CN104978517A - Android system illegal root detection method and Android system illegal root detection system - Google Patents
Android system illegal root detection method and Android system illegal root detection system Download PDFInfo
- Publication number
- CN104978517A CN104978517A CN201410523623.7A CN201410523623A CN104978517A CN 104978517 A CN104978517 A CN 104978517A CN 201410523623 A CN201410523623 A CN 201410523623A CN 104978517 A CN104978517 A CN 104978517A
- Authority
- CN
- China
- Prior art keywords
- android system
- root
- illegal
- detect
- detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention provides an Android system illegal root detection method and an Android system illegal root detection system. A system is subjected to conventional root detection; cloud information is used for detecting whether the system is locked or not, whether the system is illegally unlocked or not and whether a right providing vulnerability exists or not and a third party recovery mode is refurbished or not; whether the system obtains the illegal root or not is judged; whether an application program with an illegal root behavior exists in the system or not is detected; and a user is reminded of the result. The invention also provides a corresponding system. Through the contents of the invention, whether the system obtains illegal root or not and whether the illegal root risk exists or not can be detected in multiple aspects; various modes such as active checking and passive obtaining from the system are used for detection; the accuracy rate is detected; and unknown risks hidden in the system can be discovered.
Description
Technical field
The present invention relates to mobile terminal safety field, particularly a kind of illegal root detection method of android system and system.
Background technology
In android system, the general called after root of power user, it has all authorities in system, as started or stoped a process, increase or delete user etc., existing android system is general not for user provides root authority, to ensure security of system, but which limit some user functions, therefore existingly a large amount of " a key root " instruments is provided, for user provides root function, user is made to obtain more function and authority, but existing root method, general is all utilize system vulnerability, systems axiol-ogy is walked around by illegal means, illegal acquisition root authority, or by third party's means compulsory commutation system lock, or change the setting of system genuine, to reach the object etc. obtaining root.Several root methods to sum up, are all the highest weight limits being obtained android system by illegal means, destroy the self-protective mechanism of system, and once root authority is obtained by Malware, then can bring the problems such as privacy leakage.After system root, once user misoperation, then rogue program may be caused to acquire root authority.If obtain root authority by third party software, once there are security breaches in third party's fail-safe software, root authority also will be caused utilize by rogue program.Therefore user should understand used android system in time whether by illegal root.
Summary of the invention
The invention provides a kind of illegal root detection method and system of android system, by multi-direction detection, whether certainty annuity exists illegal root risk, and by indicating risk user.
An illegal root detection method for android system, comprising:
Step a, utilizes conventional method to detect android system, judges that whether android system is by root for the first time, and if so, then decision-making system is dangerous, performs step f; Otherwise perform step b;
Whether step b, detect android system and lock, and if so, performs step c; Otherwise perform step e;
Whether step c, detect android system and illegally unlocked, and if so, then performs step e; Otherwise execution steps d;
Steps d, whether detection android system exists is carried power leak, if so, then performs step f; Otherwise perform step e;
Whether step e, detect android system and brushed into third party recovery pattern, if so, then performs step f; Otherwise there is not illegal root risk in decision-making system; Third party recovery refers to third party's program of the recovery program that the system of substituted for carries, although the recovery program that third party recovery functionally carries with system is similar, but because it has the authority of amendment system, if by malicious exploitation, then can cause serious harm to system;
Step f, detects all application programs in android system, judges whether the behavior that there is illegal request root authority, if existed, then points out custom system to there is illegal root risk, and points out the application program of illegal request root authority behavior; Otherwise there is illegal root risk in prompting custom system.
In described method, described step b, whether detection android system has locked and has been specially: the information obtaining subscriber equipment, identifies current user equipment android system locking state;
In described method, described step c, detect android system whether to be specially by illegal solution lock: according to the user equipment information obtained, obtain the locking state that dispatches from the factory that relative user equipment is searched in high in the clouds, and with the comparison of current user equipment android system locking state, if unanimously, then android system is not illegally unlocked, otherwise android system is illegally unlocked.
In described method, described steps d, detect android system whether exist carry power leak be specially: by high in the clouds download flaw detection script, power Hole Detection is carried to android system.
In described method, described step f, detect all application programs in android system, judge whether that the behavior that there is illegal request root authority is specially: judge whether application program is run with root authority, or comprise file needed for root, if so, then there is the behavior of illegal request root authority, otherwise do not exist.
Present invention also offers a kind of illegal root detection system of android system, comprising:
Conventional sense module, for utilizing conventional method to detect android system, judges that whether android system is by root for the first time, and if so, then decision-making system is dangerous, proceeds to root behavioral value module; Otherwise enter the detection module that locks;
Whether lock detection module, locking, if so, entering and illegally unlocking detection module for detecting android system; Otherwise proceed to engineering mode detection module;
Whether illegal unblock detection module, illegally being unlocked for detecting android system, if so, then being proceeded to engineering mode detection module; Otherwise enter Hole Detection module;
Hole Detection module, whether detection android system exists is carried power leak, if so, then proceeds to root behavioral value module; Otherwise enter engineering mode detection module;
Whether engineering mode detection module, detect android system and brushed into third party recovery pattern, if so, then enter root behavioral value module; Otherwise there is not illegal root risk in decision-making system;
Root behavioral value module, detect all application programs in android system, judge whether the behavior that there is illegal request root authority, if existed, then point out custom system to there is illegal root risk, and point out the application program of illegal request root authority behavior; Otherwise there is illegal root risk in prompting custom system.
In described system, described in lock detection module, detect android system and whether locked and be specially: the information obtaining subscriber equipment, identifies current user equipment android system locking state;
In described system, described illegal unblock detection module, detect android system whether to be specially by illegal solution lock: according to the user equipment information obtained, obtain the locking state that dispatches from the factory that relative user equipment is searched in high in the clouds, and with the comparison of current user equipment android system locking state, if unanimously, then android system is not illegally unlocked, otherwise android system is illegally unlocked.
In described system, described Hole Detection module, high in the clouds detecting and alarm detect android system whether exist carry power leak be specially: by high in the clouds download flaw detection script, power Hole Detection is carried to android system.
In described system, described root behavioral value module, detect all application programs in android system, judge whether that the behavior that there is illegal request root authority is specially: judge whether application program is run with root authority, or comprise file needed for root, if so, then there is the behavior of illegal request root authority, otherwise do not exist.
Advantage of the present invention is: detected system by multi-direction, can guarantee accurately to detect that whether system is by root, and sensing range is wider; By initiatively check with passive from system obtaining information two kinds of modes verify, greatly improve the accuracy rate of detection; By method of the present invention, can detect risk still undiscovered in system and point out user, find control unknown risks; And by multiple technologies such as detection system kernel and bottom api call, deep detection is carried out to root risk.This invention ensures that user is not before causing damage, understand current android system the soonest and whether there are major safety risks.
The invention provides a kind of illegal root detection method and system of android system, by carrying out conventional root detection to system and utilizing high in the clouds information detecting system whether to lock, whether illegally unlocked, and whether exist carry power leak, brush into third party recovery pattern, judge that whether system is by illegal root, and there is the application program of illegal root behavior in detection system, prompting user.The present invention gives corresponding system, by content of the present invention, can many-sided detection system whether by root, whether there is illegal root risk, and by initiatively check with passive from system various ways such as acquisitions grade detect, improve accuracy rate, the control unknown risks can hidden in discovery system.
Accompanying drawing explanation
In order to be illustrated more clearly in the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, the accompanying drawing that the following describes is only some embodiments recorded in the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the illegal root detection method process flow diagram of a kind of android system of the present invention;
Fig. 2 is the illegal root detection system structural representation of a kind of android system of the present invention.
Embodiment
In order to make those skilled in the art person understand technical scheme in the embodiment of the present invention better, and enable above-mentioned purpose of the present invention, feature and advantage become apparent more, below in conjunction with accompanying drawing, technical scheme in the present invention is described in further detail.
The invention provides a kind of illegal root detection method and system of android system, by multi-direction detection, whether certainty annuity exists illegal root risk, and by indicating risk user.
An illegal root detection method for android system, as shown in Figure 1, comprising:
S101, utilizes conventional method to detect android system, judges that whether android system is by root for the first time, and if so, then decision-making system is dangerous, performs S106; Otherwise perform S102;
Common detection methods has:
(1) perform Runtime.getRuntime () .exec (" su "), check and return results, can root be determined whether;
(2) whether detect catalogue "/system/bin/ ", "/system/xbin/ ", "/system/sbin/ ", whether "/sbin/ ", exist su file under "/vendor/bin/ ", and have and can perform authority and can judge whether root;
(3) call execRootCmdSilent () method, can root be judged whether according to rreturn value.
Whether S102, detect android system and lock, and if so, performs S103; Otherwise perform S105;
Whether S103, detect android system and illegally unlocked, if so, then perform S105; Otherwise perform S104;
S104, whether detection android system exists is carried power leak, if so, then performs S106; Otherwise perform S105;
Whether S105, detect android system and brushed into third party recovery pattern, if so, then perform S106; Otherwise there is not illegal root risk in decision-making system; Third party recovery refers to third party's program of the recovery program that the system of substituted for carries, although the recovery program that third party recovery functionally carries with system is similar, but because it has the authority of amendment system, if by malicious exploitation, then can cause serious harm to system;
S106, detects all application programs in android system, judges whether the behavior that there is illegal request root authority, if existed, then points out custom system to there is illegal root risk, and points out the application program of illegal request root authority behavior; Otherwise there is illegal root risk in prompting custom system.
In described method, described S102, whether detection android system has locked and has been specially: the information obtaining subscriber equipment, identifies current user equipment android system locking state; Be in locking state as S-ON represents, S-OFF represents and is unlocked, the concrete difference needed according to manufacturer, Dynamic Acquisition reading manner;
In described method, described S103, detect android system whether to be specially by illegal solution lock: according to the user equipment information obtained, obtain the locking state that dispatches from the factory that relative user equipment is searched in high in the clouds, and with the comparison of current user equipment android system locking state, if unanimously, then android system is not illegally unlocked, otherwise android system is illegally unlocked.
In described method, described S104, detect android system whether exist carry power leak be specially: by high in the clouds download flaw detection script, power Hole Detection is carried to android system.
High in the clouds memory device and correspondence dispatch from the factory the information such as locking state and detection script for inquiry.
In described method, described S106, detect all application programs in android system, judge whether that the behavior that there is illegal request root authority is specially: judge whether application program is run with root authority, or comprise file needed for root, if so, then there is the behavior of illegal request root authority, otherwise do not exist.As: detection procedure name be called/whether the UID of system/bin/sh belong to mounted application program, EUID is root, is applied as and runs with root authority, namely there is the behavior of illegal request root authority described in can judging; Or decompiling dex file, check whether code exists and attempt obtaining the method for root authority, as Runtime.getRuntime () .exec (" su "), wait and carry power relevant interface and call; Or detect in apk bag whether comprise superuser.apk, the file etc. used by the root such as su, operation.pem.
Present invention also offers a kind of illegal root detection system of android system, as shown in Figure 2, comprising:
Conventional sense module 201, for utilizing conventional method to detect android system, judges that whether android system is by root for the first time, and if so, then decision-making system is dangerous, proceeds to root behavioral value module 206; Otherwise enter the detection module 202 that locks;
Whether lock detection module 202, lock for detecting android system, if so, enters illegal unblock detection module 203; Otherwise proceed to engineering mode detection module 205;
Whether illegal unblock detection module 203, illegally being unlocked for detecting android system, if so, then being proceeded to engineering mode detection module 205; Otherwise enter Hole Detection module 204;
Hole Detection module 204, whether detection android system exists is carried power leak, if so, then proceeds to root behavioral value module 206; Otherwise enter engineering mode detection module 205;
Whether engineering mode detection module 205, detect android system and brushed into third party recovery pattern, if so, then enter root behavioral value module 206; Otherwise there is not illegal root risk in decision-making system;
Root behavioral value module 206, detect all application programs in android system, judge whether the behavior that there is illegal request root authority, if existed, then point out custom system to there is illegal root risk, and point out the application program of illegal request root authority behavior; Otherwise there is illegal root risk in prompting custom system.
In described system, described in lock detection module, detect android system and whether locked and be specially: the information obtaining subscriber equipment, identifies current user equipment android system locking state;
In described system, described illegal unblock detection module, detect android system whether to be specially by illegal solution lock: according to the user equipment information obtained, obtain the locking state that dispatches from the factory that relative user equipment is searched in high in the clouds, and with the comparison of current user equipment android system locking state, if unanimously, then android system is not illegally unlocked, otherwise android system is illegally unlocked.
In described system, described Hole Detection module, high in the clouds detecting and alarm detect android system whether exist carry power leak be specially: by high in the clouds download flaw detection script, power Hole Detection is carried to android system.
In described system, described root behavioral value module, detect all application programs in android system, judge whether that the behavior that there is illegal request root authority is specially: judge whether application program is run with root authority, or comprise file needed for root, if so, then there is the behavior of illegal request root authority, otherwise do not exist.
Advantage of the present invention is: detected system by multi-direction, can guarantee accurately to detect that whether system is by root, and sensing range is wider; By initiatively check with passive from system obtaining information two kinds of modes verify, greatly improve the accuracy rate of detection; By method of the present invention, can detect risk still undiscovered in system and point out user, find control unknown risks; And by multiple technologies such as detection system kernel and bottom api call, deep detection is carried out to root risk.
The invention provides a kind of illegal root detection method and system of android system, by carrying out conventional root detection to system and utilizing high in the clouds information detecting system whether to lock, whether illegally unlocked, and whether exist carry power leak, brush into third party recovery pattern, judge that whether system is by illegal root, and there is the application program of illegal root behavior in detection system, prompting user.The present invention gives corresponding system, by content of the present invention, can many-sided detection system whether by root, whether there is illegal root risk, and by initiatively check with passive from system various ways such as acquisitions grade detect, improve accuracy rate, the control unknown risks can hidden in discovery system.
Although depict the present invention by embodiment, those of ordinary skill in the art know, the present invention has many distortion and change and do not depart from spirit of the present invention, and the claim appended by wishing comprises these distortion and change and do not depart from spirit of the present invention.
Claims (10)
1. an illegal root detection method for android system, is characterized in that, comprising:
Step a, utilizes conventional method to detect android system, judges that whether android system is by root for the first time, and if so, then decision-making system is dangerous, performs step f; Otherwise perform step b;
Whether step b, detect android system and lock, and if so, performs step c; Otherwise perform step e;
Whether step c, detect android system and illegally unlocked, and if so, then performs step e; Otherwise execution steps d;
Steps d, whether detection android system exists is carried power leak, if so, then performs step f; Otherwise perform step e;
Whether step e, detect android system and brushed into third party recovery pattern, if so, then performs step f; Otherwise there is not illegal root risk in decision-making system;
Step f, detects all application programs in android system, judges whether the behavior that there is illegal request root authority, if existed, then points out custom system to there is illegal root risk, and points out the application program of illegal request root authority behavior; Otherwise there is illegal root risk in prompting custom system.
2. the method for claim 1, is characterized in that, described step b, and whether detection android system has locked and be specially: the information obtaining subscriber equipment, identifies current user equipment android system locking state.
3. method as claimed in claim 2, it is characterized in that, described step c, detect android system whether to be specially by illegal solution lock: according to the user equipment information obtained, obtain the locking state that dispatches from the factory that relative user equipment is searched in high in the clouds, and with the comparison of current user equipment android system locking state, if consistent, then android system is not illegally unlocked, otherwise android system is illegally unlocked.
4. the method for claim 1, is characterized in that, described steps d, detect android system whether exist carry power leak be specially: by high in the clouds download flaw detection script, power Hole Detection is carried to android system.
5. the method for claim 1, it is characterized in that, described step f, detect all application programs in android system, judge whether that the behavior that there is illegal request root authority is specially: judge that whether application program is run with root authority, or comprise file needed for root, if, then there is the behavior of illegal request root authority, otherwise do not exist.
6. an illegal root detection system for android system, is characterized in that, comprising:
Conventional sense module, for utilizing conventional method to detect android system, judges that whether android system is by root for the first time, and if so, then decision-making system is dangerous, proceeds to root behavioral value module; Otherwise enter the detection module that locks;
Whether lock detection module, locking, if so, entering and illegally unlocking detection module for detecting android system; Otherwise proceed to engineering mode detection module;
Whether illegal unblock detection module, illegally being unlocked for detecting android system, if so, then being proceeded to engineering mode detection module; Otherwise enter Hole Detection module;
Hole Detection module, whether detection android system exists is carried power leak, if so, then proceeds to root behavioral value module; Otherwise enter engineering mode detection module;
Whether engineering mode detection module, detect android system and brushed into third party recovery pattern, if so, then enter root behavioral value module; Otherwise there is not illegal root risk in decision-making system;
Root behavioral value module, detect all application programs in android system, judge whether the behavior that there is illegal request root authority, if existed, then point out custom system to there is illegal root risk, and point out the application program of illegal request root authority behavior; Otherwise there is illegal root risk in prompting custom system.
7. system as claimed in claim 6, is characterized in that, described in lock detection module, detect android system and whether locked and be specially: the information obtaining subscriber equipment, identifies current user equipment android system locking state.
8. system as claimed in claim 7, it is characterized in that, described illegal unblock detection module, detect android system whether to be specially by illegal solution lock: according to the user equipment information obtained, obtain the locking state that dispatches from the factory that relative user equipment is searched in high in the clouds, and with the comparison of current user equipment android system locking state, if consistent, then android system is not illegally unlocked, otherwise android system is illegally unlocked.
9. system as claimed in claim 6, is characterized in that, described Hole Detection module, and whether high in the clouds detecting and alarm detects android system exists and carry power leak and be specially: by high in the clouds download flaw detection script, put forward power Hole Detection to android system.
10. system as claimed in claim 6, it is characterized in that, described root behavioral value module, detect all application programs in android system, judge whether that the behavior that there is illegal request root authority is specially: judge that whether application program is run with root authority, or comprise file needed for root, if, then there is the behavior of illegal request root authority, otherwise do not exist.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410523623.7A CN104978517B (en) | 2014-10-08 | 2014-10-08 | The illegal root detection methods and system of a kind of android system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410523623.7A CN104978517B (en) | 2014-10-08 | 2014-10-08 | The illegal root detection methods and system of a kind of android system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104978517A true CN104978517A (en) | 2015-10-14 |
| CN104978517B CN104978517B (en) | 2017-09-29 |
Family
ID=54275011
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410523623.7A Active CN104978517B (en) | 2014-10-08 | 2014-10-08 | The illegal root detection methods and system of a kind of android system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104978517B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105243329A (en) * | 2015-10-26 | 2016-01-13 | 北京奇虎科技有限公司 | Method and system for vulnerability discovery of Android system |
| CN106203125A (en) * | 2016-07-11 | 2016-12-07 | 北京小米移动软件有限公司 | Operating system and safety detection method, safety detection device and terminal |
| CN106529290A (en) * | 2016-10-11 | 2017-03-22 | 北京金山安全软件有限公司 | Malicious software protection method and device and electronic equipment |
| CN106650438A (en) * | 2015-11-04 | 2017-05-10 | 阿里巴巴集团控股有限公司 | Method and device for detecting baleful programs |
| CN111385791A (en) * | 2018-12-28 | 2020-07-07 | 华为技术有限公司 | Security threat detection method and terminal |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090187963A1 (en) * | 2008-01-17 | 2009-07-23 | Josep Bori | Method and apparatus for a cryptographically assisted computer system designed to deter viruses and malware via enforced accountability |
| CN102930190A (en) * | 2012-10-25 | 2013-02-13 | 中科方德软件有限公司 | Method for preventing user from acquiring super user permission in Android system |
| CN103559431A (en) * | 2013-11-11 | 2014-02-05 | 北京国双科技有限公司 | Detection method, device and system of Android system user permission |
| CN103559440A (en) * | 2013-11-11 | 2014-02-05 | 北京国双科技有限公司 | Detection method, device and system of ios (iphone operation system) device user permission |
| CN104036199A (en) * | 2014-06-12 | 2014-09-10 | 上海交通大学 | Residual private-disk-data loophole detection method used for Android system |
-
2014
- 2014-10-08 CN CN201410523623.7A patent/CN104978517B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090187963A1 (en) * | 2008-01-17 | 2009-07-23 | Josep Bori | Method and apparatus for a cryptographically assisted computer system designed to deter viruses and malware via enforced accountability |
| CN102930190A (en) * | 2012-10-25 | 2013-02-13 | 中科方德软件有限公司 | Method for preventing user from acquiring super user permission in Android system |
| CN103559431A (en) * | 2013-11-11 | 2014-02-05 | 北京国双科技有限公司 | Detection method, device and system of Android system user permission |
| CN103559440A (en) * | 2013-11-11 | 2014-02-05 | 北京国双科技有限公司 | Detection method, device and system of ios (iphone operation system) device user permission |
| CN104036199A (en) * | 2014-06-12 | 2014-09-10 | 上海交通大学 | Residual private-disk-data loophole detection method used for Android system |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105243329A (en) * | 2015-10-26 | 2016-01-13 | 北京奇虎科技有限公司 | Method and system for vulnerability discovery of Android system |
| CN106650438A (en) * | 2015-11-04 | 2017-05-10 | 阿里巴巴集团控股有限公司 | Method and device for detecting baleful programs |
| CN106203125A (en) * | 2016-07-11 | 2016-12-07 | 北京小米移动软件有限公司 | Operating system and safety detection method, safety detection device and terminal |
| CN106529290A (en) * | 2016-10-11 | 2017-03-22 | 北京金山安全软件有限公司 | Malicious software protection method and device and electronic equipment |
| CN106529290B (en) * | 2016-10-11 | 2020-02-18 | 北京金山安全软件有限公司 | Malicious software protection method and device and electronic equipment |
| CN111385791A (en) * | 2018-12-28 | 2020-07-07 | 华为技术有限公司 | Security threat detection method and terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104978517B (en) | 2017-09-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102855274B (en) | The method and apparatus that a kind of suspicious process detects | |
| CN106775716B (en) | Trusted PLC (programmable logic controller) starting method based on measurement mechanism | |
| Zhou et al. | AppInk: watermarking android apps for repackaging deterrence | |
| CN104978517A (en) | Android system illegal root detection method and Android system illegal root detection system | |
| US8875298B2 (en) | Method for scalable analysis of android applications for security vulnerability | |
| KR101122950B1 (en) | Method and system for limiting software updates | |
| CN108763951B (en) | Data protection method and device | |
| CN108804912B (en) | Application program override detection method based on permission set difference | |
| CN106845223B (en) | Method and apparatus for detecting malicious code | |
| JP6000465B2 (en) | Process inspection apparatus, process inspection program, and process inspection method | |
| KR20180032409A (en) | Apparatus and method for blocking ransome ware using access control to the contents file | |
| CN104751049A (en) | Application program installing method and mobile terminal | |
| CN103617387A (en) | Method and device for preventing application program from being installed automatically | |
| CN106295350A (en) | Auth method, device and the terminal of a kind of credible execution environment | |
| CN103034810B (en) | A kind of detection method, device and electronic equipment | |
| US11200317B2 (en) | Systems and methods for protecting a computing device against malicious code | |
| Suarez-Tangil et al. | Thwarting obfuscated malware via differential fault analysis | |
| KR101388053B1 (en) | Method of enhancing security based on permission detection for android applications, and computer-readable recording medium with android security program based on permission detection for the same | |
| CN107122664B (en) | Safety protection method and device | |
| CN105447387A (en) | Trusted application detection method and apparatus based on hardware isolation environment | |
| CN106529299A (en) | Method for detecting and repairing malicious software Rootkit in linux system | |
| US10853492B2 (en) | Systems and methods for protecting a computing device against malicious code | |
| CN106295336B (en) | Malicious program detection method and device | |
| KR101311367B1 (en) | Method and apparatus for diagnosing attack that bypass the memory protection | |
| CN103971055B (en) | A kind of Android malware detection method based on program slicing technique |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 430000, Hubei province East Lake Wuhan New Technology Development Zone Software Park East Road 1 software industry phase 4-1, B4, building 12, room 01 Applicant after: Wuhan Antian Information Technology Co., Ltd. Address before: 430000 Hubei Development Zone, East Lake, Optics Valley Venture Street, building 6, building 2, building Applicant before: Wuhan Antian Information Technology Co., Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |