CN104883680B - A kind of data guard method and user terminal - Google Patents
A kind of data guard method and user terminal Download PDFInfo
- Publication number
- CN104883680B CN104883680B CN201510249168.0A CN201510249168A CN104883680B CN 104883680 B CN104883680 B CN 104883680B CN 201510249168 A CN201510249168 A CN 201510249168A CN 104883680 B CN104883680 B CN 104883680B
- Authority
- CN
- China
- Prior art keywords
- user terminal
- application
- network
- wifi network
- target wifi
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention discloses a kind of data guard method, the security level of the target network for currently being connected according to user terminal is corresponding to be monitored management to the application on user terminal using blacklist.The method comprise the steps that user terminal determines the security level of the target WIFI network currently connected;The user terminal determines that the security level is corresponding using blacklist;The user terminal is monitored management to the application on the user terminal using blacklist according to described.In the embodiment of the present invention, user terminal can get the security level of the target WIFI network currently connected, and different application blacklists is determined according to the security level, user terminal is monitored management to the application on user terminal using blacklist according to this, i.e. user terminal can in real time be monitored the application on user terminal using different monitoring strategies according to different network security levels, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
Description
Technical field
The present invention relates to the communications field more particularly to a kind of data guard methods and user terminal.
Background technique
As a kind of user terminal, mobile phone increasingly enters daily life, but the exposure problem of mobile phone private simultaneously
Further serious, the approach of privacy of user leakage becomes more and more, thus needs the privacy number on the user terminal used user
According to being protected.
A kind of existing user terminal data guard method is detected on user terminal according to the virus base built in antivirus software
Hazardous applications, then limit the operation of the hazardous applications or directly delete danger operation, to protect user's end data,
It will not be revealed because of the hazardous applications.
But since some security applications are also required to through network sending and receiving data, these security applications are usually will not be by
What antivirus software limitation ran or deleted, but due to the presence of some insecure networks, if the network sheet of user terminal connection
Body is exactly insecure network, then these security applications by connection insecure network sending and receiving data when, it is also possible to according at
The leakage of family end data, i.e., existing technology cannot be in real time according to the security level at the network of user terminal connection on user terminals
Application be monitored management.
Summary of the invention
The embodiment of the invention provides a kind of data guard methods, the target network for currently being connected according to user terminal
Security level is corresponding to be monitored management to the application on user terminal using blacklist.
In view of this, first aspect present invention provides a kind of data guard method, comprising:
User terminal determines the security level of the target WIFI network currently connected;
The user terminal determines that the security level is corresponding using blacklist;
The user terminal is monitored management to the application on the user terminal using blacklist according to described.
Optionally:
The user terminal determines that the security level of the target WIFI network currently connected includes:
The user terminal judges whether the target WIFI network is network in preset network black and white lists;
If so, the user terminal determines the safety level of the target WIFI network according to the preset network black and white lists
Not;
If it is not, then the user terminal to the target WIFI network send probe data packet;
The user terminal determines the security level of the target WIFI network according to the probe data packet.
Optionally:
The user terminal sends probe data packet to the target WIFI network
The user terminal sends the first probe data packet to the target WIFI network, and first probe data packet is used for
Detect whether the target WIFI network is fishing network;
The user terminal sends the second probe data packet to the target WIFI network, and second probe data packet is used for
The target WIFI network is detected with the presence or absence of ARP spoofing attack behavior;
The user terminal sends third probe data packet to the target WIFI network, and the third probe data packet is used for
The target WIFI network is detected to cheat with the presence or absence of DNS;
The user terminal determines the security level of the target WIFI network according to the probe data packet specifically:
The user terminal is determined according to first probe data packet, the second probe data packet and third probe data packet
The security level of the target WIFI network.
Optionally:
The user terminal is monitored management and includes: using blacklist according to described to the application on the user terminal
For each application on the user terminal, the user terminal judges whether the application is network-type application;
If the application is network-type application, the user terminal judges whether the application is in the application blacklist
Application;
If the application is the application using in blacklist, the user terminal shows prompt information.
Optionally:
The user terminal shows that prompt information includes:
The user terminal disposably shows the prompt information using applications all in blacklist;
Or,
When an application using in blacklist is run, the user terminal shows the prompt letter of the application
Breath.
Second aspect of the present invention provides a kind of user terminal, comprising:
First determining module, for determining the security level of the target WIFI network currently connected;
Second determining module, for determining the corresponding black name of application of the determining security level of first determining module
It is single;
Processing module, for according to second determining module determine it is described using blacklist on the user terminal
It is managed using being monitored.
Optionally:
First determining module includes:
Judging unit, for judging whether the target WIFI network is network in preset network black and white lists;
First determination unit, for determining that the target WIFI network is preset network black and white lists when the judging unit
In network when, determine the security level of the target WIFI network;
Transmission unit, for determining that the target WIFI network is not in preset network black and white lists when the judging unit
Network when, Xiang Suoshu target WIFI network send probe data packet;
Second determination unit, the probe data packet for being sent according to the transmission unit determine the target WIFI network
Security level.
Optionally:
The transmission unit includes:
First transmission sub-unit, for sending the first probe data packet, first detection to the target WIFI network
Data packet is for detecting whether the target WIFI network is fishing network;
Second transmission sub-unit, for sending the second probe data packet, second detection to the target WIFI network
Data packet is for detecting the target WIFI network with the presence or absence of ARP spoofing attack behavior;
Third transmission sub-unit, for sending third probe data packet, the third detection to the target WIFI network
Data packet is cheated for detecting the target WIFI network with the presence or absence of DNS;
Second determination unit is specifically used for:
The target is determined according to first probe data packet, the second probe data packet and third probe data packet
The security level of WIFI network.
Optionally:
The processing module includes:
First judging unit, for judging whether the application is network for each application on the user terminal
Type application;
Second judgment unit judges the application for the network-type application when the first judging unit determines the application
It whether is the application using in blacklist;
Processing unit, for determining that the application is the application using in blacklist when the second judgment unit
When, show prompt information.
Optionally:
The processing unit includes:
First processing subelement, disposably shows the prompt using applications all in blacklist for the user terminal
Information;
Second processing subelement, for when it is described be run using one in blacklist application when, the user terminal exhibition
Show the prompt information of the application.
As can be seen from the above technical solutions, the embodiment of the present invention has the advantage that in the present solution, user terminal can obtain
The security level of the target WIFI network currently connected is got, and determines different blacklists of applying, use according to the security level
Family end is monitored management to the application on user terminal using blacklist according to this, i.e. user terminal can be in real time according to different
Network security level is monitored the application on user terminal using different monitoring strategies, so as to avoid due to being connected to not
When secure network, user terminal operational safety apply when caused by leaking data.
Detailed description of the invention
Fig. 1 is one embodiment schematic diagram of data guard method in the embodiment of the present invention;
Fig. 2 is another embodiment schematic diagram of data guard method in the embodiment of the present invention;
Fig. 3 is another embodiment schematic diagram of data guard method in the embodiment of the present invention;
Fig. 4 is one embodiment schematic diagram of user terminal in the embodiment of the present invention;
Fig. 5 is another embodiment schematic diagram of user terminal in the embodiment of the present invention;
Fig. 6 is another embodiment schematic diagram of user terminal in the embodiment of the present invention.
Specific embodiment
The embodiment of the invention provides a kind of data guard methods, the target network for currently being connected according to user terminal
Security level is corresponding to be monitored management to the application on user terminal using blacklist.
In order to enable those skilled in the art to better understand the solution of the present invention, below in conjunction in the embodiment of the present invention
Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is only
The embodiment of a part of the invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people
The model that the present invention protects all should belong in member's every other embodiment obtained without making creative work
It encloses.
Description and claims of this specification and term " first ", " second ", " third " " in above-mentioned attached drawing
The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage
The data that solution uses in this way are interchangeable under appropriate circumstances, so that the embodiments described herein can be in addition to illustrating herein
Or the sequence other than the content of description is implemented.In addition, term " includes " and " having " and their any deformation, it is intended that
Cover it is non-exclusive include, for example, containing the process, method, system, product or equipment of a series of steps or units need not limit
In step or unit those of is clearly listed, but may include be not clearly listed or for these process, methods, produce
The other step or units of product or equipment inherently.
Referring to Fig. 1, one embodiment of data guard method includes: in the embodiment of the present invention
101, user terminal determines the security level of the target WIFI network currently connected;
In the present embodiment, user terminal can determine the security level of the target WIFI network currently connected.
It should be noted that user terminal can also be obtained by scanning before user terminal is not attached to target WIFI network
The attachable WIFI network of surrounding, and tentatively judge the safety of all attachable WIFI networks, it can if specifically may is that
The WIFI network of connection is the open network of unencryption, it may be considered that the safety of the WIFI network is not high, user terminal can be with
The display reminding information on the WIFI.
In practical applications, security level can be set by user according to own situation, for example can be set as safety level
Other 1, security level 2, security level 3 can also simply be set as dangerous, safety, and the setting of security level can also be useful
Family end default setting, specifically herein without limitation.
In the present embodiment and subsequent embodiment, user terminal can be a kind of user equipment, such as mobile phone, tablet computer
Deng specifically herein without limitation, in subsequent embodiment, this part is repeated no more.
102, user terminal determines that the security level is corresponding using blacklist;
In the present embodiment, after user terminal determines the security level of the target WIFI network currently connected, user terminal can
Determine that the security level is corresponding using blacklist.
It should be noted that the corresponding application blacklist of different security levels may be different or the same, in reality
It can be set by user according to own situation in, can also be defaulted by user terminal and be provided, specifically herein without limitation.
103, user terminal is monitored management to the application on the user terminal using blacklist according to this.
In the present embodiment, user terminal is determined using after blacklist, blacklist can be applied to the application on user terminal according to this
It is monitored management.
It should be noted that user terminal applies blacklist to the use according to this in the present embodiment and subsequent embodiment
It includes that the application being currently running to foreground is monitored management that application on the end of family, which is monitored management, further includes black according to application
List clears up background application automatically, and in subsequent embodiment, this part is repeated no more.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this
Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this
Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time
Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
Referring to Fig. 2, another embodiment of data guard method includes: in the embodiment of the present invention
201, user terminal judges whether target WIFI network is network in preset network black and white lists, if so, executing
Step 202, if it is not, thening follow the steps 203;
In the present embodiment, after user terminal is connected to target WIFI network, can judge the target WIFI network whether be
Network in preset network black and white lists, if so, 202 are thened follow the steps, if it is not, thening follow the steps 203.
It should be noted that user terminal can update preset network black and white lists by network server, preset network is black
It include the security information of corresponding network in white list, in practical applications, when user terminal is connected to target WIFI network, also
The information of target WIFI network can be sent to including security level etc. server, record preservation be carried out by server, specifically
Herein without limitation.
202, user terminal determines the security level of target WIFI network according to preset network black and white lists, executes step 205;
In the present embodiment, if user terminal determines that the target WIFI network currently connected is the net in preset network black and white lists
When network, user terminal determines the security level of target WIFI network according to the preset network black and white lists.
203, user terminal sends probe data packet to target WIFI network, executes step 204;
In the present embodiment, if user terminal determines target WIFI network not when being the network in preset network black and white lists, use
Family end can send probe data packet to target WIFI network.
Specifically include it should be noted that user terminal sends probe data packet to target WIFI network: user terminal is to target
WIFI network sends the first probe data packet, first probe data packet be specifically used for detecting the target WIFI network whether be
Fishing network;User terminal sends the second probe data packet to target WIFI network, and the second probe data packet is for detecting target
WIFI network whether there is ARP spoofing attack behavior, and user terminal sends third probe data packet to target WIFI network, and third is visited
Measured data packet is cheated for detecting target WIFI network with the presence or absence of DNS, and user terminal can disposably be sent out to target WIFI network
A variety of probe data packets are sent, can also be sent several times to target WIFI network, and determined according to the probe data packet sent before
Whether fixed to need to continue to send subsequent probe data packet, in practical applications, user terminal can also be as needed to target
WIFI network sends other probe data packets, specifically herein without limitation.
204, user terminal determines the security level of target WIFI network according to probe data packet, executes step 205;
In the present embodiment, after user terminal sends probe data packet to target WIFI network, user terminal can be according to detection number
According to the security level for wrapping determining target WIFI network
It should be noted that if user terminal to target WIFI network send the first probe data packet, the second probe data packet,
Third probe data packet, then user terminal can determine that the security level of target WIFI network specifically can be with according to probe data packet
Be: user terminal determines target WIFI network according to the first probe data packet, the second probe data packet and third probe data packet
Security level.
205, user terminal determines that the security level is corresponding using blacklist;
In the present embodiment, after user terminal determines the security level of the target WIFI network currently connected, user terminal can
Determine that the security level is corresponding using blacklist.
It should be noted that the corresponding application blacklist of different security levels may be different or the same, in reality
It can be set by user according to own situation in, can also be defaulted by user terminal and be provided, specifically herein without limitation.
206, user terminal is monitored management to the application on user terminal using blacklist according to this.
In the present embodiment, user terminal is determined using after blacklist, blacklist can be applied to the application on user terminal according to this
It is monitored management.
It should be noted that user terminal is monitored management and includes: using blacklist according to this to the application on user terminal
User terminal is monitored the application being currently running, and is managed to the application of user terminal running background.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this
Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this
Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time
Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
A kind of user terminal is provided below according to application blacklist to the mode using monitoring management on user terminal, specifically
:
Referring to Fig. 3, another embodiment of data guard method includes: in the embodiment of the present invention
301, user terminal determines the security level of the target WIFI network currently connected;
In the present embodiment, user terminal can determine the security level of the target WIFI network currently connected, specifically can be with
Similar to embodiment shown in Fig. 2, details are not described herein again.
It should be noted that user terminal can also be obtained by scanning before user terminal is not attached to target WIFI network
The attachable WIFI network of surrounding, and tentatively judge the safety of all attachable WIFI networks, it can if specifically may is that
The WIFI network of connection is the open network of unencryption, it may be considered that the safety of the WIFI network is not high, user terminal can be with
The display reminding information on the WIFI.
In practical applications, security level can be set by user according to own situation, for example can be set as safety level
Other 1, security level 2, security level 3 can also simply be set as dangerous, safety, and the setting of security level can also be useful
Family end default setting, specifically herein without limitation.
302, user terminal determines that the security level is corresponding using blacklist;
In the present embodiment, after user terminal determines the security level of the target WIFI network currently connected, user terminal can
Determine that the security level is corresponding using blacklist.
It should be noted that the corresponding application blacklist of different security levels may be different or the same, in reality
It can be set by user according to own situation in, can also be defaulted by user terminal and be provided, specifically herein without limitation.
303, whether user terminal judges using being network-type application, if so, 304 are thened follow the steps, if it is not, thening follow the steps
306;
In the present embodiment, for each application on user terminal, user terminal can judge whether the application is network-type
Using if so, 304 are thened follow the steps, if it is not, thening follow the steps 306.
It should be noted that user terminal judges whether the application is that network-type application specifically may is that user terminal according to this
It applies and whether needs to judge using flow whether the application is network-type application in use process, be also possible to answer by analyzing this
Whether APP data packet has applied for that network legal power judges whether the application is that network-type is answered according to the APP data packet of the application
With in practical applications, user terminal can also judge whether the application is network-type application by other means, specifically herein not
It limits.
304, user terminal judge the application whether be using the application in blacklist, if so, then follow the steps 305, if it is not,
Then follow the steps 306;
In the present embodiment, when user terminal determines that the application is network-type in application, user terminal judges whether the application is to answer
With the application in blacklist, if so, 305 are thened follow the steps, if it is not, thening follow the steps 306.
305, user terminal shows prompt information;
In the present embodiment, when user terminal determines that the application is using in blacklist in application, user terminal can be shown mentions
Show information.
It should be noted that user terminal shows that prompt information specifically may is that user terminal is disposably shown using blacklist
In all applications prompt information;Or, user terminal shows mentioning for the application when an application in application blacklist is run
Show information, specifically herein without limitation.
306, user terminal executes other operations.
In the present embodiment, when being unsatisfactory for Rule of judgment, user terminal can execute other operations, can be operation application fortune
Row is managed application according to the prior art, does not limit herein specifically.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this
Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this
Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time
Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
It should be noted that it further includes using that user terminal, which is monitored management to the application on user terminal according to application blacklist,
Family end is according to the application for clearing up running background automatically using blacklist.
Described above is the data guard methods in the embodiment of the present invention, below to the user terminal in the embodiment of the present invention into
Row description, specific:
Referring to Fig. 4, one embodiment of user terminal includes: in the embodiment of the present invention
First determining module 401, for determining the security level of the target WIFI network currently connected;
Second determining module 402, for determining the corresponding black name of application of the determining security level of the first determining module 401
It is single;
Processing module 403 carries out the application on user terminal using blacklist for what is determined according to the second determining module
Monitoring management.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this
Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this
Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time
Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
Referring to Fig. 5, another embodiment of user terminal includes: in the embodiment of the present invention
First determining module 501, for determining the security level of the target WIFI network currently connected;
Second determining module 502, for determining the corresponding black name of application of the determining security level of the first determining module 501
It is single;
Processing module 503 carries out the application on user terminal using blacklist for what is determined according to the second determining module
Monitoring management;
Wherein, the first determining module 501 includes:
Judging unit 5011, for judging whether target WIFI network is network in preset network black and white lists;
First determination unit 5012, for determining that target WIFI network is preset network black and white lists when judging unit 5011
In network when, determine the security level of target WIFI network;
Transmission unit 5013, for determining that target WIFI network is not in preset network black and white lists when judging unit 5011
Network when, to target WIFI network send probe data packet;
Second determination unit 5014, the probe data packet for being sent according to transmission unit 5013 determine target WIFI network
Security level.
It should be noted that in the present embodiment, the realization of transmission unit 5013 may include:
First transmission sub-unit 50131, for sending the first probe data packet to target WIFI network, the first detection number
According to packet for detecting whether target WIFI network is fishing network;
Second transmission sub-unit 50132, for sending the second probe data packet to target WIFI network, the second detection number
According to packet for detecting target WIFI network with the presence or absence of ARP spoofing attack behavior;
Third transmission sub-unit 50133, for sending third probe data packet to target WIFI network, which detects number
It is cheated for detecting target WIFI network with the presence or absence of DNS according to packet;
Second determination unit 5014 is specifically used for:
Target WIFI network is determined according to the first probe data packet, the second probe data packet and third probe data packet
Security level.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this
Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this
Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time
Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
Referring to Fig. 6, another embodiment of user terminal includes: in the embodiment of the present invention
First determining module 601, for determining the security level of the target WIFI network currently connected;
Second determining module 602, for determining the corresponding black name of application of the determining security level of the first determining module 601
It is single;
Processing module 603, for according to the second determining module 602 determine using blacklist on user terminal application into
Row monitoring management;
Wherein, processing module 603 includes:
First judging unit 6031, for judging whether the application is network-type for each application on user terminal
Using;
Second judgment unit 6032, for the network-type application when the first judging unit 6031 determines the application, judgement should
Using whether being using the application in blacklist;
Processing unit 6033, for determining that application is using in blacklist in application, exhibition when second judgment unit 6032
Show prompt information.
It should be noted that in the present embodiment, processing unit 6033 specifically can also include:
First processing subelement 60331 disposably shows the prompt letter using all applications in blacklist for user terminal
Breath;
Second processing subelement 60332, for when an application in application blacklist is run, user terminal is shown should
The prompt information of application.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this
Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this
Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time
Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In several embodiments provided herein, it should be understood that disclosed system, device and method can be with
It realizes by another way.For example, the apparatus embodiments described above are merely exemplary, for example, the unit
It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components
It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or
The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of device or unit
It closes or communicates to connect, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can store in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially
The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words
It embodies, which is stored in a storage medium, including some instructions are used so that a computer
Equipment (can be personal computer, server or the network equipment etc.) executes the complete of each embodiment the method for the present invention
Portion or part steps.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only
Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. are various can store journey
The medium of sequence code.
The above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although referring to before
Stating embodiment, invention is explained in detail, those skilled in the art should understand that: it still can be to preceding
Technical solution documented by each embodiment is stated to modify or equivalent replacement of some of the technical features;And these
It modifies or replaces, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution.
Claims (10)
1. a kind of data guard method characterized by comprising
User terminal determines the security level of the target WIFI network currently connected;
The user terminal determines that the security level is corresponding using blacklist;
The user terminal is monitored management to the application on the user terminal using blacklist according to described;
The user terminal is monitored management and includes: using blacklist according to described to the application on the user terminal
The user terminal is monitored pipe to the application that the foreground on the user terminal is currently running using blacklist according to described
Reason, and according to the background application cleared up automatically using blacklist on the user terminal.
2. data guard method according to claim 1, which is characterized in that the user terminal determines the target currently connected
The security level of WIFI network includes:
The user terminal judges whether the target WIFI network is network in preset network black and white lists;
If so, the user terminal determines the security level of the target WIFI network according to the preset network black and white lists;
If it is not, then the user terminal to the target WIFI network send probe data packet;
The user terminal determines the security level of the target WIFI network according to the probe data packet.
3. data guard method according to claim 2, which is characterized in that the user terminal is to the target WIFI network
Sending probe data packet includes:
The user terminal sends the first probe data packet to the target WIFI network, and first probe data packet is for detecting
Whether the target WIFI network is fishing network;
The user terminal sends the second probe data packet to the target WIFI network, and second probe data packet is for detecting
The target WIFI network whether there is ARP spoofing attack behavior;
The user terminal sends third probe data packet to the target WIFI network, and the third probe data packet is for detecting
The target WIFI network is cheated with the presence or absence of DNS;
The user terminal determines the security level of the target WIFI network according to the probe data packet specifically:
The user terminal is according to the determination of first probe data packet, the second probe data packet and third probe data packet
The security level of target WIFI network.
4. data guard method according to claim 1, which is characterized in that the user terminal applies blacklist according to described
Being monitored management to the application on the user terminal includes:
For each application on the user terminal, the user terminal judges whether the application is network-type application;
If the application is network-type application, the user terminal judges whether the application is described using answering in blacklist
With;
If the application is the application using in blacklist, the user terminal shows prompt information.
5. data guard method according to claim 4, which is characterized in that the user terminal shows that prompt information includes:
The user terminal disposably shows the prompt information using applications all in blacklist;
Or,
When an application using in blacklist is run, the user terminal shows the prompt information of the application.
6. a kind of user terminal characterized by comprising
First determining module, for determining the security level of the target WIFI network currently connected;
Second determining module, for determining that the security level that first determining module determines is corresponding using blacklist;
Processing module, for according to second determining module determine it is described using blacklist to the application on the user terminal
It is monitored management;
The processing module is specifically used for:
Management is monitored to the application that the foreground on the user terminal is currently running using blacklist according to described, and according to
The background application cleared up automatically using blacklist on the user terminal.
7. user terminal according to claim 6, which is characterized in that first determining module includes:
Judging unit, for judging whether the target WIFI network is network in preset network black and white lists;
First determination unit, for determining that the target WIFI network is in preset network black and white lists when the judging unit
When network, the security level of the target WIFI network is determined;
Transmission unit, for determining that the target WIFI network is not the net in preset network black and white lists when the judging unit
When network, Xiang Suoshu target WIFI network sends probe data packet;
Second determination unit, the probe data packet for being sent according to the transmission unit determine the peace of the target WIFI network
Full rank.
8. user terminal according to claim 7, which is characterized in that the transmission unit includes:
First transmission sub-unit, for sending the first probe data packet, first detection data to the target WIFI network
Packet is for detecting whether the target WIFI network is fishing network;
Second transmission sub-unit, for sending the second probe data packet, second detection data to the target WIFI network
Packet is for detecting the target WIFI network with the presence or absence of ARP spoofing attack behavior;
Third transmission sub-unit, for sending third probe data packet, the third detection data to the target WIFI network
Packet is cheated for detecting the target WIFI network with the presence or absence of DNS;
Second determination unit is specifically used for:
The target WIFI net is determined according to first probe data packet, the second probe data packet and third probe data packet
The security level of network.
9. user terminal according to claim 6, which is characterized in that the processing module includes:
First judging unit, for judging whether the application is that network-type is answered for each application on the user terminal
With;
Whether second judgment unit judges the application for the network-type application when the first judging unit determines the application
For the application using in blacklist;
Processing unit, for when the second judgment unit determine the application be it is described using it is in blacklist in application, exhibition
Show prompt information.
10. user terminal according to claim 9, which is characterized in that the processing unit includes:
First processing subelement disposably shows that the prompt using applications all in blacklist is believed for the user terminal
Breath;
Second processing subelement, for when an application using in blacklist is run, the user terminal to show institute
State the prompt information of application.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510249168.0A CN104883680B (en) | 2015-05-15 | 2015-05-15 | A kind of data guard method and user terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510249168.0A CN104883680B (en) | 2015-05-15 | 2015-05-15 | A kind of data guard method and user terminal |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104883680A CN104883680A (en) | 2015-09-02 |
CN104883680B true CN104883680B (en) | 2019-08-30 |
Family
ID=53950980
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510249168.0A Active CN104883680B (en) | 2015-05-15 | 2015-05-15 | A kind of data guard method and user terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104883680B (en) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105282141A (en) * | 2015-09-08 | 2016-01-27 | 北京元心科技有限公司 | Method for detecting security of wireless network accessed by intelligent terminal and intelligent terminal |
CN106686624A (en) * | 2015-11-10 | 2017-05-17 | 中兴通讯股份有限公司 | Control method and device |
CN105828331A (en) * | 2016-03-28 | 2016-08-03 | 乐视控股(北京)有限公司 | Wireless network safety management method and device |
CN107547485B (en) * | 2016-06-29 | 2021-04-09 | 上海连尚网络科技有限公司 | Method and device for identifying phishing hotspots based on big data |
CN106412908A (en) * | 2016-09-28 | 2017-02-15 | 维沃移动通信有限公司 | Safety checking method for wireless local area network and mobile terminal |
CN106658489B (en) * | 2016-09-30 | 2020-05-05 | Oppo广东移动通信有限公司 | Terminal application processing method and device and mobile terminal |
CN106792671A (en) * | 2016-12-30 | 2017-05-31 | 广东欧珀移动通信有限公司 | Data ciphering method, device and terminal device |
CN107623916B (en) * | 2017-09-07 | 2020-08-14 | 上海掌门科技有限公司 | Method and equipment for WiFi network security monitoring |
CN109992362B (en) * | 2017-12-29 | 2021-08-13 | Oppo广东移动通信有限公司 | Application program processing method and device, electronic equipment and computer readable storage medium |
CN109992368B (en) * | 2017-12-29 | 2023-10-20 | Oppo广东移动通信有限公司 | Application processing method and device, electronic equipment and computer readable storage medium |
CN109788435B (en) * | 2018-12-28 | 2021-06-18 | 奇安信科技集团股份有限公司 | Wireless hotspot control method and device, electronic equipment and storage medium |
CN111212073B (en) * | 2020-01-02 | 2022-07-05 | 中国银行股份有限公司 | Public cloud-based blacklist account sharing method and device |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102158385A (en) * | 2010-11-23 | 2011-08-17 | 东莞宇龙通信科技有限公司 | Data information transmission device and method applied to mobile terminal |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4473256B2 (en) * | 2006-12-27 | 2010-06-02 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Information processing apparatus, method, and program for controlling resource access by application program |
CN104301117B (en) * | 2014-10-22 | 2017-11-28 | 中国联合网络通信集团有限公司 | Identity verify method and device |
-
2015
- 2015-05-15 CN CN201510249168.0A patent/CN104883680B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102158385A (en) * | 2010-11-23 | 2011-08-17 | 东莞宇龙通信科技有限公司 | Data information transmission device and method applied to mobile terminal |
Also Published As
Publication number | Publication date |
---|---|
CN104883680A (en) | 2015-09-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104883680B (en) | A kind of data guard method and user terminal | |
CN110445770B (en) | Network attack source positioning and protecting method, electronic equipment and computer storage medium | |
US9350758B1 (en) | Distributed denial of service (DDoS) honeypots | |
CN106503584B (en) | A kind of session content methods of exhibiting and system | |
US9438623B1 (en) | Computer exploit detection using heap spray pattern matching | |
CN105450619A (en) | Method, device and system of protection of hostile attacks | |
CN103368941B (en) | A kind of method and apparatus of the protection based on subscriber network access scene | |
CN109711171A (en) | Localization method and device, system, storage medium, the electronic device of software vulnerability | |
CN107645478B (en) | Network attack defense system, method and device | |
CN102035793B (en) | Botnet detecting method, device and network security protective equipment | |
CN104767713B (en) | Account binding method, server and system | |
CN105897947B (en) | The Network Access Method and device of mobile terminal | |
CN104270761B (en) | pseudo-WIFI (Wireless Fidelity) identification and processing method and device | |
CN110611723A (en) | Scheduling method and device of service resources | |
CN105939326A (en) | Message processing method and device | |
CN112019506B (en) | Phishing mail detection method based on behavior recognition, electronic device and medium | |
CN107241301A (en) | The methods, devices and systems of defense refloex attack | |
CN105100048B (en) | WiFi network secure authentication method, server, client terminal device and system | |
CN106789486B (en) | Method and device for detecting shared access, electronic equipment and computer readable storage medium | |
CN101707598B (en) | Method, device and system for identifying flood attack | |
CN112688900A (en) | Local area network safety protection system and method for preventing ARP spoofing and network scanning | |
CN110351237A (en) | Honey jar method and device for numerically-controlled machine tool | |
CN111291372B (en) | Method and device for detecting files of terminal equipment based on software gene technology | |
CN107454065B (en) | Method and device for protecting UDP Flood attack | |
CN107330331A (en) | There are the methods, devices and systems of the system of leak in identification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
EXSB | Decision made by sipo to initiate substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20171128 Address after: SED science and technology building, No. 1 Shenzhen Road, 518000 street and Guangdong Province, Nanshan District Guangdong 201 room Applicant after: Shenzhen City Li Ao Technology Co., Ltd. Address before: 518057 national communication No. 5, No. 5, Shenzhen, Shenzhen, Guangdong province 2118 Applicant before: SHENZHEN LEO NETWORK TECHNOLOGY CO., LTD. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |