CN104883680B - A kind of data guard method and user terminal - Google Patents

A kind of data guard method and user terminal Download PDF

Info

Publication number
CN104883680B
CN104883680B CN201510249168.0A CN201510249168A CN104883680B CN 104883680 B CN104883680 B CN 104883680B CN 201510249168 A CN201510249168 A CN 201510249168A CN 104883680 B CN104883680 B CN 104883680B
Authority
CN
China
Prior art keywords
user terminal
application
network
wifi network
target wifi
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510249168.0A
Other languages
Chinese (zh)
Other versions
CN104883680A (en
Inventor
刘洋
张延东
孙超
杨云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen City Li Ao Technology Co., Ltd.
Original Assignee
Shenzhen City Li Ao Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen City Li Ao Technology Co Ltd filed Critical Shenzhen City Li Ao Technology Co Ltd
Priority to CN201510249168.0A priority Critical patent/CN104883680B/en
Publication of CN104883680A publication Critical patent/CN104883680A/en
Application granted granted Critical
Publication of CN104883680B publication Critical patent/CN104883680B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention discloses a kind of data guard method, the security level of the target network for currently being connected according to user terminal is corresponding to be monitored management to the application on user terminal using blacklist.The method comprise the steps that user terminal determines the security level of the target WIFI network currently connected;The user terminal determines that the security level is corresponding using blacklist;The user terminal is monitored management to the application on the user terminal using blacklist according to described.In the embodiment of the present invention, user terminal can get the security level of the target WIFI network currently connected, and different application blacklists is determined according to the security level, user terminal is monitored management to the application on user terminal using blacklist according to this, i.e. user terminal can in real time be monitored the application on user terminal using different monitoring strategies according to different network security levels, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.

Description

A kind of data guard method and user terminal
Technical field
The present invention relates to the communications field more particularly to a kind of data guard methods and user terminal.
Background technique
As a kind of user terminal, mobile phone increasingly enters daily life, but the exposure problem of mobile phone private simultaneously Further serious, the approach of privacy of user leakage becomes more and more, thus needs the privacy number on the user terminal used user According to being protected.
A kind of existing user terminal data guard method is detected on user terminal according to the virus base built in antivirus software Hazardous applications, then limit the operation of the hazardous applications or directly delete danger operation, to protect user's end data, It will not be revealed because of the hazardous applications.
But since some security applications are also required to through network sending and receiving data, these security applications are usually will not be by What antivirus software limitation ran or deleted, but due to the presence of some insecure networks, if the network sheet of user terminal connection Body is exactly insecure network, then these security applications by connection insecure network sending and receiving data when, it is also possible to according at The leakage of family end data, i.e., existing technology cannot be in real time according to the security level at the network of user terminal connection on user terminals Application be monitored management.
Summary of the invention
The embodiment of the invention provides a kind of data guard methods, the target network for currently being connected according to user terminal Security level is corresponding to be monitored management to the application on user terminal using blacklist.
In view of this, first aspect present invention provides a kind of data guard method, comprising:
User terminal determines the security level of the target WIFI network currently connected;
The user terminal determines that the security level is corresponding using blacklist;
The user terminal is monitored management to the application on the user terminal using blacklist according to described.
Optionally:
The user terminal determines that the security level of the target WIFI network currently connected includes:
The user terminal judges whether the target WIFI network is network in preset network black and white lists;
If so, the user terminal determines the safety level of the target WIFI network according to the preset network black and white lists Not;
If it is not, then the user terminal to the target WIFI network send probe data packet;
The user terminal determines the security level of the target WIFI network according to the probe data packet.
Optionally:
The user terminal sends probe data packet to the target WIFI network
The user terminal sends the first probe data packet to the target WIFI network, and first probe data packet is used for Detect whether the target WIFI network is fishing network;
The user terminal sends the second probe data packet to the target WIFI network, and second probe data packet is used for The target WIFI network is detected with the presence or absence of ARP spoofing attack behavior;
The user terminal sends third probe data packet to the target WIFI network, and the third probe data packet is used for The target WIFI network is detected to cheat with the presence or absence of DNS;
The user terminal determines the security level of the target WIFI network according to the probe data packet specifically:
The user terminal is determined according to first probe data packet, the second probe data packet and third probe data packet The security level of the target WIFI network.
Optionally:
The user terminal is monitored management and includes: using blacklist according to described to the application on the user terminal
For each application on the user terminal, the user terminal judges whether the application is network-type application;
If the application is network-type application, the user terminal judges whether the application is in the application blacklist Application;
If the application is the application using in blacklist, the user terminal shows prompt information.
Optionally:
The user terminal shows that prompt information includes:
The user terminal disposably shows the prompt information using applications all in blacklist;
Or,
When an application using in blacklist is run, the user terminal shows the prompt letter of the application Breath.
Second aspect of the present invention provides a kind of user terminal, comprising:
First determining module, for determining the security level of the target WIFI network currently connected;
Second determining module, for determining the corresponding black name of application of the determining security level of first determining module It is single;
Processing module, for according to second determining module determine it is described using blacklist on the user terminal It is managed using being monitored.
Optionally:
First determining module includes:
Judging unit, for judging whether the target WIFI network is network in preset network black and white lists;
First determination unit, for determining that the target WIFI network is preset network black and white lists when the judging unit In network when, determine the security level of the target WIFI network;
Transmission unit, for determining that the target WIFI network is not in preset network black and white lists when the judging unit Network when, Xiang Suoshu target WIFI network send probe data packet;
Second determination unit, the probe data packet for being sent according to the transmission unit determine the target WIFI network Security level.
Optionally:
The transmission unit includes:
First transmission sub-unit, for sending the first probe data packet, first detection to the target WIFI network Data packet is for detecting whether the target WIFI network is fishing network;
Second transmission sub-unit, for sending the second probe data packet, second detection to the target WIFI network Data packet is for detecting the target WIFI network with the presence or absence of ARP spoofing attack behavior;
Third transmission sub-unit, for sending third probe data packet, the third detection to the target WIFI network Data packet is cheated for detecting the target WIFI network with the presence or absence of DNS;
Second determination unit is specifically used for:
The target is determined according to first probe data packet, the second probe data packet and third probe data packet The security level of WIFI network.
Optionally:
The processing module includes:
First judging unit, for judging whether the application is network for each application on the user terminal Type application;
Second judgment unit judges the application for the network-type application when the first judging unit determines the application It whether is the application using in blacklist;
Processing unit, for determining that the application is the application using in blacklist when the second judgment unit When, show prompt information.
Optionally:
The processing unit includes:
First processing subelement, disposably shows the prompt using applications all in blacklist for the user terminal Information;
Second processing subelement, for when it is described be run using one in blacklist application when, the user terminal exhibition Show the prompt information of the application.
As can be seen from the above technical solutions, the embodiment of the present invention has the advantage that in the present solution, user terminal can obtain The security level of the target WIFI network currently connected is got, and determines different blacklists of applying, use according to the security level Family end is monitored management to the application on user terminal using blacklist according to this, i.e. user terminal can be in real time according to different Network security level is monitored the application on user terminal using different monitoring strategies, so as to avoid due to being connected to not When secure network, user terminal operational safety apply when caused by leaking data.
Detailed description of the invention
Fig. 1 is one embodiment schematic diagram of data guard method in the embodiment of the present invention;
Fig. 2 is another embodiment schematic diagram of data guard method in the embodiment of the present invention;
Fig. 3 is another embodiment schematic diagram of data guard method in the embodiment of the present invention;
Fig. 4 is one embodiment schematic diagram of user terminal in the embodiment of the present invention;
Fig. 5 is another embodiment schematic diagram of user terminal in the embodiment of the present invention;
Fig. 6 is another embodiment schematic diagram of user terminal in the embodiment of the present invention.
Specific embodiment
The embodiment of the invention provides a kind of data guard methods, the target network for currently being connected according to user terminal Security level is corresponding to be monitored management to the application on user terminal using blacklist.
In order to enable those skilled in the art to better understand the solution of the present invention, below in conjunction in the embodiment of the present invention Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is only The embodiment of a part of the invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people The model that the present invention protects all should belong in member's every other embodiment obtained without making creative work It encloses.
Description and claims of this specification and term " first ", " second ", " third " " in above-mentioned attached drawing The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage The data that solution uses in this way are interchangeable under appropriate circumstances, so that the embodiments described herein can be in addition to illustrating herein Or the sequence other than the content of description is implemented.In addition, term " includes " and " having " and their any deformation, it is intended that Cover it is non-exclusive include, for example, containing the process, method, system, product or equipment of a series of steps or units need not limit In step or unit those of is clearly listed, but may include be not clearly listed or for these process, methods, produce The other step or units of product or equipment inherently.
Referring to Fig. 1, one embodiment of data guard method includes: in the embodiment of the present invention
101, user terminal determines the security level of the target WIFI network currently connected;
In the present embodiment, user terminal can determine the security level of the target WIFI network currently connected.
It should be noted that user terminal can also be obtained by scanning before user terminal is not attached to target WIFI network The attachable WIFI network of surrounding, and tentatively judge the safety of all attachable WIFI networks, it can if specifically may is that The WIFI network of connection is the open network of unencryption, it may be considered that the safety of the WIFI network is not high, user terminal can be with The display reminding information on the WIFI.
In practical applications, security level can be set by user according to own situation, for example can be set as safety level Other 1, security level 2, security level 3 can also simply be set as dangerous, safety, and the setting of security level can also be useful Family end default setting, specifically herein without limitation.
In the present embodiment and subsequent embodiment, user terminal can be a kind of user equipment, such as mobile phone, tablet computer Deng specifically herein without limitation, in subsequent embodiment, this part is repeated no more.
102, user terminal determines that the security level is corresponding using blacklist;
In the present embodiment, after user terminal determines the security level of the target WIFI network currently connected, user terminal can Determine that the security level is corresponding using blacklist.
It should be noted that the corresponding application blacklist of different security levels may be different or the same, in reality It can be set by user according to own situation in, can also be defaulted by user terminal and be provided, specifically herein without limitation.
103, user terminal is monitored management to the application on the user terminal using blacklist according to this.
In the present embodiment, user terminal is determined using after blacklist, blacklist can be applied to the application on user terminal according to this It is monitored management.
It should be noted that user terminal applies blacklist to the use according to this in the present embodiment and subsequent embodiment It includes that the application being currently running to foreground is monitored management that application on the end of family, which is monitored management, further includes black according to application List clears up background application automatically, and in subsequent embodiment, this part is repeated no more.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
Referring to Fig. 2, another embodiment of data guard method includes: in the embodiment of the present invention
201, user terminal judges whether target WIFI network is network in preset network black and white lists, if so, executing Step 202, if it is not, thening follow the steps 203;
In the present embodiment, after user terminal is connected to target WIFI network, can judge the target WIFI network whether be Network in preset network black and white lists, if so, 202 are thened follow the steps, if it is not, thening follow the steps 203.
It should be noted that user terminal can update preset network black and white lists by network server, preset network is black It include the security information of corresponding network in white list, in practical applications, when user terminal is connected to target WIFI network, also The information of target WIFI network can be sent to including security level etc. server, record preservation be carried out by server, specifically Herein without limitation.
202, user terminal determines the security level of target WIFI network according to preset network black and white lists, executes step 205;
In the present embodiment, if user terminal determines that the target WIFI network currently connected is the net in preset network black and white lists When network, user terminal determines the security level of target WIFI network according to the preset network black and white lists.
203, user terminal sends probe data packet to target WIFI network, executes step 204;
In the present embodiment, if user terminal determines target WIFI network not when being the network in preset network black and white lists, use Family end can send probe data packet to target WIFI network.
Specifically include it should be noted that user terminal sends probe data packet to target WIFI network: user terminal is to target WIFI network sends the first probe data packet, first probe data packet be specifically used for detecting the target WIFI network whether be Fishing network;User terminal sends the second probe data packet to target WIFI network, and the second probe data packet is for detecting target WIFI network whether there is ARP spoofing attack behavior, and user terminal sends third probe data packet to target WIFI network, and third is visited Measured data packet is cheated for detecting target WIFI network with the presence or absence of DNS, and user terminal can disposably be sent out to target WIFI network A variety of probe data packets are sent, can also be sent several times to target WIFI network, and determined according to the probe data packet sent before Whether fixed to need to continue to send subsequent probe data packet, in practical applications, user terminal can also be as needed to target WIFI network sends other probe data packets, specifically herein without limitation.
204, user terminal determines the security level of target WIFI network according to probe data packet, executes step 205;
In the present embodiment, after user terminal sends probe data packet to target WIFI network, user terminal can be according to detection number According to the security level for wrapping determining target WIFI network
It should be noted that if user terminal to target WIFI network send the first probe data packet, the second probe data packet, Third probe data packet, then user terminal can determine that the security level of target WIFI network specifically can be with according to probe data packet Be: user terminal determines target WIFI network according to the first probe data packet, the second probe data packet and third probe data packet Security level.
205, user terminal determines that the security level is corresponding using blacklist;
In the present embodiment, after user terminal determines the security level of the target WIFI network currently connected, user terminal can Determine that the security level is corresponding using blacklist.
It should be noted that the corresponding application blacklist of different security levels may be different or the same, in reality It can be set by user according to own situation in, can also be defaulted by user terminal and be provided, specifically herein without limitation.
206, user terminal is monitored management to the application on user terminal using blacklist according to this.
In the present embodiment, user terminal is determined using after blacklist, blacklist can be applied to the application on user terminal according to this It is monitored management.
It should be noted that user terminal is monitored management and includes: using blacklist according to this to the application on user terminal User terminal is monitored the application being currently running, and is managed to the application of user terminal running background.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
A kind of user terminal is provided below according to application blacklist to the mode using monitoring management on user terminal, specifically :
Referring to Fig. 3, another embodiment of data guard method includes: in the embodiment of the present invention
301, user terminal determines the security level of the target WIFI network currently connected;
In the present embodiment, user terminal can determine the security level of the target WIFI network currently connected, specifically can be with Similar to embodiment shown in Fig. 2, details are not described herein again.
It should be noted that user terminal can also be obtained by scanning before user terminal is not attached to target WIFI network The attachable WIFI network of surrounding, and tentatively judge the safety of all attachable WIFI networks, it can if specifically may is that The WIFI network of connection is the open network of unencryption, it may be considered that the safety of the WIFI network is not high, user terminal can be with The display reminding information on the WIFI.
In practical applications, security level can be set by user according to own situation, for example can be set as safety level Other 1, security level 2, security level 3 can also simply be set as dangerous, safety, and the setting of security level can also be useful Family end default setting, specifically herein without limitation.
302, user terminal determines that the security level is corresponding using blacklist;
In the present embodiment, after user terminal determines the security level of the target WIFI network currently connected, user terminal can Determine that the security level is corresponding using blacklist.
It should be noted that the corresponding application blacklist of different security levels may be different or the same, in reality It can be set by user according to own situation in, can also be defaulted by user terminal and be provided, specifically herein without limitation.
303, whether user terminal judges using being network-type application, if so, 304 are thened follow the steps, if it is not, thening follow the steps 306;
In the present embodiment, for each application on user terminal, user terminal can judge whether the application is network-type Using if so, 304 are thened follow the steps, if it is not, thening follow the steps 306.
It should be noted that user terminal judges whether the application is that network-type application specifically may is that user terminal according to this It applies and whether needs to judge using flow whether the application is network-type application in use process, be also possible to answer by analyzing this Whether APP data packet has applied for that network legal power judges whether the application is that network-type is answered according to the APP data packet of the application With in practical applications, user terminal can also judge whether the application is network-type application by other means, specifically herein not It limits.
304, user terminal judge the application whether be using the application in blacklist, if so, then follow the steps 305, if it is not, Then follow the steps 306;
In the present embodiment, when user terminal determines that the application is network-type in application, user terminal judges whether the application is to answer With the application in blacklist, if so, 305 are thened follow the steps, if it is not, thening follow the steps 306.
305, user terminal shows prompt information;
In the present embodiment, when user terminal determines that the application is using in blacklist in application, user terminal can be shown mentions Show information.
It should be noted that user terminal shows that prompt information specifically may is that user terminal is disposably shown using blacklist In all applications prompt information;Or, user terminal shows mentioning for the application when an application in application blacklist is run Show information, specifically herein without limitation.
306, user terminal executes other operations.
In the present embodiment, when being unsatisfactory for Rule of judgment, user terminal can execute other operations, can be operation application fortune Row is managed application according to the prior art, does not limit herein specifically.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
It should be noted that it further includes using that user terminal, which is monitored management to the application on user terminal according to application blacklist, Family end is according to the application for clearing up running background automatically using blacklist.
Described above is the data guard methods in the embodiment of the present invention, below to the user terminal in the embodiment of the present invention into Row description, specific:
Referring to Fig. 4, one embodiment of user terminal includes: in the embodiment of the present invention
First determining module 401, for determining the security level of the target WIFI network currently connected;
Second determining module 402, for determining the corresponding black name of application of the determining security level of the first determining module 401 It is single;
Processing module 403 carries out the application on user terminal using blacklist for what is determined according to the second determining module Monitoring management.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
Referring to Fig. 5, another embodiment of user terminal includes: in the embodiment of the present invention
First determining module 501, for determining the security level of the target WIFI network currently connected;
Second determining module 502, for determining the corresponding black name of application of the determining security level of the first determining module 501 It is single;
Processing module 503 carries out the application on user terminal using blacklist for what is determined according to the second determining module Monitoring management;
Wherein, the first determining module 501 includes:
Judging unit 5011, for judging whether target WIFI network is network in preset network black and white lists;
First determination unit 5012, for determining that target WIFI network is preset network black and white lists when judging unit 5011 In network when, determine the security level of target WIFI network;
Transmission unit 5013, for determining that target WIFI network is not in preset network black and white lists when judging unit 5011 Network when, to target WIFI network send probe data packet;
Second determination unit 5014, the probe data packet for being sent according to transmission unit 5013 determine target WIFI network Security level.
It should be noted that in the present embodiment, the realization of transmission unit 5013 may include:
First transmission sub-unit 50131, for sending the first probe data packet to target WIFI network, the first detection number According to packet for detecting whether target WIFI network is fishing network;
Second transmission sub-unit 50132, for sending the second probe data packet to target WIFI network, the second detection number According to packet for detecting target WIFI network with the presence or absence of ARP spoofing attack behavior;
Third transmission sub-unit 50133, for sending third probe data packet to target WIFI network, which detects number It is cheated for detecting target WIFI network with the presence or absence of DNS according to packet;
Second determination unit 5014 is specifically used for:
Target WIFI network is determined according to the first probe data packet, the second probe data packet and third probe data packet Security level.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
Referring to Fig. 6, another embodiment of user terminal includes: in the embodiment of the present invention
First determining module 601, for determining the security level of the target WIFI network currently connected;
Second determining module 602, for determining the corresponding black name of application of the determining security level of the first determining module 601 It is single;
Processing module 603, for according to the second determining module 602 determine using blacklist on user terminal application into Row monitoring management;
Wherein, processing module 603 includes:
First judging unit 6031, for judging whether the application is network-type for each application on user terminal Using;
Second judgment unit 6032, for the network-type application when the first judging unit 6031 determines the application, judgement should Using whether being using the application in blacklist;
Processing unit 6033, for determining that application is using in blacklist in application, exhibition when second judgment unit 6032 Show prompt information.
It should be noted that in the present embodiment, processing unit 6033 specifically can also include:
First processing subelement 60331 disposably shows the prompt letter using all applications in blacklist for user terminal Breath;
Second processing subelement 60332, for when an application in application blacklist is run, user terminal is shown should The prompt information of application.
In the present embodiment, user terminal can get the security level of the target WIFI network currently connected, and according to this Security level determines that different blacklists of applying, user terminal are monitored pipe to the application on user terminal using blacklist according to this Reason, i.e. user terminal can use different monitoring strategies to the application on user terminal according to different network security levels in real time Be monitored, when so as to avoid due to being connected to insecure network, user terminal operational safety apply when caused by leaking data.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In several embodiments provided herein, it should be understood that disclosed system, device and method can be with It realizes by another way.For example, the apparatus embodiments described above are merely exemplary, for example, the unit It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of device or unit It closes or communicates to connect, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme 's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product When, it can store in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words It embodies, which is stored in a storage medium, including some instructions are used so that a computer Equipment (can be personal computer, server or the network equipment etc.) executes the complete of each embodiment the method for the present invention Portion or part steps.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. are various can store journey The medium of sequence code.
The above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although referring to before Stating embodiment, invention is explained in detail, those skilled in the art should understand that: it still can be to preceding Technical solution documented by each embodiment is stated to modify or equivalent replacement of some of the technical features;And these It modifies or replaces, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution.

Claims (10)

1. a kind of data guard method characterized by comprising
User terminal determines the security level of the target WIFI network currently connected;
The user terminal determines that the security level is corresponding using blacklist;
The user terminal is monitored management to the application on the user terminal using blacklist according to described;
The user terminal is monitored management and includes: using blacklist according to described to the application on the user terminal
The user terminal is monitored pipe to the application that the foreground on the user terminal is currently running using blacklist according to described Reason, and according to the background application cleared up automatically using blacklist on the user terminal.
2. data guard method according to claim 1, which is characterized in that the user terminal determines the target currently connected The security level of WIFI network includes:
The user terminal judges whether the target WIFI network is network in preset network black and white lists;
If so, the user terminal determines the security level of the target WIFI network according to the preset network black and white lists;
If it is not, then the user terminal to the target WIFI network send probe data packet;
The user terminal determines the security level of the target WIFI network according to the probe data packet.
3. data guard method according to claim 2, which is characterized in that the user terminal is to the target WIFI network Sending probe data packet includes:
The user terminal sends the first probe data packet to the target WIFI network, and first probe data packet is for detecting Whether the target WIFI network is fishing network;
The user terminal sends the second probe data packet to the target WIFI network, and second probe data packet is for detecting The target WIFI network whether there is ARP spoofing attack behavior;
The user terminal sends third probe data packet to the target WIFI network, and the third probe data packet is for detecting The target WIFI network is cheated with the presence or absence of DNS;
The user terminal determines the security level of the target WIFI network according to the probe data packet specifically:
The user terminal is according to the determination of first probe data packet, the second probe data packet and third probe data packet The security level of target WIFI network.
4. data guard method according to claim 1, which is characterized in that the user terminal applies blacklist according to described Being monitored management to the application on the user terminal includes:
For each application on the user terminal, the user terminal judges whether the application is network-type application;
If the application is network-type application, the user terminal judges whether the application is described using answering in blacklist With;
If the application is the application using in blacklist, the user terminal shows prompt information.
5. data guard method according to claim 4, which is characterized in that the user terminal shows that prompt information includes:
The user terminal disposably shows the prompt information using applications all in blacklist;
Or,
When an application using in blacklist is run, the user terminal shows the prompt information of the application.
6. a kind of user terminal characterized by comprising
First determining module, for determining the security level of the target WIFI network currently connected;
Second determining module, for determining that the security level that first determining module determines is corresponding using blacklist;
Processing module, for according to second determining module determine it is described using blacklist to the application on the user terminal It is monitored management;
The processing module is specifically used for:
Management is monitored to the application that the foreground on the user terminal is currently running using blacklist according to described, and according to The background application cleared up automatically using blacklist on the user terminal.
7. user terminal according to claim 6, which is characterized in that first determining module includes:
Judging unit, for judging whether the target WIFI network is network in preset network black and white lists;
First determination unit, for determining that the target WIFI network is in preset network black and white lists when the judging unit When network, the security level of the target WIFI network is determined;
Transmission unit, for determining that the target WIFI network is not the net in preset network black and white lists when the judging unit When network, Xiang Suoshu target WIFI network sends probe data packet;
Second determination unit, the probe data packet for being sent according to the transmission unit determine the peace of the target WIFI network Full rank.
8. user terminal according to claim 7, which is characterized in that the transmission unit includes:
First transmission sub-unit, for sending the first probe data packet, first detection data to the target WIFI network Packet is for detecting whether the target WIFI network is fishing network;
Second transmission sub-unit, for sending the second probe data packet, second detection data to the target WIFI network Packet is for detecting the target WIFI network with the presence or absence of ARP spoofing attack behavior;
Third transmission sub-unit, for sending third probe data packet, the third detection data to the target WIFI network Packet is cheated for detecting the target WIFI network with the presence or absence of DNS;
Second determination unit is specifically used for:
The target WIFI net is determined according to first probe data packet, the second probe data packet and third probe data packet The security level of network.
9. user terminal according to claim 6, which is characterized in that the processing module includes:
First judging unit, for judging whether the application is that network-type is answered for each application on the user terminal With;
Whether second judgment unit judges the application for the network-type application when the first judging unit determines the application For the application using in blacklist;
Processing unit, for when the second judgment unit determine the application be it is described using it is in blacklist in application, exhibition Show prompt information.
10. user terminal according to claim 9, which is characterized in that the processing unit includes:
First processing subelement disposably shows that the prompt using applications all in blacklist is believed for the user terminal Breath;
Second processing subelement, for when an application using in blacklist is run, the user terminal to show institute State the prompt information of application.
CN201510249168.0A 2015-05-15 2015-05-15 A kind of data guard method and user terminal Active CN104883680B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510249168.0A CN104883680B (en) 2015-05-15 2015-05-15 A kind of data guard method and user terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510249168.0A CN104883680B (en) 2015-05-15 2015-05-15 A kind of data guard method and user terminal

Publications (2)

Publication Number Publication Date
CN104883680A CN104883680A (en) 2015-09-02
CN104883680B true CN104883680B (en) 2019-08-30

Family

ID=53950980

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510249168.0A Active CN104883680B (en) 2015-05-15 2015-05-15 A kind of data guard method and user terminal

Country Status (1)

Country Link
CN (1) CN104883680B (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105282141A (en) * 2015-09-08 2016-01-27 北京元心科技有限公司 Method for detecting security of wireless network accessed by intelligent terminal and intelligent terminal
CN106686624A (en) * 2015-11-10 2017-05-17 中兴通讯股份有限公司 Control method and device
CN105828331A (en) * 2016-03-28 2016-08-03 乐视控股(北京)有限公司 Wireless network safety management method and device
CN107547485B (en) * 2016-06-29 2021-04-09 上海连尚网络科技有限公司 Method and device for identifying phishing hotspots based on big data
CN106412908A (en) * 2016-09-28 2017-02-15 维沃移动通信有限公司 Safety checking method for wireless local area network and mobile terminal
CN106658489B (en) * 2016-09-30 2020-05-05 Oppo广东移动通信有限公司 Terminal application processing method and device and mobile terminal
CN106792671A (en) * 2016-12-30 2017-05-31 广东欧珀移动通信有限公司 Data ciphering method, device and terminal device
CN107623916B (en) * 2017-09-07 2020-08-14 上海掌门科技有限公司 Method and equipment for WiFi network security monitoring
CN109992362B (en) * 2017-12-29 2021-08-13 Oppo广东移动通信有限公司 Application program processing method and device, electronic equipment and computer readable storage medium
CN109992368B (en) * 2017-12-29 2023-10-20 Oppo广东移动通信有限公司 Application processing method and device, electronic equipment and computer readable storage medium
CN109788435B (en) * 2018-12-28 2021-06-18 奇安信科技集团股份有限公司 Wireless hotspot control method and device, electronic equipment and storage medium
CN111212073B (en) * 2020-01-02 2022-07-05 中国银行股份有限公司 Public cloud-based blacklist account sharing method and device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102158385A (en) * 2010-11-23 2011-08-17 东莞宇龙通信科技有限公司 Data information transmission device and method applied to mobile terminal

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4473256B2 (en) * 2006-12-27 2010-06-02 インターナショナル・ビジネス・マシーンズ・コーポレーション Information processing apparatus, method, and program for controlling resource access by application program
CN104301117B (en) * 2014-10-22 2017-11-28 中国联合网络通信集团有限公司 Identity verify method and device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102158385A (en) * 2010-11-23 2011-08-17 东莞宇龙通信科技有限公司 Data information transmission device and method applied to mobile terminal

Also Published As

Publication number Publication date
CN104883680A (en) 2015-09-02

Similar Documents

Publication Publication Date Title
CN104883680B (en) A kind of data guard method and user terminal
CN110445770B (en) Network attack source positioning and protecting method, electronic equipment and computer storage medium
US9350758B1 (en) Distributed denial of service (DDoS) honeypots
CN106503584B (en) A kind of session content methods of exhibiting and system
US9438623B1 (en) Computer exploit detection using heap spray pattern matching
CN105450619A (en) Method, device and system of protection of hostile attacks
CN103368941B (en) A kind of method and apparatus of the protection based on subscriber network access scene
CN109711171A (en) Localization method and device, system, storage medium, the electronic device of software vulnerability
CN107645478B (en) Network attack defense system, method and device
CN102035793B (en) Botnet detecting method, device and network security protective equipment
CN104767713B (en) Account binding method, server and system
CN105897947B (en) The Network Access Method and device of mobile terminal
CN104270761B (en) pseudo-WIFI (Wireless Fidelity) identification and processing method and device
CN110611723A (en) Scheduling method and device of service resources
CN105939326A (en) Message processing method and device
CN112019506B (en) Phishing mail detection method based on behavior recognition, electronic device and medium
CN107241301A (en) The methods, devices and systems of defense refloex attack
CN105100048B (en) WiFi network secure authentication method, server, client terminal device and system
CN106789486B (en) Method and device for detecting shared access, electronic equipment and computer readable storage medium
CN101707598B (en) Method, device and system for identifying flood attack
CN112688900A (en) Local area network safety protection system and method for preventing ARP spoofing and network scanning
CN110351237A (en) Honey jar method and device for numerically-controlled machine tool
CN111291372B (en) Method and device for detecting files of terminal equipment based on software gene technology
CN107454065B (en) Method and device for protecting UDP Flood attack
CN107330331A (en) There are the methods, devices and systems of the system of leak in identification

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
EXSB Decision made by sipo to initiate substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20171128

Address after: SED science and technology building, No. 1 Shenzhen Road, 518000 street and Guangdong Province, Nanshan District Guangdong 201 room

Applicant after: Shenzhen City Li Ao Technology Co., Ltd.

Address before: 518057 national communication No. 5, No. 5, Shenzhen, Shenzhen, Guangdong province 2118

Applicant before: SHENZHEN LEO NETWORK TECHNOLOGY CO., LTD.

GR01 Patent grant
GR01 Patent grant