Specific implementation mode
Carry out the various exemplary embodiments of detailed description of the present invention now with reference to attached drawing.It should be noted that:Unless in addition having
Body illustrates that the unlimited system of component and the positioned opposite of step, numerical expression and the numerical value otherwise illustrated in these embodiments is originally
The range of invention.
Simultaneously, it should be appreciated that for ease of description, the size of attached various pieces shown in the drawings is not according to reality
Proportionate relationship draw.
It is illustrative to the description only actually of at least one exemplary embodiment below, is never used as to the present invention
And its application or any restrictions that use.
Technology, method and apparatus known to person of ordinary skill in the relevant may be not discussed in detail, but suitable
In the case of, the technology, method and apparatus should be considered as part of specification.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined, then it need not be further discussed in subsequent attached drawing in a attached drawing.
Android software cracks that pirate phenomenon is serious on the market at present, these pirate applications are usually quiet to be appeared in
Some non-normal electronic markets or channels, some even appear in the electronic market of some authoritys.These
Pirate application intercepts payment by embedded advertisement, and the malicious manners such as implantation back door can not only corrode the direct warp of legal manufacturer
Ji interests, can also make an extremely bad impression to its reputation.Therefore, it is necessary to by effective means monitor electronic market on this answer
Service condition in pirate situation and user equipment.
Fig. 1 is the pirate flow chart for applying detection method one embodiment of the present invention.As shown in Figure 1, the robber of the embodiment
Version using detection method includes:
120, the legal application message of current application whether is included by inquiring white list database, identification current application is
It is no to be applied to be legal.
Wherein, one or more legal application message is stored in white list database, every legal application message includes one
The packet name of the program bag of a legal application and the signature used.
Packet name is the field that system is used for distinguishing different application, an a application of packet name unique mark, the packet name repeated
Can be considered as that cannot be mounted in a system simultaneously with a application.
Signature, for distinguishing different developers, one developer of a signature file unique mark, the same developer
There can be multiple signatures, but the same signature can only be used by a developer.
If being identified there is no the legal application message consistent with current application packet name and signature in white list database
Current application is not legal application, executes operation 140.
140, whether the statistical nature identification current application based on associated application is pirate application.
Wherein, associated application includes current application and its related application, and related application according to actual needs, such as can wrap
The function that includes different developers exploitation is similar, the same or similar application of Apply Names, the different editions of same developer's exploitation
Application, packet name there is certain associated application;Statistical nature includes the version quantity and/or propagation quantity of associated application,
In, it can be using installation number on the subscriber terminal to propagate quantity for example.
Detection method is applied based on the piracy that the above embodiment of the present invention provides, it is legal by being stored in white list database
Application message includes the packet name and signature of legal application.When carrying out pirate application detection, first passes through white list database identification and work as
Whether preceding application is legal application, if it is legal application to identify current application not by white list database, is based on the application
Associated application statistical nature, for example, version quantity and/or propagate quantity, identification current application whether be pirate application, from
And realize the effective detection and identification to piracy application.
In concrete application, the legal application message in white list database can be opened by certification authority and/or legal application
Originator provides, such as can derive from the packet name and signing messages of the high-risk applications such as the payment class that Ministry of Industry and Information provides, and can root
According to actual demand real-time update.
In order to ensure the legal application message in white list database is true and reliable, of the invention pirate using detection method
Another embodiment in, can be by the user information that is stored in authentication database, to providing the exploitation of legal application message
Person carries out authentication, is only just legal application developer by the developer of authentication, just allows in white list data
The packet name and signature of the application of its offer are provided in library.
In addition, in pirate another embodiment using detection method of the invention, black list database can also be passed through
Identify whether current application is pirate application, be stored in black list database therein more than one pirate signature and
Use the packet name of the pirate application of each pirate signature.By white list database and black list database, can not both determine
It is piracy in application, both from white list database and blacklist number that current application, which is legal application, can not also determine current application
The signature and packet name information of current application can not be inquired according to library, just execute operation 140.
Specifically, identify whether current application is that pirate application can simultaneously be held with operation 120 by black list database
Row, can also prior to or be later than operation 120 execute.
