CN108229165A - A kind of Malicious Code Detection environmental simulation method and system - Google Patents
A kind of Malicious Code Detection environmental simulation method and system Download PDFInfo
- Publication number
- CN108229165A CN108229165A CN201611193315.8A CN201611193315A CN108229165A CN 108229165 A CN108229165 A CN 108229165A CN 201611193315 A CN201611193315 A CN 201611193315A CN 108229165 A CN108229165 A CN 108229165A
- Authority
- CN
- China
- Prior art keywords
- correlation
- sim card
- data
- stain
- short message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of Malicious Code Detection environmental simulation method and system, including:SIM card correlation API is monitored, if sample has the behavior for obtaining SIM card related data, SIM card correlation stain data is forged and returns to sample and then simulate SIM card environment;Real user correlation stain data are forged, and based on the real user correlation stain digital simulation real user behavior;Wherein, the real user correlation stain data, including:Phone correlation stain data, short message correlation stain data.Technical solution of the present invention as detection environment and then is improved recall rate and promotes detection efficiency by the use of prototype, and using no SIM card scheme so that protect the privacy information of user conscientiously.
Description
Technical field
The present invention relates to field of information security technology more particularly to a kind of Malicious Code Detection environmental simulation method and it is
System.
Background technology
With the extensive use of Android platform and the characteristic of increasing income of android system, for the evil of android system
Security threat caused by code of anticipating is also increasingly severe.
Have many advantages, such as that financial cost is low due to detecting simulator, highly may customize, be easy to exploitation, easily deployment, simulation
Device detection technique is widely used in secure enterprise.But simulator can not simulate real handset completely, and anti-simulator technology is being applied
In it is also very universal, this will directly affect behavior of the application program when being run on simulator, while malicious code can be hidden
Malicious act is hidden, malicious act recall rate is caused to decline.
Furthermore simulator occupies a large amount of CPU, memory, and then the speed of service is slow, the detection effect of malicious code is directly affected
Rate, therefore prototype is considered as to carry out Malicious Code Detection.
But in the existing Malicious Code Detection scheme using prototype, it is directed to the behaviors such as short message, phone, cellphone information
Detection need to be inserted into SIM card, and handling for SIM card needs system of real name, this not only adds the cost of malicious code test, and
And the relevant information of SIM card may be obtained in malicious code operational process, this can cause the leakage of private information of user.
Invention content
For above-mentioned technical problem, the present invention can simulate SIM card environment under the premise of SIM card is not needed to, to transmitting-receiving
Short message takes the real users behavior such as phone and is simulated, so one malicious code None- identified of full simulation and misidentification
Environment is detected for the prototype comprising true SIM card, not only can effectively trigger malicious act and then promotes recall rate, and can
Reduce Malicious Code Detection cost and conscientiously protection privacy of user safety.
The present invention realizes with the following method:A kind of Malicious Code Detection environmental simulation method, applied to the true of no SIM card
In machine, including:
SIM card correlation API is monitored, if sample has the behavior for obtaining SIM card related data, forges SIM card correlation
Stain data return to sample and then simulate SIM card environment;
Real user correlation stain data are forged, and based on the real user correlation stain digital simulation real user behavior;
Wherein, the real user correlation stain data, including:Phone correlation stain data, short message correlation stain data.
Further, it further includes:It obtains SIM card correlation stain data stain data related to real user and stores
In stain database.
Further, if sample has the behavior for obtaining SIM card related data, SIM card correlation stain data is forged and are returned
Back to sample and then SIM card environment is simulated, specially:
SIM card correlation API is monitored using Runtime Hook technologies, if finding that sample exists obtains SIM card dependency number
According to behavior when, then forge SIM card correlation stain data and return to sample.
Further, it is described to be based on the real user correlation stain digital simulation real user behavior, including:
The phone number and short message content of sender is chosen from real user correlation stain data, builds the pdus data of short message
Packet, is sent out in the form of broadcast, the broadcast that system is sent when simulation short message receives, and is inserted into one into short message correlation stain data
Note data, simulation short message reception behavior features;
The phone number and short message content of recipient is chosen from real user correlation stain data, and to the cell-phone number of recipient
Code sends the short message content, and simulation short message sends behavior;
From real user correlation stain data choose caller phone number and future electricity condition be set to wait for, answer,
It hangs up, corelation behaviour when analog phone arrives;
The phone number of called party is chosen from real user correlation stain data, and is made a phone call to the phone number, mould
Plan makes a phone call behavior.
In the above method, the SIM card correlation stain data include:Phone number, imsi, imei, network operator or
Person's SIM card sequence number.
Following system may be used to realize in the present invention:A kind of Malicious Code Detection environmental simulation system, is configured at no SIM
In the prototype of card, including:
SIM card environmental simulation module, for being monitored to SIM card correlation API, if sample, which exists, obtains SIM card related data
Behavior, then forge SIM card correlation stain data return to sample so that simulate SIM card environment;
Behavior modeling module, for forging real user correlation stain data, and based on the real user correlation stain data
Simulate real user behavior;
Wherein, the real user correlation stain data, including:Phone correlation stain data, short message correlation stain data.
Further, it further includes:Stain database, for obtaining the SIM card correlation stain data and real user phase
It closes stain data and stores.
Further, the SIM card environmental simulation module, is specifically used for:
SIM card correlation API is monitored using Runtime Hook technologies, if finding that sample exists obtains SIM card dependency number
According to behavior when, then forge SIM card correlation stain data and return to sample.
Further, the Behavior modeling module, is specifically used for:
The phone number and short message content of sender is chosen from real user correlation stain data, builds the pdus data of short message
Packet, is sent out in the form of broadcast, the broadcast that system is sent when simulation short message receives, and is inserted into one into short message correlation stain data
Note data, simulation short message reception behavior features;
The phone number and short message content of recipient is chosen from real user correlation stain data, and to the cell-phone number of recipient
Code sends the short message content, and simulation short message sends behavior;
From real user correlation stain data choose caller phone number and future electricity condition be set to wait for, answer,
It hangs up, corelation behaviour when analog phone arrives;
The phone number of called party is chosen from real user correlation stain data, and is made a phone call to the phone number, mould
Plan makes a phone call behavior.
In above system, the SIM card correlation stain data include:Phone number, imsi, imei, network operator or
Person's SIM card sequence number.
It has the beneficial effect that:The present invention provides a kind of technical solution of Malicious Code Detection environmental simulation method and system, with
Unlike conventional method, the technical program selects carrier of the prototype as detection environment, but there is no be configured inside prototype
True SIM card.The present invention, if it has the behavior for obtaining SIM card related data, forges SIM by monitoring sample behavior
The related stain data of card simultaneously return to sample, and then simulate SIM card environment, allow malicious code with for there are SIM cards;Secondly, base
In the prototype correlation stain digital simulation real user behavior of forgery, including transmitting-receiving short message or the behaviors such as phone are taken, and then
Triggering malicious act comprehensively.Simultaneously as the present invention is used as detection environment using prototype, and then effectively prevent malice generation
The anti-simulator behavior of code, recall rate higher;Prototype is more superior relative to the performance of simulator, improves detection efficiency;Due to
It does not need to using true SIM card, and then avoids the problem of user privacy information that may be brought due to system of real name is revealed.
Description of the drawings
In order to illustrate more clearly of technical scheme of the present invention, letter will be made to attached drawing needed in the embodiment below
Singly introduce, it should be apparent that, the accompanying drawings in the following description is only some embodiments described in the present invention, for this field
For those of ordinary skill, without creative efforts, other attached drawings are can also be obtained according to these attached drawings.
Fig. 1 is a kind of Malicious Code Detection environmental simulation embodiment of the method flow chart provided by the invention;
Fig. 2 is a kind of Malicious Code Detection environmental simulation system example structure figure provided by the invention.
Specific embodiment
The present invention gives a kind of Malicious Code Detection environmental simulation method and system embodiment, in order to make the art
Personnel more fully understand technical solution in the embodiment of the present invention, and enable the above objects, features and advantages of the present invention
It is more obvious understandable, technical solution in the present invention is described in further detail below in conjunction with the accompanying drawings:
As shown in Figure 1, the present invention provides a kind of Malicious Code Detection environmental simulation embodiment of the method, applied to no SIM card
In prototype, including:
S101:SIM card correlation API is monitored, if sample has the behavior for obtaining SIM card related data, forges SIM card
Related stain data return to sample and then simulate SIM card environment.
Specially:SIM card correlation API is monitored using Runtime Hook technologies, if sample, which exists, obtains SIM card
During the behavior of related data, then forge SIM card correlation stain data and return to sample.
Wherein, the SIM card correlation API is monitored, including but not limited to:Phone information getLine1Number,
Imsi id getSubscriberId, imei/MEID getDeviceId, cell phone carrier businessman
GetNetworkOperatorName etc..It is that there are SIM cards that purpose, which allows malicious code to think under current environment,.
S102:Real user correlation stain data are forged, and true based on the real user correlation stain digital simulation
User behavior.
Specifically include the combination of following one or two kinds of above simulation real user behavior:
The phone number and short message content of sender is chosen from real user correlation stain data, builds the pdus data of short message
Packet, is sent out in the form of broadcast, the broadcast that system is sent when simulation short message receives, and is inserted into one into short message correlation stain data
Note data, simulation short message reception behavior features;
Such as:The phone number of sender and short message content are forged into pdus data, create Intent, with "
Android.provider.Telephony.SMS_RECEIVED's " broadcasts to sample;Simultaneously to short message correlation stain number
According to the inbox in library, i.e. " content:A note data is inserted into //sms/inbox ", that is, completes the mould of short message reception behavior features
Intend;
The phone number and short message content of recipient is chosen from real user correlation stain data, and to the cell-phone number of recipient
Code sends the short message content, and simulation short message sends behavior;
Such as:Using adb the stain short message that a short message content is " hello " is sent to the phone number of recipient in prototype
It is as follows to perform method for data:
$ adb shell am start -a android.intent.action.SENDTO -d sms:10000 --es
sms_body "hello";
From real user correlation stain data choose caller phone number and future electricity condition be set to wait for, answer,
It hangs up, corelation behaviour when analog phone arrives;
Such as:Using Runtime Hook technologies to android.telephony.TelephonyManager.listen methods
It is monitored, when sample calls this method, incoming_number parameters is set as the i.e. caller of stain incoming number
OnCallStateChanged parameters are set as coming electricity condition and wait for, answer or hang up by phone number.
The phone number of called party is chosen from real user correlation stain data, and electricity is dialed to the phone number
Behavior is made a phone call in words, simulation.
Such as:It is dialed in prototype to stain number 10000 using adb, method is as follows:
$ adb shell am start -a android.intent.action.CALL -d tel:10000.It although can not
It must very realize the behavior made a phone call, but be enough to trigger malicious act.
Wherein forge stain data method be:Official's API parameters are inquired, obtain SIM card related data, phone dependency number
According to the data format with short message related data, and it is related dirty based on respective data format structure SIM card correlation stain data, phone
Point data stain data related to short message.
Wherein, the SIM card correlation stain data include but not limited to:Phone number, imsi, imei, network operator,
Network operator's number, SIM card sequence number, SIM card operator, SIM card operator number etc..
For example, the SIM card correlation stain data of structure can be:phone_num = str 13423178926(Mobile phone
Number);imei = str 355136050214165(imei);imsi = str 310260000000000(imsi);
network_operator_name = str cmcc (Network operator);network_operator = str 46002(Net
Network operator numbers);sim_serial = str 89014103211118510720(Sim card sequence numbers);sim_
operator_name = str cmcc(Sim cards operator);sim_operator = str 46002(Sim cards operator compiles
Number).
Wherein, the phone correlation stain data include but not limited to:Incoming information goes power information, missed call, has connect
Incoming call etc..For example, the phone correlation stain data of structure can be:Incoming number:13418471943;Phone, which has, have been fetched
Electricity, missed call etc..
Wherein, the short message correlation stain data include but not limited to:Short message content, reading short message, have been sent out unread short messages
Short message, draft etc..For example, the short message correlation stain data of structure can be:Addressee's number:13833333333;Data
Stream packet:pdus;Data packet format:format;Short message content:nihao,nide-shouji-yijing-qianfei;Short message is also
There is rough draft, sent, received etc.;Further, can also include:content://sms/inbox(Inbox);
content://sms/outbox(Send case);content://sms/draft(Draft).
As shown in Fig. 2, the present invention provides a kind of Malicious Code Detection environmental simulation system embodiment, it is configured at no SIM
In the prototype of card, including:
SIM card environmental simulation module 201, for being monitored to SIM card correlation API, if sample, which exists, obtains SIM card dependency number
According to behavior, then SIM card environmental simulation module 201 also forge SIM card correlation stain data return to sample so that simulate SIM card
Environment;
Behavior modeling module 202, for forging real user correlation stain data, and based on the real user correlation stain number
According to simulation real user behavior;
Wherein, the real user correlation stain data, including:Phone correlation stain data, short message correlation stain data.
Preferably, it further includes:Stain database is related to real user for obtaining the SIM card correlation stain data
Stain data simultaneously store.
Wherein forge stain data method be:Official's API parameters are inquired, obtain SIM card related data, phone dependency number
According to the data format with short message related data, and it is related dirty based on respective data format structure SIM card correlation stain data, phone
Point data stain data related to short message.
Preferably, the SIM card environmental simulation module, is specifically used for:
SIM card correlation API is monitored using Runtime Hook technologies, if finding that sample exists obtains SIM card dependency number
According to behavior when, then forge SIM card correlation stain data and return to sample.
Preferably, the Behavior modeling module, is specifically used for:
The phone number and short message content of sender is chosen from real user correlation stain data, builds the pdus data of short message
Packet, is sent out in the form of broadcast, the broadcast that system is sent when simulation short message receives, and is inserted into one into short message correlation stain data
Note data, simulation short message reception behavior features;
The phone number and short message content of recipient is chosen from real user correlation stain data, and to the cell-phone number of recipient
Code sends the short message content, and simulation short message sends behavior;
From real user correlation stain data choose caller phone number and future electricity condition be set to wait for, answer,
It hangs up, corelation behaviour when analog phone arrives;
The phone number of called party is chosen from real user correlation stain data, and is made a phone call to the phone number, mould
Plan makes a phone call behavior.
In above system embodiment, the SIM card correlation stain data include:Phone number, imsi, imei, network fortune
Seek quotient or SIM card sequence number.
Each embodiment in this specification is described by the way of progressive, the same or similar between each embodiment
Just to refer each other for part, and the highlights of each of the examples are difference from other examples.Especially for system
For embodiment, since it is substantially similar to embodiment of the method, so description is fairly simple, related part is implemented referring to method
The part explanation of example.
Above-described embodiment gives Malicious Code Detection environmental simulation method and system, first, using prototype as malice
The basic environment of code detection, and then avoid and simulator is identified as by malicious code, and then influence its malicious act and effectively touch
The problem of hair;Secondly, the SIM card of real-name authentication is configured without in the embodiment of the present invention, but by monitoring SIM card correlation
API, if malicious code exist call SIM card related data behavior, by forge SIM card correlation stain data feedback to
Sample so that malicious code is mistakenly considered in the prototype environment that there are SIM cards, not only reduces the cost of Malicious Code Detection, and
And it is capable of the individual privacy information of effective protection user;Finally, the real user correlation stain digital simulation based on forgery is true
User behavior including transmitting-receiving short message or takes the real scenes such as phone, fully triggers malicious act, improve the inspection of malicious code
Extracting rate.
Above example is to illustrative and not limiting technical scheme of the present invention.Appointing for spirit and scope of the invention is not departed from
What modification or part are replaced, and are intended to be within the scope of the claims of the invention.
Claims (10)
1. a kind of Malicious Code Detection environmental simulation method, in the prototype applied to no SIM card, which is characterized in that including:
SIM card correlation API is monitored, if sample has the behavior for obtaining SIM card related data, forges SIM card correlation
Stain data return to sample and then simulate SIM card environment;
Real user correlation stain data are forged, and based on the real user correlation stain digital simulation real user behavior;
Wherein, the real user correlation stain data, including:Phone correlation stain data, short message correlation stain data.
2. the method as described in claim 1, which is characterized in that further include:Obtain SIM card correlation stain data and true
User's correlation stain data are simultaneously stored in stain database.
3. the method as described in claim 1, which is characterized in that pseudo- if sample has the behavior for obtaining SIM card related data
It makes SIM card correlation stain data to return to sample and then simulate SIM card environment, specially:
SIM card correlation API is monitored using Runtime Hook technologies, if finding that sample exists obtains SIM card dependency number
According to behavior when, then forge SIM card correlation stain data and return to sample.
4. the method as described in claim 1, which is characterized in that really used based on the real user correlation stain digital simulation
Family behavior, including:
The phone number and short message content of sender is chosen from real user correlation stain data, builds the pdus data of short message
Packet, is sent out in the form of broadcast, the broadcast that system is sent when simulation short message receives, and is inserted into one into short message correlation stain data
Note data, simulation short message reception behavior features;
The phone number and short message content of recipient is chosen from real user correlation stain data, and to the cell-phone number of recipient
Code sends the short message content, and simulation short message sends behavior;
From real user correlation stain data choose caller phone number and future electricity condition be set to wait for, answer,
It hangs up, corelation behaviour when analog phone arrives;
The phone number of called party is chosen from real user correlation stain data, and is made a phone call to the phone number, mould
Plan makes a phone call behavior.
5. the method as described in claim 1-4 is any, which is characterized in that the SIM card correlation stain data include:Cell-phone number
Code, imsi, imei, network operator or SIM card sequence number.
6. a kind of Malicious Code Detection environmental simulation system, which is characterized in that it is configured in the prototype of no SIM card, including:
SIM card environmental simulation module, for being monitored to SIM card correlation API, if sample, which exists, obtains SIM card related data
Behavior, then the SIM card environmental simulation module be additionally operable to forge SIM card correlation stain data return to sample and then simulation
SIM card environment;
Behavior modeling module, for forging real user correlation stain data, and based on the real user correlation stain data
Simulate real user behavior;
Wherein, the real user correlation stain data, including:Phone correlation stain data, short message correlation stain data.
7. system as claimed in claim 6, which is characterized in that further include:Stain database, for obtaining the SIM card phase
It closes stain data stain data related to real user and stores.
8. system as claimed in claim 6, which is characterized in that the SIM card environmental simulation module is specifically used for:
SIM card correlation API is monitored using Runtime Hook technologies, if finding that sample exists obtains SIM card dependency number
According to behavior when, then forge SIM card correlation stain data and return to sample.
9. system as claimed in claim 6, which is characterized in that the Behavior modeling module is specifically used for:
The phone number and short message content of sender is chosen from real user correlation stain data, builds the pdus data of short message
Packet, is sent out in the form of broadcast, the broadcast that system is sent when simulation short message receives, and is inserted into one into short message correlation stain data
Note data, simulation short message reception behavior features;
The phone number and short message content of recipient is chosen from real user correlation stain data, and to the cell-phone number of recipient
Code sends the short message content, and simulation short message sends behavior;
From real user correlation stain data choose caller phone number and future electricity condition be set to wait for, answer,
It hangs up, corelation behaviour when analog phone arrives;
The phone number of called party is chosen from real user correlation stain data, and is made a phone call to the phone number, mould
Plan makes a phone call behavior.
10. the system as described in claim 6-9 is any, which is characterized in that the SIM card correlation stain data include:Mobile phone
Number, imsi, imei, network operator or SIM card sequence number.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611193315.8A CN108229165A (en) | 2016-12-21 | 2016-12-21 | A kind of Malicious Code Detection environmental simulation method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611193315.8A CN108229165A (en) | 2016-12-21 | 2016-12-21 | A kind of Malicious Code Detection environmental simulation method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108229165A true CN108229165A (en) | 2018-06-29 |
Family
ID=62655912
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611193315.8A Pending CN108229165A (en) | 2016-12-21 | 2016-12-21 | A kind of Malicious Code Detection environmental simulation method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108229165A (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050187740A1 (en) * | 2004-02-20 | 2005-08-25 | Marinescu Adrian M. | System and method for proactive computer virus protection |
| CN101917688A (en) * | 2010-08-16 | 2010-12-15 | 候万春 | Mobile phone, system and method supporting transmission of hang-up short message from called party to calling party |
| CN101930514A (en) * | 2010-08-12 | 2010-12-29 | 北京安天电子设备有限公司 | Method and device for capturing malicious code of mobile terminal |
| CN102591696A (en) * | 2011-01-14 | 2012-07-18 | 中国科学院软件研究所 | Method and system for extracting behavioral data of mobile phone software |
| CN103186740A (en) * | 2011-12-27 | 2013-07-03 | 北京大学 | Automatic detection method for Android malicious software |
| CN103207969A (en) * | 2013-04-12 | 2013-07-17 | 百度在线网络技术(北京)有限公司 | Device and method for detecting Android malware |
| CN103729595A (en) * | 2014-01-02 | 2014-04-16 | 东南大学 | Method for offline detecting private data leakage of Android application program |
| CN105069354A (en) * | 2015-07-31 | 2015-11-18 | 天津大学 | Attack tree model based Android software hybrid detection method |
-
2016
- 2016-12-21 CN CN201611193315.8A patent/CN108229165A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050187740A1 (en) * | 2004-02-20 | 2005-08-25 | Marinescu Adrian M. | System and method for proactive computer virus protection |
| CN101930514A (en) * | 2010-08-12 | 2010-12-29 | 北京安天电子设备有限公司 | Method and device for capturing malicious code of mobile terminal |
| CN101917688A (en) * | 2010-08-16 | 2010-12-15 | 候万春 | Mobile phone, system and method supporting transmission of hang-up short message from called party to calling party |
| CN102591696A (en) * | 2011-01-14 | 2012-07-18 | 中国科学院软件研究所 | Method and system for extracting behavioral data of mobile phone software |
| CN103186740A (en) * | 2011-12-27 | 2013-07-03 | 北京大学 | Automatic detection method for Android malicious software |
| CN103207969A (en) * | 2013-04-12 | 2013-07-17 | 百度在线网络技术(北京)有限公司 | Device and method for detecting Android malware |
| CN103729595A (en) * | 2014-01-02 | 2014-04-16 | 东南大学 | Method for offline detecting private data leakage of Android application program |
| CN105069354A (en) * | 2015-07-31 | 2015-11-18 | 天津大学 | Attack tree model based Android software hybrid detection method |
Non-Patent Citations (2)
| Title |
|---|
| 渠项栋: ""Android数据保护研究"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
| 蔡昌: ""Android平台恶意软件动态检测系统的设计与实现"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9064112B2 (en) | Malware detection for SMS/MMS based attacks | |
| CN103747132B (en) | The method of display message and terminal | |
| CN103095895B (en) | A kind of method and client sending mobile phone electronic business card | |
| CN103763690A (en) | Method and device for sending short messages to mobile terminal from detection fake base station | |
| CN105335354A (en) | Cheat information recognition method and device | |
| Hamandi et al. | Android SMS malware: Vulnerability and mitigation | |
| CN104244206B (en) | A kind of SMS processing method, device and terminal unit | |
| CN105898001A (en) | Method and device for processing communication information and server | |
| CN104010068A (en) | Text message processing method and device for mobile terminal | |
| US8090393B1 (en) | System and method for collecting and analyzing malicious code sent to mobile devices | |
| CN104010064A (en) | Networking number search method and device | |
| CN105187605A (en) | Telephone verification method and system | |
| CN101984683A (en) | Telephone number storage method and mobile terminal | |
| CN109660984A (en) | The number of taking turns network method, equipment and computer readable storage medium | |
| CN113727352A (en) | Managing spoofed calls to mobile devices | |
| CN105721659B (en) | Incoming call processing method and device | |
| CN109858250A (en) | A kind of Android Malicious Code Detection model method based on cascade classifier | |
| CN102098640B (en) | Method, device and system for distinguishing and stopping equipment from sending SMS (short messaging service) spam | |
| KR101246624B1 (en) | Method and appratus for detecting malicious communications | |
| CN111901790A (en) | Method, device, electronic device and storage medium for identifying telecommunication fraud | |
| CN104506743B (en) | A kind of method and device of dynamic interception phone | |
| CN106102029A (en) | The processing method of a kind of international roaming service and processing system | |
| CN104683212B (en) | Message treatment method and system | |
| CN103369474B (en) | Crosstalk reminding method and device | |
| CN101222718B (en) | Mobile communication terminal and method for catching rubbish short messages |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20180629 |
|
| WD01 | Invention patent application deemed withdrawn after publication |