CN103176882A - Method and system for monitoring network application program interface of intelligent mobile terminal - Google Patents
Method and system for monitoring network application program interface of intelligent mobile terminal Download PDFInfo
- Publication number
- CN103176882A CN103176882A CN201310039342XA CN201310039342A CN103176882A CN 103176882 A CN103176882 A CN 103176882A CN 201310039342X A CN201310039342X A CN 201310039342XA CN 201310039342 A CN201310039342 A CN 201310039342A CN 103176882 A CN103176882 A CN 103176882A
- Authority
- CN
- China
- Prior art keywords
- internet resources
- web application
- application interface
- threat
- application program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a method and a system for monitoring a network application program interface of an intelligent mobile terminal. The method for monitoring the network application program interface includes the following steps: step 1, after an application program is started, the network application program interface of the application program requests to call network resources; and step 2, whether threats or potential threats exist in the network resources is judged, if yes, the network application program interface is prevented from obtaining the network resources; and if not, the network application program interface is allowed to obtain the network resources. According to the method and the system for monitoring the network application program interface of the intelligent mobile terminal, the network resources obtained by the network application program interface of the application program can be monitored, and the network application program interface can be prevented from obtaining the network resources or allowed to obtain the network resources so as to guarantee that the application program can not have the threats or the potential threats on the intelligent mobile terminal.
Description
Technical field
The present invention relates to software field, relate in particular to a kind of web application interface monitoring method and system of intelligent mobile terminal.
Background technology
Along with the development of infotech, entire society begins to enter mobile Internet society at leisure.Intelligent mobile terminal on market emerges in an endless stream, for example i Phone, Android mobile phone, BlackBerry etc.Apple is as whole field pioneer, and its unique business model outshines others, and the application shop of apple has become the application shop of smart mobile phone industry maximum.Along with the success of Apple, increasing tagger is also arranged on market, such as Android use the shop, blackberry, blueberry is used shop etc.
Complement each other in intelligent mobile terminal and the corresponding shop of using, make each software engineer may become the software provider of using the shop, by uploading software for user's download to using the shop, not only can provide for vast user the software product of function admirable, also might get interests by the owner who uses the shop.
But for mobile Internet, security is the problem of having to pay attention to always, by utilizing mobile terminal to damage consumer's behavior or even to be engaged in the event of criminal activity of common occurrence.the security of intelligent mobile terminal is mainly because the software of installing on intelligent mobile terminal causes, a kind of situation is that some mountain vallages manufacturers cooperates with some value-added service providers, some application programs of pre-installation reach the purpose of obtaining economic interests on the intelligent mobile terminal of mountain vallage manufacturers produce, and another kind of situation to be some hacker can upload that some application programs are downloaded for the user to using the shop, after the client downloads this application program, obtain user's information by this application program, or even steal user's account and password, such as Bank Account Number and password etc.
The expense of collecting the user by value-added service in the unwitting situation of user has become network service provides the Main Means that obtains profit; in order to strengthen the monitoring to the intelligent mobile terminal internet behavior; guarantee the security of intelligent mobile terminal; the web application interface that is necessary application programs is monitored; and take appropriate measures by the result of monitoring; thereby can protect mobile intelligent terminal user's safety, avoid the user to be subject to economically or otherwise loss.
Summary of the invention
In order to solve above-mentioned technical matters, the invention provides a kind of web application interface monitoring method and system of intelligent mobile terminal, to improve the security of intelligent mobile terminal.
The invention provides a kind of web application interface monitoring method of intelligent mobile terminal, comprising: step 1, after application program launching, the web application interface requests of this application program is called Internet resources; Step 2 judges that whether these Internet resources exist threat or potential threat, if so, stop this web application interface to obtain this Internet resources, otherwise allow this web application interface to obtain this Internet resources.
Preferably, in step 2, stop this web application interface to obtain these Internet resources and comprise: return to refuse information, blank message, virtual message, spoofed message or camouflage message to this web application interface.
Preferably, in step 2, judge whether these Internet resources exist to threaten or potential threat comprises: judge according to pre-stored security information storehouse whether these Internet resources exist and threaten or potential threat.
Preferably, in step 2, judge whether these Internet resources exist threat or potential threat to comprise: judge according to pre-stored network address list whether these Internet resources exist threat or potential threat.
Preferably, this method for supervising also comprises step 3, the information that record is related with the Internet resources that this web application interface requests is called, and record is to the information of this web application interface transmission.
The invention provides a kind of web application interface monitoring system of intelligent mobile terminal, comprising:
Application program module is used for calling Internet resources by the web application interface requests;
Monitoring module is used for judging whether these Internet resources exist threat or potential threat; When these Internet resources exist threat or potential threat, stop this web application interface to obtain this Internet resources; When these Internet resources do not exist threat or potential threat, allow this web application interface to obtain this Internet resources.
Preferably, stoping these Internet resources to obtain these Internet resources comprises: return to refuse information or return to blank message to the web application interface to this web application interface.
Preferably, judging whether these Internet resources exist threatens or potential threat comprises: judge according to pre-stored security information storehouse whether these Internet resources exist and threaten or potential threat.
Preferably, judge whether these Internet resources exist threat or potential threat to comprise: judge according to pre-stored network address list whether these Internet resources exist threat or potential threat.
Preferably, it is characterized in that this supervising device also be used for recording the related information of Internet resources of calling with the web application interface requests, and record is to the information of this web application interface transmission.
The present invention can application programs the Internet resources that obtain of web application interface monitor, and can guarantee that this application program can not produce intelligent mobile terminal and threaten or potential threat by stoping or allowing application program obtain these Internet resources.
Description of drawings
Fig. 1 is web application interface monitoring process flow diagram provided by the invention;
Fig. 2 is web application interface monitoring system schematic provided by the invention.
Embodiment
Below in conjunction with accompanying drawing, the present invention is described in further detail.
In prior art, after application program was installed to intelligent mobile terminal, application program can automatically be moved or manually move by the user.For malice or have and threaten or the application program of potential threat, if it automatically moves or the user manually moves, will produce some bad consequences, the loss of data for example, the leakage of information or make the travelling speed of intelligent mobile terminal slack-off etc.Have now the application program of many malice fee suctions on market, in user installation after this application program, just paid unconsciously high cost.This risk of bringing in order to solve the application program that is arranged on intelligent mobile terminal, the invention provides a solution, its main purpose is to monitor by the Internet resources that the web application interface of application programs is accessed, form the security information storehouse of Internet resources, after application program launching, whether the Internet resources of the web application interface institute request call by judging this application program exist and threaten or potential threat determines whether to allow the web application interface of this application program to obtain this Internet resources.
The web application interface monitoring flow process of intelligent mobile terminal provided by the present invention as shown in Figure 1.At first application program can start (step 101), and for example application program starts automatically or the user manually boots.After application program launching, the web application interface can initiate to call the request (step 103) of Internet resources, and the Internet resources of institute's request call include but not limited at least one in http address, URL address and IP address.Exist to threaten or the Internet resources of potential threat for fear of access, come application programs to detect (step 105) by the security information storehouse in the present invention.For the security information storehouse, can realize by existing security monitoring scheme, for example in prior art, the database that is provided by many security firms, for example the database that provides for mobile Internet of manufacturer of this base of kappa, Symantec etc., can comprise that wherein many illegal Internet Service Providers corresponding to service provide at address list.After Internet resources are detected, if existing, discovering network resource threatens or potential threat, stop the web application interface of application program to obtain this Internet resources, if and discovering network resource does not exist threat or potential threat, allow the web application interface of this application program to obtain this Internet resources.When the web application interface of determining this application program of prevention obtains these Internet resources, also can the request of web application interface be responded, for example return to blank information, perhaps return to the information of its request of refusal, perhaps return to virtual message, spoofed message or camouflage message.So far, can complete protection to intelligent mobile terminal.
In addition, for to the request of web application interface interchange Internet resources with record is carried out in the processing of this request, the web application interface monitoring method of intelligent mobile terminal provided by the invention is also to the action of web application interface and record is carried out in the processing of this request, what Internet resources that for example recorded the web application interface requests, whether returned to corresponding information to the web application interface, and returned to what information etc., so that the behavior of user's application programs is added up.For instance, if application programming interfaces have sent the request of obtaining certain http address map network resource, record this web application interface and when sent this request.After returning to these Internet resources to this web application interface, further be recorded in and when returned to this Internet resources to this web application interface.
Correspondingly, the present invention also provides a kind of application programming interfaces supervisory system of intelligent mobile terminal, as shown in Figure 2, specifically comprises: application program module 201 and monitoring module 203.Application program module 201 is used for calling Internet resources by the web application interface requests after application program module starts; Monitoring module 203 is used for judging whether these Internet resources exist threat or potential threat; When these Internet resources exist threat or potential threat, stop this web application interface to obtain this Internet resources; When these Internet resources do not exist threat or potential threat, allow this web application interface to obtain this Internet resources.Preferably, stoping these Internet resources to obtain these Internet resources comprises: return to refuse information, blank message, virtual message, spoofed message or camouflage message to this web application interface.Preferably, judging whether these Internet resources exist threatens or potential threat comprises: judge according to pre-stored security information storehouse whether these Internet resources exist and threaten or potential threat.Preferably, judge whether these Internet resources exist threat or potential threat to comprise: judge according to pre-stored network address list whether these Internet resources exist threat or potential threat.Preferably, it is characterized in that this supervising device also be used for recording the related information of Internet resources of calling with the web application interface requests, and record is to the information of this web application interface transmission.
Those skilled in the art can also carry out various modifications to above content under the condition that does not break away from the definite the spirit and scope of the present invention of claims.Therefore scope of the present invention is not limited in above explanation, but determined by the scope of claims.
Claims (10)
1. the web application interface monitoring method of an intelligent mobile terminal, is characterized in that, comprising:
Step 1, after application program launching, the web application interface requests of this application program is called Internet resources;
Step 2 judges that whether these Internet resources exist threat or potential threat, if so, stop this web application interface to obtain this Internet resources, otherwise allow this web application interface to obtain this Internet resources.
2. web application interface monitoring method as claimed in claim 1, it is characterized in that, in step 2, stop this web application interface to obtain these Internet resources and comprise: return to refuse information, blank message, virtual message, spoofed message or camouflage message to this web application interface.
3. web application interface monitoring method as claimed in claim 1, it is characterized in that, in step 2, judge whether these Internet resources exist to threaten or potential threat comprises: judge according to pre-stored security information storehouse whether these Internet resources exist and threaten or potential threat.
4. web application interface monitoring method as claimed in claim 1, it is characterized in that, in step 2, judge whether these Internet resources exist threat or potential threat to comprise: judge according to pre-stored network address list whether these Internet resources exist threat or potential threat.
5. as the described web application interface monitoring of claim 1-4 any one method, it is characterized in that, this method for supervising also comprises step 3, the information that record is related with the Internet resources that this web application interface requests is called, and record is to the information of this web application interface transmission.
6. the web application interface monitoring system of an intelligent mobile terminal, is characterized in that, comprising:
Application program module is used for calling Internet resources by the web application interface requests;
Monitoring module is used for judging whether these Internet resources exist threat or potential threat; When these Internet resources exist threat or potential threat, stop this web application interface to obtain this Internet resources; When these Internet resources do not exist threat or potential threat, allow this web application interface to obtain this Internet resources.
7. web application interface monitoring as claimed in claim 6 system, is characterized in that, stops these Internet resources to obtain these Internet resources and comprise: return to refuse information or return to blank message to the web application interface to this web application interface.
8. web application interface monitoring as claimed in claim 6 system, is characterized in that, judges whether these Internet resources exist to threaten or potential threat comprises: judge according to pre-stored security information storehouse whether these Internet resources exist and threaten or potential threat.
9. web application interface monitoring as claimed in claim 6 system, it is characterized in that judge whether these Internet resources exist threat or potential threat to comprise: judge according to pre-stored network address list whether these Internet resources exist threat or potential threat.
10. as the described web application interface monitoring of claim 6-9 any one system, it is characterized in that, this supervising device also be used for recording the related information of Internet resources of calling with the web application interface requests, and record is to the information of this web application interface transmission.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310039342XA CN103176882A (en) | 2013-01-31 | 2013-01-31 | Method and system for monitoring network application program interface of intelligent mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310039342XA CN103176882A (en) | 2013-01-31 | 2013-01-31 | Method and system for monitoring network application program interface of intelligent mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103176882A true CN103176882A (en) | 2013-06-26 |
Family
ID=48636780
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310039342XA Pending CN103176882A (en) | 2013-01-31 | 2013-01-31 | Method and system for monitoring network application program interface of intelligent mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103176882A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107113297A (en) * | 2014-12-11 | 2017-08-29 | 比特梵德知识产权管理有限公司 | system and method for protecting network endpoint |
| CN109271289A (en) * | 2017-07-18 | 2019-01-25 | 车伯乐(北京)信息科技有限公司 | A kind of application interface monitoring method, device, equipment and computer-readable medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1507183A (en) * | 2002-12-09 | 2004-06-23 | 北京中星微电子有限公司 | Remote multimedia automatic monitoring system and method |
| US20090247125A1 (en) * | 2008-03-27 | 2009-10-01 | Grant Calum Anders Mckay | Method and system for controlling access of computer resources of mobile client facilities |
-
2013
- 2013-01-31 CN CN201310039342XA patent/CN103176882A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1507183A (en) * | 2002-12-09 | 2004-06-23 | 北京中星微电子有限公司 | Remote multimedia automatic monitoring system and method |
| US20090247125A1 (en) * | 2008-03-27 | 2009-10-01 | Grant Calum Anders Mckay | Method and system for controlling access of computer resources of mobile client facilities |
Non-Patent Citations (1)
| Title |
|---|
| 徐海浪: "面向云计算的手机应用安全研究", 《中国优秀硕士学位论文全文数据库》, 11 December 2012 (2012-12-11) * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107113297A (en) * | 2014-12-11 | 2017-08-29 | 比特梵德知识产权管理有限公司 | system and method for protecting network endpoint |
| CN109271289A (en) * | 2017-07-18 | 2019-01-25 | 车伯乐(北京)信息科技有限公司 | A kind of application interface monitoring method, device, equipment and computer-readable medium |
| CN109271289B (en) * | 2017-07-18 | 2022-05-03 | 车伯乐(北京)信息科技有限公司 | Application interface monitoring method, device, equipment and computer readable medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103065083A (en) | Method and system for monitoring application program interface of intelligent mobile terminal | |
| US10136324B2 (en) | Method and apparatus for reading verification information | |
| EP2839406B1 (en) | Detection and prevention of installation of malicious mobile applications | |
| US9531734B2 (en) | Method and apparatus for intercepting or cleaning-up plugins | |
| CN104462978A (en) | Method and device for application program authority management | |
| CN103744686B (en) | Control method and the system of installation is applied in intelligent terminal | |
| CN104376263A (en) | Application behavior intercepting method and application behavior intercepting device | |
| CN110149298B (en) | Hijacking detection method and device | |
| CN103279706A (en) | Method and device for intercepting installation of Android application program in mobile terminal | |
| CN104463569A (en) | Secure connection payment method and device | |
| CN104199654A (en) | Open platform calling method and device | |
| CN103607385A (en) | Method and apparatus for security detection based on browser | |
| CN105323261A (en) | Data detection method and device | |
| CN102708309A (en) | Automatic malicious code analysis method and system | |
| CN102739663A (en) | Detection method and scanning engine of web pages | |
| US9747449B2 (en) | Method and device for preventing application in an operating system from being uninstalled | |
| CN104809390A (en) | Safe operation method and device of system | |
| CN103368957A (en) | Method, system, client and server for processing webpage access behavior | |
| CN103559437B (en) | Access control method and system for Android operation system | |
| CN104809397A (en) | Android malicious software detection method and system based on dynamic monitoring | |
| CN105550584A (en) | RBAC based malicious program interception and processing method in Android platform | |
| KR20110128632A (en) | Method and device for detecting malicious action of application program for smartphone | |
| CN105260660A (en) | Monitoring method, device and system of intelligent terminal payment environment | |
| CN103401845A (en) | Detection method and device for website safety | |
| CN104881667A (en) | Characteristic information extraction method and apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: FENGLING CHUANGJING (BEIJING) TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: CHENFENGYUN (BEIJING) TECHNOLOGY CO., LTD. Effective date: 20140905 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20140905 Address after: 100080, room 7, floor 2, No. 701-51 East Third Street, Haidian District, Beijing, Haidian Applicant after: FENGLING CHUANGJING (BEIJING) TECHNOLOGY Co.,Ltd. Address before: 100080, room 1, building 3, Haidian Avenue, Haidian District, Beijing, Applicant before: Morning wind (Beijing) Technology Co., Ltd. |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20151102 Address after: 100085 Beijing, Haidian District, No. ten on the street Baidu building, No. 10 Applicant after: BEIJING BAIDU NETCOM SCIENCE AND TECHNOLOGY Co.,Ltd. Address before: 100080, room 7, floor 2, No. 701-51 East Third Street, Haidian District, Beijing, Haidian Applicant before: FENGLING CHUANGJING (BEIJING) TECHNOLOGY Co.,Ltd. |
|
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130626 |