CN104021340A - Method and device for detecting installation of malicious applications - Google Patents
Method and device for detecting installation of malicious applications Download PDFInfo
- Publication number
- CN104021340A CN104021340A CN201410280930.7A CN201410280930A CN104021340A CN 104021340 A CN104021340 A CN 104021340A CN 201410280930 A CN201410280930 A CN 201410280930A CN 104021340 A CN104021340 A CN 104021340A
- Authority
- CN
- China
- Prior art keywords
- application
- unique identification
- database
- identification
- installing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
Abstract
The embodiment of the application discloses a method and a device for detecting installation of malicious applications. The method comprises the following steps: scanning a unique identifier of an application installed in terminal equipment, searching to determine that whether the scanned unique identifier exists in an identification database or not, and if not, determining that the application corresponding to the scanned unique identifier is malicious, wherein the identification database is used for storing unique identifiers of applications installed by an application installation manager. According to the technical scheme, the detection does not depend on information of an application signer, the detection reliability is high, and the user requirements can be met.
Description
Technical field
The application relates to technical field of electronic equipment, relates in particular detection method and device that a kind of malicious application is installed.
Background technology
Along with the fast development of electronic device technology, increasing terminal device is applied in the every field of people's life.Such as mobile phone, smart mobile phone, intercom, notebook, computing machine etc., people, when using these terminal devices, can install various dissimilar application, to meet real life amusement demand in terminal device.Such as the application of types such as paying application, game application, office application can be installed.
But because application shop is varied, mobile shop, the leading mobile application shop of terminal manufacturer of applying that mobile application shop, the mobile operator dominating such as operating system developer dominates, and application shop is all not identical to the safety standards of application, means that a lot of malicious application can be installed to mourn in silence in the process of user installation valid application or be illegally mounted in terminal device with other malice seating meanses.Malicious application may be stolen userspersonal information may cause user's property safety when serious, and malicious application also may affect the normal use of other valid application.Therefore, whether user need to detect application when using terminal device is that malice is installed, and unloads in time this application of maliciously installing and avoids causing damage.
The detection technique scheme that prior art malicious application is installed is: developer's information of first obtaining application, in developer's behavior record of preserving in database beyond the clouds again, check whether this developer had malicious act record to judge that whether current application is credible, if not, think that this application is the application that malice is installed.This technical scheme relies on the developer of high in the clouds database and application, developer's information can arbitrarily be forged, and in the database of high in the clouds, cannot preserve all developer's behavior records, therefore, the reliability that this technical scheme detection of malicious application is installed is lower, cannot meet user's actual need.
Summary of the invention
In view of this, detection method and device that a kind of malicious application that the application provides is installed, by the unique identification of this application being kept in identification database in valid application installation process, the unique identification of the mounted application of end of scan, analyze whether the unique identification scanning is the unique identification in identification database, if not, can conclude that this application is not the application of legal installation, but the application that malice is installed.By this detection mode, can detect exactly each application is maliciously installed, its detecting reliability is high, can meet user's actual need.
For achieving the above object, the application provides following technical scheme:
First aspect, the invention provides the detection method that a kind of malicious application is installed, and described method comprises:
The unique identification of mounted application in end of scan equipment;
In identification database, search and whether have scanned unique identification, described identification database is for preserving the unique identification of each application of installing through application installation manager;
If not, determine that application corresponding to unique identification scanning is that malice is installed.
Optionally, the unique identification of mounted application in described end of scan equipment, comprising:
The signing messages of mounted application in end of scan equipment;
In database, search and whether have scanned unique identification, described database, for preserving the unique identification of each application of installing through application installation manager, is specially:
In database, search and whether have scanned signing messages, described database is for preserving the signing messages of each application of installing through application installation manager;
Described definite application corresponding to unique identification scanning is that malice is installed, and is specially:
Determine that application corresponding to signing messages scanning is that malice is installed.
Optionally, described identification database is set up in the following manner:
When valid application is installed application, the unique identification of this valid application is obtained in described application installation manager, and the unique identification obtaining is saved to database, and this database is as identification database.
Optionally, in described end of scan equipment, before the unique identification of mounted application, described method also comprises:
Scan period is set;
The unique identification of the application of installing in described end of scan equipment, is specially according to the unique identification of the application of installing in set scan period automatic cycle end of scan equipment.
Optionally, after application malice corresponding to described definite unique identification scanning is installed, described method also comprises:
To user, send a warning message, to inform that user unloads the application that this is maliciously installed.
Second aspect, the invention provides the pick-up unit that a kind of malicious application is installed, and described device comprises:
Scanning element, for the unique identification of the mounted application of end of scan equipment;
Search unit, for searching in identification database, whether have scanned unique identification, if not, trigger determining unit; Described identification database is for preserving the unique identification of each application of installing through application installation manager;
Described determining unit, for determining that application corresponding to unique identification scanning is that malice is installed.
Optionally, described scanning element is specifically for the signing messages of mounted application in end of scan equipment;
, search unit and whether have scanned signing messages specifically for searching in database, described database is for preserving the signing messages of each application of installing through application installation manager;
Described determining unit is specifically for determining that application corresponding to signing messages scanning is that malice is installed.
Optionally, described in, searching the tag database using unit sets up by setting up unit;
The described unit of setting up, for when valid application is installed application, the unique identification of this valid application is obtained in described application installation manager, and the unique identification obtaining is saved to database, and this database is as identification database.
Optionally, described device also comprises:
Setting unit, for arranging the scan period;
Described scanning element is specifically for the unique identification of the application of installing in the scan period automatic cycle end of scan equipment according to set.
Optionally, described device also comprises:
Alarm Unit, for sending a warning message to user, to inform that user unloads the application that this is maliciously installed.
Detection method and device that a kind of malicious application that the application provides is installed, by the unique identification of mounted application in end of scan equipment; In identification database, search and whether have scanned unique identification, owing to preserving the unique identification of each application of installing through application installation manager in identification database; While there is not scanned unique identification in identification database, determine that the application corresponding to unique identification of searching is that malice is installed, the malice that this detection mode can detect in terminal device is exactly installed application, it does not rely on developer's information, and its reliability is high can meet user's actual need.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present application or technical scheme of the prior art, to the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described below, apparently, accompanying drawing in the following describes is only the application's embodiment, for those of ordinary skills, do not paying under the prerequisite of creative work, other accompanying drawing can also be provided according to the accompanying drawing providing.
Fig. 1 is the process flow diagram of the detection method embodiment 1 of the embodiment of the present application malicious application installation;
Fig. 2 is the process flow diagram of the detection method embodiment 2 of the embodiment of the present application malicious application installation;
Fig. 3 is the structural drawing of the pick-up unit embodiment 1 of the embodiment of the present application malicious application installation.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is clearly and completely described, obviously, described embodiment is only the application's part embodiment, rather than whole embodiment.Embodiment based in the application, those of ordinary skills are not making the every other embodiment obtaining under creative work prerequisite, all belong to the scope of the application's protection.
Referring to Fig. 1, Fig. 1 is the process flow diagram of the detection method embodiment 1 of the embodiment of the present application malicious application installation; The technical scheme that the present embodiment provides comprises the following steps:
Step 101, the unique identification of mounted application in end of scan equipment.
Terminal device can be the equipment that mobile phone, panel computer, notebook computer, computing machine, smart mobile phone etc. have mounting software function.
Application supplier provides the unique identification of this application while issuing every a application, as the term suggests unique identification is can only application corresponding to unique identification.Title, numbering, issuing time that can comprise this application in unique identification etc. applied relevant information with this.Unique identification can be data, letter, image or its array configuration, can be also other forms such as Quick Response Code.Its unique identification of different editions of same type application also differs from one another, such as the unique identification of the different editions of Alipay application is all not identical.
In practical application scene, user can and be arranged on terminal device from any application shop down load application, also can obtain from other places application and be arranged on terminal device, the installation process of these valid application must be permitted through user.The application that user initiatively triggers is installed, and whole installation process is controlled in the application installation manager in terminal device system, confirms interface, so that user permits installation behavior for user provides to install.But some Malwares, such as the softwares such as wooden horse, virus can clearly not pointed out user or without user's license, install voluntarily, or distort original valid application on terminal device, make it become malicious application.Malicious application there will be solar obligation, malice unloading, malice binding, Browser Hijack, malice to collect the harm such as user profile.Malicious application can be obtained root authority, by some illegal means, hide the installation behavior of self, the control of the application installation manager in terminal device system can be deliberately skipped in the installation of malicious application, the installation process of malicious application cannot be employed installation manager monitoring, and its unique identification also cannot be stored in identification database.
Terminal device can be the equipment that mobile phone, panel computer, notebook computer, computing machine, smart mobile phone etc. have mounting software function.Mobile phone only take below as example, each step in the application's embodiment of the method 1 is explained.Other-end equipment all can be made adaptive processing according to the special circumstances of concrete equipment.At this, will not enumerate.
For mobile phone, the type of its operating system is also varied, such as Android Android, Saipan, W indows phone 7, blackberry, blueberry system etc., these systems all can arrange application installation manager, what is called should installation manager be actually a program software in system, the function of this program is to control the whole process that application is installed, and confirms service for user provides installation.
In addition, for terminal device, can in system, set in advance the scan period, follow-up scan operation can be made periodic scan to reach the periodically object of detection of malicious application according to the scan period.This cycle can be the fixed cycle, such as one hour, 12 hours, one day, one month etc.Also can be indefinite period, such as scanning and sweep spacing for the first time hour for the second time, scanning for the third time and sweep spacing for the second time two hours, the 4th scanning and sweep spacing for the third time three hours etc., be that each sweep interval is different, not periodically.Certainly, terminal device also can arrange scanning button (software or example, in hardware), by user's trigger sweep button, after terminal device receives key information, carries out scan operation.In actual applications, also can there is the form of other trigger sweep operations, at this, will not enumerate.
Step 102 is searched and whether is had scanned unique identification in identification database, and described identification database is for preserving the unique identification of each application of installing through application installation manager.If not, execution step 103.
Step 103, determines that application corresponding to unique identification scanning is that malice is installed.
Wherein, in tag database, set up in the following manner:
When valid application is installed application, the unique identification of this valid application is obtained in described application installation manager, and the unique identification obtaining is saved to database, and this database is as identification database.
The installation process of each valid application is controlled in application installation manager meeting in terminal device operating system, detailed process is: user selects application to be installed, when application installation manager prepares to install this application, to user, provide confirmation build-in services, such as confirming installation interface to one of user feedback, this interface has two to select one to be to confirm that one is to cancel; User can select to confirm to install, and also can select to cancel and install; Or, to user, send one and whether inquire about mount message, user can reply and determine installation, also can reply to cancel and install, when user selects to confirm to install, this application build-in services device obtains the unique identification of application to be installed, and this sign is kept in a database, and this database is referred to as to tag database.As can be seen here: all process users confirm that the unique identification of the valid application of installation all can be stored in tag database, and malicious application is applied according to the control of manager owing to skipping, and its sign can not be stored in this tag database.
In scanning terminal device during the unique identification of mounted application, ergodic data storehouse checks wherein whether preserve this unique identification, if had, shows that this unique identification is the unique identification of valid application, if no, show that the application that this unique identification is corresponding is that malice is installed.The application of installing in terminal device can comprise: the application of legal installation, the application of illegally being distorted, illegal application of installing etc., wherein to remove outside the application of legal installation, and other application is all referred to as the application that malice is installed.
Because the application numbers of installing in terminal device is more, may find a plurality of unique identifications, therefore, can in identification database, search successively the unique identification that whether has each scanned application, also can this search operation of executed in parallel.
In practical application scene, when definite application corresponding to unique identification is that malice is installed, this terminal device can this application of Self-tipping.Be that terminal device operating system is set in advance as: when finding the application that malice is installed, carry out at once the operation of Self-tipping application.
In practical application scene, when definite application corresponding to unique identification is that malice is installed, can send a warning message to user, to inform that user unloads the application that this is maliciously installed.That is, unloading operation is triggered by user, by user, determines whether unload the application that this is maliciously installed.
By above-described embodiment, can find out: the detection method that malicious application of the present invention is installed is that the angle of installing from valid application is considered, because valid application is installed and must be controlled and install through the application installation manager of terminal device system, in this process, again the unique identification of valid application is saved, so just can by searching the unique identification of preserving in database, to carry out application in identification terminal equipment be legal installation, based on this, can analyze the application that in terminal device, malice is installed, the method does not rely on developer's information, being kept at unique identification in data cannot be tampered, this process is closed process, therefore, the detecting reliability of the method is high, can meet user's actual need.
The most frequently used terminal device system is Android system in the market, take Android system below as real system scene, and preferred version of the present invention is further explained to explanation.
Step 201, the signing messages of mounted application in end of scan equipment.
Android application signature refers in Android system, and all application that are installed to system all must have a mathematics certificate, and this mathematics certificate is used for identifying this application, is also referred to as signing messages.The signing messages of each Android application is not identical, even the different editions of same application, its signing messages is not identical yet.
Signing messages is to utilize mathematics certificate signature technology to be encrypted to the relevant information of application the information of obtaining.The relevant information of application can comprise any or its much information that application developer information, Apply Names, application numbers etc. are relevant to this application.
This scan operation can be to set in advance trigger condition by Android system, and such as the scan period is set, this scan period can be fixed, and can be also unfixed.Certainly, also button can be set on terminal device, for trigger sweep operation, this button can be hardware can be also software.
Step 202 is searched and whether is had scanned signing messages in database, and described database is for preserving the signing messages of each application of installing through application installation manager.If not, execution step 203.
Step 203, determines that application corresponding to signing messages scanning is that malice is installed.
Android system has unique signature mechanism, and this unique signature mechanism specifically refers to: as long as each Android application has a bit, change, the signing messages of its correspondence will change, so can utilize the uniqueness of this signature to verify whether application was tampered.Application for each legal installation, so-called legal installation refers to the signing messages that can obtain application by the built-in application installation manager of Android system (can be software module), then this signing messages is left in an identification database, as the unique identification of this application, the application of installing for follow-up identification terminal equipment whether be tampered or be whether the foundation that malice is installed.
It is the control of wanting the application installation manager of bypass system that malice is installed, therefore, its signing messages can not be stored in identification database, in addition, valid application in terminal device is maliciously tampered, and its signing messages also can change, now, signing messages after this variation can not be stored in identification database yet, and the application after malice is distorted is also referred to as the application that malice is installed.Whether therefore, can come by the signing messages of having preserved in signed data, in identification terminal equipment, application has been installed is that malice is installed.
When determining that an application is malice while installing, Android system afterwards platform independent unloads this application is maliciously installed; Also can, to user feedback warning information, to inform that user unloads the application that this is maliciously installed, finally by user, determine whether unload the application that this is maliciously installed.
By above-described embodiment, can find out: preferred version of the present invention is in conjunction with unique signature mechanism of Android system, by application has been installed in signing messages identification terminal equipment, whether be that malice is installed, the method simple possible, without relying on application developer information, its identification certainty is high, can meet user's actual need.
Technique scheme is only a kind of preferred version under the environment of Android system, in actual applications, also there are other operating systems, under other operating system environments, can realize according to technical solution of the present invention the detection method of malicious application equally, its basic thought is consistent, at this, will not enumerate.
Corresponding with said method embodiment 1, the invention provides the pick-up unit that malicious application is installed.
Referring to Fig. 3, Fig. 3 is the pick-up unit that embodiment of the present invention malicious application is installed, and below in conjunction with this device principle of work, function and the annexation thereof of inner each unit of this device is further explained to explanation.As shown in Figure 3, this device can comprise:
Scanning element 301, for the unique identification of the mounted application of end of scan equipment;
Search unit 302, for searching in identification database, whether have scanned unique identification, if not, trigger determining unit; Described identification database is for preserving the unique identification of each application of installing through application installation manager;
Described determining unit 303, for determining that application corresponding to unique identification scanning is that malice is installed.
Optionally, described scanning element is specifically for the signing messages of mounted application in end of scan equipment;
, search unit and whether have scanned signing messages specifically for searching in database, described database is for preserving the signing messages of each application of installing through application installation manager;
Described determining unit is specifically for determining that application corresponding to signing messages scanning is that malice is installed.
Optionally, described in, searching the tag database using unit sets up by setting up unit;
The described unit of setting up, for when valid application is installed application, the unique identification of this valid application is obtained in described application installation manager, and the unique identification obtaining is saved to database, and this database is as identification database.
Optionally, described device also comprises:
Setting unit, for arranging the scan period;
Described scanning element is specifically for the unique identification of the application of installing in the scan period automatic cycle end of scan equipment according to set.
Optionally, described device also comprises:
Alarm Unit, for sending a warning message to user, to inform that user unloads the application that this is maliciously installed.
By above-described embodiment, can find out: pick-up unit provided by the invention can utilize the unique identification mechanism of the application of legal installation, by checking whether the unique identification of mounted application in terminal device is present in identification database, if there is no, determine that this application is that malice is installed, this detection principle can improve detecting reliability, meets user's actual need.
This device can be applied in any one terminal device that application can be installed, and can be also example, in hardware with form of software, or the form of software and hardware combining.
It should be noted that, in this article, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thereby the process, method, article or the equipment that make to comprise a series of key elements not only comprise those key elements, but also comprise other key elements of clearly not listing, or be also included as the intrinsic key element of this process, method, article or equipment.The in the situation that of more restrictions not, the key element being limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment that comprises described key element and also have other identical element.
Also it should be noted that, each embodiment in this instructions all adopts the mode of going forward one by one to describe, between each embodiment identical similar part mutually referring to, each embodiment stresses is the difference with other embodiment.Especially, for device embodiment, because it is substantially similar in appearance to embodiment of the method, so describe fairly simplely, relevant part is referring to the part explanation of embodiment of the method.Device embodiment described above is only schematically, and wherein the unit as separating component explanation can or can not be also physically to separate.Can select according to the actual needs some or all of unit wherein to realize the present invention program's object.Those of ordinary skills, in the situation that not paying creative work, are appreciated that and implement.
As seen through the above description of the embodiments, those skilled in the art can be well understood to the mode that the application can add essential general hardware platform by software and realizes.Understanding based on such, the part that the application's technical scheme contributes to prior art in essence in other words can embody with the form of software product, this software product can be stored in storage medium, as ROM/RAM, magnetic disc, CD etc., comprise that some instructions are with so that a station terminal equipment (can be personal computer, server, or the network equipment etc.) carry out the method described in some part of each embodiment of the application or embodiment.
Above-mentioned explanation to the disclosed embodiments, makes professional and technical personnel in the field can realize or use the application.To the multiple modification of these embodiment, will be apparent for those skilled in the art, General Principle as defined herein can be in the situation that do not depart from the application's spirit or scope, realization in other embodiments.Therefore, the application will can not be restricted to these embodiment shown in this article, but will meet the widest scope consistent with principle disclosed herein and features of novelty.
Claims (10)
1. the detection method that malicious application is installed, is characterized in that, described method comprises:
The unique identification of mounted application in end of scan equipment;
In identification database, search and whether have scanned unique identification, described identification database is for preserving the unique identification of each application of installing through application installation manager;
If not, determine that application corresponding to unique identification scanning is that malice is installed.
2. method according to claim 1, is characterized in that, the unique identification of mounted application in described end of scan equipment, comprising:
The signing messages of mounted application in end of scan equipment;
In database, search and whether have scanned unique identification, described database, for preserving the unique identification of each application of installing through application installation manager, is specially:
In database, search and whether have scanned signing messages, described database is for preserving the signing messages of each application of installing through application installation manager;
Described definite application corresponding to unique identification scanning is that malice is installed, and is specially:
Determine that application corresponding to signing messages scanning is that malice is installed.
3. method according to claim 1, is characterized in that,
Described identification database is set up in the following manner:
When valid application is installed application, the unique identification of this valid application is obtained in described application installation manager, and the unique identification obtaining is saved to database, and this database is as identification database.
4. method according to claim 1, is characterized in that, in described end of scan equipment, before the unique identification of mounted application, described method also comprises:
Scan period is set;
The unique identification of the application of installing in described end of scan equipment, is specially according to the unique identification of the application of installing in set scan period automatic cycle end of scan equipment.
5. method according to claim 1, is characterized in that, after application malice corresponding to described definite unique identification scanning is installed, described method also comprises:
To user, send a warning message, to inform that user unloads the application that this is maliciously installed.
6. the pick-up unit that malicious application is installed, is characterized in that, described device comprises:
Scanning element, for the unique identification of the mounted application of end of scan equipment;
Search unit, for searching in identification database, whether have scanned unique identification, if not, trigger determining unit; Described identification database is for preserving the unique identification of each application of installing through application installation manager;
Described determining unit, for determining that application corresponding to unique identification scanning is that malice is installed.
7. device according to claim 6, is characterized in that,
Described scanning element is specifically for the signing messages of mounted application in end of scan equipment;
, search unit and whether have scanned signing messages specifically for searching in database, described database is for preserving the signing messages of each application of installing through application installation manager;
Described determining unit is specifically for determining that application corresponding to signing messages scanning is that malice is installed.
8. device according to claim 6, is characterized in that, described in search the tag database using unit and set up by setting up unit;
The described unit of setting up, for when valid application is installed application, the unique identification of this valid application is obtained in described application installation manager, and the unique identification obtaining is saved to database, and this database is as identification database.
9. device according to claim 6, is characterized in that, described device also comprises:
Setting unit, for arranging the scan period;
Described scanning element is specifically for the unique identification of the application of installing in the scan period automatic cycle end of scan equipment according to set.
10. device according to claim 6, is characterized in that, described device also comprises:
Alarm Unit, for sending a warning message to user, to inform that user unloads the application that this is maliciously installed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410280930.7A CN104021340A (en) | 2014-06-20 | 2014-06-20 | Method and device for detecting installation of malicious applications |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410280930.7A CN104021340A (en) | 2014-06-20 | 2014-06-20 | Method and device for detecting installation of malicious applications |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104021340A true CN104021340A (en) | 2014-09-03 |
Family
ID=51438087
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410280930.7A Pending CN104021340A (en) | 2014-06-20 | 2014-06-20 | Method and device for detecting installation of malicious applications |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104021340A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106778270A (en) * | 2016-12-12 | 2017-05-31 | Tcl集团股份有限公司 | The detection method and system of a kind of malicious application |
| CN107094297A (en) * | 2016-11-09 | 2017-08-25 | 北京小度信息科技有限公司 | device identification method and device |
| CN105718788B (en) * | 2016-01-19 | 2018-12-25 | 宇龙计算机通信科技(深圳)有限公司 | A kind of malicious application processing method, device and terminal |
| CN110286920A (en) * | 2019-06-21 | 2019-09-27 | 上海掌门科技有限公司 | A kind of method and apparatus of installation application |
| CN111107078A (en) * | 2019-12-16 | 2020-05-05 | 深圳前海达闼云端智能科技有限公司 | Application access method, robot control unit, server and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1728035A (en) * | 2005-07-27 | 2006-02-01 | 毛德操 | Implementing method for controlling computer virus through proxy technique |
| CN102750491A (en) * | 2012-06-05 | 2012-10-24 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for restricting terminals from mounting or upgrading third-party application programs |
| CN103473498A (en) * | 2013-09-12 | 2013-12-25 | 深圳市文鼎创数据科技有限公司 | Application program security verification method and terminal |
| WO2014012441A1 (en) * | 2012-07-16 | 2014-01-23 | Tencent Technology (Shenzhen) Company Limited | Method and apparatus for determining malicious program |
-
2014
- 2014-06-20 CN CN201410280930.7A patent/CN104021340A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1728035A (en) * | 2005-07-27 | 2006-02-01 | 毛德操 | Implementing method for controlling computer virus through proxy technique |
| CN102750491A (en) * | 2012-06-05 | 2012-10-24 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for restricting terminals from mounting or upgrading third-party application programs |
| WO2014012441A1 (en) * | 2012-07-16 | 2014-01-23 | Tencent Technology (Shenzhen) Company Limited | Method and apparatus for determining malicious program |
| CN103473498A (en) * | 2013-09-12 | 2013-12-25 | 深圳市文鼎创数据科技有限公司 | Application program security verification method and terminal |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105718788B (en) * | 2016-01-19 | 2018-12-25 | 宇龙计算机通信科技(深圳)有限公司 | A kind of malicious application processing method, device and terminal |
| CN107094297A (en) * | 2016-11-09 | 2017-08-25 | 北京小度信息科技有限公司 | device identification method and device |
| CN107094297B (en) * | 2016-11-09 | 2020-03-06 | 北京星选科技有限公司 | Equipment identification method and device |
| CN106778270A (en) * | 2016-12-12 | 2017-05-31 | Tcl集团股份有限公司 | The detection method and system of a kind of malicious application |
| CN106778270B (en) * | 2016-12-12 | 2020-07-21 | Tcl科技集团股份有限公司 | Malicious application detection method and system |
| CN110286920A (en) * | 2019-06-21 | 2019-09-27 | 上海掌门科技有限公司 | A kind of method and apparatus of installation application |
| CN111107078A (en) * | 2019-12-16 | 2020-05-05 | 深圳前海达闼云端智能科技有限公司 | Application access method, robot control unit, server and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109525558B (en) | Data leakage detection method, system, device and storage medium | |
| JP6334069B2 (en) | System and method for accuracy assurance of detection of malicious code | |
| US10505983B2 (en) | Enforcing enterprise requirements for devices registered with a registration service | |
| US8578174B2 (en) | Event log authentication using secure components | |
| CN104199654A (en) | Open platform calling method and device | |
| CN104021340A (en) | Method and device for detecting installation of malicious applications | |
| JP5363305B2 (en) | Method for determining the ID of an electronic device | |
| US20160269895A1 (en) | Device diagnostic and data retrieval | |
| US20090113548A1 (en) | Executable Download Tracking System | |
| CN105337997A (en) | Log-in method of application client and relevant device | |
| CN113489713A (en) | Network attack detection method, device, equipment and storage medium | |
| CN109684863B (en) | Data leakage prevention method, device, equipment and storage medium | |
| CN110956722A (en) | Method, equipment and storage medium for alarming abnormity of intelligent lock | |
| US11281773B2 (en) | Access card penetration testing | |
| CN106548065A (en) | Application program installs detection method and device | |
| CN109784051B (en) | Information security protection method, device and equipment | |
| KR101586048B1 (en) | System, Server, Method and Recording Medium for Blocking Illegal Applications, and Communication Terminal Therefor | |
| CN108650123B (en) | Fault information recording method, device, equipment and storage medium | |
| CN106953874B (en) | Website falsification-proof method and device | |
| US20240005008A1 (en) | Monitoring information-security coverage to identify an exploitable weakness in the information-securing coverage | |
| US20190220716A1 (en) | Barcode-based enrollment of devices with a management service | |
| CN108647516B (en) | Method and device for defending against illegal privilege escalation | |
| CN105069356A (en) | Detection method and device of application program | |
| CN103366115B (en) | Safety detecting method and device | |
| CN113824748B (en) | Asset characteristic active detection countermeasure method, device, electronic equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140903 |