Fig. 2 is the pirate flow chart using another embodiment of detection method of the present invention.As shown in Fig. 2, in the present invention
The piracy for stating embodiment is compared using detection method, in the embodiment, if identify current application not and be legal application, nor
Piracy application, i.e.,:By white list database and black list database, it can not both determine that current application was legal application or nothing
Method determines that current application is that piracy operates as follows in application, executing:
220, whether detection current application carries the code characteristics such as pre-set malice feature, such as virus, wooden horse.
If it is detected that current application carries malice feature, operation 240 is executed.Otherwise it is assumed that current application can not judge
For legal copy application or pirate application, the subsequent operation of the present embodiment is not executed, can execute operation 140.
240, judgement current application is signed for the signature of pirate application, current application for piracy.
Later, operation 260 can be selectively executed, to be updated to the pirate signature in black list database, complete
It is kind.
260, the pirate signature and packet name of current application are recorded in black list database.
In the implementation of the present invention, inventor has found, in practical applications, the version covering quantity of legal copy application is wanted
It is applied more than piracy, propagation quantity will also be more than pirate application, therefore, according to piracy of the invention using detection method embodiment
One specific example and it is unrestricted, the operation 140 in above-described embodiment can specifically be realized in the following way:According to setting in advance
The statistical indicator set obtains the statistical information of associated application, and statistical information therein includes the statistical indicator numerical value of same application,
Such as may include version quantity and/or propagation quantity;The maximum same application of decision statistic index value is legal applies;Choosing
The legal application message that the same application for being determined as legal application is recorded to selecting property in white list database, with to white list number
It is updated according to the legal application message in library, is perfect.
Illustratively, above-mentioned statistical information can also include that the different packet names of same signature are used in associated application.Accordingly
Ground is based on this statistical information, it can be determined that whether is more than 1 using the quantity of the different packet names of same signature in associated application;
If in associated application using same signature different packet names quantity be more than 1, i.e., different packet names using the same label
Name then further judges to whether there is incidence relation between the different packet names using the same signature;If using the same signature
Different packet names between be not present incidence relation, that is, illustrate these application be not belonging to the same developer, then judge these uses
The application of different packet names is pirate application, above-mentioned same signature is pirate signature;Selectively recorded in black list database
The packet name of same signature and the different application using the same signature, to be carried out more to the pirate signature in black list database
Newly, perfect.
In addition, in pirate another embodiment using detection method of the present invention, in associated application, passing through above-mentioned side
Formula can not be determined as the application of legal application or pirate application, can these applications that can not be judged be sent to legal exploitation
Person's client is judged by legal developer, and receives these applications that legal developer's client returns as legal application
Or the qualification result message of pirate application;Pass through white list data if identified have legal application according to the qualification result message
The legal application message of the legal application of library record;If identified have pirate application, pirate application is recorded by black list database
Pirate signature and packet name, to timely update to information black, in white list database.
Due to that may be difficult all signatures for being collected into each developer in practical application, it is possible to which developer has changed one
New business has used a signature newly developed, but has not been supplied to white list database, therefore, through the above way
It can not be determined as legal application or piracy in application, being supplied to legal developer to sentence these applications that can not be judged
It is disconnected, improve legal, pirate judging nicety rate and realizability.
Alternatively, in the pirate further embodiment using detection method of the present invention, in associated application, passing through above-mentioned side
Formula is determined as the application of legal application or pirate application, its sample can also be stored in sample database, and pass through ash
List data library record this can not judge application application related information, such as the packet name including the application, signature, version number,
Using source, using equipment, propagate quantity, so as to be supplied in the future developer or for further count.
Fig. 3 is the pirate flow chart using another embodiment of detection method of the present invention.As shown in figure 3, the embodiment
Method may include:
320, obtain the characteristic information respectively applied in associated application respectively, such as may include the packet name of application, signature and
Version number.
For example, can specifically be acquired from application market and user terminal by the cloud killing client on user terminal
The characteristic information respectively applied in associated application.
340, respectively using an application in associated application as current application, by inquiring black, white list database, know
Whether other current application is legal or pirate application.
If by white list database and black list database, it can not both determine that current application was legal application or can not
Determine that current application is that piracy operates 360 in application, executing.
360, the characteristic information of associated application is counted, the statistical information of associated application is obtained.
380, whether the statistical nature identification current application based on associated application is pirate application.
It should be noted that embodiment illustrated in fig. 3 can be in conjunction with any other one or more in addition to embodiment illustrated in fig. 1
A embodiment forms new embodiment, unless specially illustrating in the embodiment of the present invention, the operation of the various embodiments described above of the present invention is not
It is limited in the presence of sequencing is executed.
Further, the characteristic information of the application obtained by operation 320 can also include using source or using equipment,
Wherein, using source i.e. this apply and occurred in which application market, using equipment i.e. this apply on which user terminal
It installed and used.
Based on the present invention it is above-mentioned it is each it is pirate apply detection method embodiment, determine an application be it is pirate in application,
What can be applied according to the piracy uses facility information, and it is clear to notify that the use equipment that the piracy is applied carries out piracy application
Reason.
Specifically, being cleared up piracy application using the cloud killing client in equipment for pirate application can be notified,
And to the cloud killing client push piracy using corresponding legal application message;Piracy application uses the cloud killing in equipment
Client can clear up piracy application according to notice, and legal application message is shown on using equipment, so as to user
Give the download installation that the legal copy application message carries out legal application.
One of ordinary skill in the art will appreciate that:Realize that all or part of step of above method embodiment can pass through
The relevant hardware of program instruction is completed, and program above-mentioned can be stored in a computer read/write memory medium, the program
When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes:ROM, RAM, magnetic disc or light
The various media that can store program code such as disk.
Fig. 4 is the pirate structural schematic diagram for applying detection device one embodiment of the present invention.The pirate application of the embodiment
Detection device can be used for realizing that the present invention is above-mentioned each pirate using detection method embodiment.As shown in figure 4, the piracy of the embodiment
Include recognition unit and first detection unit using detection device.Wherein:
Recognition unit, the legal application message for whether including current application by inquiring white list database, identification
Whether current application is legal application.One or more legal application message is stored in white list database therein, by certification
Mechanism and/or legal application developer provide, and every legal application message includes the packet name and signature of a legal application.
First detection unit, for identifying current application not and being legal in recognition unit in application, being based on associated application
Statistical nature identification current application whether be pirate application.Associated application therein includes current application and its related application;
Statistical nature includes the version quantity and/or propagation quantity of associated application.
Detection device is applied based on the piracy that the above embodiment of the present invention provides, it is legal by being stored in white list database
Application message includes the packet name and signature of legal application.When carrying out pirate application detection, first passes through white list database identification and work as
Whether preceding application is legal application, if it is legal application to identify current application not by white list database, is based on the application
Associated application statistical nature, for example, version quantity and/or propagate quantity, identification current application whether be pirate application, from
And realize the effective detection and identification to piracy application.
Fig. 5 is the pirate structural schematic diagram using another embodiment of detection device of the present invention.As shown in figure 5, with Fig. 4 institutes
The embodiment shown is compared, and the piracy of the embodiment further includes authentication database and authentication unit using detection device.Wherein:
Authentication database, for storing the user information for being authenticated to be legal application developer.
Authentication unit is authenticated developer for the user information by being stored in authentication database;And confirm
Developer by certification is legal application developer, and legal application message could be provided to white list database.
In pirate another embodiment using detection device of the invention, recognition unit can be also used for through blacklist number
Whether be pirate application according to library identification current application, be stored in black list database therein more than one pirate signature,
And the packet name of the pirate application using each pirate signature.Correspondingly, first detection unit is specifically identified in recognition unit
Current application is not legal application, nor pirate in application, executing the statistical nature identification current application based on associated application
Whether it is the pirate operation applied.
Fig. 6 is the pirate structural schematic diagram using another embodiment of detection device of the present invention.As shown in fig. 6, with Fig. 4 or
Embodiment shown in fig. 5 is compared, and the piracy of the embodiment further includes that fisrt feature information bank, the second detection are single using detection device
Member and the first updating unit.Wherein:
Fisrt feature information bank, for storing pre-set malice feature.
Second detection unit is legal application, nor pirate application for identifying current application not in recognition unit
When, whether detection current application carries pre-set malice feature;And detecting that it is special that current application carries malice
When sign, judgement current application is signed for the signature of pirate application, current application for piracy.
First updating unit is used for the judgement according to second detection unit as a result, being recorded in black list database current
The pirate signature and packet name of application.
Can also include second feature in the pirate further embodiment using detection device of the invention referring back to Fig. 6
Information bank and the second updating unit.Wherein:
Second feature information bank, for storing pre-set statistical indicator, statistical indicator numerical value include version number and/or
Propagate number.
First detection unit is specifically used for, according to pre-set statistical indicator, obtaining the statistical information of associated application, wraps
Include the statistical indicator numerical value of same application, including version quantity and/or propagation quantity;And decision statistic index value is maximum
Same application is legal applies.
Second updating unit, for being judged as a result, being recorded in white list database according to the judgement of first detection unit
For the legal application message of the same application of legal copy application.
Further, statistical information can also include that the different packet names of same signature are used in associated application.Referring back to figure
6, can also include judging unit, for judging that association is answered in pirate another embodiment using detection device of the invention
Whether it is more than 1 with the quantity of the middle different packet names using same signature;And if using the difference of same signature in associated application
The quantity of packet name is more than 1, judges to whether there is incidence relation between the different packet names using the same signature;If same using this
Incidence relation is not present between the different packet names of signature, judgement is that piracy is applied, same signature is using the application of different packet names
Piracy signature.Correspondingly, in the embodiment, the second updating unit can be additionally used in the judgement according to judging unit as a result, in black name
The packet name of same signature and the different application using the same signature is recorded in single database.
Referring back to Fig. 6, compared with the various embodiments described above of the present invention, in pirate another reality for applying detection device of the invention
It applies in example, can also include Transmit-Receive Unit and third updating unit.Wherein:
Transmit-Receive Unit is sent to just for that will can not be determined as the application of legal application or pirate application in associated application
Version developer's client, and receive in the associated application that legal developer's client returns and respectively answered using for legal application or piracy
Qualification result message.
Third updating unit, for according to qualification result message, if there is legal application in associated application, passing through white list number
The legal application message of legal application is recorded according to library;If there is pirate application in associated application, is recorded and stolen by black list database
The pirate signature and packet name of version application.
Fig. 7 is the pirate structural schematic diagram for applying detection device further embodiment of the present invention.As shown in fig. 7, the implementation
The piracy of example using in detection device, can also including storage unit, for can not be determined as in associated application legal application or
The application of piracy application, this is stored in sample database can not judge to apply, and this can not by gray list data-base recording
Judge application application related information, such as may include packet name, signature, version number, using source, using equipment, propagate number
Amount.
Can also include acquiring unit, for distinguishing in addition, in the above-mentioned piracy of the present invention is using detection device embodiment
The characteristic information respectively applied in associated application is obtained, includes packet name, signature and the version number of application, in addition it can selectively
Including application source or use equipment.Correspondingly, first detection unit is specifically used for counting characteristic information, is associated with
The statistical information of application.
In practical application, acquiring unit can specifically be adopted by cloud killing client from application market and user terminal
The characteristic information respectively applied in collection associated application.
Detection device embodiment, Transmit-Receive Unit is applied to can also be used to answer for piracy in one application of judgement based on above-mentioned piracy
Used time uses facility information according to piracy application, and it is clear to notify that the use equipment that the piracy is applied carries out piracy application
Reason, and can be selectively to the cloud killing client push piracy using corresponding legal application message.
Fig. 8 is the pirate structural schematic diagram for applying detecting system one embodiment of the present invention.The pirate application of the embodiment
Detecting system may include that the piracy of any of the above-described embodiment applies detection device, for realizing the above-mentioned each pirate application inspection of the present invention
Survey embodiment of the method.
Detecting system is applied based on the piracy that the above embodiment of the present invention provides, it can be by being stored in white list database
Legal application message includes the packet name and signature of legal application.When carrying out pirate application detection, white list database knowledge is first passed through
Whether other current application is legal application, if it is legal application to identify current application not by white list database, being based on should
The statistical nature of the associated application of application, for example, version quantity and/or propagation quantity, whether identification current application is that piracy is answered
With to realize effective detection and identification to piracy application.
As shown in figure 8, the piracy of the embodiment using being also an option that property of detecting system include white list database and/
Or black list database.Wherein:
White list database is stored with one or more legal application message, and every legal application message includes a legal copy
The packet name and signature of application;
Black list database is stored with more than one pirate signature and the pirate application using each pirate signature
Packet name.
Further include being located at user terminal in piracy of the invention applies another embodiment of detecting system referring back to Fig. 8
On cloud killing client, the cloud killing client such as can be mobile phone bodyguard, antivirus software, can from application market and
The characteristic information respectively applied in associated application is acquired on user terminal.In the embodiment:
Piracy is using the Transmit-Receive Unit in detection device, the cloud killing on user terminal for notifying the pirate application of installation
Client clears up piracy application, and to the cloud killing client push piracy using corresponding legal application message;
Cloud killing client for clearing up piracy application, and shows legal application message on using equipment, with
Just user gives the download installation that the legal copy application message carries out legal application.
As shown in figure 9, for the pirate structural schematic diagram using unified Application Example of detection system of the present invention.Specifically answering
In, piracy can specifically pass through a cloud killing engine implementation using detection device.
After legal developer provides its whole legal application and its signature, it is based on the embodiment of the present invention, can be helped open
Originator find its using itself in the pirate situation occurred on the market, that is, help developer find with it application signature it is different
Signature be all distributed in which place or which machine on occurred, its propagation quantity how many, we can also be sample
Originally it is supplied to developer.
An embodiment of the present invention provides following technical schemes:
1, a kind of pirate using detection method, including:
By inquiring whether white list database includes the legal application message of current application, identify current application whether be
Legal copy application;One or more legal application message is stored in the white list database, every legal application message includes one
The packet name and signature of a legal application;
If it is legal application to identify the current application not, the statistical nature identification based on associated application is described currently to answer
With whether being pirate application;The associated application includes the current application and its related application;The statistical nature includes institute
It states the version quantity of associated application and/or propagates quantity.
2, the method according to 1, the legal application message in the white list database is by certification authority and/or legal copy
Application developer provides.
3, the method according to 2 further includes:
Developer is authenticated by the user information stored in authentication database;
Developer by certification is legal application developer.
4, the method according to 1 further includes:
Identify whether the current application is pirate application by black list database;It is stored in the black list database
The packet name of pirate application there are one above pirate signature and using each pirate signature;
If it is legal application to identify the current application not, nor pirate application, execution is described to be based on associated application
Statistical nature identify the current application whether be pirate application operation.
5, the method according to 4 further includes:
If it is legal application to identify the current application not, nor whether pirate application, detection current application carry
There is pre-set malice feature;
If it is detected that current application carries malice feature, judgement current application be pirate application, current application signature
It signs for piracy;
The pirate signature and packet name of current application are recorded in black list database.
6, the method according to 1 to 5 any one, the statistical nature identification based on associated application is described currently to answer
With whether being that pirate application includes:
According to pre-set statistical indicator, the statistical information of the associated application is obtained, the statistical information includes same
The statistical indicator numerical value of one application, the statistical indicator numerical value include version quantity and/or propagation quantity;
The maximum same application of decision statistic index value is legal applies;
Record is determined as the legal application message of the same application of legal application in white list database.
7, the method according to 6, the statistical information further include that the difference of same signature is used in the associated application
Packet name;
The method further includes:
Judge whether the quantity of the different packet names in the associated application using same signature is more than 1;
If being more than 1 using the quantity of the different packet names of same signature in the associated application, judge to use the same signature
Different packet names between whether there is incidence relation;
If using incidence relation is not present between the different packet names of the same signature, judgement is answered using the different packet names
It is pirate signature with for piracy application, the same signature;
The packet name of the same signature and the different application using the same signature is recorded in black list database.
8, the method according to 4 to 7 any one further includes:
For that can not be determined as the application of legal application or pirate application in the associated application, it is sent to legal developer
Client, and respectively application is received in the associated application that legal developer's client returns as legal application or pirate application
Qualification result message;
According to qualification result message, if there is legal application in associated application, legal application is recorded by white list database
Legal application message;If there is pirate application in associated application, the pirate of pirate application is recorded by black list database and is signed
With packet name.
9, the method according to 4 to 7 any one further includes:
For that can not be determined as the application of legal application or pirate application in the associated application, deposited in sample database
Storing up this can not judge to apply, and this can not judge the application related information of application, the application by gray list data-base recording
Relevant information include packet name, signature, version number, using source, using equipment, propagate quantity.
10, the method according to 6 to 9 any one further includes:
The characteristic information respectively applied in the associated application is obtained respectively, and the characteristic information includes the packet name of application, label
Name and version number;
The statistical information for obtaining the associated application includes:The characteristic information is counted, the association is obtained and answers
Statistical information.
11, the method according to 10, the characteristic information further include using source or using equipment.
12, the method according to 10 or 11, the characteristic information for obtaining application include:By cloud killing client,
From acquiring the characteristic information respectively applied in the associated application in application market and user terminal.
13, the method according to 11 or 12 further includes:
It is applied for piracy in response to one application of judgement, facility information is used according to piracy application, notifies the piracy
The use equipment of application clears up piracy application.
14, the method according to 13, the use equipment for notifying the piracy to apply clear up piracy application
Including:
Notify being cleared up piracy application using the cloud killing client in equipment for the pirate application, and to the cloud
It is pirate using corresponding legal application message described in killing client push;
The pirate application clears up the pirate application using the cloud killing client in equipment, and described
Using the legal application message is shown in equipment, so that user gives the download peace that the legal copy application message carries out legal application
Dress.
15, a kind of pirate using detection device, including:
Recognition unit, the legal application message for whether including current application by inquiring white list database, identification
Whether current application is legal application;One or more legal application message, every legal copy are stored in the white list database
Application message includes the packet name and signature of a legal application;
First detection unit, for identifying the current application not and being legal copy in application, being based in the recognition unit
The statistical nature of associated application identifies whether the current application is pirate application;The associated application includes the current application
And its related application;The statistical nature includes the version quantity and/or propagation quantity of the associated application.
16, the device according to 15, legal application message in the white list database is by certification authority and/or just
Version application developer provides.
17, the device according to 2 further includes:
Authentication database, for the user information that authentication storage is legal application developer;
Authentication unit is authenticated developer for the user information by being stored in authentication database;And confirm
Developer by certification is legal application developer.
18, the device according to 15, the recognition unit are additionally operable to identify by black list database and described currently answer
With whether being pirate application;More than one pirate signature is stored in the black list database and using each pirate
The packet name of the pirate application of signature;
The first detection unit, specifically the recognition unit identify the current application not and be legal application,
It is not pirate in application, executing the statistical nature based on associated application identifies whether the current application is pirate application
Operation.
19, the device according to 18 further includes:
Fisrt feature information bank, for storing pre-set malice feature;
Second detection unit is legal application, nor piracy for identifying the current application not in recognition unit
In application, whether detection current application carries pre-set malice feature;And detecting that current application carries evil
When feature of anticipating, judgement current application is signed for the signature of pirate application, current application for piracy;
First updating unit is used for the judgement according to second detection unit as a result, being recorded in black list database current
The pirate signature and packet name of application.
20, the device according to 15 to 19 any one further includes:
Second feature information bank, for storing pre-set statistical indicator, the statistical indicator numerical value includes version number
And/or propagate number;
The first detection unit is specifically used for, according to pre-set statistical indicator, obtaining the system of the associated application
Count information, the statistical information includes the statistical indicator numerical value of same application, the statistical indicator numerical value include version quantity and/
Or propagate quantity;And the maximum same application of decision statistic index value is legal applies;
Second updating unit, for being judged as a result, being recorded in white list database according to the judgement of first detection unit
For the legal application message of the same application of legal copy application.
21, the device according to 20, the statistical information further include using same signature not in the associated application
With packet name;
Described device further includes:
Judging unit, for judging whether the quantity of the different packet names in the associated application using same signature is more than 1;
And if in the associated application using same signature different packet names quantity be more than 1, judge using the same signature not
With between packet name whether there is incidence relation;If using incidence relation, judgement are not present between the different packet names of the same signature
Application using the different packet names is pirate application, the same signature is pirate signature;
Second updating unit is additionally operable to the judgement according to judging unit as a result, recording institute in black list database
State the packet name of same signature and the different application using the same signature.
22, the device according to 18 to 21 any one further includes:
Transmit-Receive Unit is sent for that will can not be determined as the application of legal application or pirate application in the associated application
To legal developer's client, and receives in the associated application that legal developer's client returns and respectively applied using to be legal
Or the qualification result message of pirate application;
Third updating unit, for according to the qualification result message, if there is legal application in associated application, passing through white name
The legal application message of the legal application of single database record;If there is pirate application in associated application, remembered by black list database
The pirate signature and packet name of the pirate application of record.
23, the device according to 18 to 21 any one further includes:
Storage unit, for that can not be determined as the application of legal application or pirate application in the associated application, in sample
This is stored in database can not judge to apply, and this can not judge the related letter of the application of application by gray list data-base recording
Breath, the application related information include packet name, signature, version number, using source, using equipment, propagate quantity.
24, the device according to 20 to 23 any one further includes:
Acquiring unit, for obtaining the characteristic information respectively applied in the associated application respectively, the characteristic information includes
Packet name, signature and the version number of application;
The first detection unit obtains the system of the associated application specifically for being counted to the characteristic information
Count information.
25, the device according to 24, the characteristic information further include using source or using equipment.
26, the device according to 24 or 25, the acquiring unit, especially by cloud killing client, from application market
With the characteristic information respectively applied in the associated application is acquired on user terminal.
27, the device according to 25 or 26, the Transmit-Receive Unit are additionally operable to judging an application for piracy application
When, facility information is used according to piracy application, the use equipment that the piracy is applied is notified to clear up piracy application.
28, the device according to 27, the Transmit-Receive Unit are additionally operable to pirate application described in the cloud killing client push
Corresponding legal copy application message.
29, it is a kind of it is pirate apply detecting system, including the piracy described in 15 to 28 any one applies detection device.
30, the system according to 29 further includes:
White list database is stored with one or more legal application message, and every legal application message includes a legal copy
The packet name and signature of application;And/or
Black list database is stored with more than one pirate signature and the pirate application using each pirate signature
Packet name.
31, the system according to 29 or 30 further includes the cloud killing client being located on user terminal;
The piracy applies the Transmit-Receive Unit in detection device, on the user terminal for notifying the pirate application of installation
Cloud killing client clears up piracy application, and is answered to pirate described in the cloud killing client push using corresponding legal copy
Use information;
The cloud killing client for clearing up the pirate application, and shows institute on the user terminal
Legal application message is stated, so that user gives the download installation that the legal copy application message carries out legal application.
Each embodiment is described in a progressive manner in this specification, the highlights of each of the examples are with its
The difference of its embodiment, same or analogous part cross-reference between each embodiment.For system embodiment
For, since it is substantially corresponding with embodiment of the method, so description is fairly simple, referring to the portion of embodiment of the method in place of correlation
It defends oneself bright.
The methods, devices and systems of the present invention may be achieved in many ways.For example, software, hardware, firmware can be passed through
Or any combinations of software, hardware, firmware come realize the present invention methods, devices and systems.The step of for the method
Said sequence merely to illustrate, the step of method of the invention, is not limited to sequence described in detail above, unless with
Other manner illustrates.In addition, in some embodiments, also the present invention can be embodied as to record journey in the recording medium
Sequence, these programs include for realizing machine readable instructions according to the method for the present invention.Thus, the present invention also covers storage and uses
In the recording medium for executing program according to the method for the present invention.