CN104182687B - The safety detection method of mobile terminal input window and safety detection device - Google Patents
The safety detection method of mobile terminal input window and safety detection device Download PDFInfo
- Publication number
- CN104182687B CN104182687B CN201410377593.3A CN201410377593A CN104182687B CN 104182687 B CN104182687 B CN 104182687B CN 201410377593 A CN201410377593 A CN 201410377593A CN 104182687 B CN104182687 B CN 104182687B
- Authority
- CN
- China
- Prior art keywords
- window
- characteristic information
- checked
- mobile terminal
- elemental
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 60
- 238000000034 method Methods 0.000 claims abstract description 119
- 230000008878 coupling Effects 0.000 claims abstract description 28
- 238000010168 coupling process Methods 0.000 claims abstract description 28
- 238000005859 coupling reaction Methods 0.000 claims abstract description 28
- 239000000284 extract Substances 0.000 claims abstract description 23
- 239000000203 mixture Substances 0.000 claims abstract description 16
- 230000008569 process Effects 0.000 claims description 87
- 230000008859 change Effects 0.000 claims description 9
- 238000012544 monitoring process Methods 0.000 claims description 8
- 238000000605 extraction Methods 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 description 7
- 238000007689 inspection Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 241000700605 Viruses Species 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000013011 mating Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000026676 system process Effects 0.000 description 2
- 230000003044 adaptive effect Effects 0.000 description 1
- 230000003542 behavioural effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012905 input function Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
Abstract
The invention provides safety detection method and the safety detection device of a kind of mobile terminal input window.Wherein the safety detection method based on interface of mobile terminal window comprises determining that occur window to be checked on mobile terminal display interface;Extract the characteristic information of at least one element in window to be checked;Use preset characteristic information storehouse to carry out characteristic matching to characteristic information, obtain Match of elemental composition result;Determine the security type of window to be checked according to Match of elemental composition result, wherein characteristic information storehouse pre-saves the elemental characteristic information of payment class software class window and/or the elemental characteristic information of the window of malice sample.The program utilizes the window to be checked occurring on display interface to carry out the coupling of window elements feature, prevents rogue program and intercepts user profile situation by window camouflage method, improves user information safety.
Description
Technical field
The present invention relates to internet security field, particularly relate to the safety inspection of a kind of mobile terminal input window
Survey method and safety detection device.
Background technology
With the development of network technology and ecommerce, carry out net purchase on mobile terminals and pay by mails more next
More universal, however the information security of mobile terminal become affect mobile terminal net purchase and pay by mails development
Important obstruction.
The information security of mobile terminal relates to the safety etc. of the secrecy of user profile, user's fund and payment information
Problem, presently, there are some malicious application, by stealing terminal data or the regular net purchase client that disguises oneself as
The page of end or payment client terminal gains the mode of user profile by cheating, gains bank or the payment accounts information of user by cheating
Carry out financial swindling, cause user to suffer a loss.
For problem above, prior art occurs in that multiple scan method for Mobile solution software, often
Method be to use the static state of Mobile solution software or behavioral characteristics, carry out with preset feature database
Join, it determines the Mobile solution software detecting belongs to blacklist or white list, and wherein white list refers to
Through entering the normal use software matrix of checking, and blacklist refers to it has been acknowledged that for the row of malicious application
Table.Yet with current Mobile solution software pace of change quickly, the renewal speed of existing preset feature database
The testing requirement of emerging application program can not be met, thus cause occurring that some cannot differentiate the shifting of type
Dynamic application, thus the purpose of the effectively information security of protection mobile terminal in real time can not be reached.
Content of the invention
In view of the above problems, it is proposed that the present invention is to provide one to overcome the problems referred to above or at least in part
Solve the safety detection device of the mobile terminal input window of the problems referred to above and corresponding mobile terminal input window
The safety detection method of mouth.The present invention one be further objective is that and to make to be determined whether by display window
There is the potential safety hazard stealing user profile, it is ensured that user information safety.
The present invention another further objective is that the various elements of display window to be made full use of judge,
Guarantee the accuracy of detection.
According to one aspect of the present invention, provide a kind of safety detection side based on interface of mobile terminal window
Method.Should comprise determining that on mobile terminal display interface based on the safety detection method of interface of mobile terminal window
Window to be checked occurs;Extract the characteristic information of at least one element in window to be checked;Preset feature is used to believe
Breath storehouse carries out characteristic matching to characteristic information, obtains Match of elemental composition result;Determine according to Match of elemental composition result and treat
The security type of inspection window, wherein characteristic information storehouse pre-saves the elemental characteristic paying class software class window
The elemental characteristic information of the window of information and/or malice sample.
Optionally it is determined that occur on mobile terminal display interface that window to be checked includes: in detection mobile terminal
Process changes;Determine that process generates new window on mobile terminal display interface.
Alternatively, use and preset characteristic information storehouse carries out characteristic matching to characteristic information include: to feature
Information carries out white sample characteristics coupling and/or black sample characteristics coupling.
Alternatively, carry out white sample characteristics coupling to include to characteristic information: extract the literary composition of element in window to be checked
The payment keyword that this content comprises, determines corresponding payment class software according to paying keyword;By to be checked
The window elements feature letter of the characteristic information of the element of window corresponding payment class software with characteristic information storehouse
Breath is compared, if comparison result is consistent, determines that window to be checked is security window.
Alternatively, the elemental characteristic information of the payment class software window that characteristic information storehouse pre-saves includes:
The elemental characteristic information paying the login window of class software, the account paying class software bind the elemental characteristic of window
Information, the elemental characteristic information paying the payment window of class software.
Alternatively, characteristic information is carried out black sample characteristics coupling include: by the characteristic information of window to be checked with
In characteristic information storehouse, the elemental characteristic information of the window of malice sample is mated, if there is coupling, determination is treated
Inspection window is malice window.
Alternatively, the element of window to be checked include following at least one: input frame, title bar, label, dish
Single, operation button;The characteristic information extracting at least one element in window to be checked includes: extract the literary composition of element
This content, positional information, chained address, one or more in element type.
Alternatively, preset characteristic information storehouse is preset in safety analysis server, is carrying out characteristic information
Also include before characteristic matching: characteristic information is uploaded to safety analysis server.
Alternatively, also included before extracting the characteristic information of at least one element in window: to generating window
Process carry out security sweep, to determine the sample type of process;Process be not belonging to known safe process or
During any one in known danger process, perform to extract the step of the characteristic information of at least one element in window
Suddenly.
Alternatively, also include after determining the security type of window to be checked: on mobile terminal display interface
Output and the corresponding information of security type.
According to a further aspect in the invention, the safety detection device of mobile terminal input window is provided.This peace
Full detection device includes interface monitoring modular, is adapted to determine that on mobile terminal display interface that window to be checked occurs in generation
Mouthful;Characteristic information extracting module, is suitable to extract the characteristic information of at least one element in window to be checked;Feature
Matching module, is adapted in use to carry out characteristic matching to characteristic information in preset characteristic information storehouse, obtains element
Matching result, and determine the security type of window to be checked according to Match of elemental composition result, wherein characteristic information storehouse
Pre-save the characteristic information of the element paying class software class window and/or the element of the window of malice sample
Characteristic information.
Alternatively, interface monitoring modular is further adapted for: the process change in detection mobile terminal;Determine that process exists
New window is generated on mobile terminal display interface.
Alternatively, characteristic matching module includes: white sample matches submodule, is suitable to: extract in window to be checked
According to paying keyword, the payment keyword that the content of text of element comprises, determines that corresponding payment class is soft
Part;Window unit by the characteristic information of the element of window to be checked corresponding payment class software with characteristic information storehouse
Element characteristic information is compared, if comparison result is consistent, determines that window to be checked is security window, and/or black
Sample matches submodule, is suitable to: by the window of the characteristic information of window to be checked and malice sample in characteristic information storehouse
The elemental characteristic information of mouth is mated, if there is coupling, determines window to be checked for malice window.
Alternatively, the elemental characteristic information of the payment class software window that characteristic information storehouse pre-saves includes:
The elemental characteristic information paying the login window of class software, the account paying class software bind the elemental characteristic of window
Information, the elemental characteristic information paying the payment window of class software.
Alternatively, the element of window to be checked include following at least one: input frame, title bar, label, dish
Single, operation button;The characteristic information extracting at least one element in window to be checked includes: extract the literary composition of element
This content, positional information, chained address, one or more in element type.
Alternatively, characteristic matching module includes: information uploads submodule, is suitable to characteristic information is uploaded to peace
Complete analysis server, preset characteristic information storehouse is preset in safety analysis server.
Alternatively, the safety detection device of above mobile terminal input window also includes: process scan module,
Be suitable to carry out security sweep to the process generating window, to determine the sample type of process;Feature information extraction
Module is further adapted for: the scanning result at process scan module is to be not belonging to known safe process or known in process
During any one in dangerous process, perform the step extracting the characteristic information of at least one element in window.
Alternatively, the safety detection device of above mobile terminal input window also includes: safety instruction module,
Be suitable to output and the corresponding information of security type on mobile terminal display interface.
The safety detection method of the mobile terminal input window of the present invention utilize on display interface occur to be checked
Window carries out the coupling of window elements feature, to differentiate whether window to be checked disguises oneself as the aobvious of safety applications software
Show window, thus prevent rogue program and intercept user profile situation by window camouflage method, improve
User information safety.
Further, the safety detection method of the mobile terminal input window of the present invention, can use white sample
The mode of characteristic matching and black sample characteristics coupling detects, and both may determine that window to be checked is security window
Mouthful, it is also possible to determine that window to be checked, for malice window, improves the accuracy of safety detection.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technology of the present invention
Means, and can being practiced according to the content of specification, and in order to allow above and other objects of the present invention,
Characteristic information and advantage can become apparent, below the detailed description of the invention especially exemplified by the present invention.
According to below in conjunction with the detailed description to the specific embodiment of the invention for the accompanying drawing, those skilled in the art will
More understand above-mentioned and other purposes, the advantages and features information of the present invention.
Brief description
By reading the detailed description of hereafter preferred embodiment, various other advantage and benefit for ability
Territory those of ordinary skill will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred embodiment, and simultaneously
It is not considered as limitation of the present invention.And it in whole accompanying drawing, is denoted by the same reference numerals identical
Parts.In the accompanying drawings:
Fig. 1 is the signal of the safety detection device of mobile terminal input window according to an embodiment of the invention
Block diagram;
Fig. 2 is the application of the safety detection device of mobile terminal input window according to an embodiment of the invention
Environment map;
Fig. 3 is the safety detection method based on interface of mobile terminal window according to an embodiment of the invention
Schematic diagram;
Fig. 4 is the safety detection method based on interface of mobile terminal window according to an embodiment of the invention
A kind of optional flow chart;And
Fig. 5 is the safety detection method based on interface of mobile terminal window according to an embodiment of the invention
In the schematic diagram of a window to be checked.
Detailed description of the invention
Algorithm and display be not intrinsic with any certain computer, virtual system or miscellaneous equipment provided herein
Related.Various general-purpose systems also can be used together with based on teaching in this.As described above, structure
Make the structure required by this kind of system to be apparent from.Additionally, the present invention is also not for any certain programmed
Language.It is understood that, it is possible to use various programming languages realize the content of invention described herein, and
The description done language-specific above is the preferred forms in order to disclose the present invention.
Fig. 1 is the safety detection device 100 of mobile terminal input window according to an embodiment of the invention
Schematic block diagram.The safety detection device 100 of this mobile terminal input window mays include: that interface is supervised in general manner
Surveying module the 110th, characteristic information extracting module the 120th, characteristic matching module 130, these parts can be according to shifting
The function of the safety detection device 100 of dynamic terminal input window and use environment carry out flexible configuration, at some
Can be by increasing parts in preferred embodiment, it is achieved more function has reached different technique effects,
For example, it is also possible to increase, process scan module 140 and safety instruction module 150 are set, in addition, feature
Join the optional structure of one of module 130 for including white sample matches submodule the 132nd, black sample matches submodule
134th, information uploads submodule 136.
In the safety detection device 100 of the mobile terminal input window of the present embodiment, interface monitoring modular 110
May be adapted to determine generate on mobile terminal display interface window to be checked occur, its a kind of optional flow process is inspection
Survey the process change in mobile terminal;Determine that process generates new window on mobile terminal display interface.Detection
Process in mobile terminal can utilize main anti-technology, and inside injected system process, the process that obtains generates window
Situation.Preferably, interface monitoring modular 110 can be using the window with input frame as window to be checked.
Characteristic information extracting module 120 extracts the characteristic information of at least one element in window to be checked, typically aobvious
Show the element of the element window to be checked of window include following at least one: input frame, title bar, label, dish
Single, operation button, accordingly, the characteristic information that characteristic information extracting module 120 is extracted can include above
The content of text of element, positional information, chained address, one or more in element type.
Characteristic matching module 130 can use in preset characteristic information storehouse and carry out feature to characteristic information
Join, obtain the matching result of element, and determine the security type of window to be checked according to Match of elemental composition result.With
Upper characteristic information storehouse pre-saves characteristic information and/or the malice sample of the element paying class software class window
The elemental characteristic information of window, the element of the payment class software window that for example characteristic information storehouse pre-saves is special
Reference breath includes: the elemental characteristic information paying the login window of class software, the account binding paying class software
The elemental characteristic information of window, the elemental characteristic information paying the payment window of class software, soft so that class will be paid
The characteristic information of the element of part class window is as the coupling foundation of white sample.Maliciously the element of the window of sample is special
Reference breath can extract the coupling foundation as black sample for the feature of the element of the window of the malice sample reporting.
Specifically, the content of text that white sample matches submodule 132 can extract element in window to be checked comprises
Payment keyword, according to pay keyword determine corresponding payment class software;Element by window to be checked
Characteristic information with characteristic information storehouse corresponding payment class software window elements characteristic information compare,
If comparison result is consistent, determine that window to be checked is security window.For security window, the shifting of the present embodiment
The safety detection device 100 of dynamic terminal input window can not do any intervention, normally to be grasped by user
Make.
Black sample matches submodule 134 can be by the characteristic information of window to be checked and malice sample in characteristic information storehouse
The elemental characteristic information of this window is mated, if there is coupling, determines window to be checked for malice window.
It for malice window, is possible to be intercepted if the user while wherein input the contents such as account information, causes information
Reveal, it is therefore desirable to user report, and take the measure of necessity.For example pass through safety instruction module 150
Output and the corresponding information of security type on mobile terminal display interface.Further, can also adopt
Take other modes and carry out safety precaution, for example, the input frame of malice window is set to input, to avoid
User inputs in the case of unwitting, only in the case that user ignores information, replys input
The input function of frame.
Information above matching process can be carried out in end side, it is also possible to utilizes high in the clouds technology to carry out beyond the clouds
Join, for example, utilize information to upload submodule 136 and characteristic information is uploaded to safety analysis server, utilize pre-
The preset characteristic information storehouse being placed in safety analysis server carries out the process of information above coupling.A kind of tool
The configuration mode of body is, distinguishes the feature for window elements for the initialized data base in end side and network side
Join, to be applicable to different use environment.
Process scan module 140 can carry out security sweep to the process generating window, to determine the sample of process
This type;Characteristic information extracting module 130 is to be not belonging in process at the scanning result of process scan module
When knowing any one in security procedure or known danger process, just perform to extract at least one element in window
The step of characteristic information.It is to say, the mode first by process detection enters row filter, only in process inspection
When survey not can determine that security, perform the step in the characteristic matching carrying out window elements.
Fig. 2 is the safety detection device 100 of mobile terminal input window according to an embodiment of the invention
Applied environment figure, the safety detection device 100 of the mobile terminal input window of the present embodiment can be arranged at respectively
In class mobile terminal 10, such as in smart mobile phone, panel computer, palm PC etc..These mobile terminals
10 can run in the operating systems such as Android, the safety detection dress of the mobile terminal input window of the present embodiment
Put 100 utilizations, on the process master anti-determination mobile terminal display interface of above operating system, window to be checked occurs
Mouthful, and use to be preset in mobile terminal and preserve the characteristic information storehouse of window elements feature and carry out feature
Join.Features above information bank is issued by mobile network 20 by safety analysis server 30, in addition,
The spy of the element of window to be checked that the safety detection device 100 of mobile terminal input window can also will extract
Reference breath is uploaded by mobile network 20, is preset in mobile terminal by safety analysis server 30 and preserves
The characteristic information storehouse of window elements feature carries out characteristic matching, and matching result is handed down to mobile terminal 10,
And malice window is pointed out.
The embodiment of the present invention additionally provides a kind of safety detection method based on interface of mobile terminal window, this base
Can introduce by above example in the safety detection method of interface of mobile terminal window any one based on
The safety detection device of interface of mobile terminal window performs, to improve the Information Security of mobile terminal.Figure
3 is the signal of the safety detection method based on interface of mobile terminal window according to an embodiment of the invention
Figure, as it can be seen, should comprise the following steps based on the safety detection method of interface of mobile terminal window:
Step S302, determines occur window to be checked on mobile terminal display interface;
Step S304, extracts the characteristic information of at least one element in window to be checked;
Step S306, uses preset characteristic information storehouse to carry out characteristic matching to characteristic information, obtains element
Join result;
Step S308, determines the security type of window to be checked according to Match of elemental composition result.
In above step, step S302 can occur treating by process change determination in detection mobile terminal
Inspection window, the process in mobile terminal that specifically can detect changes to determine process on mobile terminal display interface
Generate new window.In detection mobile terminal, process can utilize main anti-technology, inside injected system process, obtains
The process that takes generates the situation of window.Owing to the present embodiment technical problem to be solved is for preventing user defeated
The accounts information or the payment information that enter are intercepted, and therefore above window to be checked can be specifically with input frame
In the case that the type of window, particularly this input frame is password box.The title of for example emerging window again
Word in hurdle includes following keyword: " fast paying ", " Alipay payment ", " wechat payment ",
" mobile payment ", " Mobile banking " etc., then need this window as window to be checked.
The element of the element window to be checked of general display window include following at least one: input frame, title bar,
Label, menu, operation button, the characteristic information that step S304 is extracted can include the text of above element
Content, positional information, chained address, one or more in element type.
The characteristic information storehouse that step S306 uses pre-saves the elemental characteristic letter paying class software class window
The elemental characteristic information of the window of breath and/or malice sample, namely both can identify security window and can know
Not dangerous window, takes non-black i.e. white detection measurement to window to be checked.
Correspondingly, step S306 can include carrying out white sample characteristics coupling to characteristic information and black sample is special
Levy any one or whole two kinds in two kinds of matching ways of coupling.
For example, the elemental characteristic information of the payment class software window that characteristic information storehouse pre-saves includes following interior
Hold: the elemental characteristic information paying the login window of class software, the account paying class software bind the unit of window
Element characteristic information, the elemental characteristic information paying the payment window of class software.Step S306 carries out white sample
The flow process of characteristic matching can be: extracts the payment keyword that the content of text of element in window to be checked comprises,
Determine corresponding payment class software according to paying keyword;By the characteristic information of the element of window to be checked and spy
The window elements characteristic information levying corresponding payment class software in information bank is compared, if comparison result is one
Cause, determine that window to be checked is security window.One concrete example be window title bar in word for " micro-
Letter pays ", the elemental characteristic of the elemental characteristic of this window and payment interface in wechat client is mated,
If the match is successful, it is possible to confirm that this window to be checked is wechat payment window, otherwise just it is believed that this is to be checked
Window is malice window or needs detect further.
Step S306 carries out a kind of flow process of black sample characteristics coupling for including to characteristic information: by window to be checked
The characteristic information of mouth mates with the elemental characteristic information of the window of malice sample in characteristic information storehouse, if going out
Now mate, determine window to be checked for malice window.For malice window, all right after step S308
Output and the corresponding information of security type on mobile terminal display interface, to remind user.In addition,
In the case that malice window occurs, malice window can also be processed, for example shielding window, by defeated
Enter frame put ash be in can not input state etc., prevent user from operating, if the prompting message of user is carried out
Ignore operation, then recover window.
In addition to utilizing characteristic information storehouse preset on mobile terminal to carry out black and white sample characteristics coupling, this reality
Characteristic information can also be uploaded to safety analysis by the safety detection method of the mobile terminal input window executing example
Server, and receive the characteristic matching result that safety analysis server issues, thus utilize the big number of network side
According to mating, the result obtaining is more accurate.
Before step 304, the checking and killing virus system of the mobile terminal sample to process can also be utilized to examine
Survey, for example, security sweep is carried out to the process generating window, to determine the sample type of process;In process not
When belonging to any one in known safe process or known danger process, then step S304.Namely
Saying, the mode first by process detection enters row filter, only when process detection not can determine that security, holds
Row is in the step of the characteristic matching carrying out window elements.
Fig. 4 is the safety detection method based on interface of mobile terminal window according to an embodiment of the invention
A kind of optional flow chart, this flow process includes:
Step S402, determines and generates new window to be checked on mobile terminal display interface
Step S404, uses the anti-software of virus master of mobile terminal to judge whether the process generating window is known
Security procedure, if allow window properly functioning, step S406 if not;
Step S406, uses the anti-software of virus master of mobile terminal to judge whether the process generating window is known
Malicious process, if carrying out safety instruction to user, and perform corresponding safety operation (for example terminate process,
Delete file, put into isolated area etc.), if it is not, explanation cannot determine process security, need to carry out follow-up
Window elements characteristic matching;
Step S408, it is judged that whether newly-generated window exists input frame, illustrates that this window is only content if not
Display window, can not detect;
Step S410, determines that window is window to be checked;
Step S412, extracts the feature of window elements, specifically can include herein below: input frame, title
The respective content of text of element, positional information, chained address, the units such as hurdle, label, menu, operation button
Element etc..
Step S414, uses the feature of white sample window element to mate, if the match is successful, if allowing
Window is properly functioning;
Step S416, uses the feature of black sample window element to mate, if mating unsuccessful, and can be by
Elemental characteristic is uploaded to safety analysis server and is further analyzed;
Step S418, prompt window security risk, and carry out safety precaution operation to window, for example will shielding
Window, input frame is put ash be in can not input state etc., prevent user from operating, reveal individual's letter
Breath.Above prompt window can prompt the potential safety hazard of window, option of operation can also be provided a user with,
Such as unloading related application, upload safety detection result, ignore prompting etc., in order to user judges to go forward side by side voluntarily
Row corresponding operating.
Perform the safety detection method based on interface of mobile terminal window of above example of the present invention, it is judged that visitor
When the similar degree at the interface of family end, such as dialog box eject, can be to the element (prompting frame in dialog box
Classification, title bar) carry out feature decision, whether such as title bar points out Taobao's Alipay to log in, interface
Hurdle either with or without some form of prompting frame, whether password box.Again for example after extracting the feature string of element,
Can be identified according to the input frame in interface and word, set up and be similar to decision model, it is determined whether be
Pay or other finance interfaces (are for example similar to the login frame of Taobao, wechat, if be that wechat Alipay is tied up
Determine the interface of bank card).
For Android system terminal, such as Android smartphone, the element extracting window can utilize similar pin
This language is carried out, and judges in conjunction with its decision rule, and form Android system display interface plays sentencing of frame
Cover half type, relative to existing to the identification judging that bag name is signed, the present embodiment based on interface of mobile terminal window
The safety detection method of mouth can make up the deficiency that its renewal speed can not meet requirement.
Fig. 5 is the safety detection method based on interface of mobile terminal window according to an embodiment of the invention
In the schematic diagram of a window to be checked, after determining, on interface, the window shown in Fig. 5 occurring, first by leading
Anti-engine judges the security type generating the client of this window (for example to bag name, authority information feature
Join), if this window belongs to white sample, then this window can be made properly functioning, if this window belongs to black
Sample, then need remind user security risk, and provide corresponding safety measure option (for example prompting unloading,
Pop-up to this application carries out interception etc.), if the security type of client cannot be determined, extraction title bar,
Label and the type of input frame, there is " please input payment cipher " in title bar in Figure 5, and label
In also go out amount in cash and bank card information, now need the feature of the above element (position, chain ground connection
Location, text) to mate with the feature of the black and white window elements in feature database, if it is determined that these features are
Known secure payment window, then allow window properly functioning, if it is determined that these features and the payment that disguises oneself as
The characteristic matching of the black sample of window, then show prompting risk on interface at window, and enter traveling one user
Before step operation, input frame is set to can not input.Thus the accounts information preventing user from inputting is intercepted and leads
Cause loss.
The safety detection method based on interface of mobile terminal window using the present embodiment utilizes on display interface
The window to be checked occurring carries out the coupling of window elements feature, prevents rogue program and passes through window camouflage side
Method intercepts user profile situation, improves user information safety.
In specification mentioned herein, illustrate a large amount of detail.It is to be appreciated, however, that this
Bright embodiment can be put into practice in the case of not having these details.In some instances, not in detail
Known method, structure and technology are shown, in order to do not obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure helping understand one of each inventive aspect or
Multiple, above in the description of the exemplary embodiment of the present invention, each characteristic information of the present invention is sometimes
It is grouped together in single embodiment, figure or descriptions thereof.But, should be by the disclosure
Method is construed to reflect an intention that i.e. the present invention for required protection requires than institute in each claim
The more characteristic information of characteristic information being expressly recited.More precisely, as the following claims anti-
As reflecting, inventive aspect is all characteristic informations less than single embodiment disclosed above.Therefore,
The claims following detailed description of the invention are thus expressly incorporated in this detailed description of the invention, wherein each power
Profit requirement itself is all as the independent embodiment of the present invention.
Those skilled in the art are appreciated that and can carry out adaptive to the module in the equipment in embodiment
Change to answering property and they are arranged in one or more equipment different from this embodiment.Can be reality
Execute the module in example or unit or assembly is combined into a module or unit or assembly, and in addition can be it
Be divided into multiple submodule or subelement or sub-component.Except such characteristic information and/or process or unit
In at least some exclude each other outside, can use any combination (adjoint power is included to this specification
Profit requires, summary and accompanying drawing) disclosed in all characteristic informations and so disclosed any method or set
Standby all processes or unit are combined.Unless expressly stated otherwise, this specification (includes adjoint power
Profit requires, summary and accompanying drawing) disclosed in each characteristic information can be by providing identical, equivalent or similar mesh
Alternative features information replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other
Some characteristic information included in embodiment rather than further feature information, but the feature of different embodiment
The combination of information means to be within the scope of the present invention and formed different embodiments.For example, in power
In profit claim, one of arbitrarily can mode making in any combination of embodiment required for protection
With.
The all parts embodiment of the present invention can realize with hardware, or with at one or more processor
The software module of upper operation realizes, or realizes with combinations thereof.It will be understood by those of skill in the art that
Microprocessor or digital signal processor (DSP) can be used in practice to realize according to the present invention real
Execute some of some or all parts in the safety detection device based on interface of mobile terminal window of example
Or repertoire.The present invention be also implemented as the part for performing method as described herein or
Whole equipment or device program (for example, computer program and computer program).Such reality
The program of the existing present invention can store on a computer-readable medium, or can have one or more letter
Number form.Such signal can be downloaded from internet website and obtain, or provides on carrier signal,
Or provide with any other form.
The present invention will be described rather than limits the invention to it should be noted above-described embodiment, and
And those skilled in the art can design replacement enforcement without departing from the scope of the appended claims
Example.In the claims, any reference symbol that should not will be located between bracket is configured to claim
Limit.Word "comprising" does not excludes the presence of and does not arranges element in the claims or step.Be positioned at element it
Front word "a" or "an" does not excludes the presence of multiple such element.The present invention can be by means of bag
Include the hardware of some different elements and realize by means of properly programmed computer.Some listing
In the unit claim of device, several in these devices can be to be come specifically by same hardware branch
Embody.Word first, second and third use do not indicate that any order.Can be by these word solutions
It is interpreted as title.
So far, although those skilled in the art will appreciate that and detailed herein illustrate and describing the present invention's
Multiple exemplary embodiments, but, without departing from the spirit and scope of the present invention, still can be according to this
Disclosure of invention directly determines or derives other variations or modifications of many meeting the principle of the invention.Cause
This, the scope of the present invention is it is understood that and regard as covering other variations or modifications all these.
The embodiment of the present invention additionally provides A1. safety detection method based on interface of mobile terminal window,
Including:
Determine that window to be checked occurs on mobile terminal display interface;
Extract the characteristic information of at least one element in described window to be checked;
Use preset characteristic information storehouse to carry out characteristic matching to described characteristic information, obtain Match of elemental composition knot
Really;
Determine the security type of described window to be checked according to Match of elemental composition result, wherein said characteristic information storehouse is pre-
First preserve the elemental characteristic information of payment class software class window and/or the elemental characteristic of the window of malice sample
Information.
A2., wherein it is determined that there is window to be checked in the method according to A1 on mobile terminal display interface
Including:
Detect the process change in described mobile terminal;
Determine that described process generates new window on mobile terminal display interface.
A3. the method according to A1, wherein, uses in preset characteristic information storehouse and believes described feature
Breath carries out characteristic matching and includes:
Carry out white sample characteristics coupling and/or black sample characteristics coupling to described characteristic information.
A4. the method according to A3, wherein, carries out white sample characteristics coupling bag to described characteristic information
Include:
Extract the payment keyword that the content of text of element in described window to be checked comprises,
Determine corresponding payment class software according to described payment keyword;
By the characteristic information of the element of described window to be checked and corresponding payment described in described characteristic information storehouse
The window elements characteristic information of class software is compared, if comparison result is consistent, determines described window to be checked
For security window.
A5. the method according to A4, wherein, described characteristic information storehouse pre-save described payment class
The elemental characteristic information of software window includes: described payment class software login window elemental characteristic information,
The elemental characteristic information of the account binding window of described payment class software, the payment window of described payment class software
Elemental characteristic information.
A6. the method according to A3, wherein, carries out black sample characteristics coupling bag to described characteristic information
Include:
Element by the characteristic information of described window to be checked and the window of malice sample in described characteristic information storehouse
Characteristic information mates, if there is coupling, determines described window to be checked for malice window.
A7. the method according to according to any one of A1 to A6, wherein,
The element of described window to be checked include following at least one: input frame, title bar, label, menu,
Operation button;
The characteristic information extracting at least one element in described window to be checked includes: extract the text of described element
Content, positional information, chained address, one or more in element type.
A8. the method according to according to any one of A1 to A7, wherein,
Described preset characteristic information storehouse is preset in safety analysis server,
Also included before characteristic matching is carried out to described characteristic information: described characteristic information is uploaded to described
Safety analysis server.
A9. the method according to any one of A1 to A8, wherein, in extracting described window at least
Also include before the characteristic information of one element:
Security sweep is carried out to the process generating described window, to determine the sample type of described process;
When any one that described process is not belonging in known safe process or known danger process, perform extraction
The step of the characteristic information of at least one element in described window.
A10. the method according to any one of A1 to A9, wherein, is determining described window to be checked
Also include after security type:
Output and the corresponding information of described security type on described mobile terminal display interface.
The present invention additionally provides the safety detection device of a B11. mobile terminal input window, bag in implementing
Include:
Interface monitoring modular, is adapted to determine that on mobile terminal display interface that window to be checked occurs in generation;
Characteristic information extracting module, is suitable to extract the characteristic information of at least one element in described window to be checked;
Characteristic matching module, is adapted in use to carry out feature to described characteristic information in preset characteristic information storehouse
Join, obtain the matching result of element, and determine the security type of described window to be checked according to Match of elemental composition result,
Wherein said characteristic information storehouse pre-saves characteristic information and/or the evil of the element paying class software class window
The elemental characteristic information of the window of meaning sample.
B12. the device according to B11, wherein, described interface monitoring modular is further adapted for:
Detect the process change in described mobile terminal;
Determine that described process generates new window on mobile terminal display interface.
B13. the device according to B11, wherein, described characteristic matching module includes:
White sample matches submodule, is suitable to: extract that the content of text of element in described window to be checked comprises
Pay keyword, determine corresponding payment class software according to described payment keyword;By described window to be checked
The window elements feature of the characteristic information of element corresponding payment class software with described in described characteristic information storehouse
Information is compared, if comparison result is consistent, determines that described window to be checked is security window, and/or
Black sample matches submodule, is suitable to: by the characteristic information of described window to be checked and described characteristic information storehouse
The elemental characteristic information of the window of middle malice sample is mated, if there is coupling, determines described window to be checked
For malice window.
B14. the device according to B13, wherein, described payment that described characteristic information storehouse pre-saves
The elemental characteristic information of class software window includes: the elemental characteristic letter of the login window of described payment class software
Breath, the account of described payment class software bind the elemental characteristic information of window, the payment of described payment class software
The elemental characteristic information of window.
B15. the device according to according to any one of B11 to B14, wherein,
The element of described window to be checked include following at least one: input frame, title bar, label, menu,
Operation button;
The characteristic information extracting at least one element in described window to be checked includes: extract the text of described element
Content, positional information, chained address, one or more in element type.
B16. the device according to according to any one of B11 to B15, wherein, described characteristic matching module bag
Include:
Information uploads submodule, is suitable to described characteristic information is uploaded to safety analysis server, described preset
Characteristic information storehouse be preset in described safety analysis server.
B17. the device according to any one of B11 to B16, wherein, also includes:
Process scan module, is suitable to carry out security sweep to the process generating described window, enters described in determining
The sample type of journey;
Described characteristic information extracting module is further adapted for: at the scanning result of described process scan module for described
When process is not belonging to any one in known safe process or known danger process, perform to extract in described window
The step of the characteristic information of at least one element.
B18. the device according to any one of B11 to B17, wherein, also includes:
Safety instruction module, is suitable to output on described mobile terminal display interface corresponding with described security type
Information.
Claims (18)
1. the safety detection method based on interface of mobile terminal window, comprising:
Determine that window to be checked occurs on mobile terminal display interface;
Extract the characteristic information of at least one element in described window to be checked;
Use preset characteristic information storehouse to carry out characteristic matching to described characteristic information, obtain Match of elemental composition knot
Really;
Determine the security type of described window to be checked according to Match of elemental composition result, wherein said characteristic information storehouse is pre-
First preserve the elemental characteristic information of payment class software window and/or the elemental characteristic letter of the window of malice sample
Breath.
2. method according to claim 1, wherein it is determined that occur to be checked on mobile terminal display interface
Window includes:
Detect the process change in described mobile terminal;
Determine that described process generates new window on mobile terminal display interface.
3. method according to claim 1, wherein, uses in preset characteristic information storehouse to described spy
Reference breath carries out characteristic matching and includes:
Carry out white sample characteristics coupling and/or black sample characteristics coupling to described characteristic information.
4. method according to claim 3, wherein, carries out white sample characteristics to described characteristic information
Join and include:
Extract the payment keyword that the content of text of element in described window to be checked comprises,
Determine corresponding payment class software according to described payment keyword;
By the characteristic information of the element of described window to be checked and corresponding payment described in described characteristic information storehouse
The window elements characteristic information of class software is compared, if comparison result is consistent, determines described window to be checked
For security window.
5. method according to claim 4, wherein, pre-save described of described characteristic information storehouse
The elemental characteristic information paying class software window includes: the elemental characteristic letter of the login window of described payment class software
Breath, the account of described payment class software bind the elemental characteristic information of window, the payment of described payment class software
The elemental characteristic information of window.
6. method according to claim 3, wherein, carries out black sample characteristics to described characteristic information
Join and include:
Element by the characteristic information of described window to be checked and the window of malice sample in described characteristic information storehouse
Characteristic information mates, if there is coupling, determines described window to be checked for malice window.
7. method according to any one of claim 1 to 6, wherein,
The element of described window to be checked include following at least one: input frame, title bar, label, menu,
Operation button;
The characteristic information extracting at least one element in described window to be checked includes: extract the text of described element
Content, positional information, chained address, one or more in element type.
8. method according to any one of claim 1 to 6, wherein,
Described preset characteristic information storehouse is preset in safety analysis server,
Also included before characteristic matching is carried out to described characteristic information: described characteristic information is uploaded to described
Safety analysis server.
9. the method according to any one of claim 1 to 6, wherein, is extracting described window to be checked
In at least one element characteristic information before also include:
Security sweep is carried out to the process generating described window to be checked, to determine the sample type of described process;
When any one that described process is not belonging in known safe process or known danger process, perform extraction
The step of the characteristic information of at least one element in described window to be checked.
10. the method according to any one of claim 1 to 6, wherein, is determining described window to be checked
Also include after the security type of mouth:
Output and the corresponding information of described security type on described mobile terminal display interface.
The safety detection device of 11. 1 kinds of mobile terminal input windows, comprising:
Interface monitoring modular, is adapted to determine that on mobile terminal display interface that window to be checked occurs in generation;
Characteristic information extracting module, is suitable to extract the characteristic information of at least one element in described window to be checked;
Characteristic matching module, is adapted in use to carry out feature to described characteristic information in preset characteristic information storehouse
Join, obtain the matching result of element, and determine the security type of described window to be checked according to Match of elemental composition result,
Wherein said characteristic information storehouse pre-saves characteristic information and/or the malice of the element paying class software window
The elemental characteristic information of the window of sample.
12. devices according to claim 11, wherein, described interface monitoring modular is further adapted for:
Detect the process change in described mobile terminal;
Determine that described process generates new window on mobile terminal display interface.
13. devices according to claim 11, wherein, described characteristic matching module includes:
White sample matches submodule, is suitable to: extract that the content of text of element in described window to be checked comprises
Pay keyword, determine corresponding payment class software according to described payment keyword;By described window to be checked
The window elements feature of the characteristic information of element corresponding payment class software with described in described characteristic information storehouse
Information is compared, if comparison result is consistent, determines that described window to be checked is security window, and/or
Black sample matches submodule, is suitable to: by the characteristic information of described window to be checked and described characteristic information storehouse
The elemental characteristic information of the window of middle malice sample is mated, if there is coupling, determines described window to be checked
For malice window.
14. devices according to claim 13, wherein, it is described that described characteristic information storehouse pre-saves
The elemental characteristic information paying class software window includes: the elemental characteristic of the login window of described payment class software
Information, the account binding elemental characteristic information of window of described payment class software, described payment class software
Pay the elemental characteristic information of window.
15. devices according to according to any one of claim 11 to 14, wherein,
The element of described window to be checked include following at least one: input frame, title bar, label, menu,
Operation button;
The characteristic information extracting at least one element in described window to be checked includes: extract the text of described element
Content, positional information, chained address, one or more in element type.
16. devices according to according to any one of claim 11 to 14, wherein, described characteristic matching mould
Block includes:
Information uploads submodule, is suitable to described characteristic information is uploaded to safety analysis server, described preset
Characteristic information storehouse be preset in described safety analysis server.
17. devices according to any one of claim 11 to 14, wherein, also include:
Process scan module, is suitable to carry out security sweep to the process generating described window to be checked, to determine
State the sample type of process;
Described characteristic information extracting module is further adapted for: at the scanning result of described process scan module for described
When process is not belonging to any one in known safe process or known danger process, perform to extract described window to be checked
The step of the characteristic information of at least one element in Kou.
18. devices according to any one of claim 11 to 14, wherein, also include:
Safety instruction module, is suitable to output on described mobile terminal display interface corresponding with described security type
Information.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410377593.3A CN104182687B (en) | 2014-08-01 | 2014-08-01 | The safety detection method of mobile terminal input window and safety detection device |
| PCT/CN2015/085802 WO2016015680A1 (en) | 2014-08-01 | 2015-07-31 | Security detection method and security detection apparatus for mobile terminal input window |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410377593.3A CN104182687B (en) | 2014-08-01 | 2014-08-01 | The safety detection method of mobile terminal input window and safety detection device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104182687A CN104182687A (en) | 2014-12-03 |
| CN104182687B true CN104182687B (en) | 2016-10-05 |
Family
ID=51963719
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410377593.3A Active CN104182687B (en) | 2014-08-01 | 2014-08-01 | The safety detection method of mobile terminal input window and safety detection device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN104182687B (en) |
| WO (1) | WO2016015680A1 (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104182687B (en) * | 2014-08-01 | 2016-10-05 | 北京奇虎科技有限公司 | The safety detection method of mobile terminal input window and safety detection device |
| CN104881319B (en) * | 2015-05-14 | 2018-07-27 | 北京奇虎科技有限公司 | A kind of data processing method and device of striding course |
| KR102130744B1 (en) | 2015-07-21 | 2020-07-06 | 삼성전자주식회사 | Display device and Method for controlling the display device thereof |
| CN107153790A (en) * | 2016-03-04 | 2017-09-12 | 北京众思铭信息技术有限公司 | Mobile terminal safety means of defence, device and mobile terminal |
| CN105930720A (en) * | 2016-05-05 | 2016-09-07 | 北京元心科技有限公司 | Method and system for implementing human-computer interaction with device security |
| CN107562474A (en) * | 2017-08-29 | 2018-01-09 | 努比亚技术有限公司 | Interface filter method, terminal and the computer-readable recording medium of a kind of application program |
| CN108133137B (en) * | 2017-12-13 | 2021-11-23 | 北京奇虎科技有限公司 | Interface security detection method and device in intelligent terminal |
| CN108108618B (en) * | 2017-12-28 | 2021-05-25 | 中国信息通信研究院 | Application interface detection method and device for counterfeiting attack |
| CN109302338B (en) * | 2018-08-31 | 2022-04-19 | 南昌努比亚技术有限公司 | Intelligent risk prompting method, mobile terminal and computer readable storage medium |
| CN109992472A (en) * | 2019-02-25 | 2019-07-09 | 努比亚技术有限公司 | A kind of interface monitoring method, terminal and computer readable storage medium |
| CN110309647B (en) * | 2019-06-28 | 2022-02-25 | 北京乐蜜科技有限责任公司 | Processing method and device for application program, electronic equipment and storage medium |
| CN111949356A (en) * | 2020-08-17 | 2020-11-17 | 联想(北京)有限公司 | Popup window processing method and device and electronic equipment |
| CN116051868B (en) * | 2023-03-31 | 2023-06-13 | 山东大学 | Interface element identification method for windows system |
Family Cites Families (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8468597B1 (en) * | 2008-12-30 | 2013-06-18 | Uab Research Foundation | System and method for identifying a phishing website |
| US8631330B1 (en) * | 2009-08-16 | 2014-01-14 | Bitdefender IPR Management Ltd. | Security application graphical user interface customization systems and methods |
| CN102592067B (en) * | 2011-01-17 | 2014-07-30 | 腾讯科技(深圳)有限公司 | Webpage recognition method, device and system |
| CN103795703A (en) * | 2011-04-18 | 2014-05-14 | 北京奇虎科技有限公司 | Method for ensuring user network security and client |
| CN102622553A (en) * | 2012-04-24 | 2012-08-01 | 腾讯科技(深圳)有限公司 | Method and device for detecting webpage safety |
| CN102737183B (en) * | 2012-06-12 | 2014-08-13 | 腾讯科技(深圳)有限公司 | Method and device for webpage safety access |
| CN102968590B (en) * | 2012-10-23 | 2015-08-05 | 北京奇虎科技有限公司 | Play window suppressing method and system |
| CN103825866B (en) * | 2012-11-19 | 2016-11-09 | 腾讯科技(深圳)有限公司 | A kind of login safety detection method and device |
| CN103368957B (en) * | 2013-07-04 | 2017-03-15 | 北京奇虎科技有限公司 | Method and system that web page access behavior is processed, client, server |
| CN103390128A (en) * | 2013-08-01 | 2013-11-13 | 贝壳网际(北京)安全技术有限公司 | Page labeling method and device and terminal equipment |
| CN104021339A (en) * | 2014-06-10 | 2014-09-03 | 北京奇虎科技有限公司 | Safety payment method and device for mobile terminal |
| CN104134143B (en) * | 2014-07-15 | 2017-05-03 | 北京奇付通科技有限公司 | Mobile payment security protection method, mobile payment security protection device and cloud server |
| CN104021467A (en) * | 2014-06-12 | 2014-09-03 | 北京奇虎科技有限公司 | Method and device for protecting payment security of mobile terminal and mobile terminal |
| CN104182687B (en) * | 2014-08-01 | 2016-10-05 | 北京奇虎科技有限公司 | The safety detection method of mobile terminal input window and safety detection device |
-
2014
- 2014-08-01 CN CN201410377593.3A patent/CN104182687B/en active Active
-
2015
- 2015-07-31 WO PCT/CN2015/085802 patent/WO2016015680A1/en active Application Filing
Also Published As
| Publication number | Publication date |
|---|---|
| CN104182687A (en) | 2014-12-03 |
| WO2016015680A1 (en) | 2016-02-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104182687B (en) | The safety detection method of mobile terminal input window and safety detection device | |
| CN104063664B (en) | The safety detection method of software installation bag, client, server and system | |
| CN104009977B (en) | A kind of method and system of information protection | |
| CN104517054B (en) | Method, device, client and server for detecting malicious APK | |
| ES2808954T3 (en) | Procedure and device for use in risk management of application information | |
| Chen et al. | GUI-squatting attack: Automated generation of Android phishing apps | |
| CN106326737B (en) | System and method for detecting the harmful file that can be executed on virtual stack machine | |
| CN107005543A (en) | System and method for preventing unwarranted network intrusions | |
| CN104021467A (en) | Method and device for protecting payment security of mobile terminal and mobile terminal | |
| CN111083165B (en) | Login interception method and system based on combined anti-collision library platform | |
| CN104685510A (en) | Identifying whether application is malicious | |
| Murdoch et al. | How certification systems fail: Lessons from the Ware report | |
| US11809556B2 (en) | System and method for detecting a malicious file | |
| CN110855642B (en) | Application vulnerability detection method and device, electronic equipment and storage medium | |
| CN104486306A (en) | Method for identity authentication based on finger vein recognition and cloud service | |
| CN107169766A (en) | A kind of safety detection method of payment environment, device and electronic equipment | |
| CN105653989B (en) | A kind of information leakage preventing method and device | |
| Abi Din et al. | Boxer: Preventing fraud by scanning credit cards | |
| CN106161338A (en) | For verifying the method and device of user identity | |
| CN109522714A (en) | A kind of method and system that target software is protected based on plug-in securing software | |
| CN109726883A (en) | A kind of risk management and control method of insurance business, device, equipment and storage medium | |
| CN106055693A (en) | Information processing method and terminal | |
| Escoses et al. | Phisherman: Phishing Link Scanner | |
| CN111723357A (en) | Login verification method and device | |
| CN114121049B (en) | Data processing method, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220711 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co., Ltd |
|
| TR01 | Transfer of patent right |