInfo
- Publication number
- CN106693366A CN106693366A CN201611111682.9A CN201611111682A CN106693366A CN 106693366 A CN106693366 A CN 106693366A CN 201611111682 A CN201611111682 A CN 201611111682A CN 106693366 A CN106693366 A CN 106693366A
- Authority
- CN
- China
- Prior art keywords
- application program
- incoming event
- installation kit
- response events
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 75
- 238000009434 installation Methods 0.000 title claims abstract description 46
- 230000002787 reinforcement Effects 0.000 title abstract 2
- 230000004044 response Effects 0.000 claims abstract description 80
- 238000012795 verification Methods 0.000 claims description 25
- 238000010200 validation analysis Methods 0.000 claims description 18
- 230000000694 effects Effects 0.000 claims description 9
- 238000004321 preservation Methods 0.000 claims description 6
- 238000013515 script Methods 0.000 abstract description 24
- 230000006399 behavior Effects 0.000 abstract description 6
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 abstract description 5
- 239000010931 gold Substances 0.000 abstract description 5
- 229910052737 gold Inorganic materials 0.000 abstract description 5
- 230000006870 function Effects 0.000 description 52
- 230000003014 reinforcing effect Effects 0.000 description 9
- 238000012905 input function Methods 0.000 description 7
- 238000002347 injection Methods 0.000 description 4
- 239000007924 injection Substances 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000004088 simulation Methods 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000001035 drying Methods 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
Classifications
-
- A—HUMAN NECESSITIES
- A63—SPORTS; GAMES; AMUSEMENTS
- A63F—CARD, BOARD, OR ROULETTE GAMES; INDOOR GAMES USING SMALL MOVING PLAYING BODIES; VIDEO GAMES; GAMES NOT OTHERWISE PROVIDED FOR
- A63F13/00—Video games, i.e. games using an electronically generated display having two or more dimensions
- A63F13/70—Game security or game management aspects
- A63F13/73—Authorising game programs or game devices, e.g. checking authenticity
-
- A—HUMAN NECESSITIES
- A63—SPORTS; GAMES; AMUSEMENTS
- A63F—CARD, BOARD, OR ROULETTE GAMES; INDOOR GAMES USING SMALL MOVING PLAYING BODIES; VIDEO GAMES; GAMES NOT OTHERWISE PROVIDED FOR
- A63F13/00—Video games, i.e. games using an electronically generated display having two or more dimensions
- A63F13/70—Game security or game management aspects
- A63F13/75—Enforcing rules, e.g. detecting foul play or generating lists of cheating players
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Software Systems (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a method to verify the legitimacy of an operation and equipment and an installation package reinforcement method anda device. The method to verify the legitimacy of the operation comprises the steps of after an application program is under running condition, obtaining and storing input events on an intelligent terminal screen, obtaining a response event of the application program, when the response event of the application program is obtained, and determining if input events matching with the response events exist in the already stored events, if the answer is negative, determining that a user makes an illegal operation. The technical scheme can effectively determine the operation taken by a user to the application program is a manual operation or a script operation. The game application program can be used as one example, the illegal behaviors such as on-hook and refreshing of gold coins done by users by using scripts can be detected, and the operator can implement corresponding penalties based on the detected illegal operation of the user.
Description
Technical field
The present invention relates to information security field, and in particular to the method for verification operation legitimacy, device and reinforce installation kit
Method, device.
Background technology
The application program of developer's exploitation is generally desirable to user and is operated to experience by itself, especially many game
Application program, if using plug-in program, not only influenceing the balance of game, has also lacked many game-play enjoyments.
By taking mobile phone games as an example, under normal circumstances, user is input into corresponding instruction by clicking on screen on mobile phone so that
Application program recognizes these instructions to control game to send corresponding response according to built-in script.If cracker is to built-in
Script cracked, it is possible to realization is not operated manually, but by script come the generation of control response event, such nothing
The requirement for not meeting game operator is suspected to be, how to detect that illegal operation is the problem for needing to solve.
The content of the invention
In view of the above problems, it is proposed that the present invention so as to provide one kind overcome above mentioned problem or at least in part solve on
State method, the device of the method, device and reinforcing installation kit of the verification operation legitimacy of problem.
According to one aspect of the present invention, there is provided a kind of method of verification operation legitimacy, including:
After application program operation, the incoming event on intelligent terminal screen is obtained and preserved;
Obtain the response events of the application program;
When the response events of the application program are got, in the incoming event that has preserved of judgement, if having with it is described
The incoming event of response events matching;
If no, judging, user has carried out illegal operation.
Alternatively, the incoming event for obtaining and preserving on intelligent terminal screen includes:
When the incoming event on intelligent terminal screen is got, by incoming event preservation corresponding with current time.
Alternatively, the incoming event is the incoming event related to the application program.
Alternatively, the incoming event for obtaining and preserving on intelligent terminal screen includes:
Obtain and preserve the incoming event in the range of the picture that the application program shows on intelligent terminal screen.
Alternatively, the response events for obtaining application program include:
Obtain the execution event of specified function in the application program;The specified function is in screen to the application program
The function that the content of curtain display is refreshed.
Alternatively, the method also includes:
The matching relationship table of the response events of default incoming event and application program;
It is described to judge the incoming event that has preserved, if to there is the incoming event matched with the response events to include:
According to the incoming event that the matching relationship table determines to be matched with the response events;
Searched in the incoming event for having preserved and the incoming event for matching.
Alternatively, the illegal operation that the user is carried out is:It is not carried out the illegal script of the incoming event for matching
Operation.
Alternatively, the method also includes:
User the information reporting of illegal operation to the server of application program has been carried out into.
Alternatively, the user carried out illegal operation information include it is following at least one:
The version number of application program;
The signing messages of application program;
The accounts information of the user of the application program is logged in;
The response events of the application program of the incoming event of matching are not found.
Alternatively, the method also includes:
The instruction that the server of the application program is issued is received, corresponding operation is performed to the application program;It is described
Instruct at least one in including as follows:
Display stops carrying out the prompt message of illegal operation;
The latest edition of application program is obtained from the server of the application program, application program is updated;
Kick out user account.
According to another aspect of the present invention, there is provided a kind of method of reinforcing installation kit, including:
Validation Code is bundled in the installation kit of application program, the Validation Code is adapted for carrying out such as above-mentioned any one institute
The method stated.
Alternatively, the method also includes:
Installation kit to application program performs decompiling, obtains the middle assembly code of the application program;
The middle assembly code is traveled through, at least one system callback interface function is obtained;
It is described to include the installation kit that Validation Code is bundled to application program:Will be with the system callback interface function pair
The Validation Code answered is bundled in the installation kit of application program.
Alternatively, the system callback interface function is:OnTouch () function in Activity components, and/or
Handle_input functions.
According to another aspect of the present invention, there is provided a kind of device of verification operation legitimacy, including:
Incoming event acquiring unit, is suitable to after application program is run, and obtains and preserve the input on intelligent terminal screen
Event;
Response events acquiring unit, is suitable to obtain the response events of the application program;
Authentication unit, is suitable to, when the response events acquiring unit gets the response events of the application program, sentence
In the disconnected incoming event for having preserved, if having the incoming event matched with the response events;If no, judging, user is carried out
Illegal operation.
Alternatively, the incoming event acquiring unit, is suitable to when the incoming event on intelligent terminal screen is got, will
The incoming event is corresponding with current time to be preserved.
Alternatively, the incoming event is the incoming event related to the application program.
Alternatively, the incoming event acquiring unit, is suitable to obtain and preserve the application program in intelligent terminal screen
Incoming event in the range of the picture of upper displaying.
Alternatively, the response events acquiring unit, is suitable to obtain the execution event of specified function in the application program;
The specified function is the function refreshed in the content of screen display to the application program.
Alternatively, the authentication unit, include default incoming event and the response events of application program matches pass
It is table;The authentication unit is particularly adapted to the incoming event matched with the response events according to matching relationship table determination,
Searched in the incoming event for having preserved and the incoming event for matching.
Alternatively, the illegal operation that the user is carried out is:It is not carried out the illegal script of the incoming event for matching
Operation.
Alternatively, countermeasure unit, is suitable to for user to have carried out the information reporting of illegal operation to the server of application program.
Alternatively, the user carried out illegal operation information include it is following at least one:
The version number of application program;
The signing messages of application program;
The accounts information of the user of the application program is logged in;
The response events of the application program of the incoming event of matching are not found.
Alternatively, the countermeasure unit, is further adapted for receiving the instruction that the server of the application program is issued, and answers described
Corresponding operation is performed with program;At least one instructed in including as follows:Display stops carrying out the prompting of illegal operation
Information;The latest edition of application program is obtained from the server of the application program, application program is updated;Kick out
User account.
According to another aspect of the invention, there is provided a kind of device of reinforcing installation kit, wherein, the device includes:
Packaged unit, is suitable to for the device of the verification operation legitimacy as described in above-mentioned any one to be bundled to application program
In installation kit.
Alternatively, the device also includes:
Decompiling unit, is suitable to perform decompiling to the installation kit of application program, obtains the middle remittance of the application program
Compile code;
Function lookup unit, is suitable to the traversal middle assembly code, obtains at least one system callback interface function;
The packaged unit, is suitable to beat in the device of verification operation legitimacy corresponding with the system callback interface function
In wrapping the installation kit of application program.
Alternatively, the system callback interface function is:OnTouch () function in Activity components, and/or
Handle_input functions.
From the foregoing, technical scheme, response events by the application program that will be got with obtain simultaneously
Incoming event on the intelligent terminal screen of record is matched, and judges whether response events are according to the incoming event on screen
And produce, so as to judge whether user has carried out illegal operation.The technical scheme can effectively judge user to application
The operation that program is carried out is manually operated or script operation, by taking game application as an example, is able to detect that user uses pin
Originally the behavior that on-hook, brush gold coin etc. do not conform to rule is carried out, operator can carry out phase according to the illegal operation of the user for detecting
The punishment answered.
Described above is only the general introduction of technical solution of the present invention, in order to better understand technological means of the invention,
And can be practiced according to the content of specification, and in order to allow the above and other objects of the present invention, feature and advantage can
Become apparent, below especially exemplified by specific embodiment of the invention.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit is common for this area
Technical staff will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention
Limitation.And in whole accompanying drawing, identical part is denoted by the same reference numerals.In the accompanying drawings:
Fig. 1 shows a kind of schematic flow sheet of the method for verification operation legitimacy according to an embodiment of the invention;
Fig. 2 shows a kind of structural representation of the device of verification operation legitimacy according to an embodiment of the invention;
Fig. 3 shows a kind of structural representation of device for reinforcing installation kit according to an embodiment of the invention.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
Limited.Conversely, there is provided these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
Fig. 1 shows a kind of schematic flow sheet of the method for verification operation legitimacy according to an embodiment of the invention,
As shown in figure 1, the method includes:
Step S110, after application program operation, obtains and preserves the incoming event on intelligent terminal screen.
Step S120, obtains the response events of application program.
Step S130, when the response events of application program are got, in the incoming event that has preserved of judgement, if having with
The incoming event of response events matching.
In general, the response events of application program have been required for the corresponding incoming event could to trigger, and to Android system
For system, iOS system, incoming event is typically the events such as touch, the slip on screen.For example, user is when mobile phone games are played,
Click on screen with finger to control the movement of personage, then when user clicks on screen, incoming event is just generated naturally, and swum
Personage should be moved to specified location by play according to the click of user, then here it is corresponding response events.For trip
For play cracker, what its needs made is exactly to change this rule, by script come the generation of simulation input event, so, from
So just obtain less than the incoming event on screen, but application program still can be corresponding according to the incoming event of simulation, triggering
Response events, cannot thus find the incoming event matched with response events.
Step S140, if not having, judges that user has carried out illegal operation.
It can be seen that, the method shown in Fig. 1, by response events and the intelligence for obtaining and record of the application program that will be got
Incoming event on terminal screen is matched, and judges whether response events are to be produced according to the incoming event on screen,
So as to judge whether user has carried out illegal operation.The technical scheme can effectively judge what user was carried out to application program
Operation is manually operated or script operation, by taking game application as an example, be able to detect that user using script carry out on-hook,
Brush gold coin etc. does not conform to the behavior of rule, and operator can accordingly be punished according to the illegal operation of the user for detecting.
In one embodiment of the invention, in the above method, obtain and preserve the incoming event on intelligent terminal screen
Including:When the incoming event on intelligent terminal screen is got, by incoming event preservation corresponding with current time.
So, when response events are got, can be according to the time for getting response events, in regular hour limit
The interior incoming event for searching matching, is unlikely to occur user and arbitrarily clicks several sub-screens after game is started, afterwards completely according to
By script operation, but it is not recognized as the situation of illegal operation.
In one embodiment of the invention, in the above method, incoming event is the incoming event related to application program.
Many application programs can't take whole screen, and the operation that user is carried out on screen is also not necessarily to application
The operation that program is carried out, therefore it is nonsensical to record these incoming events to the legitimacy of checking user's operation, therefore
In one embodiment of the present of invention, in the above method, obtaining and preserve the incoming event on intelligent terminal screen includes:Obtain simultaneously
Preserve the incoming event in the range of the picture that application program shows on intelligent terminal screen.
So, user when application program is switched into backstage, will not also obtain and preserve in exhalation System menu
Unnecessary incoming event, while also therefore will not cause to verify the mistake of user's operation validity.
In one embodiment of the invention, in the above method, the response events for obtaining application program include:Obtain application
The execution event of specified function in program;Specified function is the function refreshed in the content of screen display to application program.
For example, using the mobile phone games of cocos2d engines, its interface engine is OpenGL, specifically, by reflash
Function realizes the refreshing of screen display content, then for the game, it is possible to obtain the execution event of reflash functions.
In one embodiment of the invention, the above method also includes:The response thing of default incoming event and application program
The matching relationship table of part;In the incoming event that has preserved of judgement, if there is the incoming event matched with response events to include:According to
Matching relationship table determines the incoming event matched with the response events;That searches and match in the incoming event for having preserved is defeated
Incoming event.
For example, the different zones of user's click screen can perform different operating, such as control personage movement, purchase thing
Product etc., that is to say, that the possible corresponding response events of different incoming events are also different, therefore in the present embodiment, in order to more accurate
The legitimacy of true ground verification operation, in addition it is also necessary to the input thing matched with the response events for getting is determined using matching relationship table
Part.
In one embodiment of the invention, in the above method, the illegal operation that user is carried out is:It is not carried out what is matched
The illegal script operation of incoming event.
For example, user should click on the designated area on screen, personage could be moved to the region, but the actual operation
It is, by cracking game, to be realized using script, then script is personage's movement script, that is, user is moved using personage
The illegal operation of dynamic script.
In one embodiment of the invention, the above method also includes:User the information reporting of illegal operation has been carried out into
To the server of application program.Specifically, user carried out illegal operation information include it is following at least one:Using journey
The version number of sequence;The signing messages of application program;The accounts information of the user of the application program is logged in;The defeated of matching is not found
The response events of the application program of incoming event.
So the developer of application program can be updated according to these information to application program, block that may be present
Code injection leak.And for game application, many users are that special download is cracked the application program of version and reached
The purposes such as free game play, it is also possible to these users are punished by the accounts information of the user for getting.
In one embodiment of the invention, the above method also includes:The instruction that the server of application program is issued is received,
Corresponding operation is performed to application program;Instruct at least one in including as follows:Display application program is attacked by code injection
The prompt message hit;The latest edition of application program is obtained from the server of application program, application program is updated;Force
Logging off users account.
Some are given in the present embodiment to detecting the countermeasure after code injection is attacked, such as with official version
Application program installation kit is updated to application program, so substituted for the application program for being subject to code injection to attack;Or,
By taking game application as an example, user can be carried out forcing the punishment such as offline or title, can so reduce game operator
Loss.
In one embodiment of the invention, there is provided it is a kind of reinforce installation kit method, wherein, the method includes:Will
Validation Code is bundled in the installation kit of application program, and Validation Code is adapted for carrying out such as the method for above-mentioned any embodiment.
Above-described embodiment describes the method in the postrun verification operation legitimacy of application program.And the present embodiment is to answer
A kind of easily method is provided with the developer of program, i.e., need not write above-mentioned in the code development of application program
Verifying logic, but only that submitting the installation kit of the application program of exploitation completion to.So in the present embodiment, can be to each side
The installation kit of the application program of offer carries out the addition of unified Validation Code.
In one embodiment of the invention, the above method also includes:Installation kit to application program performs decompiling, obtains
To the middle assembly code of application program;Assembly code in the middle of traversal, obtains at least one system callback interface function;Will checking
The installation kit that code is bundled to application program includes:Validation Code corresponding with system callback interface function is bundled to application
In the installation kit of program.Wherein, system callback interface function is:OnTouch () function in Activity components, and/or
Handle_input functions.
For example, the exploitation of application program may use Java language, it is also possible to use C Plus Plus etc., different language rings
Under border, system callback interface is also different, and the system callback interface function under Java context is the onTouch in Activity components
() function, the system callback interface function under C++ environment is handle_input functions.So when generation input thing on screen
During part, because system can automatically call corresponding system callback interface function, and Validation Code is and system callback interface function
Correspondence is added in application program, therefore Validation Code can also be performed, and so be achieved that on intelligent terminal screen
The acquisition and preservation of incoming event.
Fig. 2 shows a kind of structural representation of the device of verification operation legitimacy according to an embodiment of the invention,
As shown in Fig. 2 the device 200 of verification operation legitimacy includes:
Incoming event acquiring unit 210, is suitable to after application program is run, and obtains and preserve defeated on intelligent terminal screen
Incoming event.
Response events acquiring unit 220, is suitable to obtain the response events of application program.
Authentication unit 230, is suitable to when response events acquiring unit gets the response events of application program, and judgement has been protected
In the incoming event deposited, if having the incoming event matched with response events;If no, judging, user has carried out illegal behaviour
Make.
It can be seen that, the device shown in Fig. 2, by response events and the intelligence for obtaining and record of the application program that will be got
Incoming event on terminal screen is matched, and judges whether response events are to be produced according to the incoming event on screen,
So as to judge whether user has carried out illegal operation.The technical scheme can effectively judge what user was carried out to application program
Operation is manually operated or script operation, by taking game application as an example, be able to detect that user using script carry out on-hook,
Brush gold coin etc. does not conform to the behavior of rule, and operator can accordingly be punished according to the illegal operation of the user for detecting.
In one embodiment of the invention, in the device shown in Fig. 2, incoming event acquiring unit 210 is suitable to obtaining
During incoming event on to intelligent terminal screen, preserve the incoming event is corresponding with current time.
In one embodiment of the invention, in the device shown in Fig. 2, incoming event is the input related to application program
Event.
In one embodiment of the invention, in said apparatus, incoming event acquiring unit 210 is suitable to obtain and preserves
The incoming event in the range of picture that application program shows on intelligent terminal screen.
In one embodiment of the invention, in the device shown in Fig. 2, response events acquiring unit 220 is suitable to obtain and answers
With the execution event of specified function in program;Specified function is the letter refreshed in the content of screen display to application program
Number.
In one embodiment of the invention, in the device shown in Fig. 2, authentication unit 230 includes default input thing
The matching relationship table of the response events of part and application program;Authentication unit is particularly adapted to be determined and the response according to matching relationship table
The incoming event of event matches, the incoming event searched and match in the incoming event for having preserved.
In one embodiment of the invention, in said apparatus, the illegal operation that user is carried out is:It is not carried out what is matched
The illegal script operation of incoming event.
In one embodiment of the invention, the device shown in Fig. 2 also includes:Countermeasure unit (not shown), be suitable to by with
Family has carried out the information reporting of illegal operation to the server of application program.
In one embodiment of the invention, in said apparatus, user carried out illegal operation information include it is following in
At least one:The version number of application program;The signing messages of application program;The account letter of the user of the application program is logged in
Breath;The response events of the application program of the incoming event of matching are not found.
In one embodiment of the invention, in said apparatus, countermeasure unit is further adapted for receiving the server of application program
The instruction for issuing, corresponding operation is performed to application program;Instruct at least one in including as follows:Display stopping is carried out illegally
The prompt message of operation;The latest edition of application program is obtained from the server of application program, application program is updated;By force
Logging off users account processed.
Fig. 3 shows a kind of structural representation of device for reinforcing installation kit according to an embodiment of the invention, such as Fig. 3
Shown, the device 300 for reinforcing installation kit includes:
Packaged unit 310, is suitable to for the device 200 of the verification operation legitimacy of such as above-mentioned any embodiment to be bundled to application
In the installation kit of program.
In one embodiment of the invention, the device shown in Fig. 3 also includes:
Decompiling unit 320, is suitable to perform the installation kit of application program decompiling, compilation in the middle of the program that is applied
Code.
Function lookup unit 330, is suitable to travel through middle assembly code, obtains at least one system callback interface function.
Packaged unit 310, is suitable to be bundled in the device of verification operation legitimacy corresponding with system callback interface function
In the installation kit of application program.
In one embodiment of the invention, in said apparatus, system callback interface function is:In Activity components
OnTouch () function, and/or handle_input functions.
It should be noted that the specific embodiment of above-mentioned each device embodiment is specific with foregoing corresponding method embodiment
Implementation method is identical, will not be repeated here.
In sum, technical scheme, response events by the application program that will be got with obtain and remember
Incoming event on the intelligent terminal screen of record is matched, and judges whether response events are according to the incoming event on screen
Produce, so as to judge whether user has carried out illegal operation.The technical scheme can effectively judge user to application journey
The operation that sequence is carried out is manually operated or script operation, by taking game application as an example, is able to detect that user uses script
The behavior that on-hook, brush gold coin etc. do not conform to rule is carried out, operator can be carried out accordingly according to the illegal operation of the user for detecting
Punishment.
It should be noted that:
Algorithm and display be not inherently related to any certain computer, virtual bench or miscellaneous equipment provided herein.
Various fexible units can also be used together with based on teaching in this.As described above, construct required by this kind of device
Structure be obvious.Additionally, the present invention is not also directed to any certain programmed language.It is understood that, it is possible to use it is various
Programming language realizes the content of invention described herein, and the description done to language-specific above is to disclose this hair
Bright preferred forms.
In specification mentioned herein, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention
Example can be put into practice in the case of without these details.In some instances, known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify one or more that the disclosure and helping understands in each inventive aspect, exist
Above to the description of exemplary embodiment of the invention in, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
The application claims of shield features more more than the feature being expressly recited in each claim.More precisely, such as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, and wherein each claim is in itself
All as separate embodiments of the invention.
Those skilled in the art are appreciated that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment
Unit or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or
Sub-component.In addition at least some in such feature and/or process or unit exclude each other, can use any
Combine to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power
Profit is required, summary and accompanying drawing) disclosed in each feature can the alternative features of or similar purpose identical, equivalent by offer carry out generation
Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments
In included some features rather than further feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment required for protection is appointed
One of meaning mode can be used in any combination.
All parts embodiment of the invention can be realized with hardware, or be run with one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) come realize verification operation legitimacy according to embodiments of the present invention device and
The some or all functions of some or all parts reinforced in the device of installation kit.The present invention be also implemented as
Some or all equipment or program of device of method as described herein are performed (for example, computer program and calculating
Machine program product).It is such to realize that program of the invention be stored on a computer-readable medium, or can have one
Or the form of multiple signals.Such signal can be downloaded from internet website and obtained, or be provided on carrier signal,
Or provided in any other form.
It should be noted that above-described embodiment the present invention will be described rather than limiting the invention, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol being located between bracket should not be configured to limitations on claims.Word "comprising" is not excluded the presence of not
Element listed in the claims or step.Word "a" or "an" before element is not excluded the presence of as multiple
Element.The present invention can come real by means of the hardware for including some different elements and by means of properly programmed computer
It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame
Claim.
Embodiment of the invention discloses that A1, a kind of method of verification operation legitimacy, wherein, the method includes:
After application program operation, the incoming event on intelligent terminal screen is obtained and preserved;
Obtain the response events of the application program;
When the response events of the application program are got, in the incoming event that has preserved of judgement, if having with it is described
The incoming event of response events matching;
If no, judging, user has carried out illegal operation.
A2, the method as described in A1, wherein, the incoming event for obtaining and preserving on intelligent terminal screen includes:
When the incoming event on intelligent terminal screen is got, by incoming event preservation corresponding with current time.
A3, the method as described in A1, wherein,
The incoming event is the incoming event related to the application program.
A4, the method as described in A3, wherein, the incoming event for obtaining and preserving on intelligent terminal screen includes:
Obtain and preserve the incoming event in the range of the picture that the application program shows on intelligent terminal screen.
A5, the method as described in A1, wherein, the response events for obtaining application program include:
Obtain the execution event of specified function in the application program;The specified function is in screen to the application program
The function that the content of curtain display is refreshed.
A6, the method as described in A1, wherein, the method also includes:
The matching relationship table of the response events of default incoming event and application program;
It is described to judge the incoming event that has preserved, if to there is the incoming event matched with the response events to include:
According to the incoming event that the matching relationship table determines to be matched with the response events;
Searched in the incoming event for having preserved and the incoming event for matching.
A7, the method as described in A6, wherein,
The illegal operation that the user is carried out is:It is not carried out the illegal script operation of the incoming event for matching.
A8, the method as described in A1, wherein, the method also includes:
User the information reporting of illegal operation to the server of application program has been carried out into.
A9, the method as described in A8, wherein, the user carried out illegal operation information include it is following at least one
Kind:
The version number of application program;
The signing messages of application program;
The accounts information of the user of the application program is logged in;
The response events of the application program of the incoming event of matching are not found.
A10, the method as described in A8, wherein, the method also includes:
The instruction that the server of the application program is issued is received, corresponding operation is performed to the application program;It is described
Instruct at least one in including as follows:
Display stops carrying out the prompt message of illegal operation;
The latest edition of application program is obtained from the server of the application program, application program is updated;
Kick out user account.
Embodiments of the invention also disclose B11, a kind of method of reinforcing installation kit, wherein, the method includes:
Validation Code is bundled in the installation kit of application program, the Validation Code is adapted for carrying out as any in A1-A10
Method described in.
B12, the method as described in B11, wherein, the method also includes:
Installation kit to application program performs decompiling, obtains the middle assembly code of the application program;
The middle assembly code is traveled through, at least one system callback interface function is obtained;
It is described to include the installation kit that Validation Code is bundled to application program:Will be with the system callback interface function pair
The Validation Code answered is bundled in the installation kit of application program.
B13, the method as described in B12, wherein,
The system callback interface function is:OnTouch () function in Activity components, and/or handle_
Input functions.
Embodiments of the invention also disclose C14, a kind of device of verification operation legitimacy, wherein, the device includes:
Incoming event acquiring unit, is suitable to after application program is run, and obtains and preserve the input on intelligent terminal screen
Event;
Response events acquiring unit, is suitable to obtain the response events of the application program;
Authentication unit, is suitable to, when the response events acquiring unit gets the response events of the application program, sentence
In the disconnected incoming event for having preserved, if having the incoming event matched with the response events;If no, judging, user is carried out
Illegal operation.
C15, the device as described in C14, wherein,
The incoming event acquiring unit, is suitable to, when the incoming event on intelligent terminal screen is got, this is input into
Event is corresponding with current time to be preserved.
C16, the device as described in C14, wherein,
The incoming event is the incoming event related to the application program.
C17, the device as described in C16, wherein,
The incoming event acquiring unit, is suitable to obtain and preserve what the application program showed on intelligent terminal screen
Incoming event in the range of picture.
C18, the device as described in C14, wherein,
The response events acquiring unit, is suitable to obtain the execution event of specified function in the application program;The finger
It is the function refreshed in the content of screen display to the application program to determine function.
C19, the device as described in C14, wherein,
The authentication unit, includes the matching relationship table of default incoming event and the response events of application program;Institute
State authentication unit and be particularly adapted to the incoming event matched with the response events according to matching relationship table determination, what is preserved
Searched in incoming event and the incoming event for matching.
C20, the device as described in C19, wherein,
The illegal operation that the user is carried out is:It is not carried out the illegal script operation of the incoming event for matching.
C21, the device as described in C14, wherein, the device also includes:
Countermeasure unit, is suitable to for user to have carried out the information reporting of illegal operation to the server of application program.
C22, the device as described in C21, wherein, the user carried out illegal operation information include it is following at least
It is a kind of:
The version number of application program;
The signing messages of application program;
The accounts information of the user of the application program is logged in;
The response events of the application program of the incoming event of matching are not found.
C23, the device as described in C21, wherein,
The countermeasure unit, is further adapted for receiving the instruction that the server of the application program is issued, to the application program
Perform corresponding operation;At least one instructed in including as follows:Display stops carrying out the prompt message of illegal operation;From
The server of the application program obtains the latest edition of application program, and application program is updated;Kick out user's account
Family.
Embodiments of the invention also disclose D24, a kind of device of reinforcing installation kit, wherein, the device includes:
Packaged unit, is suitable to for the device of the verification operation legitimacy as any one of C14-C23 to be bundled to application
In the installation kit of program.
D25, the device as described in D24, wherein, the device also includes:
Decompiling unit, is suitable to perform decompiling to the installation kit of application program, obtains the middle remittance of the application program
Compile code;
Function lookup unit, is suitable to the traversal middle assembly code, obtains at least one system callback interface function;
The packaged unit, is suitable to beat in the device of verification operation legitimacy corresponding with the system callback interface function
In wrapping the installation kit of application program.
D26, the device as described in D25, wherein,
The system callback interface function is:OnTouch () function in Activity components, and/or handle_
Input functions.
Claims (10)
1. a kind of method of verification operation legitimacy, wherein, the method includes:
After application program operation, the incoming event on intelligent terminal screen is obtained and preserved;
Obtain the response events of the application program;
When the response events of the application program are got, in the incoming event that judgement has been preserved, if having and the response
The incoming event of event matches;
If no, judging, user has carried out illegal operation.
2. the method for claim 1, wherein the incoming event for obtaining and preserving on intelligent terminal screen includes:
When the incoming event on intelligent terminal screen is got, by incoming event preservation corresponding with current time.
3. it is a kind of reinforce installation kit method, wherein, the method includes:
Validation Code is bundled in the installation kit of application program, the Validation Code is adapted for carrying out as appointed in claim 1-2
Method described in one.
4. method as claimed in claim 3, wherein, the method also includes:
Installation kit to application program performs decompiling, obtains the middle assembly code of the application program;
The middle assembly code is traveled through, at least one system callback interface function is obtained;
It is described to include the installation kit that Validation Code is bundled to application program:Will be corresponding with the system callback interface function
Validation Code is bundled in the installation kit of application program.
5. method as claimed in claim 4, wherein,
The system callback interface function is:OnTouch () function in Activity components, and/or handle_input letters
Number.
6. a kind of device of verification operation legitimacy, wherein, the device includes:
Incoming event acquiring unit, is suitable to after application program is run, and obtains and preserve the incoming event on intelligent terminal screen;
Response events acquiring unit, is suitable to obtain the response events of the application program;
Authentication unit, is suitable to, when the response events acquiring unit gets the response events of the application program, judge
In the incoming event of preservation, if having the incoming event matched with the response events;If it is non-no, to judge that user has been carried out
Method is operated.
7. device as claimed in claim 6, wherein,
The incoming event acquiring unit, is suitable to when the incoming event on intelligent terminal screen is got, by the incoming event
It is corresponding with current time to preserve.
8. it is a kind of reinforce installation kit device, wherein, the device includes:
Packaged unit, is suitable to for the device of the verification operation legitimacy as any one of claim 6-7 to be bundled to application
In the installation kit of program.
9. device as claimed in claim 8, wherein, the device also includes:
Decompiling unit, is suitable to perform decompiling to the installation kit of application program, obtains the middle compilation generation of the application program
Code;
Function lookup unit, is suitable to the traversal middle assembly code, obtains at least one system callback interface function;
The packaged unit, is suitable to be bundled in the device of verification operation legitimacy corresponding with the system callback interface function
In the installation kit of application program.
10. device as claimed in claim 9, wherein,
The system callback interface function is:OnTouch () function in Activity components, and/or handle_input letters
Number.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611111682.9A CN106693366B (en) | 2016-12-06 | 2016-12-06 | Method and device for verifying operation validity and method and device for reinforcing installation package |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611111682.9A CN106693366B (en) | 2016-12-06 | 2016-12-06 | Method and device for verifying operation validity and method and device for reinforcing installation package |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106693366A true CN106693366A (en) | 2017-05-24 |
CN106693366B CN106693366B (en) | 2020-04-21 |
Family
ID=58937580
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611111682.9A Active CN106693366B (en) | 2016-12-06 | 2016-12-06 | Method and device for verifying operation validity and method and device for reinforcing installation package |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106693366B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108733193A (en) * | 2018-03-27 | 2018-11-02 | 广东欧珀移动通信有限公司 | Method, apparatus, storage medium and the intelligent terminal of adjustment frame per second |
CN113996058A (en) * | 2021-11-01 | 2022-02-01 | 腾讯科技(深圳)有限公司 | Information processing method, information processing device, electronic equipment and computer readable storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140100989A1 (en) * | 2012-10-04 | 2014-04-10 | Valuerz, Inc. | Systems and methods for deetermining a fair price range for commodities |
CN105426761A (en) * | 2015-11-18 | 2016-03-23 | 广东欧珀移动通信有限公司 | Identification method for illegal application and mobile terminal |
CN105530101A (en) * | 2016-02-29 | 2016-04-27 | 宇龙计算机通信科技(深圳)有限公司 | Fingerprint authentication method and device |
CN105871867A (en) * | 2016-04-27 | 2016-08-17 | 腾讯科技(深圳)有限公司 | Identity authentication method, system and equipment |
CN105999702A (en) * | 2016-05-23 | 2016-10-12 | 浙江工业大学 | Webgame archiving and restoring method based on data repeating mechanism |
-
2016
- 2016-12-06 CN CN201611111682.9A patent/CN106693366B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140100989A1 (en) * | 2012-10-04 | 2014-04-10 | Valuerz, Inc. | Systems and methods for deetermining a fair price range for commodities |
CN105426761A (en) * | 2015-11-18 | 2016-03-23 | 广东欧珀移动通信有限公司 | Identification method for illegal application and mobile terminal |
CN105530101A (en) * | 2016-02-29 | 2016-04-27 | 宇龙计算机通信科技(深圳)有限公司 | Fingerprint authentication method and device |
CN105871867A (en) * | 2016-04-27 | 2016-08-17 | 腾讯科技(深圳)有限公司 | Identity authentication method, system and equipment |
CN105999702A (en) * | 2016-05-23 | 2016-10-12 | 浙江工业大学 | Webgame archiving and restoring method based on data repeating mechanism |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108733193A (en) * | 2018-03-27 | 2018-11-02 | 广东欧珀移动通信有限公司 | Method, apparatus, storage medium and the intelligent terminal of adjustment frame per second |
CN108733193B (en) * | 2018-03-27 | 2020-06-30 | Oppo广东移动通信有限公司 | Method and device for intelligently adjusting frame rate, storage medium and intelligent terminal |
CN113996058A (en) * | 2021-11-01 | 2022-02-01 | 腾讯科技(深圳)有限公司 | Information processing method, information processing device, electronic equipment and computer readable storage medium |
CN113996058B (en) * | 2021-11-01 | 2023-07-25 | 腾讯科技(深圳)有限公司 | Information processing method, apparatus, electronic device, and computer-readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN106693366B (en) | 2020-04-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104517054B (en) | Method, device, client and server for detecting malicious APK | |
Ravindranath et al. | Automatic and scalable fault detection for mobile applications | |
Bhoraskar et al. | Brahmastra: Driving Apps to Test the Security of {Third-Party} Components | |
Sahami Shirazi et al. | Insights into layout patterns of mobile user interfaces by an automatic analysis of android apps | |
US8943478B2 (en) | Fault detection and localization in dynamic software applications | |
CN104050417B (en) | A kind of method and device detected in mobile terminal to application state | |
CN104268006B (en) | The back method and device of key mouse script | |
CN106326737B (en) | System and method for detecting the harmful file that can be executed on virtual stack machine | |
Abraham et al. | GroddDroid: a gorilla for triggering malicious behaviors | |
CN105373729B (en) | A kind of information processing method and system | |
JP2009529720A5 (en) | ||
WO2015025694A1 (en) | Scoring device and method for scoring security threat | |
CN104361285B (en) | The safety detection method and device of mobile device application program | |
CN105512521A (en) | Reinforcement and protection method and system for software installation package | |
CN105827664B (en) | Leak detection method and device | |
CN107967424A (en) | A kind of verification method of plug-in unit, device, terminal device and storage medium | |
CN106693366A (en) | Method to verify legitimacy ofoperation and equipment and installation package reinforcement method and device | |
EP3029595A2 (en) | Apparatuses, mobile devices, methods and computer programs for evaluating runtime information of an extracted set of instructions based on at least a part of a computer program | |
CN106250761A (en) | A kind of unit identifying web automation tools and method | |
CN106682496A (en) | Code injection attack detection method and device | |
US8408912B2 (en) | Computerized testing system for evaluating skills of formatted product producers and methods useful in conjunction therewith | |
US10671456B2 (en) | Method and device for acquiring application information | |
David | Ghidra Software Reverse Engineering for Beginners: Analyze, identify, and avoid malicious code and potential threats in your networks and systems | |
CN105447348B (en) | A kind of hidden method of display window, device and user terminal | |
CN107872688A (en) | The authorization data statistical method and system of a kind of functions of television set item |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240112 Address after: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
TR01 | Transfer of patent right |