CN103632096A

CN103632096A - Method and device for carrying out safety detection on equipment

Info

Publication number: CN103632096A
Application number: CN201310632733.2A
Authority: CN
Inventors: 张龙; 孟凡磊; 邱凯; 田野
Original assignee: Beijing Qihoo Technology Co Ltd; Qizhi Software Beijing Co Ltd
Current assignee: Beijing Qihoo Technology Co Ltd; Qizhi Software Beijing Co Ltd
Priority date: 2013-11-29
Filing date: 2013-11-29
Publication date: 2014-03-12
Anticipated expiration: 2033-11-29
Also published as: CN103632096B

Abstract

The invention discloses a method and a device for carrying out safety detection on equipment, wherein the method comprises the steps that when mobile equipment is connected to calculating equipment, the mobile equipment side receives mobile equipment safety detection requests sent by the calculating equipment side, and the safety detection requests comprise specified detection objects; the mobile equipment side obtains safety detection result information corresponding to the specified detection objects, and sends the safety detection result information to the calculating equipment side; the mobile equipment side receives executing instructions sent by the calculating equipment side, wherein the executing instructions are generated by the calculating equipment according to the safety detection result information; the mobile equipment side executes the executing instructions. The method and the device have the advantages that users can realize the safety detection on the mobile equipment at the calculating equipment side, so the safety of the mobile equipment is improved.

Description

A kind of equipment is carried out to safety detection method and device

Technical field

The present invention relates to device security detection technique field, be specifically related to a kind of method of equipment being carried out to safety detection, and a kind of device that equipment is carried out to safety detection.

Background technology

Along with the raising of the level of informatization and the continuous release of various applicability technology, the intelligent terminals such as computing machine or mobile phone have been widely used in the aspects such as study, amusement, work, are playing the part of more and more important role in daily life.Yet the widespread use of intelligent terminal has also proposed requirements at the higher level to intelligent terminal at aspects such as garbage data cleaning, security protections.

For the demand, much third party's Secure Application manufacturer has developed for intelligent terminal Secure Application, described Secure Application can check UP to intelligent terminal in intelligent terminal side, and carries out a series of reparation operation according to physical examination result, to guarantee performance and the security of intelligent terminal.For mobile device, although some antivirus softwares have been installed on some mobile device in advance, when but often user does not install mobile phone bodyguard thereon, hold easily infected virus, especially accessing when application market downloads some application, be easy to tied or download to malicious application is installed, plug-in unit, or the software of advertisement applications and so on, often cause user in imperceptible situation, escaped by mobile device flow, privacy is stolen, or the malice loss such as deduct fees, so be necessary from each channel, the safety of user's mobile device to be protected.

Summary of the invention

In view of the above problems, the present invention has been proposed to a kind of a kind of method and corresponding a kind of device that equipment is carried out to safety detection that equipment is carried out to safety detection that overcomes the problems referred to above or address the above problem is at least in part provided.

According to one aspect of the present invention, a kind of method of equipment being carried out to safety detection is provided, comprising:

When mobile device is connected to computing equipment, at described mobile device side joint, receive the safety detection request to mobile device that described computing equipment side is sent, described safety detection request comprises appointment detected object;

In described mobile device side, obtain the safety detection result information corresponding with described appointment detected object, and described safety detection result information is sent to computing equipment side;

At described mobile device side joint, receive the execution instruction that computing equipment side sends, described execution instruction is that computing equipment is according to described safety detection result Information generation;

In described mobile device side, carry out described execution instruction.

Alternatively, at described mobile device side joint, receive that described computing equipment side sends to the step of the safety detection request of mobile device before, also comprise:

Described mobile device side joint is received the third party that described computing equipment side sends and is applied installation kit, and described third party applies installation kit, and to be described computing equipment side do not install third party while applying described mobile device side being detected, from server, downloads and obtain;

Described mobile device side is applied installation kit according to described third party third party's application is installed.

Set up the SOCKET interface channel of described mobile device and described computing equipment, described mobile device receives safety detection request by described SOCKET interface channel and sends safety detection result information and receive carries out instruction.

Alternatively, describedly at described mobile device side joint, receive the step to the safety detection request of mobile device that described computing equipment side sends and be:

In described mobile device side, adopt described third party to apply and receive the safety detection request to mobile device that described computing equipment side is sent;

Describedly in described mobile device side, obtain the safety detection result information corresponding with described appointment detected object, and the step that described safety detection result information is sent to computing equipment side comprises:

In described mobile device side, adopt safety detection request described in described third party's criteria in application to carry out specifying the safety detection operation of detected object, obtain safety detection result information;

By described third party's application, described safety detection result information is back to described computing equipment side;

The step of the described execution instruction sending in described mobile device side joint receipts computing equipment side is:

In described mobile device side, adopt described third party to apply and receive the execution instruction that computing equipment side sends;

The described step of carrying out described execution instruction in described mobile device side is:

In described mobile device side, adopt described third party to apply and carry out described execution instruction.

Alternatively, described mobile device side is provided with the first client-side program, describedly at described mobile device side joint, receives the step to the safety detection request of mobile device that described computing equipment side sends and is:

In described mobile device side, adopt described the first client-side program to receive the safety detection request to mobile device that described computing equipment side is sent;

In described mobile device side, adopt described the first client-side program that described safety detection request is sent to described third party's application, by the described safety detection request of the medical foundation of described third party, carried out specifying the safety detection of detected object to operate, obtain safety detection result information and return in the first client-side program;

Described the first client-side program is back to described computing equipment side by described safety detection result information;

In described mobile device side, adopt described the first client-side program to receive the execution instruction that computing equipment side sends;

In described mobile device side, adopt described the first client-side program that described execution instruction is sent to third party's application, by described third party, apply and carry out described execution instruction.

Alternatively, the step that described the first client-side program is sent to described third party's application by described safety detection request comprises:

Described the first client-side program calls the interface of the service of described third party's application according to described appointment detected object, described safety detection request is sent to described third party's application.

Alternatively, described appointment detected object comprises one or more for the following service of mobile device: mobile device hangs horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, detect security service and whether open, detect mobile device and whether have mountain vallage application, detect on mobile device, whether have malice advertisement applications, Initiative Defense function open detection.

Alternatively, described appointment detected object comprises one or more for the following service of mobile device: internal memory optimization detects, detect that the Stub File that whether has that daemon software, automatically actuated software detection, garbage data cleaning detect, cleaning buffer memory detects, exists after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detect.

Alternatively, described safety detection result information comprises safety detection progress msg, and correspondingly, described execution instruction comprises halt instruction, pause instruction, continuation execution instruction.

Alternatively, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: mobile device is hung the reparation of horse leak, opened cloud killing, security service is upgraded, opened in dangerous software reparation, virus base, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function.

Alternatively, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: Stub File, installation kit cleaning, large file consolidation, the cleaning of privacy vestige existing after automatically actuated software, garbage data cleaning, cleaning buffer memory, cleaning application unloading closed, closed to internal memory optimization, daemon software.

According to another aspect of the present invention, a kind of method of equipment being carried out to safety detection is provided, comprising:

When computing equipment side safety detection is to there being mobile device when access, in mobile device side described in computing equipment side direction, send the safety detection request to mobile device, described safety detection request comprises appointment detected object;

At described computing equipment side joint, receive the safety detection result information for described safety detection request that described mobile device side is returned, described safety detection result information is obtained according to described appointment detected object by described mobile device side;

In computing equipment side, according to execution instruction corresponding to described safety detection result Information generation and be sent to described mobile device side, by described mobile device side, carry out described execution instruction.

Alternatively, before mobile device side described in described computing equipment side direction is sent the step of the safety detection request of mobile device, also comprise:

In computing equipment side, read all installation kit information that application has been installed in described mobile device side, described installation kit information comprises installation kit sign;

In computing equipment side, judge while not existing third party to apply installation kit sign in described installation kit sign, from server, obtain the download address that described third party applies installation kit;

The download address of applying installation kit according to described third party in computing equipment side is downloaded described third party and is applied installation kit and be sent to mobile device side.

Set up the SOCKET interface channel of described mobile device and described computing equipment, described computing equipment sends safety detection request by described interface channel and receives safety detection result information and send carries out instruction.

Alternatively, described safety detection result information has the information of type identification, describedly in computing equipment side, according to execution instruction corresponding to described safety detection result Information generation the step that is sent to described mobile device side, comprises:

Computing equipment side is searched the execution advisory information that described type identification is corresponding in default mapping table, stores computing equipment and the mobile device type identification of making an appointment and the mapping relations of carrying out advisory information in described default mapping table;

In computing equipment side, show described safety detection result information and corresponding execution advisory information;

At computing equipment side joint, receive the selected instruction of user to described one or more execution advisory information;

According to described selected instruction, generate execution instruction corresponding to one or more execution advisory information and be sent to mobile device side.

According to another aspect of the present invention, a kind of device that equipment is carried out to safety detection is provided, comprising:

Safety detection request receiving module, is suitable for when mobile device is connected to computing equipment, at described mobile device side joint, receives the safety detection request to mobile device that described computing equipment side is sent, and described safety detection request comprises appointment detected object;

Safety detection result information sending module, is suitable for obtaining the safety detection result information corresponding with described appointment detected object in described mobile device side, and described safety detection result information is sent to computing equipment side;

Carry out command reception module, be suitable for receiving at described mobile device side joint the execution instruction that computing equipment side sends, described execution instruction is that computing equipment is according to described safety detection result Information generation;

Carry out instruction execution module, be suitable for carrying out described execution instruction in described mobile device side.

Alternatively, described device also comprises:

Installation kit receiver module, be suitable for receiving at described mobile device side joint that described computing equipment side sends to the safety detection request of mobile device before, the third party that described mobile device side joint is received described computing equipment side transmission applies installation kit, described third party applies installation kit, and to be described computing equipment side do not install third party while applying described mobile device side being detected, from server, downloads and obtain;

Installation kit installation module, is suitable for described mobile device side and applies installation kit installation third party application according to described third party.

Alternatively, described device also comprises:

Path Setup module, be suitable for receiving at described mobile device side joint that described computing equipment side sends to the safety detection request of mobile device before, set up the SOCKET interface channel of described mobile device and described computing equipment, described mobile device receives safety detection request by described SOCKET interface channel and sends safety detection result information and receive carries out instruction.

Alternatively, described safety detection request receiving module is also suitable for:

Described safety detection result information sending module is also suitable for:

Described execution command reception module is also suitable for:

Described execution instruction execution module is also suitable for:

Described execution command reception module is also suitable for:

Described execution instruction execution module is also suitable for:

Alternatively, described the first client-side program is sent to described third party's application by described safety detection request, is specially:

Safety detection request sending module, is suitable in computing equipment side safety detection, to there being mobile device when access, in mobile device side described in computing equipment side direction, sending the safety detection request to mobile device, and described safety detection request comprises appointment detected object;

Safety detection result information receiving module, be suitable for receiving at described computing equipment side joint the safety detection result information for described safety detection request that described mobile device side is returned, described safety detection result information is obtained according to described appointment detected object by described mobile device side;

Carry out instruction sending module, be suitable in execution instruction corresponding to the described safety detection result Information generation of computing equipment side foundation and be sent to described mobile device side, by described mobile device side, carry out described execution instruction.

Alternatively, described device also comprises:

Installation kit acquisition of information module, be suitable for before mobile device side described in described computing equipment side direction is sent the safety detection request of mobile device, in computing equipment side, read all installation kit information that application has been installed in described mobile device side, described installation kit information comprises installation kit sign;

Search module, be suitable for judging while not existing third party to apply installation kit sign in described installation kit sign in computing equipment side, from server, obtain the download address that described third party applies installation kit;

Installation kit sending module, the download address that is suitable for applying installation kit in computing equipment side according to described third party is downloaded described third party and is applied installation kit and be sent to mobile device side.

Alternatively, described device also comprises:

Interface channel is set up module, be suitable for before mobile device side described in described computing equipment side direction is sent the safety detection request of mobile device, set up the SOCKET interface channel of described mobile device and described computing equipment, described computing equipment sends safety detection request by described interface channel and receives safety detection result information and send carries out instruction.

Alternatively, described safety detection result information has the information of type identification, and described execution instruction sending module is also suitable for:

Compare with background technology, the present invention has following beneficial effect:

In the present invention, when mobile device is connected to computing equipment, in computing equipment side, can realize the safety detection to the appointment detected object of mobile device, and can send and carry out instruction and impel mobile device to carry out relevant operation for safety detection result be displaced sideways equipment at computing equipment when computing equipment receives the safety detection result that mobile device returns, make user can realize the safety detection to mobile device in computing equipment side, thereby improve the security of mobile device.

Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to better understand technological means of the present invention, and can be implemented according to the content of instructions, and for above and other objects of the present invention, feature and advantage can be become apparent, below especially exemplified by the specific embodiment of the present invention.

Accompanying drawing explanation

By reading below detailed description of the preferred embodiment, various other advantage and benefits will become cheer and bright for those of ordinary skills.Accompanying drawing is only for the object of preferred implementation is shown, and do not think limitation of the present invention.And in whole accompanying drawing, by identical reference symbol, represent identical parts.In the accompanying drawings:

Fig. 1 shows a kind of flow chart of steps of equipment being carried out to the embodiment of the method one of safety detection of the present invention;

Fig. 2 shows a kind of flow chart of steps of equipment being carried out to the embodiment of the method two of safety detection of the present invention;

Fig. 3 shows a kind of flow chart of steps of equipment being carried out to the embodiment of the method three of safety detection of the present invention;

Fig. 4 shows a kind of flow chart of steps of equipment being carried out to the embodiment of the method four of safety detection of the present invention;

Fig. 5 shows a kind of structured flowchart that equipment is carried out to the device embodiment mono-of safety detection of the present invention;

Fig. 6 shows a kind of structured flowchart that equipment is carried out to the device embodiment bis-of safety detection of the present invention.

Embodiment

Exemplary embodiment of the present disclosure is described below with reference to accompanying drawings in more detail.Although shown exemplary embodiment of the present disclosure in accompanying drawing, yet should be appreciated that and can realize the disclosure and the embodiment that should do not set forth limits here with various forms.On the contrary, it is in order more thoroughly to understand the disclosure that these embodiment are provided, and can by the scope of the present disclosure complete convey to those skilled in the art.

With reference to Fig. 1, show a kind of flow chart of steps of equipment being carried out to the embodiment of the method one of safety detection of the present invention, the embodiment of the present invention describes from mobile device side, can comprise the steps:

Step 101, when mobile device is connected to computing equipment, receives at described mobile device side joint the safety detection request to mobile device that described computing equipment side is sent, and described safety detection request comprises appointment detected object;

In a preferred embodiment of the present invention, described appointment detected object comprises one or more for the following service of mobile device: mobile device is hung horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, whether detect security service opens, detect mobile device and whether have mountain vallage application, on detection mobile device, whether there is malice advertisement applications, Initiative Defense function open detection, internal memory optimization detects, detect and whether have daemon software, automatically actuated software detection, garbage data cleaning detects, cleaning buffer memory detects, the Stub File existing after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detects.

Step 102, obtains the safety detection result information corresponding with described appointment detected object in described mobile device side, and described safety detection result information is sent to computing equipment side;

Step 103, receives at described mobile device side joint the execution instruction that computing equipment side sends, and described execution instruction is that computing equipment is according to described safety detection result Information generation;

In a preferred embodiment of the present invention, described safety detection result information can comprise safety detection progress msg, corresponding, and described execution instruction can comprise halt instruction, pause instruction, continuation execution instruction.

In another kind of preferred embodiment of the present invention, described safety detection result information comprises safety detection result, correspondingly, described execution instruction can comprise following one or more: mobile device is hung the reparation of horse leak, open cloud killing, dangerous software reparation, virus base upgrades, open security service, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function, internal memory optimization, daemon software is closed, close automatically actuated software, garbage data cleaning, cleaning buffer memory, the Stub File existing after cleaning application unloading, installation kit cleaning, large file consolidation, the cleaning of privacy vestige.

Step 104, carries out described execution instruction in described mobile device side.

In a preferred embodiment of the present invention, before described step 101, can also comprise:

In a preferred embodiment of the present invention, described step 101 is specifically as follows:

Described step 102 can comprise following sub-step:

Described step 103 is specifically as follows:

Described step 104 is specifically as follows:

Particularly, described mobile device side can be applied the safety detection request to mobile device that computing equipment side is sent that receives by described third party, described in described third party's criteria in application, safety detection request is carried out specifying the safety detection operation of detected object, obtains safety detection result information and returns to described computing equipment side.

In another kind of preferred embodiment of the present invention, described mobile device side is provided with the first client-side program, and described step 101 can be:

Described step 102 can comprise following sub-step:

In described mobile device side, adopt described the first client-side program that described safety detection request is sent to described third party's application, by safety detection request described in described third party's criteria in application, carried out specifying the safety detection of detected object to operate, obtain safety detection result information and return in the first client-side program;

Described step 103 can be:

Described step 104 can be:

Particularly, described mobile device can receive the safety detection request to mobile device that computing equipment side is sent by described the first client-side program, described the first client-side program is sent to described third party's application by described safety detection request, receiving described third party applies the safety detection result information of returning and returns to computing equipment side, wherein, described safety detection result information is carried out specifying the safety detection operation of detected object to obtain by safety detection request described in described third party's criteria in application.

In a preferred embodiment of the present invention, the step that described the first client-side program is sent to described third party's application by described safety detection request can comprise:

In embodiments of the present invention, when mobile device is connected to computing equipment, in computing equipment side, can realize the safety detection to the appointment detected object of mobile device, and can send and carry out instruction and impel mobile device to carry out relevant operation for safety detection result be displaced sideways equipment at computing equipment when computing equipment is received in the safety detection result that mobile device returns, make user can realize the safety detection to mobile device in computing equipment side, thereby improve the security of mobile device.

With reference to Fig. 2, show a kind of flow chart of steps of equipment being carried out to the embodiment of the method two of safety detection of the present invention, the embodiment of the present invention describes from computing equipment side, and the embodiment of the present invention can comprise the steps:

Step 201, when computing equipment side safety detection is to there being mobile device when access, sends the safety detection request to mobile device in mobile device side described in computing equipment side direction, and described safety detection request comprises appointment detected object;

In a preferred embodiment of the present invention, described appointment detected object can comprise one or more for the following service of mobile device: mobile device is hung horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, whether detect security service opens, detect mobile device and whether have mountain vallage application, on detection mobile device, whether there is malice advertisement applications, Initiative Defense function open detection, internal memory optimization detects, detect and whether have daemon software, automatically actuated software detection, garbage data cleaning detects, cleaning buffer memory detects, the Stub File existing after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detects.

Step 202, receives at described computing equipment side joint the safety detection result information for described safety detection request that described mobile device side is returned, and described safety detection result information is obtained according to described appointment detected object by described mobile device side;

Step 203, according to execution instruction corresponding to described safety detection result Information generation and be sent to described mobile device side, carries out described execution instruction by described mobile device side in computing equipment side.

In a preferred embodiment of the present invention, described safety detection result information can comprise safety detection progress msg, and correspondingly, described execution instruction can comprise halt instruction, pause instruction, continuation execution instruction.

In a preferred embodiment of the present invention, described safety detection result information can comprise safety detection result, correspondingly, describedly can carry out instruction and comprise following one or more: mobile device is hung the reparation of horse leak, open cloud killing, dangerous software reparation, virus base upgrades, open security service, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function, internal memory optimization, daemon software is closed, close automatically actuated software, garbage data cleaning, cleaning buffer memory, the Stub File existing after cleaning application unloading, installation kit cleaning, large file consolidation, the cleaning of privacy vestige.

In a preferred embodiment of the present invention, before described step 201, can also comprise:

In a preferred embodiment of the present invention, described safety detection result information has the information of type identification, and described step 203 can comprise following sub-step:

Sub-step S11, computing equipment side is searched the execution advisory information that described type identification is corresponding in default mapping table, stores that computing equipment and mobile device make an appointment in described default mapping table, the mapping relations of type identification and execution advisory information;

Sub-step S12, shows described safety detection result information and corresponding execution advisory information in computing equipment side;

Sub-step S13, receives the selected instruction of user to described one or more execution advisory information at computing equipment side joint;

Sub-step S14, generates execution instruction corresponding to one or more execution advisory information and is sent to mobile device side according to described selected instruction.

With reference to Fig. 3, show a kind of flow chart of steps of equipment being carried out to the embodiment of the method three of safety detection of the present invention, wherein, described computing equipment is a kind of can operation according to program, automatically, the intelligent electronic device of high speed processing mass data, as desktop computer, notebook computer etc.Described mobile device is a kind of computing equipment that can use in movement, as mobile phone.It is example that the present embodiment be take the mobile device that Android operating system is installed, and certainly, the present invention is not limited to be provided with the mobile device of Android system, and principle of the present invention is equally applicable to be provided with the mobile device of other operating systems.

In embodiments of the present invention, mobile device side is provided with the first client-side program, computing equipment side is provided with the second client-side program, described mobile device and described computing equipment communicate by described the first client-side program and described the second client-side program, when described the first client-side program is not activated, the second client-side program can start described the first client-side program by sending enabled instruction to the first client-side program, and then opens communication process between the two.

Described method can comprise the steps:

Step 301, when mobile device is connected to computing equipment, the second client-side program detects described mobile device whether third party's application is installed, and if not, performs step 302, if so, performs step 304;

In specific implementation, the second client-side program of computing equipment side, when mobile device being detected and be successfully connected to computing equipment, can read all installation kit information that application has been installed in mobile device side, and wherein said installation kit information carries installation kit sign.The second client-side program is searched the installation kit sign that whether exists third party to apply in described all installation kit signs, if exist, illustrates that mobile device side is provided with third party's application, otherwise, illustrate that mobile device side is not provided with third party's application.

Further, described installation kit information can also carry the version number of each application, if searching, computing equipment finds that described mobile device is provided with third party's application, but the version number of described third party's application is less than the latest edition this shop of third party's application of computing equipment side storage, and the described mobile device side of the same judgement of computing equipment is not installed third party's application.

Step 302, the second client-side program is downloaded described third party and is applied installation kit and be sent to mobile device side;

In specific implementation, mobile device can be connected to computing equipment by forms such as data line or wireless (as Wi-Fi communication technology WIFI), when mobile device accesses computing equipment by data line, if the second client-side program detects described mobile device third party's application is not installed, in server, search the installation kit sign of described third party's application, when finding the installation kit sign of described third party's application, obtain the download address that described third party applies installation kit, from described download address, downloading third party applies installation kit and described third party is applied to installation kit and be sent to mobile device side by data line.

Further, at described mobile device, be when the Android equipment of Android system is installed, described the second client-side program can pass through ADB(Android Debug Bridge, play exactly the effect of debugging bridge) drive and third party to be applied to installation kit be sent to mobile device side, wherein, ADB is a client-server end program, wherein client is computing equipment, server end is Android equipment, and ADB to drive be exactly computing equipment and the client driver of communicating by letter of Android equipment, ADB is an instrument in androidsdk, can direct control management Android simulator or real Android equipment (as mobile phone) with this instrument.Its major function has: the shell of operational outfit (order line); The port mapping of management simulation device or equipment; Upload/download file between computing equipment and Android equipment; Local Android installation kit apk is mounted to simulator or Android equipment etc.

When mobile device connects with computing equipment wirelessly, if the second client-side program detects described mobile device third party's application is not installed, in server, search the installation kit sign of described third party's application, when finding the installation kit sign of described third party application, obtain the download address that described third party applies installation kit, from described download address, download third party and apply installation kit and described third party is applied to installation kit and be sent to mobile device side by radio channel.In practice, the second client-side program also can directly described third party be applied installation kit download address will described in be sent to mobile device side, by mobile device side, downloaded and installed.

Specifically, the process that mobile device connects with computing equipment wirelessly, can be:

When computing equipment will be connected with mobile device, first computing equipment can send connection request to server.Wherein, described connection request comprises the terminal data of the mobile device that device identification is connected with request.

Described device identification is used for identifying a computing equipment, as, the IP address of computing equipment, NIC address and MID value etc.Wherein, MID(Mobile Internet Device, mobile internet device) value is unique eigenwert that the numbering by hardware calculates.

Described terminal data is the related data of mobile device, as the title of mobile device, the International Mobile Equipment Identity code of mobile device (International Mobile Equipment Identity, IMEI), the model of mobile device etc., in addition,, if mobile device is mobile phone, corresponding terminal data can also comprise the phone number of this mobile phone.Wherein, described IMEI can mobile device of unique identification.

Server correspondence can receive described connection request, can obtain the device identification of described computing equipment from described connection request, thereby determines the computing equipment that will connect, and obtains the terminal data of the mobile device of described computing equipment request connection.

And the terminal data (or device data) of the mobile device that server record communicated with (or computing equipment), therefore can search described mobile device according to described terminal data, whether detect described terminal data mates with the terminal data of arbitrary mobile device of storing in server, if coupling, explanation can find described mobile device, build the mapping relations of described device identification and described terminal data, to set up the incidence relation of described mobile device and described computing equipment; If do not mate, explanation does not find described mobile device, and described mobile device is temporarily failed and server communication.

Step 303, mobile device side is applied installation kit according to described third party third party's application is installed, and continues execution step 304;

Particularly, after mobile device receives described third party to apply installation kit, according to described third party, apply installation kit third party's application is installed; In another kind of situation, what receive when mobile device is that third party is while applying the download address of installation kit, the download address of applying installation kit according to described third party is downloaded the installation that described third party applies installation kit and carries out third party's application, third party, applied after installation, mobile device is connected and is returned to installation message to computing equipment by length, to notify third party described in computing equipment to apply installation.

In embodiments of the present invention, in computing equipment side, can detect mobile device side whether third party's application is installed, third party is not installed while applying mobile device side being detected, computing equipment is automatically downloaded third party and is applied installation kit and be sent to mobile device and install, in this process, mobile device also can be installed smoothly third party's application in the situation that not needing networking, save the resource of mobile device, enrich the channel that mobile device is carried out to security protection, improved the security of mobile device; And user does not need to carry out any operation can install third party's application (or other application) in mobile device side, convenient and swift, improves user and experiences.

Be applied to the embodiment of the present invention, described third party's application can be applied for the service of safety detection class, as 360 mobile phone bodyguards, and Kingsoft bodyguard etc., the particular type that the embodiment of the present invention is applied third party is without being limited.

Step 304, sets up the SOCKET interface channel of described mobile device and described computing equipment;

Particularly, the described SOCKET(socket of setting up described mobile device and described computing equipment) process of interface channel, be actually and using described mobile device as server, using the client-server SOCKET connection procedure of described computing equipment as client, this process can be divided into server monitoring, client-requested, three steps of connection confirmation, wherein, server is monitored and is referred to server end socket the concrete client socket of delocalization, but in etc. state to be connected, real-time monitoring state of network; Client-requested refers to that the socket by client proposes connection request, and the target that connect is the socket of server end.For this reason, first the socket of client must describe the socket of the server that it will connect, and points out address and the port numbers of server end socket, then just to server end socket, proposes connection request; Connect and confirm to refer to that working as server end socket listens to the connection request that receives in other words client socket, it is with regard to the request of customer in response end socket, set up a new thread, the description of server end socket is issued to client, once client has been confirmed this description, connect (or interface channel) and just established, now just can carry out a series of data transmission between the first client-side program and the second client-side program.

In specific implementation, server, by calling socket function, has been set up and has been monitored the socket connecting, and then calls bind function, and socket and address information are associated.Call listen function and realize the monitoring to this port, when having connection request, by calling accept function, set up and being connected of client, finally, call read function and read the message that client sends over, can certainly use recv function to realize identical function.

Step 305, described the second client-side program sends the safety detection request to mobile device by described SOCKET interface channel to described the first client-side program, and described safety detection request comprises appointment detected object;

Described safety detection request is for guaranteeing the detection request of mobile device safety, a kind of preferred exemplary as the present embodiment, described safety detection request can comprise appointment detected object, described appointment detected object is for carrying out the project of safety detection for mobile device, can comprise one or more for the following service of mobile device: mobile device is hung horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, whether detect security service opens, detect mobile device and whether have mountain vallage application, on detection mobile device, whether there is malice advertisement applications, Initiative Defense function open detection, etc..

Another kind of preferred exemplary as the present embodiment, described safety detection request can comprise appointment detected object, described appointment detected object is for being optimized the project with garbage-cleaning for mobile device, can comprise one or more for the following service of mobile device: internal memory optimization detects, detect that the Stub File that whether has that daemon software, automatically actuated software detection, garbage data cleaning detect, cleaning buffer memory detects, exists after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detect, etc.

Step 306, described the first client-side program is sent to third party's application by described safety detection request;

In practice, described third party is applied in the installation process of mobile device side, can set up many services (service), the first client-side program is after receiving safety detection request, according to described appointment detected object, location third party applies corresponding service, for example, if described appointment detected object is junk data safety detection, the service of its corresponding third party application is cleaning service.The first client-side program is applied corresponding service interface by calling described third party is sent to described safety detection request in third party's application.

Step 307, described third party's application is carried out corresponding safety detection operation to described appointment detected object, obtains safety detection result information;

Particularly, appointment detected object in described safety detection request comprises the information of type identification, the information of described type identification is the information of third party's application with the type of detection of the indication appointment detected object of server commitment, the different operation of message identification of different type identifications, by information third party's application of described type identification, can know this detected object is for which kind of detection, thereby carry out corresponding operation, obtain safety detection result information.For example,

The information of the type identification of health check-up is CMD_SYSTEM_EXAM_SCAN;

The information of the type identification of garbage-cleaning is CMD_CLEAR_GARBAGE_SCAN;

The information of the type identification of virus killing is CMD_SECURITY_SCAN.

A kind of preferred exemplary as the embodiment of the present invention, if described detected object is Initiative Defense function open detection, its concrete detection rule can be: whether first third party's application detects mobile device and possess Initiative Defense function, if so, detect described Initiative Defense function and open; If not, third party device detects described the first client-side program and whether opens Initiative Defense function.

Another kind of example as the present embodiment, if whether described appointment detected object has mountain vallage application for detecting mobile device, its concrete detection rule can be: the APP(application of third party's application scanning mobile device, application) list, obtain developer's signature or the MD5 value of each application in described list of application, and the application in described list of application and the application in application white list are contrasted, if certain is applied in application white list, again the developer signature of this application or MD5 value are signed with the developer of application corresponding in white list or MD5 value is compared, if the developer of this application signature or MD5 value are signed with the developer of corresponding application in white list or MD5 value is inconsistent, judge that this application belongs to mountain vallage application, if certain application is not in application white list, Scan for Viruses storehouse or (carrying out cloud killing), if this is applied in virus base, report virus or wooden horse.

Another kind of example as the present embodiment, if described appointment detected object is for detecting the whether dangerous software of mobile device or noly having a malice advertisement applications, its concrete detection rule can be: the APP(application of third party's application scanning mobile device, application) list, mates the application in list of application with the black and white lists in server.Wherein, white list is the list of record security process, and blacklist is the list that records dangerous process.The type that is arranged in white list process is white process, and the type that is arranged in blacklist process is black process, and all unknown process outside white list and blacklist belongs to grey process.When the process of application is white process (process of calling as 360 mobile phone assistants, 91 mobile phone assistants or pea pods etc.), confirm this process relevant be applied as believable application (or Secure Application), allow the operation of this process; When application process is black process (as malice is promoted the process etc. of the application call of APK), confirm that the application program that this process is relevant is incredible application program, after judging the type of this process, tackle immediately the operation (as being connected to tackle this process by what disconnect this process and 5037 ports) of this process, forbid that the application program that this process is relevant carries out any operation (the Android equipment connecting in system as enumerated) to mobile device, and the successful information of interception is sent to the first client-side program, by the first client-side program, return to computing equipment side.

In addition, this example can also and be associated with performance of program by the behavior of client collection procedure, thereby logging program feature and corresponding program behavior thereof in database, according to the incidence relation of the program behavior of collecting and performance of program, can in database, to sample, carry out analytic induction, thereby contribute to software or program to belong to the judgement of blacklist or white list.Owing to having recorded performance of program and behavior record corresponding to this feature in database, therefore can to unknown program, analyze in conjunction with known white list.For example, if unknown program feature is identical with the known procedure feature in existing white list, all list this unknown program feature and program behavior thereof in white list.If unknown program behavior is identical or approximate with the known procedure behavior in existing white list, all list this unknown program behavior and performance of program thereof in white list.

For example, take and kill virus as example, viral result is obtained in third party's application (as mobile phone bodyguard) in the following manner:

(1) scan A ndroid installation kit, and from described Android installation kit, extract the characteristic information of appointment;

The characteristic information extracting in this example can comprise:

1) Android installation kit bag name: packageName

2) Android installation kit version number: versionCode

3) MD5:signature[0 of the digital signature of Android installation kit]

4) Android assembly receiver

5) instruction in classes.dex

6) character string in ELF file

7) assets, res, the MD5 of each file under the catalogues such as lib

8) Android assembly service, activity

(2) in preset safety identification storehouse, search the feature record that single characteristic information or its combination with appointment match; Wherein, in described safety identification storehouse, comprise feature record and feature and record corresponding level of security, the combination that comprises single characteristic information or characteristic information in every feature record;

(3) feature finding is recorded in the safety detection result that corresponding level of security is included in described Android installation kit and show.

This example lists safe, dangerous, careful and four level of securitys of wooden horse.Wherein, various level of securitys are defined as follows:

Safety: this application is a normal application, without any the behavior that threatens user mobile phone safety;

Dangerous: this application exists security risk, and likely this application itself is exactly Malware; Also likely this application was the normal software of regular company issue originally, but because there are security breaches, caused user's privacy, mobile phone to be on the hazard safely;

Careful: this application is a normal application, but has some problems, for example, can allow user be deducted fees because of carelessness, or have disagreeableness advertisement to be complained etc.; After finding this class application, can point out the careful use of user and inform that this applies possible behavior, but decide whether remove this application in its sole discretion by user;

Wooden horse: this application is virus, wooden horse or other Malwares, herein in order to be simply referred to as wooden horse, but does not represent that this application is only wooden horse.

So, when safety identification storehouse is set, can be using the Android installation kit under safety, danger, careful and four ranks of wooden horse all as sample Android installation kit, thus the feature that the single feature in sample or Feature Combination obtain record can distinguish correspondence the information such as a kind of level of security and relevant behavior and description.

For example, the feature that safety is identified in storehouse records four, and article one feature record and the 4th feature record corresponding respectively level of security and be wooden horse rank, and second feature record and the 3rd feature record corresponding respectively level of security and be level of security.

Certainly, safety identification can also arrange a feature record in storehouse, list the Android installation kit version number of certain wooden horse and the MD5 value of digital signature thereof, although the Feature Combination that this feature record is used records identical with second feature, all having used the combination of version number and digital signature MD5 value, is " wooden horse " but this feature records corresponding level of security.

So level of security is not corresponding with a certain specific feature or Feature Combination, but corresponding with the value of concrete feature or Feature Combination.Therefore, for identical feature or Feature Combination, concrete value is different, and corresponding level of security is also different.

And other definition of above-mentioned safe, dangerous, careful and four levels of wooden horse only as an example, according to practical application, can certainly have other level of security classification and definition, the protection domain of this example is not limited thereto.

So, the feature record that described single characteristic information or its combination of searching in preset safety identification storehouse with appointment matches, and the feature finding is recorded to the step that corresponding level of security is included in the safety detection result of described Android installation kit, can be understood as:

In safety identification storehouse, search feature record, if the single feature of the appointment extracting and article one feature record match, can judge that current Android installation kit is as wooden horse rank; If the specific characteristic extracting combines rear and second feature records or the 3rd feature record matches, can judge that current Android installation kit is level of security; If match with the 4th feature record after the specific characteristic extracting combines, can judge that current Android installation kit is also wooden horse rank.

So, safety detection result for certain Android installation kit can be to comprise safe, dangerous, careful or four information that represent level of security of wooden horse, in addition in described safety detection result, can also comprise at least one the informations such as the behavior description relevant to level of security, software description, timestamp, if other information of corresponding " careful " level can be " may cause and deduct fees, whether select to delete this application ".

More specifically, described safety detection result can comprise level of security, behavior description information, software description information and timestamp information.Wherein:

Level of security: can represent safe, dangerous, careful or four level of securitys of wooden horse with 32 integer representations, the definition of each level of security as mentioned above.

Behavior description information: also can, with 32 (0～31) integer representations, can express the software action of each level of security and describe.Wherein, can choose a bit representation zone bit, zone bit is that 0 expression does not have malicious act, if there is malicious act, can define: the 1st representative " stealthily download on backstage ", the 2nd representative " privately sending note ", the 3rd representative " comprising advertisement ", etc.That is, each can represent separately a kind of behavior description of software.

For example, for the Android application program detecting as " wooden horse rank ", if malicious act=3, translating into scale-of-two is exactly 11, the 1=1, the 2=1, and the malicious act of expression is: have backstage simultaneously and stealthily download and privately send the behavior of note.

Again for example, for the Android application program detecting as " careful rank ", if behavior description=4, translating into scale-of-two is exactly 100, the 1=0, the 2=0, the 2=1, and the behavior of expression is: comprise advertisement.Because this advertisement may be that user allows, may be also that user is unallowed, so can point out user careful use, by user, decide in its sole discretion and whether remove.

Software description information: being typically expressed as character string, is the explanation to Android application program, as information such as publisher, issuing time.

Timestamp information: the characteristic information (as normal feature, wooden horse feature etc.) that shows Android application program is when to put in storage.

It should be noted that, above-mentioned Initiative Defense function open detection, whether detect mobile device has mountain vallage application and detects the whether dangerous software of mobile device or no to have the detection rule of malice advertisement applications be only the example of the present embodiment, those skilled in the art adopt other to reach and detect the whether dangerous software of mobile device or noly have malice advertisement applications or the no method of the object of mountain vallage application that exists is all fine, in addition, for other, specify the detection of detected object, those skilled in the art can adopt existing any technology that can achieve the goal to detect, the present invention to this without being limited.

Step 308, third party's application returns to described safety detection result information to the first client-side program, by described the first client-side program, described safety detection result information exchange is crossed to described SOCKET interface channel and is forwarded to the second client-side program;

Particularly, described third party applies and carries out after corresponding safety detection operation, obtain safety detection result information and return to the first client-side program, in practice, described third party application can return to described safety detection result information to the first client-side program by calling the call back function that described the first client-side program formerly registers.Further, third party is applied in when described safety detection result information is returned to the first client-side program, can be to this safety detection result information labeling type identification, described type identification for third party application and the second client-side program or with mobile device make an appointment for identifying the sign of safety detection result information type.

Step 309, described the second client-side program is according to execution advisory information corresponding to described safety detection result information acquisition;

Be applied to the embodiment of the present invention, the second client-side program receives after safety detection result information, resolve type identification corresponding to described safety detection result information acquisition, the second client-side program is searched described type identification in default mapping table subsequently, obtains and identifies corresponding execution advisory information with the type.Wherein, in described default mapping table, store the mapping relations of every type of sign and corresponding one or more execution advisory information.

In a preferred embodiment of the present invention, described safety detection result information can comprise safety detection progress msg.Third party applies corresponding service appointment detected object is being carried out in the process of safety detection, safety detection progress msg can be returned to the first client-side program, by the first client-side program, by described SOCKET interface channel, safety detection progress msg be returned to the second client-side program.The second client-side program receives after described safety detection progress, resolve safety detection progress msg and obtain corresponding type identification and safety detection progress, from default mapping table, search described type identification, obtain the execution advisory information corresponding with described safety detection progress, wherein, for the corresponding execution advisory information of type identification of described safety detection progress, can have and stop carrying out suggestion, suspend and carry out suggestion, continue to carry out suggestion etc.

In another kind of preferred embodiment of the present invention, described safety detection result information can comprise safety detection result, described safety detection result is the net result for obtaining after appointment detected object safety detection, the second client-side program receives after described safety detection result, resolve safety detection result and obtain corresponding type identification, from default mapping table, search described type identification, obtain the execution advisory information corresponding with described safety detection result, wherein, the corresponding execution advisory information of type identification for described safety detection structure can have mobile device to hang horse leak reparation suggestion, open cloud killing suggestion, dangerous software reparation suggestion, virus base is new suggested more, unlatching security service suggestion, suggestion is repaired in mountain vallage application, malice advertisement applications reparation suggestion, internal memory optimization suggestion, daemon software is closed suggestion, close automatically actuated software advisor, garbage data cleaning suggestion, the suggestion of cleaning buffer memory, the Stub File suggestion existing after cleaning application unloading, installation kit cleaning suggestion, large file consolidation suggestion, privacy vestige cleaning suggestion.Etc..

Step 310, described the second client-side program is shown described safety detection result information and corresponding execution advisory information;

The second client-side program after carrying out advisory information, can by described safety detection result information with and corresponding execution advisory information in computing equipment side, show user.Described display form can be for showing to play the form of window, or directly in the current window of the second client-side program, show, the content of showing except safety detection result information with and corresponding execution advisory information, can also comprise sign, file path, file size of mobile device etc., the embodiment of the present invention to the form of showing without being limited.

Step 311, described the second client-side program is after receiving the selected instruction of user for one or more execution advisory information, according to described selected instruction, generate the execution instruction corresponding with described one or more execution advisory information and be sent to the first client-side program, by the first client-side program, described execution instruction being sent in the 3rd application;

Particularly, user can send the processing wish to safety detection result by the mode of selected one or more execution advisory information, when the selected one or more execution advisory information of user, generate the selected instruction of described one or more execution advisory information, the second client-side program receives after described selected instruction, generate corresponding execution instruction and be sent to the first client-side program by described SOCKET interface channel, by the first client-side program, be sent in third party's application.

For example,,, stop carrying out execution instruction corresponding to suggestion and be and stop carrying out instruction, described time-out and carry out that execution instruction corresponding to suggestion carried out instruction for suspending, described continuation is carried out execution instruction corresponding to suggestion for continuing to carry out instruction, described mobile device is hung horse leak reparation suggestion, open cloud killing suggestion, dangerous software reparation suggestion, virus base is new suggested more, unlatching security service suggestion, suggestion is repaired in mountain vallage application, malice advertisement applications reparation suggestion, Initiative Defense function is opened suggestion, internal memory optimization suggestion, daemon software is closed suggestion, close automatically actuated software advisor, garbage data cleaning suggestion, the suggestion of cleaning buffer memory, the Stub File suggestion existing after cleaning application unloading, installation kit cleaning suggestion, large file consolidation suggestion, instruction corresponding to privacy vestige cleaning suggestion can be hung the reparation of horse leak for mobile device respectively, open cloud killing, dangerous software reparation, virus base upgrades, open security service, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function, internal memory optimization, daemon software is closed, close automatically actuated software, garbage data cleaning, cleaning buffer memory, the Stub File existing after cleaning application unloading, installation kit cleaning, large file consolidation, the cleaning of privacy vestige.

Step 312, third party applies and carries out described execution instruction.

Particularly, described execution instruction carries command identification, and different command identification indication third parties applies and carries out different operations, i.e. third party's application receives to be carried out after instruction, according to described command identification, carries out the corresponding operation of repairing.

For example, if the execution instruction that third party's application receives is for opening Initiative Defense function, if possess Initiative Defense function on mobile device, open the Initiative Defense function on mobile device, otherwise, the Initiative Defense function of opening described the first client-side program.Specifically, after Initiative Defense function is opened, can utilize the title of application program or the information in information and predefined database to compare judges the identity of described application program, and then take corresponding processing, wherein, described predefined database can comprise application program white list, blacklist and characteristic.Described white list can comprise the title (the UID(unique identifier that comprises program) of the known application program of being trusted and the bag name of program), described blacklist can comprise the title (the UID(unique identifier that comprises program) of known malicious application and the bag name of program), described characteristic can comprise the data of known malice feature (for example characteristic of advertisement).

When the title of utilizing application program judges the identity of described application program: in the time of in the title of described application program is included in the white list in described predefined database, described in carrying out according to the address of the service of application call, call, and return to active service result to described application program; Or, in the time of in the title of described application program is included in the blacklist in predefined database, to described application program, return to predefined service result; Or, when the title of described application program is not included in white list in predefined database and blacklist, show the title of described application program and information and described in the information called, and according to carry out processing by operating system for described selection of calling on mobile device.

That is to say, when the title of application program is included in white list, judge that this application program is as the application program of being trusted, allow it for calling of serving, thereby carry out and call according to the address of described service, and return to active service result to this application program; When the title of application program is included in blacklist, judge that this application software is as malicious application, refuse it for calling of serving, directly to it, return to false service result, it is thought and call success; And when the title of application program be not both included in white list, while not being included in blacklist yet, show the title of described application program and information and described in the information called, and according to carry out processing by operating system for described selection of calling on mobile device.Particularly, in the situation that selected to allow described application program to the calling of described service, described in carrying out according to the address of described service, call, and return to active service result to described application program; Or in the situation that selected not allow described application program to the calling of described service, to described application program, return to predefined service result.

And when the information of utilizing application program judges for the identity of described application program: in the packets of information of described application program, during containing characteristic in described predefined database, to described application program, return to predefined service result; Or, when the information of described application program does not comprise the characteristic in described predefined database, show the title of described application program and information and described in the information called, and according to carry out processing by operating system for described selection of calling on mobile device.

And for example, the execution instruction receiving when third party's application is that instruction is repaired in mountain vallage application, third party application is mated this mountain vallage and is applied corresponding official's application installation kit from server, and official's application installation kit of coupling is pushed to user, and whether prompting user selects to install (whitening); When execution instruction is garbage data cleaning instruction, third party applies the junk data that cleaning mobile device side safety detection obtains; If described execution instruction is when closing daemon software or automatically actuated software, described daemon software or automatically actuated software are closed in third party's application.

It should be noted that, in the embodiment of the present invention, on computing equipment, mobile device is carried out to safety detection, refer on computing equipment the mobile device of access is carried out to safety detection, concrete detection operation and executable operations are that the security classes detection application of safety on mobile device carried out, with not identical to the safety detection of u dish in computing equipment side.

The embodiment of the present invention by carrying out safety detection to mobile device on computing equipment, can tackle the privacy information that malicious application peeps mobile device user and (comprise associated person information, message registration, note, multimedia message, various accounts and password etc.) behavior, prevent that malicious application from dialing the phone of deducting fees, the transmission note of deducting fees, access expends the website of network traffics, prevent malicious application installation wooden horse and Virus, prevent GPS or the network positions of malicious application recording user, interception malicious application ejects harassing and wrecking advertising message etc., can for calling of service, tackle for any malicious application, thereby improved the security of mobile device.

In addition, the embodiment of the present invention by carrying out safety detection to mobile device on computing equipment, can also when daemon software or automatically actuated software having been detected, can close described daemon software or automatically actuated software, thereby save the network traffics of mobile device; By mobile device is carried out to the performance that internal memory optimization, garbage-cleaning etc. can improve mobile device.

With reference to Fig. 4, show a kind of flow chart of steps of equipment being carried out to the embodiment of the method four of safety detection of the present invention, it is example that the present embodiment be take the mobile device that Android operating system is installed, certainly, the present invention is not limited to be provided with the mobile device of Android system, and principle of the present invention is equally applicable to be provided with the mobile device of other operating systems.

In embodiments of the present invention, if while being embedded with the service of the first client-side program in the service in third party application, can apply directly and the second client-side program of computing equipment communicates by third party, described method can comprise the steps:

Step 401, when mobile device is connected to computing equipment, the second client-side program detects described mobile device whether third party's application is installed, and if not, performs step 402, if so, performs step 404;

Step 402, the second client-side program is downloaded described third party and is applied installation kit and be sent to mobile device side;

Step 403, mobile device side is applied installation kit according to described third party third party's application is installed, and continues execution step 404;

Be applied to the embodiment of the present invention, described third party's application can be applied for safe safety detection class service, as 360 mobile phone bodyguards, and Kingsoft bodyguard etc., the particular type that the embodiment of the present invention is applied third party is without being limited.

Step 404, sets up the SOCKET interface channel of described mobile device and described computing equipment;

Step 405, described the second client-side program SOCKET interface channel sends the safety detection request to mobile device to described third party's application, and described safety detection request comprises appointment detected object;

A kind of preferred exemplary as the present embodiment, described safety detection request can comprise appointment detected object, described appointment detected object is for carrying out the project of safety detection for mobile device, can comprise one or more for the following service of mobile device: mobile device is hung horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, whether detect security service opens, detect mobile device and whether have mountain vallage application, on detection mobile device, whether there is malice advertisement applications, Initiative Defense function open detection, internal memory optimization detects, detect and whether have daemon software, automatically actuated software detection, garbage data cleaning detects, cleaning buffer memory detects, the Stub File existing after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detects, etc..

Step 406, described third party's application is carried out corresponding safety detection operation to described appointment detected object, obtains safety detection result information;

Step 407, third party's application returns to described safety detection result information to the second client-side program;

Step 408, described the second client-side program is according to execution advisory information corresponding to described safety detection result information acquisition;

Step 409, described the second client-side program is shown described safety detection result information and corresponding execution advisory information;

Step 410, described the second client-side program, after receiving the selected instruction of user for one or more execution advisory information, generates the execution instruction corresponding with described one or more execution advisory information and is sent in the 3rd application according to described selected instruction;

Step 411, third party applies and carries out described execution instruction.

For the embodiment of the method for Fig. 4, because it is substantially similar to above-mentioned Fig. 3 embodiment of the method, so description is fairly simple, relevant part is referring to the part explanation of embodiment of the method.

For embodiment of the method, for simple description, therefore it is all expressed as to a series of combination of actions, but those skilled in the art should know, the present invention is not subject to the restriction of described sequence of movement, because according to the present invention, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in instructions all belongs to preferred embodiment, and related action and module might not be that the present invention is necessary.

With reference to Fig. 5, show a kind of structured flowchart that equipment is carried out to the device embodiment mono-of safety detection of the present invention, described device can comprise as lower module:

Safety detection request receiving module 501, is suitable for when mobile device is connected to computing equipment, at described mobile device side joint, receives the safety detection request to mobile device that described computing equipment side is sent, and described safety detection request comprises appointment detected object;

Safety detection result information sending module 502, is suitable for obtaining the safety detection result information corresponding with described appointment detected object in described mobile device side, and described safety detection result information is sent to computing equipment side;

Carry out command reception module 503, be suitable for receiving at described mobile device side joint the execution instruction that computing equipment side sends, described execution instruction is that computing equipment is according to described safety detection result Information generation;

Carry out instruction execution module 504, be suitable for carrying out described execution instruction in described mobile device side.

In a preferred embodiment of the present invention, described device can also comprise:

In a preferred embodiment of the present invention, described safety detection request receiving module 501 is also suitable for:

Described safety detection result information sending module 502 is also suitable for:

Described execution command reception module 503 is also suitable for:

Described execution instruction execution module 504 is also suitable for:

In another kind of preferred embodiment of the present invention, described mobile device side is provided with the first client-side program, and described safety detection request receiving module 501 is also suitable for:

Described execution command reception module 503 is also suitable for:

Described execution instruction execution module 504 is also suitable for:

In a preferred embodiment of the present invention, described the first client-side program is sent to described third party's application by described safety detection request, is specially:

A kind of preferred exemplary as the embodiment of the present invention, described appointment detected object can comprise one or more for the following service of mobile device: mobile device is hung horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, whether detect security service opens, detect mobile device and whether have mountain vallage application, on detection mobile device, whether there is malice advertisement applications, Initiative Defense function open detection, internal memory optimization detects, detect and whether have daemon software, automatically actuated software detection, garbage data cleaning detects, cleaning buffer memory detects, the Stub File existing after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detects.

As a kind of preferred exemplary of the embodiment of the present invention, described safety detection result information comprises safety detection progress msg, and correspondingly, described execution instruction comprises halt instruction, pause instruction, continuation execution instruction.

Another kind of preferred exemplary as the embodiment of the present invention, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: mobile device is hung the reparation of horse leak, open cloud killing, dangerous software reparation, virus base upgrades, open security service, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function, internal memory optimization, daemon software is closed, close automatically actuated software, garbage data cleaning, cleaning buffer memory, the Stub File existing after cleaning application unloading, installation kit cleaning, large file consolidation, the cleaning of privacy vestige.

For the device embodiment of Fig. 5, because it is substantially similar to said method embodiment, so description is fairly simple, relevant part is referring to the part explanation of embodiment of the method.

With reference to Fig. 6, show a kind of structured flowchart that equipment is carried out to the device embodiment bis-of safety detection of the present invention, described device can comprise as lower module:

Safety detection request sending module 601, is suitable in computing equipment side safety detection, to there being mobile device when access, in mobile device side described in computing equipment side direction, sending the safety detection request to mobile device, and described safety detection request comprises appointment detected object;

Safety detection result information receiving module 602, be suitable for receiving at described computing equipment side joint the safety detection result information for described safety detection request that described mobile device side is returned, described safety detection result information is obtained according to described appointment detected object by described mobile device side;

Carry out instruction sending module 603, be suitable in execution instruction corresponding to the described safety detection result Information generation of computing equipment side foundation and be sent to described mobile device side, by described mobile device side, carry out described execution instruction.

In a preferred embodiment of the present invention, described safety detection result information has the information of type identification, and described execution instruction sending module 603 is also suitable for:

In a preferred embodiment of the present invention, described safety detection result information can comprise safety detection progress msg, and correspondingly, described execution instruction comprises halt instruction, pause instruction, continuation execution instruction.

In another kind of preferred embodiment of the present invention, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: mobile device is hung the reparation of horse leak, open cloud killing, dangerous software reparation, virus base upgrades, open security service, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function, internal memory optimization, daemon software is closed, close automatically actuated software, garbage data cleaning, cleaning buffer memory, the Stub File existing after cleaning application unloading, installation kit cleaning, large file consolidation, the cleaning of privacy vestige.For the device embodiment of Fig. 6, because it is substantially similar to said method embodiment, so description is fairly simple, relevant part is referring to the part explanation of embodiment of the method.

The algorithm providing at this is intrinsic not relevant to any particular computing device, virtual system or miscellaneous equipment with demonstration.Various general-purpose systems also can with based on using together with this teaching.According to description above, it is apparent constructing the desired structure of this type systematic.In addition, the present invention is not also for any certain programmed language.It should be understood that and can utilize various programming languages to realize content of the present invention described here, and the description of above language-specific being done is in order to disclose preferred forms of the present invention.

In the instructions that provided herein, a large amount of details have been described.Yet, can understand, embodiments of the invention can not put into practice in the situation that there is no these details.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.

Similarly, be to be understood that, in order to simplify the disclosure and to help to understand one or more in each inventive aspect, in the above in the description of exemplary embodiment of the present invention, each feature of the present invention is grouped together into single embodiment, figure or sometimes in its description.Yet, the method for the disclosure should be construed to the following intention of reflection: the present invention for required protection requires than the more feature of feature of clearly recording in each claim.Or rather, as reflected in claims below, inventive aspect is to be less than all features of disclosed single embodiment above.Therefore, claims of following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.

Those skilled in the art are appreciated that and can the module in the equipment in embodiment are adaptively changed and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and can put them into a plurality of submodules or subelement or sub-component in addition.At least some in such feature and/or process or unit are mutually repelling, and can adopt any combination to combine all processes or the unit of disclosed all features in this instructions (comprising claim, summary and the accompanying drawing followed) and disclosed any method like this or equipment.Unless clearly statement in addition, in this instructions (comprising claim, summary and the accompanying drawing followed) disclosed each feature can be by providing identical, be equal to or similar object alternative features replaces.

In addition, those skilled in the art can understand, although embodiment more described herein comprise some feature rather than further feature included in other embodiment, the combination of the feature of different embodiment means within scope of the present invention and forms different embodiment.For example, in the following claims, the one of any of embodiment required for protection can be used with array mode arbitrarily.

All parts embodiment of the present invention can realize with hardware, or realizes with the software module moved on one or more processor, or realizes with their combination.It will be understood by those of skill in the art that can use in practice microprocessor or digital signal processor (DSP) to realize carries out the some or all functions of the some or all parts in security detection equipment according to the embodiment of the present invention to equipment.The present invention for example can also be embodied as, for carrying out part or all equipment or device program (, computing equipment program and computing equipment program product) of method as described herein.Realizing program of the present invention and can be stored on computing equipment computer-readable recording medium like this, or can there is the form of one or more signal.Such signal can be downloaded and obtain from internet website, or provides on carrier signal, or provides with any other form.

It should be noted above-described embodiment the present invention will be described rather than limit the invention, and those skilled in the art can design alternative embodiment in the situation that do not depart from the scope of claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and is not listed as element or step in the claims.Being positioned at word " " before element or " one " does not get rid of and has a plurality of such elements.The present invention can be by means of including the hardware of some different elements and realizing by means of the computing equipment of suitably programming.In having enumerated the unit claim of some devices, several in these devices can be to carry out imbody by same hardware branch.The use of word first, second and C grade does not represent any order.Can be title by these word explanations.

Embodiments of the invention disclose A1, a kind of method of equipment being carried out to safety detection, comprising:

In described mobile device side, carry out described execution instruction.

A2, the method as described in A1, at described mobile device side joint, receive that described computing equipment side sends to the step of the safety detection request of mobile device before, also comprise:

A3, the method as described in A1 or A2, at described mobile device side joint, receive that described computing equipment side sends to the step of the safety detection request of mobile device before, also comprise:

A4, the method as described in A2, describedly at described mobile device side joint, receive the step to the safety detection request of mobile device that described computing equipment side sends and be:

A5, the method as described in A2, described mobile device side is provided with the first client-side program, describedly at described mobile device side joint, receives the step to the safety detection request of mobile device that described computing equipment side sends and is:

A6, the method as described in A5, the step that described the first client-side program is sent to described third party's application by described safety detection request comprises:

A7, the method as described in A1, described appointment detected object comprises one or more for the following service of mobile device: mobile device hangs horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, detect security service and whether open, detect mobile device and whether have mountain vallage application, detect on mobile device, whether have malice advertisement applications, Initiative Defense function open detection.

A8, the method as described in A1, described appointment detected object comprises one or more for the following service of mobile device: internal memory optimization detects, detect that the Stub File that whether has that daemon software, automatically actuated software detection, garbage data cleaning detect, cleaning buffer memory detects, exists after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detect.

A9, the method as described in A7 or A8, described safety detection result information comprises safety detection progress msg, correspondingly, described execution instruction comprises halt instruction, pause instruction, continuation execution instruction.

A10, the method as described in A7, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: mobile device is hung the reparation of horse leak, opened cloud killing, security service is upgraded, opened in dangerous software reparation, virus base, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function.

A11, the method as described in A8, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: Stub File, installation kit cleaning, large file consolidation, the cleaning of privacy vestige existing after automatically actuated software, garbage data cleaning, cleaning buffer memory, cleaning application unloading closed, closed to internal memory optimization, daemon software.

Embodiments of the invention also disclose B12, a kind of method of equipment being carried out to safety detection, comprising:

B13, the method as described in B12, before mobile device side described in described computing equipment side direction is sent the step of the safety detection request of mobile device, also comprise:

B14, the method as described in B12 or 13, before mobile device side described in described computing equipment side direction is sent the step of the safety detection request of mobile device, also comprise:

B15, the method as described in B12, described safety detection result information has the information of type identification, describedly in computing equipment side, according to execution instruction corresponding to described safety detection result Information generation the step that is sent to described mobile device side, comprises:

B16, the method as described in B12, described appointment detected object comprises one or more for the following service of mobile device: mobile device hangs horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, detect security service and whether open, detect mobile device and whether have mountain vallage application, detect on mobile device, whether have malice advertisement applications, Initiative Defense function open detection.

B17, the method as described in B12, described appointment detected object comprises one or more for the following service of mobile device: internal memory optimization detects, detect that the Stub File that whether has that daemon software, automatically actuated software detection, garbage data cleaning detect, cleaning buffer memory detects, exists after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detect.

B18, the method as described in B16 or B17, described safety detection result information comprises safety detection progress msg, correspondingly, described execution instruction comprises halt instruction, pause instruction, continuation execution instruction.

B19, the method as described in B16, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: mobile device is hung the reparation of horse leak, opened cloud killing, security service is upgraded, opened in dangerous software reparation, virus base, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function.

B20, the method as described in B17, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: Stub File, installation kit cleaning, large file consolidation, the cleaning of privacy vestige existing after automatically actuated software, garbage data cleaning, cleaning buffer memory, cleaning application unloading closed, closed to internal memory optimization, daemon software.

Embodiments of the invention also disclose 21, a kind of device that equipment is carried out to safety detection, comprising:

Embodiments of the invention also disclose C21, a kind of device that equipment is carried out to safety detection, comprising:

C22, the device as described in C21, also comprise:

C23, the device as described in C21 or C22, also comprise:

C24, the device as described in C22, described safety detection request receiving module is also suitable for:

Described execution command reception module is also suitable for:

Described execution instruction execution module is also suitable for:

C25, the device as described in C22, described safety detection request receiving module is also suitable for:

Described execution command reception module is also suitable for:

Described execution instruction execution module is also suitable for:

C26, the device as described in C25, described the first client-side program is sent to described third party's application by described safety detection request, is specially:

C27, the device as described in C21, described appointment detected object comprises one or more for the following service of mobile device: mobile device hangs horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, detect security service and whether open, detect mobile device and whether have mountain vallage application, detect on mobile device, whether have malice advertisement applications, Initiative Defense function open detection.

C28, the device as described in C21, described appointment detected object comprises one or more for the following service of mobile device: internal memory optimization detects, detect that the Stub File that whether has that daemon software, automatically actuated software detection, garbage data cleaning detect, cleaning buffer memory detects, exists after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detect.

C29, the device as described in C27 or C28, described safety detection result information comprises safety detection progress msg, correspondingly, described execution instruction comprises halt instruction, pause instruction, continuation execution instruction.

C30, the device as described in C27, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: mobile device is hung the reparation of horse leak, opened cloud killing, security service is upgraded, opened in dangerous software reparation, virus base, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function.

C31, the device as described in C28, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: Stub File, installation kit cleaning, large file consolidation, the cleaning of privacy vestige existing after automatically actuated software, garbage data cleaning, cleaning buffer memory, cleaning application unloading closed, closed to internal memory optimization, daemon software.

Embodiments of the invention also disclose D32, a kind of device that equipment is carried out to safety detection, comprising:

D33, the device as described in D32, also comprise:

D34, the device as described in D32 or D33, also comprise:

D35, the device as described in D32, described safety detection result information has the information of type identification, and described execution instruction sending module is also suitable for:

D36, the device as described in D32, described appointment detected object comprises one or more for the following service of mobile device: mobile device hangs horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, detect security service and whether open, detect mobile device and whether have mountain vallage application, detect on mobile device, whether have malice advertisement applications, Initiative Defense function open detection.

D37, the device as described in D32, described appointment detected object comprises one or more for the following service of mobile device: internal memory optimization detects, detect that the Stub File that whether has that daemon software, automatically actuated software detection, garbage data cleaning detect, cleaning buffer memory detects, exists after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detect.

D38, the device as described in D36 or D37, described safety detection result information comprises safety detection progress msg, correspondingly, described execution instruction comprises halt instruction, pause instruction, continuation execution instruction.

D39, the device as described in D36, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: mobile device is hung the reparation of horse leak, opened cloud killing, security service is upgraded, opened in dangerous software reparation, virus base, mountain vallage application is repaired, the reparation of malice advertisement applications, open Initiative Defense function.

D40, the device as described in D37, described safety detection result information comprises safety detection result, correspondingly, described execution instruction comprises following one or more: Stub File, installation kit cleaning, large file consolidation, the cleaning of privacy vestige existing after automatically actuated software, garbage data cleaning, cleaning buffer memory, cleaning application unloading closed, closed to internal memory optimization, daemon software.

Claims

1. equipment is carried out to a method for safety detection, comprising:

In described mobile device side, carry out described execution instruction.

2. the method for claim 1, is characterized in that, at described mobile device side joint, receive that described computing equipment side sends to the step of the safety detection request of mobile device before, also comprise:

3. method as claimed in claim 1 or 2, is characterized in that, at described mobile device side joint, receive that described computing equipment side sends to the step of the safety detection request of mobile device before, also comprise:

4. method as claimed in claim 2, is characterized in that, describedly at described mobile device side joint, receives the step to the safety detection request of mobile device that described computing equipment side sends and is:

5. method as claimed in claim 2, is characterized in that, described mobile device side is provided with the first client-side program, describedly at described mobile device side joint, receives the step to the safety detection request of mobile device that described computing equipment side sends and is:

6. the method for claim 1, it is characterized in that, described appointment detected object comprises one or more for the following service of mobile device: mobile device hangs horse Hole Detection, detect and whether open cloud killing, whether detect dangerous software, detect and whether upgraded virus base, detect security service and whether open, detect mobile device and whether have mountain vallage application, detect on mobile device, whether have malice advertisement applications, Initiative Defense function open detection.

7. the method for claim 1, it is characterized in that, described appointment detected object comprises one or more for the following service of mobile device: internal memory optimization detects, detect that the Stub File that whether has that daemon software, automatically actuated software detection, garbage data cleaning detect, cleaning buffer memory detects, exists after cleaning application unloading detects, installation kit cleaning detects, large file consolidation, the cleaning of privacy vestige detect.

8. equipment is carried out to a method for safety detection, comprising:

9. equipment is carried out to a device for safety detection, comprising:

10. equipment is carried out to a device for safety detection, comprising: