CN103065090B - A kind of application program malice Ad blocking method and device - Google Patents
A kind of application program malice Ad blocking method and device Download PDFInfo
- Publication number
- CN103065090B CN103065090B CN201210562927.5A CN201210562927A CN103065090B CN 103065090 B CN103065090 B CN 103065090B CN 201210562927 A CN201210562927 A CN 201210562927A CN 103065090 B CN103065090 B CN 103065090B
- Authority
- CN
- China
- Prior art keywords
- application program
- malice
- advertising platform
- malicious code
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 230000000903 blocking effect Effects 0.000 title claims abstract description 24
- 230000008569 process Effects 0.000 claims description 6
- 238000011017 operating method Methods 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 4
- 230000006855 networking Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Abstract
The present invention is applicable to technical field of mobile terminals, and provide a kind of application program malice Ad blocking method and device, described method comprises: the application program that scanning mobile terminal is installed; Judge in described application program, whether to be embedded with malice advertising platform code; When judging to be, isolating the malice advertising platform in described application program, making the code expires of described malice advertising platform, cannot run.The present invention detect in application program be embedded with malice advertising platform code time, operation technique means isolate this malice advertising platform, make when running application, do not perform the code segment that this malice advertising platform is corresponding, the problems such as malice advertisement is networked automatically, ejection would not be there is like this, also can not have influence on the use of this application program simultaneously, thoroughly solve the running background problem of malice advertisement, for user provides a good mobile terminal environment for use.
Description
Technical field
The invention belongs to field of mobile terminals, particularly relate to a kind of application program malice Ad blocking method and device.
Background technology
In recent years, intelligent mobile terminal is more and more universal, as smart mobile phone, palm PC etc., application program obtains exponential growth, application program adds the playability of mobile terminal, user can use mobile terminal to see novel, see video, surf the web, play games etc., but there are some software developers in order to advertisement promotion expense, meeting built-in malice advertising platform in the application program of oneself, after user has installed the application program being built-in with malice advertising platform in the terminal, malice advertising platform can at system background automatic coupling network operation, push out some malice advertisements, malice advertisement not only can waste the flow of user, also hampering user normally uses mobile terminal simultaneously, such as when user is when using mobile terminal, or mobile terminal is when standby, malice advertisement pushes on backstage and demonstrates an advertisement information, user may think by mistake and is system message and checks related content, but click advertisement information when just finding after opening, this can have influence on the experience that user uses mobile terminal greatly, therefore also occurred now whether some detection application programs comprise the inspection software of malice advertisement, but this inspection software can only detect whether application program comprises malice advertisement, also this application program cannot be processed even if detect, user can only select to unload this application program, further, inspection software can limit the network savvy of this application program, but for the application program that some must use network to connect, if limit its network savvy, this application program also just loses effect.
Summary of the invention
In view of the above problems, the object of the present invention is to provide a kind of application program malice Ad blocking method and device, be intended to solve existing malice purposes of commercial detection software and can only detect in application program whether comprise malice advertisement, the technical matters of malice advertisement cannot be tackled under the prerequisite not affecting application program use.
On the one hand, described application program malice Ad blocking method comprises the steps:
The application program that scanning mobile terminal is installed;
Judge in described application program, whether to be embedded with malice advertising platform code;
When judging to be, isolating the malice advertising platform in described application program, making the code expires of described malice advertising platform, cannot run.。
On the other hand, described application program malice Ad blocking device comprises:
Program scanning unit, for scanning the application program that mobile terminal is installed;
Whether malicious code judging unit, be embedded with malice advertising platform code for judging in described application program;
Malice advertisement isolated location, during for judging to be when malicious code judging unit, isolating the malice advertising platform in described application program, making the code expires of described malice advertising platform, cannot run.。
The invention has the beneficial effects as follows: in technical solution of the present invention, detect in application program be embedded with malice advertising platform code time, operation technique means isolate this malice advertising platform, make when running application, do not perform the code segment that this malice advertising platform is corresponding, the problems such as malice advertisement is networked automatically, ejection would not be there is like this, also can not have influence on the use of this application program simultaneously, thoroughly solve the running background problem of malice advertisement, for user provides a good mobile terminal environment for use.
Accompanying drawing explanation
Fig. 1 is the process flow diagram of the application program malice Ad blocking method that first embodiment of the invention provides;
Fig. 2 is the process flow diagram of the application program malice Ad blocking method that second embodiment of the invention provides;
Fig. 3 is the block diagram of the application program malice Ad blocking device that third embodiment of the invention provides;
Fig. 4 is the block diagram of the application program malice Ad blocking device that fourth embodiment of the invention provides.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
In order to technical solutions according to the invention are described, be described below by specific embodiment.
embodiment one:
Fig. 1 shows the flow process of the application program malice Ad blocking method that first embodiment of the invention provides, and illustrate only the part relevant to the embodiment of the present invention for convenience of explanation.
The application program malice Ad blocking method that the present embodiment provides comprises the steps:
The application program that step S101, scanning mobile terminal are installed.
This step does not limit the concrete time of scanning application program, can be scan this application program set up applications while, also can be after the button triggering by user, start each application program on unified scanning mobile terminal, preferably while set up applications, carry out program scanning.
Step S102, judge whether to be embedded with in described application program malice advertising platform code.
Current malice advertisement all has some malice advertising platform businessmans to provide, they can provide a set of built-in SDK(SoftwareDevelopmentKit, SDK (Software Development Kit)), institute at present great majority is jar forms, also so form is had, for giving third-party application built-in advertising, reach advertising goal.Disclosed in these malice advertising platform SDK is, as long as therefore preserve described malice advertising platform SDK in local or server, by direct this locality relatively or networking compare, can judge in described application program, whether to be embedded with malice advertising platform code.
Step S103, when judge be time, isolate the malice advertising platform in described application program, make the code expires of described malice advertising platform, cannot run.
When detect in application program be embedded with malice advertising platform code time, the described malice advertising platform of direct isolation, the code of malice advertising platform is not performed, such malice advertising platform would not carry out networking, ejecting or advertisement, can thoroughly stop advertisement behavior, this step only isolates the malice advertising platform in described application program simultaneously, can not have influence on the main part of application program, user still can use this application program, nor can pop-up advertisement.
embodiment two:
Fig. 2 shows the flow process of the application program malice Ad blocking method that second embodiment of the invention provides, and illustrate only the part relevant to the embodiment of the present invention for convenience of explanation.
The application program malice Ad blocking method that the present embodiment provides comprises the steps:
Step S201, in malice advertising database upgrade malice advertising platform SDK (Software Development Kit).
Also not one deck is constant for the required ad content pushed of malice advertising platform, therefore advertiser not timing can upgrade, changes malice advertising platform SDK content, also new advertising platform may be increased, therefore we need in system, provide a set of mechanism, can dynamically collect and add these malice advertising platforms SDK, therefore in this step, the malice advertising platform SDK collected is kept in malice advertising database, not timing upgrades its content, make the data in malice advertising database up-to-date all the time, improve Ad blocking success ratio.
The application program that step S202, scanning mobile terminal are installed;
Step S203, analyze described application program;
Step S204, judge whether to comprise in described application program the malicious code file that in malice advertising database, SDK (Software Development Kit) provides;
Step S205, when including malicious code file in described application program, pseudo-malicious code file like built-in and described malicious code files classes in systems in which.
Owing to having preserved malice advertising platform SDK in malice advertising database, therefore by comparing the source code of application program and the malicious code file of malice advertising platform SDK, can judge to include malicious code file in described application program.
The SDK that current malice advertising platform provides, substantially be all jar form, when java virtual machine loads class file, first in the class path of system, look for certain class, only have in system path and do not have, the path of application program just can be gone to look for, for this reason according to above-mentioned thought, in step S205, first pseudo-malicious code file like built-in and described malicious code files classes is in systems in which needed, for the malicious code file of jar form, here in systems in which built-in one with similar pseudo-malicious code file, i.e. pseudo-jar file, similar pseudo-malicious code file described here is equally also jar form, preferably, this pseudo-malicious code file does not perform any operation, like this when opening application program, because system is built-in with pseudo-jar file, therefore will first go to load this pseudo-jar file, and the jar file performing malice advertising platform in application program can not be removed, reach the object of the malicious code jar file of shielding malice advertising platform SDK.In order to isolate malice advertising platform as much as possible, also need the malicious code jar file collecting malice advertising platform SDK detailed as far as possible, and be customized to similar pseudo-jar file and be built into system.
Equally, for malicious code so file, the order that linux loads so file is also well-regulated, equally also can complete by built-in pseudo-malicious code so file in systems in which, shields malicious code so file that application program loads malice advertising platform SDK.
The present embodiment is on the basis of embodiment one, furthermore achieved that and not timing can upgrade malice advertising database, improve Ad blocking success ratio, also provide a kind of embodiment shielding malice advertising platform code simultaneously, by the pseudo-malicious code file that loading system is built-in, carry out shielding malice advertising platform.
embodiment three:
Fig. 3 shows the structure of the application program malice Ad blocking device that third embodiment of the invention provides, and illustrate only the part relevant to the embodiment of the present invention for convenience of explanation.
The application program malice Ad blocking device that the present embodiment provides comprises:
Program scanning unit 301, for scanning the application program that mobile terminal is installed;
Whether malicious code judging unit 302, be embedded with malice advertising platform code for judging in described application program;
Malice advertisement isolated location 303, during for judging to be when malicious code judging unit, isolating the malice advertising platform in described application program, making the code expires of described malice advertising platform, cannot run.
Each functional unit 301-303 correspondence that the present embodiment provides achieves the step S101-S103 in embodiment one, concrete, program scanning unit 301 scans the application program that mobile terminal is installed, malicious code judging unit 302 judges whether be embedded with malice advertising platform code in described application program again, when judging to be, malice advertisement isolated location 303 isolates the malice advertising platform in described application program, makes the code expires of described malice advertising platform, cannot run.In the present embodiment, after detecting in application program and being embedded with malice advertising platform code, the described malice advertising platform of direct isolation, the code of malice advertising platform is not performed, and malice advertising platform would not carry out networking, ejecting or advertisement like this, can thoroughly stop advertisement behavior, this step only isolates the malice advertising platform in described application program simultaneously, can not have influence on the main part of application program, user still can use this application program, nor can pop-up advertisement.
embodiment four:
Fig. 4 shows the structure of the application program malice Ad blocking device that fourth embodiment of the invention provides, and illustrate only the part relevant to the embodiment of the present invention for convenience of explanation.
The application program malice Ad blocking device that the present embodiment provides comprises:
Data updating unit 41, for upgrading the SDK (Software Development Kit) of malice advertising platform in malice advertising database.
Program scanning unit 42, for scanning the application program that mobile terminal is installed;
Whether malicious code judging unit 43, be embedded with malice advertising platform code for judging in described application program;
Malice advertisement isolated location 44, during for judging to be when malicious code judging unit, isolating the malice advertising platform in described application program, making the code expires of described malice advertising platform, cannot run.
Wherein, described malicious code judging unit 43 comprises:
Process analysis module 431, for analyzing described application program;
Whether code judge module 432, comprise for judging the malicious code file that in malice advertising database, SDK (Software Development Kit) provides in described application program.
Wherein, described malice advertisement isolated location 44 comprises:
Code built-in module 441, for when including malicious code file in described application program, pseudo-malicious code file like built-in and described malicious code files classes in systems in which.
Each functional unit that the present embodiment provides and functional module correspondence achieve each step in embodiment two, on the other hand, this enforcement is on the basis of embodiment three, add data updating unit 41, not timing can upgrade content in malice advertising database, improve Ad blocking success ratio, give also the concrete preferred structure of malicious code judging unit 43 and malice advertisement isolated location 44 simultaneously, by the pseudo-malicious code file that loading system is built-in, carry out shielding malice advertising platform, so not only can to the effect of shielding advertisement, also the concrete function of this application program can not be had influence on.
One of ordinary skill in the art will appreciate that, the all or part of step realized in above-described embodiment method is that the hardware that can carry out instruction relevant by program has come, described program can be stored in a computer read/write memory medium, described storage medium, as ROM/RAM, disk, CD etc.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.
Claims (4)
1. an application program malice Ad blocking method, it is characterized in that, described method comprises:
The SDK (Software Development Kit) of malice advertising platform is upgraded in malice advertising database;
When application program is installed, the application program that scanning mobile terminal is installed;
Judge in described application program, whether to be embedded with malice advertising platform code;
When judging to be, isolating the malice advertising platform in described application program, making the code expires of described malice advertising platform, cannot run;
Describedly judge whether to be embedded with in described application program malice advertising platform code and comprise:
Analyze described application program;
Judge in described application program, whether to comprise the malicious code file that in malice advertising database, SDK (Software Development Kit) provides;
Described when judgement is, isolate the malice advertising platform in described application program, make the code expires of described malice advertising platform, cannot operating procedure, specifically comprise:
When including malicious code file in described application program, pseudo-malicious code file like built-in and described malicious code files classes in systems in which, described pseudo-malicious code file does not perform any operation.
2. the method for claim 1, is characterized in that, described pseudo-malicious code file is identical with the structure form of described malicious code file, comprises jar file and so file.
3. an application program malice Ad blocking device, it is characterized in that, described device comprises:
Data updating unit, for upgrading the SDK (Software Development Kit) of malice advertising platform in malice advertising database;
Program scanning unit, for when application program is installed, the application program that scanning mobile terminal is installed;
Whether malicious code judging unit, be embedded with malice advertising platform code for judging in described application program;
Malice advertisement isolated location, during for judging to be when malicious code judging unit, isolating the malice advertising platform in described application program, making the code expires of described malice advertising platform, cannot run;
Described malicious code judging unit comprises:
Process analysis module, for analyzing described application program;
Whether code judge module, comprise for judging the malicious code file that in malice advertising database, SDK (Software Development Kit) provides in described application program;
Described malice advertisement isolated location comprises:
Code built-in module, for when including malicious code file in described application program, pseudo-malicious code file like built-in and described malicious code files classes in systems in which, described pseudo-malicious code file does not perform any operation.
4. device as claimed in claim 3, it is characterized in that, described pseudo-malicious code file is identical with the structure form of described malicious code file, comprises jar file and so file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210562927.5A CN103065090B (en) | 2012-12-20 | 2012-12-20 | A kind of application program malice Ad blocking method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210562927.5A CN103065090B (en) | 2012-12-20 | 2012-12-20 | A kind of application program malice Ad blocking method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103065090A CN103065090A (en) | 2013-04-24 |
| CN103065090B true CN103065090B (en) | 2016-03-23 |
Family
ID=48107718
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210562927.5A Expired - Fee Related CN103065090B (en) | 2012-12-20 | 2012-12-20 | A kind of application program malice Ad blocking method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103065090B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103246511B (en) * | 2013-05-03 | 2016-08-03 | 惠州Tcl移动通信有限公司 | A kind of method and mobile terminal processing suspicious harassing and wrecking information for mobile terminal |
| CN103353844B (en) * | 2013-06-25 | 2016-11-23 | 亿赞普(北京)科技有限公司 | A kind of SDK upgrade method and system |
| CN104346569B (en) * | 2013-07-31 | 2019-02-22 | 北京猎豹移动科技有限公司 | Method and device for identifying malicious advertisements in mobile terminal and mobile terminal |
| CN103488502A (en) * | 2013-09-11 | 2014-01-01 | 天脉聚源(北京)传媒科技有限公司 | Method and device for loading data |
| CN103544435A (en) * | 2013-10-18 | 2014-01-29 | 广东欧珀移动通信有限公司 | Method and device for preventing secret photography |
| CN104751051A (en) * | 2013-12-31 | 2015-07-01 | 贝壳网际(北京)安全技术有限公司 | Method, device and mobile terminal for identifying malicious advertisements |
| CN103942487B (en) * | 2014-04-11 | 2017-06-27 | 珠海市君天电子科技有限公司 | Integrate the acquisition methods and device of wall information |
| CN104133894A (en) * | 2014-07-31 | 2014-11-05 | 珠海市君天电子科技有限公司 | Method and device for intercepting advertising windows |
| CN105373728A (en) * | 2014-09-01 | 2016-03-02 | 深圳富泰宏精密工业有限公司 | Advertisement prompting system and method |
| CN104202346A (en) * | 2014-09-29 | 2014-12-10 | 联想(北京)有限公司 | Method for handling network connection request and device thereof |
| CN106126562B (en) * | 2016-06-15 | 2018-09-04 | 广东欧珀移动通信有限公司 | A kind of pop-up hold-up interception method and terminal |
| CN110990833B (en) * | 2019-10-31 | 2022-08-05 | 重庆小雨点小额贷款有限公司 | SDK safety detection method and related equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101800754A (en) * | 2010-03-25 | 2010-08-11 | 中国科学院计算技术研究所 | Method for distributing patch |
| CN102256242A (en) * | 2011-04-14 | 2011-11-23 | 中兴通讯股份有限公司 | System and method for processing service application |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100058474A1 (en) * | 2008-08-29 | 2010-03-04 | Avg Technologies Cz, S.R.O. | System and method for the detection of malware |
-
2012
- 2012-12-20 CN CN201210562927.5A patent/CN103065090B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101800754A (en) * | 2010-03-25 | 2010-08-11 | 中国科学院计算技术研究所 | Method for distributing patch |
| CN102256242A (en) * | 2011-04-14 | 2011-11-23 | 中兴通讯股份有限公司 | System and method for processing service application |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103065090A (en) | 2013-04-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103065090B (en) | A kind of application program malice Ad blocking method and device | |
| US8713680B2 (en) | Method and apparatus for modeling computer program behaviour for behavioural detection of malicious program | |
| CN102043655B (en) | Method and system for carrying out advanced uninstall on software | |
| CN103002342B (en) | Television camera means of defence and system | |
| CN111258921B (en) | Garbage memory recycling method and device, electronic equipment and storage medium | |
| CN105471935B (en) | Information prompting method and device | |
| CN106295353B (en) | Engine vulnerability detection method and detection device | |
| CN103473163A (en) | Application program detection method and device | |
| CN107622200A (en) | The safety detecting method and device of application program | |
| US20200183789A1 (en) | Installation file processing method and device, and server | |
| CN109614267A (en) | A kind of method, apparatus, storage medium and terminal for repairing booting abnormal problem | |
| KR101421136B1 (en) | Method and apparatus for modeling computer program behavior for behavioral detection of malicious program | |
| WO2015131643A1 (en) | Software detection method and device | |
| CN110727473B (en) | Resource control method, device, system, storage medium and electronic equipment | |
| US8086778B2 (en) | Filter driver to enumerate smartcard nodes for plug and play | |
| CN102196308B (en) | Digital-television-based multi-hardware interface compatible driving system | |
| CN114282212A (en) | Rogue software identification method and device, electronic equipment and storage medium | |
| CN105187393A (en) | Mobile terminal malicious software network behavior reconstruction method and system thereof | |
| CN104992116A (en) | Monitoring method and system based on intent sniffer | |
| CN104200164B (en) | Loader virus searching and killing method, device and terminal | |
| CN105025365A (en) | Intelligent television platform offline download method and system | |
| CN111538922A (en) | Link skip method, application client, device and storage medium | |
| CN105700911A (en) | Application installation method and device and electronic equipment | |
| CN109634782B (en) | Method and device for detecting system robustness, storage medium and terminal | |
| CN105893221A (en) | Terminal operation time length alarming method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18 Patentee after: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd. Address before: Changan town in Guangdong province Dongguan 523841 usha Beach Road No. 18 Patentee before: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160323 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |