CN104091071A - Risk determining method and device for application programs - Google Patents

Risk determining method and device for application programs Download PDF

Info

Publication number
CN104091071A
CN104091071A CN201410326061.7A CN201410326061A CN104091071A CN 104091071 A CN104091071 A CN 104091071A CN 201410326061 A CN201410326061 A CN 201410326061A CN 104091071 A CN104091071 A CN 104091071A
Authority
CN
China
Prior art keywords
application
application program
risk
safety value
relation
Prior art date
Application number
CN201410326061.7A
Other languages
Chinese (zh)
Other versions
CN104091071B (en
Inventor
祝恒书
于魁飞
Original Assignee
北京智谷睿拓技术服务有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京智谷睿拓技术服务有限公司 filed Critical 北京智谷睿拓技术服务有限公司
Priority to CN201410326061.7A priority Critical patent/CN104091071B/en
Publication of CN104091071A publication Critical patent/CN104091071A/en
Application granted granted Critical
Publication of CN104091071B publication Critical patent/CN104091071B/en

Links

Abstract

The embodiment of the invention discloses a risk determining method and device for application programs. The method includes the steps that at least one application relation between at least one application program and multiple authorities is determined; the weight of each application relation in all the application relations is determined; the application safety risk value of each application program in all the application programs is determined according to the weight of the corresponding application relation; and safety grading is conducted on the application programs according to the application safety risk values of all the application programs. According to the technical scheme, the application safety risk values of the application programs are determined according to a bigraph model, in addition, safety grading is conducted on the application programs, and a user can select the application program with the proper safety grade according to the safety privacy need of the user.

Description

The risk of application program is determined method and determining device

Technical field

The application relates to a kind of data processing method, and the risk that relates in particular to a kind of application program is determined technical scheme.

Background technology

Along with the high speed development of mobile device and mobile Internet, there is explosive growth in the quantity of mobile applications in recent years.Meanwhile, the function of mobile applications is expanded greatly, in order to abundant and meet the various demands of user, for example: location-based service (Location Based Services, LBS), service (Social Networking Services, SNS) based on social platform, etc.In fact, these abundant functions depend on the rights of using of various user data and equipment, for example position access right, address list access right, note access right etc.The use of these access rights, make user produce the worry for self privacy, safety, thereby increasing user wishes to understand the authority access security of application program.

Summary of the invention

The application's object is: the technical scheme that a kind of risk class of definite application program is provided.

First aspect, embodiment of the application provides a kind of risk of application program to determine method, comprising:

Determine at least one application relation between at least one application program and multiple authority; Wherein, the each application relation in described at least one application relation is corresponding to the authority in multiple authorities described in the application program in described at least one application program;

Determine the weights of each application relation in described at least one application relation;

Determine the application safety value-at-risk of each application program in described at least one application program according to described weights corresponding to described each application relation;

According to the described application safety value-at-risk of described each application program, described at least one application program is carried out to safe class division.

Second aspect, embodiment of the application provides a kind of risk determining device of application program, comprising:

Application is related to determination module, for determining at least one application relation between at least one application program and multiple authority; Wherein, the each application relation in described at least one application relation is corresponding to the authority in multiple authorities described in the application program in described at least one application program;

Weights determination module, for determining the weights of the each application relation of described at least one application relation;

Value-at-risk determination module, for determining the application safety value-at-risk of the each application program of described at least one application program according to described weights corresponding to described each application relation;

Grade classification module, carries out safe class division for the described application safety value-at-risk according to described each application program to described at least one application program.

At least one embodiment of the embodiment of the present application is set up the bigraph (bipartite graph) model of application program and authority by the weights of the application relation between definite application program and authority and described application relation, determine the application safety value-at-risk of application program according to this bigraph (bipartite graph) model; In addition, be difficult to the security risk of clear and definite aware application according to application safety value-at-risk for fear of user, the embodiment of the present application also application programs is carried out safe class division, facilitates user need to select the application program of suitable safe class according to the safe privacy of oneself.

Brief description of the drawings

Fig. 1 is the process flow diagram that the risk of a kind of application program of the embodiment of the present application is determined method;

Fig. 2 is the bigraph (bipartite graph) schematic diagram that the risk of a kind of application program of the embodiment of the present application is determined application program and authority in method;

Fig. 3 is the structural representation block diagram of the risk determining device of a kind of application program of the embodiment of the present application;

Fig. 4 is the structural representation block diagram of the risk determining device of the another kind of application program of the embodiment of the present application;

Fig. 5 is the structural representation block diagram of the weights determining unit of the risk determining device of a kind of application program of the embodiment of the present application;

Fig. 6 a and Fig. 6 b are respectively the structural representation block diagram of the grade classification module of the risk determining device of the embodiment of the present application two all application programs;

Fig. 7 is the structural representation block diagram of a kind of electronic equipment of the embodiment of the present application;

Fig. 8 is the structural representation block diagram of the risk determining device of another application program of the embodiment of the present application.

Embodiment

Below in conjunction with accompanying drawing (in some accompanying drawings, identical label represents identical element) and embodiment, the application's embodiment is described in further detail.Following examples are used for illustrating the application, but are not used for limiting the application's scope.

It will be understood by those skilled in the art that the term such as " first ", " second " in the application, only for distinguishing different step, equipment or module etc., neither represents any particular technology implication, also do not represent the inevitable logical order between them.

For an application program that is applied to a subscriber equipment, it may apply for the authority that uses at least one data of this subscriber equipment to use, the rights of using of the picture data of for example storing in a multipad application subscriber equipment.Present inventor finds, in the time that the security risk of application programs is assessed, takes relation potential between application program and authority into consideration and can improve the accuracy of assessment.

As shown in Figure 1, the embodiment of the present application provides a kind of risk of application program to determine method, comprising:

S110 determines at least one application relation between at least one application program and multiple authority; Wherein, the each application relation in described at least one application relation is corresponding to the authority in multiple authorities described in the application program in described at least one application program;

S120 determines the weights of each application relation in described at least one application relation;

S130 determines the application safety value-at-risk of each application program in described at least one application program according to described weights corresponding to described each application relation;

S140 carries out safe class division according to the described application safety value-at-risk of described each application program to described at least one application program.

At least one application program described in the embodiment of the present application can be an application program, can be also multiple application programs, and the embodiment below the embodiment of the present application is described taking described at least one application program as multiple application programs.Between described multiple application program and described multiple authority, there are multiple application relations.

As shown in Figure 2, in the embodiment of the present application, inventor considers the characteristic of application program and authority, has proposed the model based on bigraph (bipartite graph), determines the relation between application program and authority.Wherein, the first group node using multiple application programs in bigraph (bipartite graph), the second group node using multiple authorities in bigraph (bipartite graph), connection between two group nodes is determined by the application relation of application program and authority,, an application program that and if only if when one authority, between described application program and described authority, there is application relation, set up and have connection.

For instance, the risk determining device of application program provided by the invention, as the executive agent of the present embodiment, is carried out S110~S140.Particularly, described determining device can be arranged in subscriber equipment or server apparatus in the mode of software, hardware or software and hardware combining.

The embodiment of the embodiment of the present application is set up the bigraph (bipartite graph) model of application program and authority by the weights of the application relation between definite application program and authority and described application relation, determine the application safety value-at-risk of application program according to this bigraph (bipartite graph) model; In addition, be difficult to the security risk of clear and definite aware application according to application safety value-at-risk for fear of user, the embodiment of the present application also application programs is carried out safe class division, facilitates user need to select the application program of suitable safe class according to the safe privacy of oneself.

Further illustrate each step of the embodiment of the present application method below in conjunction with the bigraph (bipartite graph) shown in Fig. 2:

In the embodiment of the present application, represent the relation between the multiple application programs of the embodiment of the present application and multiple authority by the bigraph (bipartite graph) shown in Fig. 2, wherein said bigraph (bipartite graph) G can be expressed as: G={V, and E, W}, wherein,

V is set of node, has V={V a, V p,

V afor sets of applications, comprise described multiple application program a 1~a m, i.e. V a={ a 1,, a m, the number that M is described multiple application programs, is positive integer;

V pfor authority set, comprise described multiple authority p 1~p n, i.e. V p={ p 1,, p n; N is the number of described multiple authorities, is positive integer;

E is application set of relations, wherein, and the application program a in described multiple application programs that and if only if iapply for the authority p in described multiple authority jtime, exist an application to be related to e ij∈ E;

W is weights collection, a weight w ij∈ W represents that described application is related to e ijweights.

In embodiment as shown in Figure 2, bigraph (bipartite graph) comprises 4 application program a 1~a 4, 3 authority p 1~p 3, (in embodiment illustrated in fig. 2, described application program a 1~a 4be respectively: bird (game class), cut fruit (game class), the types of facial makeup in Beijing operas (social class) and the wheat piece (game class) of indignation; Described authority p1 represents to read contact person for reading mobile phone state, authority p2 for access exact position, authority p3); Application set of relations comprises 8 application relations (representing by the line between application program and authority in Fig. 2): e 11, e 12, e 21, e 22, e 32, e 33, e 42and e 43, they respectively corresponding weights be 0.3,0.7,0.2,0.8,0.5,0.5,0.4 and 0.6.

In the embodiment of the present application, described weight w ijrepresent described application program a iwith described authority p jcorrelativity.In a kind of possible embodiment, described weight w ijrepresent described application program a iapply for described authority p jprobability.Here application program a iapplication authority p jprobability refer to, at definite described application program a ibefore having applied for which authority, its application authority p jpossibility.For example, be related to e for the application in Fig. 2 11, 0.3 represents application program a 1application authority p 1probability be 0.3.

Certainly,, in other possible embodiment, described weights can also be according to other according to determining, represent the degree of correlation between application program and authority, especially, in a kind of possible embodiment, can determine described weights according to user's setting instruction.

As described above, in a kind of possible embodiment of the embodiment of the present application, described step S120 is determining when described weights, can determine according to the probability of authority described in described application program corresponding to described each application relation the weights of described each application relation.

In the embodiment of the present application, can obtain described probability according to historical data.Alternatively, in a kind of possible embodiment, can determine corresponding described weights according to the authority application historical data of all application programs in the application class under described application program corresponding to described each application relation.In the present embodiment, described application class can be the classification of dividing according to the function of described application program, for example, play, office, map etc.; Can also be the classification of carrying out according to the developer of application program, or can also be Cluster Classification carrying out according to the similarity of application program other side etc. etc.Certainly, those skilled in the art can know, described application class can also be the classification that other criteria for classification is carried out.

Alternatively, in a kind of possible embodiment of the embodiment of the present application, can obtain described weights according to the ratio of multiple frequency sums of multiple authorities described in the frequency of authority described in all application program in the described application class under described application program and described all application program SEPARATE APPLICATION.Can represent by formula below:

w ij = f ij Σ p j ∈ V p f ij ,

Wherein f ijrepresent described application program a iapplication program authority p in affiliated described application class jfrequency.

In a kind of possible embodiment of the embodiment of the present application, in order to obtain normalized frequency, the quantity of application program that can be by having applied for an authority in described application class obtains described frequency corresponding to described authority with the ratio of all application programs in this application class.Certainly,, in other possible embodiment of the embodiment of the present application, can also determine described frequency by alternate manner.

In other possible embodiment of the embodiment of the present application, except the above-mentioned demand frequency according to authority is determined the weights of described each application relation, can also determine described weights according to other parameter, for example outside priori, described priori can be for example that suggestion, other method of expert of the art calculated the correlation between application program and authority etc.

In a kind of possible embodiment of the embodiment of the present application, alternatively, described step S130 can make the application safety value-at-risk of the application program obtaining more accurate by least one constraint.

In a kind of possible embodiment, described at least one constraint comprises one first constraint, and described the first constraint comprises:

In described multiple application relation, weights corresponding to an application relation are higher, and the legal power safety value-at-risk of the application safety value-at-risk of application program corresponding to the described application relation authority corresponding with described application relation is more close.

In the embodiment of the present application, described application safety value-at-risk represents the security risk size of corresponding application program, and described legal power safety value-at-risk represents the security risk size of corresponding authority.

Those skilled in the art can know, the leading relation between application program and authority has been considered in described the first constraint.Wherein, the weights of an application program and an authority are higher, and the correlativity between the two is stronger, in the time that one of them risk is high, another inevitable also can be high, vice versa.Taking the embodiment shown in Fig. 2 as example, for authority p 2, 4 applications of its correspondence are related to e 12, e 22, e 32and e 42corresponding weights are 0.7,0.8,0.5 and 0.4 respectively, therefore, can know authority p according to described the first constraint 2legal power safety value-at-risk should with application program a 2application safety value-at-risk the most approaching.

Optionally, in a kind of possible embodiment, described at least one constraint also comprises one second constraint, and described the second constraint comprises:

The authority application situation of two application programs in described multiple application program is more similar, and the application safety value-at-risk of described two application programs is more close.

In the present embodiment, described authority application situation comprises: the weights corresponding to application relation of the authority of application program and application program authority.Wherein, more similar when the authority of two application program, apply for that the weights of identical authority are more similar simultaneously, the application safety value-at-risk of the two should be more close.Application program a as shown in Figure 2 1with application program a 1all apply for authority p 1with authority p 2, with application program a 3or application program a 4compare, now, the application safety value-at-risk of these two application programs should be more approaching; In addition, these two application programs have not only been applied for identical authority, its SEPARATE APPLICATION authority p 1with authority p 2weights also close, therefore predictably, application program a 1with application program a 2application safety value-at-risk should be more close.Equally, application program a 3with application program a 4application safety value-at-risk should be also more close.Certainly application program a, 1or application program a 2with application program a 3or application program a 4application safety value-at-risk should be more not close.

Alternatively, in a kind of possible embodiment, can come application program, for example application program a described in vector representation by the weights of all application relations corresponding to an application program ibe expressed as wherein, described vector comprise N element, correspond respectively to successively N authority, wherein, in the time of described application program one authority, corresponding element is corresponding weights; As described application program a iwhile not applying for an authority, with 0 replace this element (now can regard described application program a as ithe weights of applying for this authority are 0); Application program a jbe expressed as for example, in the embodiment shown in Fig. 2, application program a 1corresponding vector the 0 expression application program a here 1do not apply for authority p 3.Now can determine by vectorial cosine distance corresponding to these two application programs the similarity of these two application programs:

s ij a = Cos ( a → i , a → j ) = a → i · a → j | | a → i | | · | | a → j | |

Certainly, those skilled in the art can know, other also can determine for the embodiment of the present application the similarity degree of two application programs for representing the method for similarity between two vectors, for example, can determine described two vectorial similarities by the Euclidean distance between two vectors or KL distance (Kullback-Leibler Divergence).

Optionally, in a kind of possible embodiment, described at least one constraint also comprises one the 3rd constraint, and described the 3rd constraint comprises:

For two authorities in described multiple authorities, described two authorities to be applied situation more similar, the legal power safety value-at-risk of described two authorities is more close.

In the embodiment of the present application, the situation that is applied of described authority comprises the weights of applying for the corresponding application relation of authority described in the application program of described authority and described application program.Wherein, the application program of two authorities of application is more similar, the weights of the application relation of two authorities are more similar described in simultaneously identical application program SEPARATE APPLICATION, and legal power safety value-at-risk corresponding to described two authorities is more close.Still taking the embodiment shown in Fig. 2 as example, can find out authority p 1with authority p 2be employed program a simultaneously 1with application program a 2applied for, the two is employed respectively program a simultaneously 1with application program a 2the weights of application are similar, authority p 2with authority p 3be employed again program a simultaneously 3with application program a 4application, and authority p 1with authority p 3not by identical application program, therefore can know, at authority p 2with authority p 3in, authority p 1legal power safety value-at-risk more approach authority p 2legal power safety value-at-risk.Those skilled in the art can know, if authority p 3only be employed program a 1with application program a 2application, authority p 1with authority p 3legal power safety value-at-risk can be more approaching.

Same optional, in a kind of possible embodiment, can come authority, for example authority p described in vector representation by the weights of all application relations corresponding to an authority ibe expressed as , wherein, described vector comprise M element, correspond respectively to successively M application program, wherein, as authority p described in an application program itime, corresponding element is corresponding weights; When an application program is not applied for described authority p itime, replace this element (now can regard the weights of authority described in described application program as is 0) with 0; Authority p jbe expressed as for example, in the embodiment shown in Fig. 2, authority p 1corresponding vector here two 0 represent respectively application program a 3and a 4do not apply for authority p 1.Now can determine by vectorial cosine distance corresponding to these two authorities the similarity of these two authorities:

s ij p = Cos ( p → i , p → j ) = p → i · p → j | | p → i | | · | | p → j | |

Same, those skilled in the art can know, other also can determine for the embodiment of the present application the similarity degree of two authorities, for example Euclidean distance recited above for representing the method for similarity between two vectors.

More accurate for the application safety value-at-risk that makes to obtain, outside priori can also be incorporated in the calculating of application safety value-at-risk, therefore, alternatively, in a kind of possible embodiment, described at least one constraint also comprises one the 4th constraint, and described the 4th constraint comprises:

The application safety value-at-risk of described multiple application programs is consistent with the priori application safety value-at-risk of described multiple application programs respectively;

The legal power safety value-at-risk of described multiple authorities is consistent with the priori legal power safety value-at-risk of described multiple authorities respectively.

In the embodiment of the present application, the application safety value-at-risk of described multiple application programs and the legal power safety value-at-risk of multiple authorities respectively meaning consistent with priori application safety value-at-risk and priori legal power safety value-at-risk are that described application and legal power safety value-at-risk should meet priori, for example: the priori application safety value-at-risk of the first application program is greater than the priori application safety value-at-risk of the second application program, and the application safety value-at-risk of described the first application program generally also should be greater than the application safety value-at-risk of described the second application program.In the embodiment of the present application, introduce described the 4th constraint and can make the application safety value-at-risk of obtaining can converge to as soon as possible suitable scope.In a kind of possible embodiment, for an application program, may have multiple application safety value-at-risks and meet first, second, and third constraint above, so described the 4th constraint can help to determine that in multiple application safety value-at-risks corresponding to described application program, which is only more suitably application safety value-at-risk of this application program.

In the embodiment of the present application, described priori application safety value-at-risk and priori legal power safety value-at-risk can be respectively to obtain in several ways, for example, in some possible embodiments, can adopt corresponding security risk value that domain expert arranges, also can build a security classification according to Outer risks report and obtain corresponding security risk value or can also adopt the state-of-the-art safe mode of association area to obtain corresponding security risk value.Especially, in a kind of possible embodiment, can be by stating priori application safety value-at-risk and priori legal power safety value-at-risk described in user's default acquisition.

In a kind of possible embodiment of the embodiment of the present application, for make corresponding application and legal power safety value-at-risk to obtain efficiency higher, can adopt the naive Bayesian (Naive Bayes with information Priors, PNB) of information priori to obtain described priori application safety value-at-risk and priori legal power safety value-at-risk.

In a kind of possible embodiment of the embodiment of the present application, can retrain the application safety value-at-risk of determining each application program in described multiple application program according to described weights corresponding to described each application relation and recited above first to fourth.

For example, in a kind of possible embodiment, the definition one combination cost function of four constraints above, for example, be expressed as:

Q ( a , p ) = λ 2 · { Σ i | | R i a - R ~ i a | | 2 + Σ j | | R j p - R ~ j p | | 2 } + μ 2 · { Σ i , j s ij a | | R i a - R j a | | 2 + Σ ij s ij p | | R i p - R j p | | 2 } + 1 2 Σ i , j w ij | | R i a - R j p | | 2

Wherein, represent application program a iapplication safety value-at-risk, represent application program a ipriori application safety value-at-risk, represent authority p jlegal power safety value-at-risk, represent authority p jpriori legal power safety value-at-risk, Part I (part in first braces) has represented the 4th constraint recited above above, Part II (part in second braces) has represented described second and the 3rd constraint, and Part III has represented described the first constraint.Parameter lambda and μ be respectively described the 4th constraint parameter and described second and the 3rd constraint parameter, for controlling above-mentioned Part I and Part II, user can arrange this two parameters as required.Can find out, in the time that λ and μ are zero, the cost function of the embodiment of the present application is not subject to the constraint of described second, third and the 4th constraint, and only needs to consider described the first constraint.

Can find out, in order to meet constraint recited above, it is suitable to obtain with make described cost function as far as possible little.Therefore, in a kind of possible embodiment, described in can first giving with compose initial value, for example value between 0 to 1, in a kind of possible embodiment, for example, can make: upgrade this two values by the continuous iteration of gradient descent method again, until make described cost function be less than the threshold value of a setting.

Certainly, those skilled in the art can know, cost function be above only the embodiment of the present application for asking for a kind of possible mode of described application safety value-at-risk, can also obtain by other method the described application safety value-at-risk of the embodiment of the present application.

Alternatively, in a kind of possible embodiment of the embodiment of the present application, described step S130 can be:

Each application program in described multiple application programs:

Relatively default at least one Second Threshold and the described application safety value-at-risk of described each application program, determine the safe class of described each application program.

For example, in a kind of possible embodiment, described at least one Second Threshold for example can comprise a low Second Threshold and a high Second Threshold, and wherein, described low Second Threshold is less than described high Second Threshold; When the application safety value-at-risk of an application program is less than described low Second Threshold, the safe class that can determine described application program is low; When the application safety value-at-risk of an application program is more than or equal to described low Second Threshold, be less than described high Second Threshold, during the safe class that can determine described application program is simultaneously; When the application safety value-at-risk of an application program is more than or equal to described high Second Threshold, can determine that the safe class of described application program is for high.

Wherein, definition in the embodiment of the present application, the safe class of described application program is higher, and its security risk is less, otherwise larger.

In above-mentioned embodiment, the safe class of application program is divided into high, medium and low three grades, and certainly, those skilled in the art can know, as required, the safe class of described application program can also be other number, for example two-stage, Pyatyi etc.

Alternatively, in the possible embodiment of the another kind of the embodiment of the present application, in order to make the grade classification of application program more level and smooth, described step S130 can also be:

According to the dispersion of the described application safety value-at-risk of described multiple application programs, described multiple application programs are carried out to safe class division.

In a kind of possible embodiment, can determine which grade the number of degrees of safe class and each application program all belong to by the coefficient of variation.That is: according to the coefficient of variation of the described application safety value-at-risk of described multiple application programs, described multiple application programs are divided in at least one safe class, wherein, the coefficient of variation of described application safety value-at-risk that belongs at least one application program of same safe class is within the scope of a default first threshold.

Here, the coefficient of variation of the described application safety value-at-risk of described at least one application program is the variance of application safety value-at-risk and the ratio of average of described at least one application program.

For example, can carry out described safe class division according to the application safety value-at-risk of multiple application programs by step below:

According to application safety value-at-risk, described multiple application programs are carried out to descending sort;

From the application program a ranking the first 1start, calculate its coefficient of variation, and judge whether this coefficient of variation is greater than a coefficient of variation threshold value, if be not more than, continue to add again second application program a 2, continue to calculate the first application program a 1with second application program a 2application safety value-at-risk the coefficient of variation and judgement, if be still not more than described coefficient of variation threshold value, continue to add successively follow-up application program, until the coefficient of variation obtaining is greater than described coefficient of variation threshold value, now, whether the application safety value-at-risk that judges again current application program equates with the application safety value-at-risk of a upper application program, if equated, continues to add follow-up application program judgement; If unequal, will be from the first application program a 1to current application program a nall application programs be divided in the first safe class; Then then from next application program a n+1restart to calculate the coefficient of variation judgement, until add an application program a n+mmeet from described next application program a n+1to described application program a n+mthe coefficient of variation of application safety value-at-risk to be greater than the application safety value-at-risk of described coefficient of variation threshold value and current application program and previous application program unequal, now, by described next application program a n+1to described application program a n+mall application programs be divided in the second safe class ... the rest may be inferred, until all application programs have all been divided.

Can find out, with at least one Second Threshold of setting above, described multiple application programs are carried out compared with classification, the embodiment of the present application does not need to determine in advance the number of degrees of described application program, but can determine according to the dispersion degree of the application safety value-at-risk of described multiple application programs the progression of described safe class, make application safety value-at-risk change large part by the more division of refinement.

Certainly, those skilled in the art can know, except determining the safe class of described multiple application programs by described Second Threshold and the coefficient of variation, also can determine according to alternate manner, for example, can determine by the variable gradient of the application safety value-at-risk of described multiple application programs the safe class of each application program in described multiple application program, but compared with method by the coefficient of variation, gradient method is subject to the influences of fluctuations of indivedual points larger.

In a kind of possible embodiment, the said method of the embodiment of the present application can be applied in user equipment side, for determining the safe class of the application program on described subscriber equipment, user can judge that this application program can bring the possibility of safety problem to subscriber equipment according to the safe class of an application program, and then determines whether to install or to unload described application program.Alternatively, in the possible embodiment of another kind, the said method of the embodiment of the present application can be applied distribution platform side, application distribution platform can carry out application programs according to the safe class of described multiple application programs classifies, and then facilitates user need to select the application program of suitable safe class according to the safe privacy of oneself.

Wherein, in a kind of possible embodiment, described multiple application program such as, for being applied to the mobile applications on mobile subscriber equipment (mobile phone, panel computer etc.), described application distribution platform is also some application markets, for example, can be the App Store application market of the Android application markets such as Google Play and apple.

It will be appreciated by those skilled in the art that, in the said method of the application's embodiment, the sequence number size of each step does not also mean that the priority of execution sequence, the execution sequence of each step should be definite with its function and internal logic, and should not form any restriction to the implementation process of the application's embodiment.

As shown in Figure 3, a kind of possible embodiment of the embodiment of the present application provides a kind of risk determining device 400 of application program, comprising:

Application is related to determination module 410, for determining at least one application relation between at least one application program and multiple authority; Wherein, the each application relation in described at least one application relation is corresponding to the authority in multiple authorities described in the application program in described at least one application program;

Weights determination module 420, for determining the weights of the each application relation of described at least one application relation;

Value-at-risk determination module 430, for determining the application safety value-at-risk of the each application program of described at least one application program according to described weights corresponding to described each application relation;

Grade classification module 440, carries out safe class division for the described application safety value-at-risk according to described each application program to described at least one application program.

With in embodiment of the method recited above similarly, the embodiment below the embodiment of the present application conducts further description as multiple application programs as example taking described at least one application program.Now, described application is related to that determination module 410 is for determining the multiple application relations between described multiple application programs and described multiple authority.

The device 400 of the embodiment of the present application is determined the relation between described multiple application program and multiple authority by the model based on a bigraph (bipartite graph).The description of correspondence in concrete embodiment shown in Figure 1.

The embodiment of the embodiment of the present application is set up the bigraph (bipartite graph) model of application program and authority by the weights of the application relation between definite application program and authority and described application relation, determine the application safety value-at-risk of application program according to this bigraph (bipartite graph) model; In addition, be difficult to the security risk of clear and definite aware application according to application safety value-at-risk for fear of user, the embodiment of the present application also application programs is carried out safe class division, facilitates user need to select the application program of suitable safe class according to the safe privacy of oneself.

The embodiment of the present application further illustrates each module of the embodiment of the present application by embodiment below.

In a kind of possible embodiment of the embodiment of the present application, for further describing referring to the description to Fig. 2 illustrated embodiment in said method embodiment of the multiple application relations between described multiple application programs and multiple authorities and weights corresponding to each application relation, repeat no more here.

In the embodiment of the present application, the weights of described application relation are corresponding to the correlativity between corresponding application program and the authority of described application relation, and in general, described correlativity is stronger, and the size of described weights is larger.Therefore, described weights determination module 420 just can be determined the size of described weights according to the correlativity between described application program and weights.In a kind of possible embodiment, can obtain described correlativity by the size of the probability of authority described in described application program.Certainly, those skilled in the art can know, in other possible embodiment, except described probability, can also determine the correlativity between described application program and authority by alternate manner.

Therefore, alternatively, as shown in Figure 4, in a kind of possible embodiment of the embodiment of the present application, described weights determination module 420 can comprise:

Weights are determined submodule 421, for determine the weights of described each application relation according to the probability of authority described in described application program corresponding to described each application relation.

In a kind of possible embodiment of the embodiment of the present application, can obtain described probability according to historical data.Further, in the present embodiment, described weights determine that submodule 421 can comprise:

Weights determining unit 4211, for determining corresponding described weights according to the authority application historical data of all application programs of an application class under described application program corresponding to described each application relation.

In the present embodiment, described application class can be the classification of dividing according to the function of application program, for example, play, office, map etc.; Can also be the classification of carrying out according to the developer of application program, or can also be Cluster Classification carrying out according to the similarity of application program other side etc. etc.Certainly, those skilled in the art can know, described application class can also be the classification of carrying out with other criteria for classification.

As shown in Figure 5, in a kind of possible embodiment, for convenience of calculation, described weights determining unit 4211 comprises:

Weights are determined subelement 4211a, for obtaining described weights according to the ratio of multiple frequency sums of multiple authorities described in the frequency of authority described in all application program of described application class and described all application program SEPARATE APPLICATION.The description of correspondence in concrete embodiment of the method shown in Figure 2.

In a kind of possible embodiment of the embodiment of the present application, in order to obtain normalized frequency, the quantity of application program that can be by having applied for an authority in described application class obtains described frequency corresponding to described authority with the ratio of all application programs in this application class.Certainly,, in other possible embodiment of the embodiment of the present application, can also determine described frequency by alternate manner.

For the faster application safety value-at-risk of determining more accurately described each application program, alternatively, in a kind of possible embodiment, described value-at-risk determination module 430 comprises:

Value-at-risk is determined submodule 431, for determine the described application safety value-at-risk of described each application program according to described weights corresponding to described each application relation and at least one constraint;

Wherein, described at least one constraint comprises one first constraint, and described the first constraint comprises:

In described multiple application relation, weights corresponding to an application relation are higher, and the legal power safety value-at-risk of the application safety value-at-risk of application program corresponding to the described application relation authority corresponding with described application relation is more close.

In the embodiment of the present application, described application safety value-at-risk represents the security risk size of corresponding application program, and described legal power safety value-at-risk represents the security risk size of corresponding authority.

Those skilled in the art can know, the leading relation between application program and authority has been considered in described the first constraint.Wherein, the weights of an application program and an authority are higher, and the correlativity between the two is stronger, in the time that one of them risk is high, another inevitable also can be high, vice versa.Specifically referring to description corresponding in said method embodiment.

Optionally, in a kind of possible embodiment, described at least one constraint also comprises one second constraint, and described the second constraint comprises:

The authority application situation of two application programs in described multiple application program is more similar, and the application safety value-at-risk of described two application programs is more close.

In the present embodiment, described authority application situation comprises: the weights corresponding to application relation of the authority of application program and application program authority.Wherein, more similar when the authority of two application program, apply for that the weights of identical authority are more similar simultaneously, the application safety value-at-risk of the two should be more close.Specifically referring to description corresponding in said method embodiment.

Alternatively, in a kind of possible embodiment, can carry out application program described in vector representation by the weights of all application relations corresponding to an application program, now can determine by the cosine distance of two application programs the similarity of two application programs.Specifically referring to description corresponding in said method embodiment.

Certainly, those skilled in the art can know, other also can determine for the embodiment of the present application the similarity degree of two application programs for representing the method for similarity between two vectors.

Optionally, in a kind of possible embodiment, described at least one constraint also comprises one the 3rd constraint, and described the 3rd constraint comprises:

For two authorities in described multiple authorities, described two authorities to be applied situation more similar, the legal power safety value-at-risk of described two authorities is more close.

In the embodiment of the present application, the situation that is applied of described authority comprises the weights of applying for the corresponding application relation of authority described in the application program of described authority and described application program.Wherein, the application program of two authorities of application is more similar, the weights of the application relation of two authorities are more similar described in simultaneously identical application program SEPARATE APPLICATION, and legal power safety value-at-risk corresponding to described two authorities is more close.

Same optional, in a kind of possible embodiment, can carry out authority described in vector representation by the weights of all application relations corresponding to an authority, now can determine by the cosine distance of two authorities the similarity of two authorities.Specifically referring to description corresponding in said method embodiment.

Same, those skilled in the art can know, other also can determine for the embodiment of the present application the similarity degree of two authorities for representing the method for similarity between two vectors.

More accurate for the application safety value-at-risk that makes to obtain, outside priori can also be incorporated in the calculating of application safety value-at-risk, therefore, alternatively, in a kind of possible embodiment, described at least one constraint also comprises one the 4th constraint, and described the 4th constraint comprises:

The application safety value-at-risk of described multiple application programs is consistent with the priori application safety value-at-risk of described multiple application programs respectively;

The legal power safety value-at-risk of described multiple authorities is consistent with the priori legal power safety value-at-risk of described multiple authorities respectively.

In the embodiment of the present application, the application safety value-at-risk of described multiple application programs and the legal power safety value-at-risk of multiple authorities respectively the meaning consistent with priori application safety value-at-risk and priori legal power safety value-at-risk be that described application and legal power safety value-at-risk should meet priori.For example, meet at the same time under the prerequisite of other constraint, described application safety value-at-risk should approach described priori application safety value-at-risk as far as possible, and described legal power safety value-at-risk should approach described priori legal power safety value-at-risk as far as possible.In the embodiment of the present application, introduce described the 4th constraint and can make the application safety value-at-risk of obtaining can converge to as soon as possible suitable scope, specifically referring to description corresponding in said method embodiment.

In the embodiment of the present application, described priori application safety value-at-risk and priori legal power safety value-at-risk can be respectively to obtain in several ways, for example, in some possible embodiments, can adopt security risk value that domain expert arranges, also can build a security classification according to Outer risks report and obtain corresponding security risk value or can also adopt the state-of-the-art safe mode of association area to obtain corresponding security risk value.Especially, in a kind of possible embodiment, can be by stating priori application safety value-at-risk and priori legal power safety value-at-risk described in user's default acquisition.

In a kind of possible embodiment of the embodiment of the present application, for make corresponding application and legal power safety value-at-risk to obtain efficiency higher, can adopt PNB to obtain described priori application safety value-at-risk and priori legal power safety value-at-risk.

In a kind of possible embodiment of the embodiment of the present application, can retrain the application safety value-at-risk of determining each application program in described multiple application program according to described weights corresponding to described each application relation and recited above first to fourth.

For example, in a kind of possible embodiment, can obtain by the cost function in embodiment of the method above the application safety value-at-risk of described each application program.

Certainly, those skilled in the art can know, cost function be above only the embodiment of the present application for asking for a kind of possible mode of described application safety value-at-risk and legal power safety value-at-risk, can also obtain by other formula or function described application safety value-at-risk and the legal power safety value-at-risk of the embodiment of the present application.

As shown in Figure 6 a, alternatively, in a kind of possible embodiment of the embodiment of the present application, described grade classification module 440 can comprise:

Second divides submodule 442, for:

Each application program in described at least one application program:

Relatively default at least one Second Threshold and the described application safety value-at-risk of described each application program, determine the safe class of described each application program.

In present embodiment, according to the application safety value-at-risk of described application program and described at least one Second Threshold, described multiple application programs are carried out to further describing referring to description corresponding in said method embodiment of classification, repeat no more here.

In the embodiment of the present application, described safe class can be divided into two-stage or three grades as required ... or more.

As shown in Figure 6 b, alternatively, in the another kind of possible embodiment of the embodiment of the present application, in order to make the grade classification of application program more level and smooth, described grade classification module 440 can comprise:

First divides submodule 441, for described multiple application programs being carried out to safe class division according to the dispersion of the described application safety value-at-risk of described multiple application programs.

Alternatively, in a kind of possible embodiment of the embodiment of the present application, described first divides submodule 441 comprises:

Grade classification unit 4411, for described at least one application program being divided in at least one safe class according to the coefficient of variation of the described application safety value-at-risk of described multiple application programs, wherein, the coefficient of variation of described application safety value-at-risk that belongs at least one application program of same safe class is within the scope of a default first threshold.

Here, the coefficient of variation of the described application safety value-at-risk of described at least one application program is the variance of application safety value-at-risk and the ratio of average of described at least one application program.

According to the described coefficient of variation, described multiple application programs are carried out to further describing referring to description corresponding in said method embodiment of safe class division, repeat no more here.

Equally, those skilled in the art can know, determine the safe class of described multiple application programs except dividing submodule 442 by described the first division submodule 441 and described first, also can determine according to other module the safe class of described multiple application programs, for example, can determine by the variable gradient of the application safety value-at-risk of the described multiple application programs after above-mentioned sequence the safe class of each application program in described multiple application program.

In a kind of possible embodiment, the device of the embodiment of the present application can be applied on subscriber equipment, for example be applied on the subscriber equipmenies such as mobile phone, panel computer, notebook computer for determining the safe class of the application program on described subscriber equipment, make user to judge that this application program can bring the possibility of safety problem to subscriber equipment according to the safe class of an application program, and then determine whether to install or to unload described application program.Alternatively, in the possible embodiment of another kind, the device of the embodiment of the present application can also be applied on the server of application distribution platform, for obtaining the safe class of application program on described application distribution platform, make to apply distribution platform and can carry out application programs according to the safe class of described multiple application programs and classify, and then facilitate user need to select the application program of suitable safe class according to the safe privacy of oneself.

Wherein, in a kind of possible embodiment, described multiple application program such as, for being applied to the mobile applications on mobile subscriber equipment (mobile phone, panel computer etc.), described application distribution platform is also some application markets, for example, can be the App Store application market of the Android application markets such as Google Play and apple.

As shown in Figure 7, in a kind of possible embodiment of the embodiment of the present application, provide a kind of electronic equipment 700, comprised the risk determining device 710 of application program recited above.

Wherein, in a kind of possible embodiment, described electronic equipment 700 can be a subscriber equipment, optional, can be a mobile subscriber equipment.In the possible embodiment of another kind, described electronic equipment 700 can also be a server, for example, be the server of an application distribution platform.

The structural representation of the risk determining device 800 of another application program that Fig. 8 provides for the embodiment of the present application, the application's specific embodiment not specific implementation of the risk determining device 800 of application programs limits.As shown in Figure 8, the risk determining device 800 of this application program can comprise:

Processor (processor) 810, communication interface (Communications Interface) 820, storer (memory) 830 and communication bus 840.Wherein:

Processor 810, communication interface 820 and storer 830 complete mutual communication by communication bus 840.

Communication interface 820, for net element communication such as client etc.

Processor 810, for executive routine 832, specifically can carry out the correlation step in said method embodiment.

Particularly, program 832 can comprise program code, and described program code comprises computer-managed instruction.

Processor 810 may be a central processor CPU, or specific integrated circuit ASIC (Application Specific Integrated Circuit), or is configured to implement one or more integrated circuit of the embodiment of the present application.

Storer 830, for depositing program 832.Storer 830 may comprise high-speed RAM storer, also may also comprise nonvolatile memory (non-volatile memory), for example at least one magnetic disk memory.Program 832 specifically can be carried out following steps for the risk determining device 800 that makes described application program:

Determine at least one application relation between at least one application program and multiple authority; Wherein, the each application relation in described at least one application relation is corresponding to the authority in multiple authorities described in the application program in described at least one application program;

Determine the weights of each application relation in described at least one application relation;

Determine the application safety value-at-risk of each application program in described at least one application program according to described weights corresponding to described each application relation;

According to the described application safety value-at-risk of described each application program, described at least one application program is carried out to safe class division.

In program 832, the specific implementation of each step can, referring to description corresponding in the corresponding steps in above-described embodiment and unit, be not repeated herein.Those skilled in the art can be well understood to, and for convenience and simplicity of description, the specific works process of the equipment of foregoing description and module, can describe with reference to the corresponding process in preceding method embodiment, does not repeat them here.

Those of ordinary skill in the art can recognize, unit and the method step of each example of describing in conjunction with embodiment disclosed herein, can realize with the combination of electronic hardware or computer software and electronic hardware.These functions are carried out with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Professional and technical personnel can realize described function with distinct methods to each specifically should being used for, but this realization should not thought and exceeds the application's scope.

If described function realizes and during as production marketing independently or use, can be stored in a computer read/write memory medium using the form of SFU software functional unit.Based on such understanding, the part that the application's technical scheme contributes to prior art in essence in other words or the part of this technical scheme can embody with the form of software product, this computer software product is stored in a storage medium, comprise that some instructions (can be personal computers in order to make a computer equipment, server, or the network equipment etc.) carry out all or part of step of method described in each embodiment of the application.And aforesaid storage medium comprises: USB flash disk, portable hard drive, ROM (read-only memory) (ROM, Read-Only Memory), the various media that can be program code stored such as random access memory (RAM, Random Access Memory), magnetic disc or CD.

Above embodiment is only for illustrating the application; and the not restriction to the application; the those of ordinary skill in relevant technologies field; in the case of not departing from the application's spirit and scope; can also make a variety of changes and modification; therefore all technical schemes that are equal to also belong to the application's category, and the application's scope of patent protection should be defined by the claims.

Claims (23)

1. the risk of application program is determined a method, it is characterized in that, comprising:
Determine at least one application relation between at least one application program and multiple authority; Wherein, the each application relation in described at least one application relation is corresponding to the authority in multiple authorities described in the application program in described at least one application program;
Determine the weights of each application relation in described at least one application relation;
Determine the application safety value-at-risk of each application program in described at least one application program according to described weights corresponding to described each application relation;
According to the described application safety value-at-risk of described each application program, described at least one application program is carried out to safe class division.
2. the method for claim 1, is characterized in that, determines the weights of described each application relation according to the probability of authority described in described application program corresponding to described each application relation.
3. the method for claim 1, is characterized in that, determines corresponding described weights according to the authority application historical data of all application programs in the application class under described application program corresponding to described each application relation.
4. method as claimed in claim 3, is characterized in that, obtains described weights according to the ratio of multiple frequency sums of multiple authorities described in the frequency of authority described in all application program described in described application class and described all application program SEPARATE APPLICATION.
5. the method for claim 1, is characterized in that, describedly determines that according to described weights corresponding to described each application relation in described at least one application program, the described application safety value-at-risk of each application program comprises:
Determine the described application safety value-at-risk of described each application program according to described weights corresponding to described each application relation and at least one constraint;
Wherein, described at least one constraint comprises one first constraint, and described the first constraint comprises:
In described at least one application relation, weights corresponding to an application relation are higher, and the legal power safety value-at-risk of the application safety value-at-risk of an application program corresponding to a described application relation authority corresponding with described application relation is more close.
6. method as claimed in claim 5, is characterized in that, described at least one application program is multiple application programs, and described at least one constraint also comprises one second constraint, and described the second constraint comprises:
The authority application situation of two application programs in described multiple application program is more similar, and the application safety value-at-risk of described two application programs is more close.
7. method as claimed in claim 5, is characterized in that, described at least one constraint also comprises one the 3rd constraint, and described the 3rd constraint comprises:
For two authorities in described multiple authorities, described two authorities to be applied situation more similar, the legal power safety value-at-risk of described two authorities is more close.
8. method as claimed in claim 5, is characterized in that, described at least one constraint also comprises one the 4th constraint, and described the 4th constraint comprises:
The application safety value-at-risk of described at least one application program is consistent with the priori application safety value-at-risk of described at least one application program respectively;
The legal power safety value-at-risk of described multiple authorities is consistent with the priori legal power safety value-at-risk of described multiple authorities respectively.
9. the method for claim 1, is characterized in that, described according to the described application safety value-at-risk of described each application program to described at least one application program carry out safe class divide comprise:
According to the dispersion of the described application safety value-at-risk of described at least one application program, described multiple application programs are carried out to safe class division.
10. method as claimed in claim 9, is characterized in that, described according to the dispersion of the described application safety value-at-risk of described at least one application program to described multiple application programs carry out safe class divide comprise:
According to the coefficient of variation of the described application safety value-at-risk of described at least one application program, described at least one application program is divided in at least one safe class, wherein, the coefficient of variation of described application safety value-at-risk that belongs at least one application program of same safe class is within the scope of a default first threshold.
11. the method for claim 1, is characterized in that, described according to the described application safety value-at-risk of described each application program to described at least one application program carry out safe class divide comprise:
Each application program in described at least one application program:
Relatively default at least one Second Threshold and the described application safety value-at-risk of described each application program, determine the safe class of described each application program.
The risk determining device of 12. 1 kinds of application programs, is characterized in that, comprising:
Application is related to determination module, for determining at least one application relation between at least one application program and multiple authority; Wherein, the each application relation in described at least one application relation is corresponding to the authority in multiple authorities described in the application program in described at least one application program;
Weights determination module, for determining the weights of the each application relation of described at least one application relation;
Value-at-risk determination module, for determining the application safety value-at-risk of the each application program of described at least one application program according to described weights corresponding to described each application relation;
Grade classification module, carries out safe class division for the described application safety value-at-risk according to described each application program to described at least one application program.
13. devices as claimed in claim 12, is characterized in that, described weights determination module comprises:
Weights are determined submodule, for determine the weights of described each application relation according to the probability of authority described in described application program corresponding to described each application relation.
14. devices as claimed in claim 13, is characterized in that, described weights determine that submodule comprises:
Weights determining unit, for determining corresponding described weights according to the authority application historical data of all application programs of an application class under described application program corresponding to described each application relation.
15. devices as claimed in claim 14, is characterized in that, described weights determining unit comprises:
Weights are determined subelement, for obtaining described weights according to the ratio of multiple frequency sums of multiple authorities described in the frequency of authority described in all application program described in described application class and described all application program SEPARATE APPLICATION.
16. devices as claimed in claim 12, is characterized in that, described value-at-risk determination module comprises:
Value-at-risk is determined submodule, for determine the described application safety value-at-risk of described each application program according to described weights corresponding to described each application relation and at least one constraint;
Wherein, described at least one constraint comprises one first constraint, and described the first constraint comprises:
In described at least one application relation, weights corresponding to an application relation are higher, and the legal power safety value-at-risk of the application safety value-at-risk of an application program corresponding to a described application relation authority corresponding with described application relation is more close.
17. devices as claimed in claim 16, is characterized in that, described at least one application program is multiple application programs, and described at least one constraint also comprises one second constraint, and described the second constraint comprises:
The authority application situation of two application programs in described multiple application program is more similar, and the application safety value-at-risk of described two application programs is more close.
18. devices as claimed in claim 16, is characterized in that, described at least one constraint also comprises one the 3rd constraint, and described the 3rd constraint comprises:
For two authorities in described multiple authorities, described two authorities to be applied situation more similar, the legal power safety value-at-risk of described two authorities is more close.
19. devices as claimed in claim 16, is characterized in that, described at least one constraint also comprises one the 4th constraint, and described the 4th constraint comprises:
The application safety value-at-risk of described at least one application program is consistent with the priori application safety value-at-risk of described at least one application program respectively;
The legal power safety value-at-risk of described multiple authorities is consistent with the priori legal power safety value-at-risk of described multiple authorities respectively.
20. devices as claimed in claim 12, is characterized in that, described grade classification module comprises:
First divides submodule, for described multiple application programs being carried out to safe class division according to the dispersion of the described application safety value-at-risk of described at least one application program.
21. devices as claimed in claim 20, is characterized in that, described first divides submodule comprises:
Grade classification unit, for described at least one application program being divided in at least one safe class according to the coefficient of variation of the described application safety value-at-risk of described at least one application program, wherein, the coefficient of variation of described application safety value-at-risk that belongs at least one application program of same safe class is within the scope of a default first threshold.
22. methods as claimed in claim 12, is characterized in that, described grade classification module comprises:
Second divides submodule, for:
Each application program in described at least one application program:
Relatively default at least one Second Threshold and the described application safety value-at-risk of described each application program, determine the safe class of described each application program.
23. 1 kinds of electronic equipments, is characterized in that, comprise the risk determining device of the application program described in any one in claim 12-22.
CN201410326061.7A 2014-07-09 2014-07-09 The risk of application program determines method and determining device CN104091071B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410326061.7A CN104091071B (en) 2014-07-09 2014-07-09 The risk of application program determines method and determining device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410326061.7A CN104091071B (en) 2014-07-09 2014-07-09 The risk of application program determines method and determining device

Publications (2)

Publication Number Publication Date
CN104091071A true CN104091071A (en) 2014-10-08
CN104091071B CN104091071B (en) 2017-11-07

Family

ID=51638787

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410326061.7A CN104091071B (en) 2014-07-09 2014-07-09 The risk of application program determines method and determining device

Country Status (1)

Country Link
CN (1) CN104091071B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104376266A (en) * 2014-11-21 2015-02-25 工业和信息化部电信研究院 Determination method and device for security level of application software
CN104376258A (en) * 2014-11-20 2015-02-25 工业和信息化部电信研究院 Safety risk detecting method and device for Android application program
CN104636489A (en) * 2015-02-27 2015-05-20 百度在线网络技术(北京)有限公司 Processing method and processing device for description attribute data
CN105117544A (en) * 2015-08-21 2015-12-02 李涛 Android platform App risk assessment method based on mobile cloud computing and Android platform App risk assessment device based on mobile cloud computing
WO2017004918A1 (en) * 2015-07-06 2017-01-12 深圳市中兴微电子技术有限公司 Security control method and device, and computer storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102222192A (en) * 2010-12-24 2011-10-19 卡巴斯基实验室封闭式股份公司 Optimizing anti-malicious software treatment by automatically correcting detection rules
CN103473504A (en) * 2013-09-25 2013-12-25 西安交通大学 Android malicious code detection method based on class analysis
CN103530796A (en) * 2013-10-10 2014-01-22 北京智谷睿拓技术服务有限公司 Active period detection method and active period detection system of application program

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102222192A (en) * 2010-12-24 2011-10-19 卡巴斯基实验室封闭式股份公司 Optimizing anti-malicious software treatment by automatically correcting detection rules
CN103473504A (en) * 2013-09-25 2013-12-25 西安交通大学 Android malicious code detection method based on class analysis
CN103530796A (en) * 2013-10-10 2014-01-22 北京智谷睿拓技术服务有限公司 Active period detection method and active period detection system of application program

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张叶慧等: "基于类别以及权限的Android恶意程序检测", 《计算机工程与设计》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104376258B (en) * 2014-11-20 2017-12-12 工业和信息化部电信研究院 The security risk detection method and device of Android application program
CN104376258A (en) * 2014-11-20 2015-02-25 工业和信息化部电信研究院 Safety risk detecting method and device for Android application program
CN104376266B (en) * 2014-11-21 2017-09-15 工业和信息化部电信研究院 The determination method and device of application software level of security
CN104376266A (en) * 2014-11-21 2015-02-25 工业和信息化部电信研究院 Determination method and device for security level of application software
CN104636489A (en) * 2015-02-27 2015-05-20 百度在线网络技术(北京)有限公司 Processing method and processing device for description attribute data
CN104636489B (en) * 2015-02-27 2018-04-13 百度在线网络技术(北京)有限公司 The treating method and apparatus of attribute data is described
WO2017004918A1 (en) * 2015-07-06 2017-01-12 深圳市中兴微电子技术有限公司 Security control method and device, and computer storage medium
CN105117544A (en) * 2015-08-21 2015-12-02 李涛 Android platform App risk assessment method based on mobile cloud computing and Android platform App risk assessment device based on mobile cloud computing
CN105117544B (en) * 2015-08-21 2018-09-28 李涛 Android platform App methods of risk assessment and device based on mobile cloud computing

Also Published As

Publication number Publication date
CN104091071B (en) 2017-11-07

Similar Documents

Publication Publication Date Title
Roffo et al. Infinite latent feature selection: A probabilistic latent graph-based ranking approach
US9807473B2 (en) Jointly modeling embedding and translation to bridge video and language
US20180053042A1 (en) Generating numeric embeddings of images
CN105224699B (en) News recommendation method and device
Cao et al. Graph-based discriminative learning for location recognition
Archana et al. Survey of classification techniques in data mining
US8768919B2 (en) Web searching
EP3467723A1 (en) Machine learning based network model construction method and apparatus
US20160132787A1 (en) Distributed, multi-model, self-learning platform for machine learning
Wu et al. Multi-label boosting for image annotation by structural grouping sparsity
CN104462385B (en) A kind of film personalization similarity calculating method based on user interest model
US8417654B1 (en) Decision tree refinement
EP3029606A2 (en) Method and apparatus for image classification with joint feature adaptation and classifier learning
Cheng et al. Efficient algorithm for localized support vector machine
CN102119389B (en) Automatic image annotation using semantic distance learning
Novovičová et al. Conditional mutual information based feature selection for classification task
US8156056B2 (en) Method and system of classifying, ranking and relating information based on weights of network links
US10049305B2 (en) Large-scale classification in neural networks using hashing
Wu et al. Contextual bandits in a collaborative environment
US10878550B2 (en) Utilizing deep learning to rate attributes of digital images
US7809705B2 (en) System and method for determining web page quality using collective inference based on local and global information
TWI360754B (en) Web page analysis using multiple graphs
Yin et al. Collaborative QoS prediction for mobile service with data filtering and SlopeOne model
Cheng et al. Label ranking methods based on the Plackett-Luce model
US20170032274A1 (en) Classifying user behavior as anomalous

Legal Events

Date Code Title Description
PB01 Publication
C06 Publication
SE01 Entry into force of request for substantive examination
C10 Entry into substantive examination
GR01 Patent grant
GR01 Patent grant