CN105847407A - Application security detection method and device - Google Patents

Application security detection method and device Download PDF

Info

Publication number
CN105847407A
CN105847407A CN201610292374.4A CN201610292374A CN105847407A CN 105847407 A CN105847407 A CN 105847407A CN 201610292374 A CN201610292374 A CN 201610292374A CN 105847407 A CN105847407 A CN 105847407A
Authority
CN
China
Prior art keywords
risk factor
intended application
user
terminal
currently used
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610292374.4A
Other languages
Chinese (zh)
Inventor
卫超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201610292374.4A priority Critical patent/CN105847407A/en
Publication of CN105847407A publication Critical patent/CN105847407A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72454User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions according to context-related or environment-related conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72457User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions according to geographic location

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Environmental & Geological Engineering (AREA)
  • Human Computer Interaction (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The embodiment of the invention provides an application security detection method and device. The method comprises the steps that when a terminal operates a target application, at least one risk factors associated with the target application are acquired; the value of each risk factor of at least one risk factors of an external environment in which the current terminal is positioned is detected; and the risk level used for indicating the level of the risk of the target application currently used by a user is calculated based on the value of each risk factor of at least one risk factors, and whether the target application currently used by the user is in the secure state is determined according to the risk level. With application of the application security detection method and device, whether the target application used by the user is in the secure state can be determined according to the risk factors of the external environment in which the current terminal is positioned so that terminal using security can be enhanced for the user.

Description

A kind of application safety detection method and device
Technical field
The present invention relates to communication technical field, be specifically related to a kind of safety detection method and device.
Background technology
Along with day by day strengthening and the emerging in an endless stream of various application of intelligent terminal hardware, the effect of terminal is also by The most single communication function be evolved into integrate shopping, call a taxi, the individual of several functions of booking tickets, purchase by group etc. Assistant, penetrates into each corner of our daily clothing, food, lodging and transportion--basic necessities of life, and the life of modern the most increasingly be unable to do without eventually Hold.But, intelligent terminal while to our offering convenience property, also create some health problems (as Visual deterioration) and social problem (such as accompany old people people time also play mobile phone), even more serious and can not be ignored be by In using improper the caused safety problem of terminal mode, such as walking the Line bows uses terminal to result in friendship Interpreter thus generation, and for example use thunderbolt that terminal causes etc., the most existing skill out of doors at thunderstorm weather In art, user uses the mode of various application in terminal to be and unsafe.
Summary of the invention
The embodiment of the present invention provides a kind of application safety detection method and device, can be according to outside residing for present terminal Risk factor in portion's environment determines that user uses whether intended application is safe condition, thus improves user and make With the safety of terminal.
First aspect present invention provides a kind of application safety detection method, it may include:
When terminal operating intended application, obtain at least one risk factor associated with described intended application;
Each risk factor at least one risk factor described in external environment condition residing for detection present terminal Value;
Based on the value of each risk factor at least one risk factor described, calculate and be used for representing that user is current Use the risk factor of described intended application degree of danger, and according to described risk factor, determine that user is currently used Whether described intended application is safe condition.
Second aspect present invention provides a kind of application safety detection device, it may include:
First acquisition module, for when terminal operating intended application, acquisition associates with described intended application At least one risk factor;
Detection module, is used for detecting residing for present terminal every at least one risk factor described in external environment condition The value of individual risk factor;
Determine module, for based on the value of each risk factor at least one risk factor described, calculate and use In the risk factor of the expression currently used described intended application degree of danger of user, and according to described risk factor, really Determine whether the currently used described intended application of user is safe condition.
Implement the embodiment of the present invention, have the advantages that
The embodiment of the present invention, when terminal operating intended application, obtains at least one associated with intended application Risk factor, each risk factor in this at least one risk factor in external environment condition residing for detection present terminal Value, based on the value of each risk factor in this at least one risk factor, calculate and be used for representing that user is current Use the risk factor of this intended application degree of danger, and according to this risk factor, determine user's this mesh currently used Whether mark application is safe condition, and this mode can be according to the risk factor in external environment condition residing for present terminal Determine that user uses whether intended application is safe condition, thus improve user and use the safety of terminal.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to enforcement In example or description of the prior art, the required accompanying drawing used is briefly described, it should be apparent that, describe below In accompanying drawing be only some embodiments of the present invention, for those of ordinary skill in the art, do not paying On the premise of going out creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
The flow chart of a kind of application safety detection method that Fig. 1 provides for the embodiment of the present invention;
Fig. 2 installs the flow chart of detection method for the another kind of application that the embodiment of the present invention provides;
Interaction diagrams between a kind of client and server that Fig. 3 provides for the embodiment of the present invention;
The structural representation of a kind of application safety detection device that Fig. 4 provides for the embodiment of the present invention;
A kind of structural representation determining module that Fig. 5 provides for the embodiment of the present invention.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clearly Chu, be fully described by, it is clear that described embodiment be only a part of embodiment of the present invention rather than Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creation The every other embodiment obtained under property work premise, broadly falls into the scope of protection of the invention.
In the embodiment of the present invention, terminal may include that personal computer (Personal Computer, PC), The equipment such as panel computer, mobile phone, smart mobile phone, notebook computer.
Can install in terminal and run application program, this application program may include but be not limited to: SNS (Social Networking Services, social network services) application program, instant messaging application program, music should By program and video application etc..Server can be a stand-alone service equipment, or by many The cluster service equipment that individual stand-alone service equipment collectively forms.
Below in conjunction with accompanying drawing 1-accompanying drawing 3, the application safety detection method providing the embodiment of the present invention is carried out in detail Thin introduction.
Refer to Fig. 1, for the flow chart of a kind of application safety detection method that the embodiment of the present invention provides;The party Method can comprise the following steps S100-step S102.
S100, when terminal operating intended application, obtains at least one associated with described intended application dangerous Factor;
In the embodiment of the present invention, when user unlocks and begins to use the intended application of terminal, obtain and this mesh At least one risk factor of mark association, risk factor refers to may affect when user uses terminal The condition of its personal safety, risk factor includes but not limited to that (geographical position can be for the geographical position of terminal The longitude of terminal and latitude), user's walking states and weather conditions etc..
The risk factor of different associations is different, such as, it is not necessary to user stares at the application of screen always, Then the risk factor associated by this application does not include user's walking states, says here as a example by listening song application Bright, user can walk and listen song, therefore can with at least one risk factor listening song association To include that (geographical position can reflect that user's whether distance prohibits the use of the district of terminal in the geographical position of terminal Territory is closer and user whether distance downtown area is closer etc.) and weather conditions.
Optionally, each risk factor can be by server with the form of the risk factor list in configuration file It is issued to terminal, when terminal operating intended application, selects to associate with intended application from risk factor list At least one risk factor, generally each at least one risk factor associated by application can be by advance Set.
S101, at least one risk factor described in external environment condition residing for detection present terminal each dangerous because of The value of element;
In the embodiment of the present invention, every in this at least one risk factor in external environment condition residing for detection present terminal The value of individual risk factor, external environment condition residing for present terminal includes this terminal present position, and this terminal institute Place ambient temperature, weather etc..Concrete detection method can be to use sensor to carry out detecting (the most logical Cross gravity sensor detection user's walking states), or carry out detecting by the Internet and (such as pass through the Internet Detection terminal is presently in the state of weather of position), or by global positioning system (Global Positioning System, GPS) current geographic position detecting terminal etc..
S102, based on the value of each risk factor at least one risk factor described, calculates and is used for representing use The risk factor of the currently used described intended application degree of danger in family, and according to described risk factor, determine that user works as Whether the described intended application of front use is safe condition.
In the embodiment of the present invention, based on the value of each risk factor at least one measured risk factor, Calculating the risk factor for representing user's this intended application degree of danger currently used, optionally, risk factor is Refer to the calculated value of comprehensive various risk factor, between 0 and 1, be worth the highest, represent more danger Danger, terminal, according to this risk factor, determines whether user's this intended application currently used is safe condition.
Preferably, calculate the risk factor for representing user's this intended application degree of danger currently used, and Determine that user uses whether this intended application is that safe condition can be completed by server according to this risk factor, eventually End has only to the value of each risk factor in this measured at least one risk factor and this intended application Target identification upload onto the server, server is back to terminal after determining safe condition, needs explanation , according to the value of each risk factor, server determines that the determination method of safe condition can with terminal really Determine mode identical.
Optionally, described based on the value of each risk factor at least one risk factor described, calculating is used for Represent the risk factor of the currently used described intended application degree of danger of user, and according to described risk factor, determine Whether the currently used described intended application of user is safe condition, comprises the following steps S10~S11:
S10, based on the value of each risk factor at least one risk factor described, uses target algorithm to calculate For representing the risk factor of the currently used described intended application degree of danger of user, described target algorithm is described The hardware parameter that server is uploaded according to terminal, the algorithm selected from the polyalgorithm of described terminal built-in;
In the embodiment of the present invention, server issues configuration file and includes risk factor to terminal, configuration file List risk_list (geographical position position, walking states walking, the weather conditions weather such as terminal Etc.), target algorithm risk_calc_policy of risk factor, predetermined threshold value risk_threshold of risk factor, And white list white_list etc..
A signal of configuration file be presented herein below:
The implication of each field is as follows:
The version number of version: current configuration file, used during for updating the local profile of client, The version number of the new configuration file only issued when server is just updated when being higher than local version number;
Dangerous_check: whether open hazard detection, because the detection of various risk factor needs to consume firmly Part resource, by server, according to the configuration information of user terminal, (being not only hardware configuration, the such as head of a family gives Meeting this function of enforced opening in the mobile phone that child buys) decide whether to open hazard detection;
Risk_list: client needs the risk factor list of detection, for the calculating of risk factor;
White_list: white list list, even if risk factor has exceeded threshold value, also should allow in white list App runs and does not remind user;
Risk_calc_policy: calculate the target algorithm of risk factor, by server from being built in the multiple of client Risk factor calculative strategy selects most suitable one;
The predetermined threshold value of risk_threshold: risk factor, when the risk factor of user's local environment exceedes this value, And user use App not in white_list time, user will be reminded dangerous.
Target algorithm for when terminal to server request issues configuration file, by the hardware parameter of terminal and Built-in multiple risk factor algorithms send to server, server according to the hardware parameter of terminal from polyalgorithm The optimal target algorithm of middle selection, and this target algorithm is issued to terminal by configuration file, need Bright, target algorithm can be the algorithm mated with hardware parameter, and such as configuring high terminal can use Complicated exact algorithm.
After all of risk factor all detects successfully, all risk factors that terminal is comprehensively detected use mesh Mark algorithm is calculated risk factor risk_value=risk_calc_policy (risk_list).
S11, if described risk factor is more than predetermined threshold value, it is determined that the currently used described intended application of described user For unsafe condition;If described risk factor is less than predetermined threshold value, it is determined that the currently used described mesh of described user Mark application is safe condition.
In the embodiment of the present invention, if risk factor is more than predetermined threshold value, i.e. risk_value > risk_threshold, Then determine that the currently used intended application of user is unsafe condition, need to remind user, it is understood that there may be safety Problem.If risk factor is less than predetermined threshold value, i.e. risk_value risk_threshold, it is determined that user is current Use intended application is safe condition, can be continuing with.
Further alternative, if described risk factor is more than after predetermined threshold value, described determine described user Before currently used described intended application is unsafe condition, also include:
The target identification of described intended application is mated with the mark in default white list, described default white The application that mark in list is identified is the application that any state all allows to run;
If described target identification does not mates with the mark in described default white list, it is determined that described user is current Using described intended application is unsafe condition.
Preferably, if risk factor is more than predetermined threshold value, further the target identification of detection intended application whether with Presetting the mark coupling in white list, the application that the mark in default white list is identified is that any state is the most fair Being permitted the application run, such as emergency call, or navigation software, when user gets lost, even if risk factor is high In predetermined threshold value, navigation software can not be closed.
If target identification does not mates with the mark in default white list, i.e. intended application is not under any state All allow the application run, and risk factor is more than predetermined threshold value, it is determined that the intended application that user is currently used For unsafe condition.
Further alternative, described predetermined threshold value and described default white list are described server and pass through institute State configuration file and push to described terminal;
Described determine that the currently used described intended application of described user is unsafe condition after, it is also possible to include Following steps S103~S105;
S103, output is for pointing out user the information stopping using described intended application;
In the embodiment of the present invention, user when using terminal, when detecting that current environment should not use mobile phone And the intended application that is currently in use of active user not in white list time, output is used for pointing out user to stop using The information of intended application, optionally, this information can be eject dialog box remind user by It is continuing with mobile phone may threaten personal safety in weather, traffic equivalent risk.
S104, obtains user and includes for the operation information done by described information, described operation information Stop using described intended application or be continuing with described intended application;
In the embodiment of the present invention, user can make operation instruction for this information, obtains the behaviour of user Making information, this operation information includes stopping using this intended application or being continuing with this intended application.If used Family selects to stop using this intended application, then locking terminal;If user selects to be continuing with this target terminal, Then close box, allows user be continuing with.
S105, is uploaded to described server by described operation information, so that described server is according to described operation Described predetermined threshold value in configuration file described in information updating and/or described default white list.
In the embodiment of the present invention, this operation information being uploaded onto the server, server can be according to mass users Operation information be analyzed, thus the predetermined threshold value in more new configuration file and/or default white list.Need Illustrate, if the configuration file in server changes, then need to be issued to terminal.
The embodiment of the present invention, when terminal operating intended application, obtains at least one associated with intended application Risk factor, each risk factor in this at least one risk factor in external environment condition residing for detection present terminal Value, based on the value of each risk factor in this at least one risk factor, calculate and be used for representing that user is current Use the risk factor of this intended application degree of danger, and according to this risk factor, determine user's this mesh currently used Whether mark application is safe condition, and this mode can be according to the risk factor in external environment condition residing for present terminal Determine that user uses whether intended application is safe condition, thus improve user and use the safety of terminal.
Refer to Fig. 2, for the flow process signal of the another kind of application safety detection method that the embodiment of the present invention provides Figure, as it can be seen, the method comprises the following steps S200-S204:
S200, sends the file request issuing configuration file for request to server;
In the embodiment of the present invention, if terminal is configured without file, then need to send under request to server Send out the file request of configuration file, this document request can include hardware parameter and the terminal built-in of terminal Multiple risk factor algorithm.
S201, receives the configuration file that described server returns, described configuration file based on described file request Include risk factor list;
In the embodiment of the present invention, server returns configuration file according to file request to terminal, this configuration file Include risk factor list, risk factor include but not limited to the geographical position of terminal, walking states and Weather conditions etc..Further alternative, configuration file also includes the server hardware parameter according to terminal The selected target algorithm of calculating risk factor, predetermined threshold value and default white list etc., joining of server Put parameters in file can dynamically change.
S202, when terminal operating intended application, selecting from described risk factor list should with described target At least one risk factor with association.
In the embodiment of the present invention, when terminal operating intended application, from the risk factor list of configuration file Select at least one risk factor associated with intended application, such as, with the risk factor listening song association Geographical position and the weather conditions that can include terminal etc..
S203, the value of each risk factor at least one risk factor described in detection present terminal environment;
S204, based on the value of each risk factor at least one risk factor described, calculates and is used for representing use The risk factor of the currently used described intended application degree of danger in family, and according to described risk factor, determine that user works as Whether the described intended application of front use is safe condition.
Embodiment of the present invention step S203-S204 refer to embodiment step S101-S102 of Fig. 1, at this not Repeat again.
The embodiment of the present invention, when terminal operating intended application, obtains at least one associated with intended application Risk factor, each risk factor in this at least one risk factor in external environment condition residing for detection present terminal Value, based on the value of each risk factor in this at least one risk factor, calculate and be used for representing that user is current Use the risk factor of this intended application degree of danger, and according to this risk factor, determine user's this mesh currently used Whether mark application is safe condition, and this mode can be according to the risk factor in external environment condition residing for present terminal Determine that user uses whether intended application is safe condition, thus improve user and use the safety of terminal.
Here illustrate as a example by the intended application of terminal operating is as phone application, associate with phone application At least one risk factor can include but not limited to: weather conditions, geographical position and walking states, eventually By the geographical position of GPS detection terminal, end can such as detect that the geographical position of terminal is that Shenzhen section is emerging Research park is outdoor;Obtained the weather conditions in this geographical position further by terminal networking, be such as thunderstorm sky Gas, detects that by the sensor of terminal the user of this terminal hand-held is kept in motion, it is assumed that preset outdoor The value of corresponding geographical position risk factor is 0.5, and the value of the weather conditions risk factor that Thunderstorm Weather is corresponding is 0.8 (the value difference that different weather situation is corresponding), the value of the walking states risk factor that user movement state is corresponding Being 0.6, target algorithm is that weighted mean asks for algorithm, weather conditions, geographical position and walking states Weighted value is respectively 0.6,0.1,0.3, then risk factor is 0.8*0.6+0.5*0.1+0.6*0.3=0.71.If presetting Threshold value is 0.3, then this risk factor is more than predetermined threshold value, and therefore terminal currently runs this phone application is dangerous State, terminal notifying user " be currently outdoor Thunderstorm Weather, be not suitable for using this phone application ", user Can select to stop using this phone application.
Refer to Fig. 3, mutual for the information between a kind of client and server that the embodiment of the present invention provides Figure, as it can be seen, user begins to use mobile phone, operational objective is applied, and first determines whether whether exist in mobile phone Configuration file;
If mobile phone exists configuration file, then resolve configuration file, it is thus achieved that risk factor list, it is judged that mobile phone Whether opening hazard detection, if opening hazard detection, detection risk factor list associating with intended application The value of risk factor, the value further according to risk factor calculates risk factor, it is judged that it is default whether risk factor exceedes The target identification of threshold value and this intended application is not in white list, if any of which item is unsatisfactory for, then allows to continue Continuous use mobile phone, if risk factor exceedes the target identification of predetermined threshold value and intended application not at white list, then carry The user that wakes up is dangerous, it is judged that whether user agrees to stop using mobile phone, and is uploaded onto the server by user behavior, White list in server correction configuration file and predetermined threshold value.
If there is not configuration file in mobile phone, then to server request configuration file, server is from configuration file Configuration file is back to mobile phone by data base.
Below in conjunction with accompanying drawing 4-accompanying drawing 5, a kind of application safety detection device providing the embodiment of the present invention enters Row is discussed in detail.
Refer to Fig. 4, for the embodiment of the present invention provide a kind of application safety detection device structural representation, The application safety detection device of the present embodiment can apply to terminal, as it can be seen, this application safety detection dress Put and include the first acquisition module 100, detection module 101 and determine module 102;
First acquisition module 100, for when terminal operating intended application, obtains and associates with described intended application At least one risk factor;
In the embodiment of the present invention, when user unlocks and begins to use the intended application of terminal, first obtains mould Block 100 obtains at least one risk factor associated with this intended application, and risk factor refers to use user May affect the condition of its personal safety during terminal, risk factor includes but not limited to the geographical position of terminal Longitude and the latitude of terminal (geographical position can be), user's walking states and weather conditions etc..
The risk factor of different associations is different, such as, it is not necessary to user stares at the application of screen always, Then the risk factor associated by this application does not include user's walking states, says here as a example by listening song application Bright, user can walk and listen song, therefore can with at least one risk factor listening song association To include that (geographical position can reflect that user's whether distance prohibits the use of the district of terminal in the geographical position of terminal Territory is closer and user whether distance downtown area is closer etc.) and weather conditions.
Optionally, each risk factor can be by server with the form of the risk factor list in configuration file It is issued to terminal, when terminal operating intended application, selects to associate with intended application from risk factor list At least one risk factor, generally each at least one risk factor associated by application can be by advance Set.
Detection module 101, is used for detecting residing for present terminal described in external environment condition at least one risk factor The value of each risk factor;
In the embodiment of the present invention, detection module 101 detects in external environment condition residing for present terminal this at least one The value of each risk factor in risk factor, external environment condition residing for present terminal includes this terminal present position, And this terminal local environment temperature, weather etc..Concrete detection method can be to use sensor to carry out Detection (such as detects user's walking states by gravity sensor), or carries out detecting (example by the Internet As being presently in the state of weather of position by the Internet detection terminal), or pass through global positioning system Current geographic position of (Global Positioning System, GPS) detection terminal etc..
Determine module 102, for based on the value of each risk factor at least one risk factor described, calculate For representing the risk factor of the currently used described intended application degree of danger of user, and according to described risk factor, Determine whether the currently used described intended application of user is safe condition.
In the embodiment of the present invention, determine that module 102 is based on each danger at least one measured risk factor The value of danger factor, calculates the risk factor for representing user's this intended application degree of danger currently used, optional , risk factor refers to the calculated value of comprehensive various risk factor, and between 0 and 1, value is more Height, represents the most dangerous, and terminal, according to this risk factor, determines whether user's this intended application currently used is peace Total state.
As the optional embodiment of one, as it is shown in figure 5, determine that module 102 can include computing unit 1020 and determine unit 1021;
Computing unit 1020, for based on the value of each risk factor at least one risk factor described, adopts The risk factor for representing the currently used described intended application degree of danger of user is calculated by target algorithm, described Target algorithm is the hardware parameter that described server is uploaded according to terminal, from the polyalgorithm of described terminal built-in The algorithm of middle selection;
In the embodiment of the present invention, server issues configuration file and includes risk factor to terminal, configuration file List risk_list (geographical position position, walking states walking, the weather conditions weather such as terminal Etc.), target algorithm risk_calc_policy of risk factor, predetermined threshold value risk_threshold of risk factor, And white list white_list etc..
A signal of configuration file be presented herein below:
The implication of each field is as follows:
The version number of version: current configuration file, used during for updating the local profile of client, The version number of the new configuration file only issued when server is just updated when being higher than local version number;
Dangerous_check: whether open hazard detection, because the detection of various risk factor needs to consume firmly Part resource, by server, according to the configuration information of user terminal, (being not only hardware configuration, the such as head of a family gives Meeting this function of enforced opening in the mobile phone that child buys) decide whether to open hazard detection;
Risk_list: client needs the risk factor list of detection, for the calculating of risk factor;
White_list: white list list, even if risk factor has exceeded threshold value, also should allow in white list App runs and does not remind user;
Risk_calc_policy: calculate the target algorithm of risk factor, by server from being built in the multiple of client Risk factor calculative strategy selects most suitable one;
The predetermined threshold value of risk_threshold: risk factor, when the risk factor of user's local environment exceedes this value, And user use App not in white_list time, user will be reminded dangerous.
Target algorithm for when terminal to server request issues configuration file, by the hardware parameter of terminal and Built-in multiple risk factor algorithms send to server, server according to the hardware parameter of terminal from polyalgorithm The optimal target algorithm of middle selection, and this target algorithm is issued to terminal by configuration file, need Bright, target algorithm can be the algorithm mated with hardware parameter, and such as configuring high terminal can use Complicated exact algorithm.
After all of risk factor all detects successfully, all danger that terminal computing unit 1020 is comprehensively detected Danger factor uses target algorithm to be calculated risk factor risk_value=risk_calc_policy (risk_list).
Determine unit 1021, if for described risk factor more than predetermined threshold value, it is determined that described user currently makes It is unsafe condition by described intended application;If described risk factor is less than predetermined threshold value, it is determined that described user Currently used described intended application is safe condition.
In the embodiment of the present invention, if risk factor is more than predetermined threshold value, i.e. risk_value > risk_threshold, Then determine that unit 1021 determines that the currently used intended application of user is unsafe condition, need to remind user, There may be safety problem.If risk factor be less than predetermined threshold value, i.e. risk_value risk_threshold, then Determine that unit 1021 determines that the currently used intended application of user is safe condition, can be continuing with.
Concrete optional, determine that unit 1021 is more than predetermined threshold value specifically for described risk factor if described, will The target identification of described intended application mates with the mark in default white list, in described default white list Mark identified application for any state all allow run application;If described target identification is pre-with described If the mark in white list is not mated, it is determined that the currently used described intended application of described user is dangerous shape State.
Preferably, if risk factor is more than predetermined threshold value, determine that unit 1021 detects the mesh of intended application further The mark identified whether and preset in white list is mated, and the application that the mark in default white list is identified is Any state all allow run application, such as emergency call, or navigation software, when user gets lost, Even if risk factor is higher than predetermined threshold value, navigation software can not be closed.
If target identification does not mates with the mark in default white list, i.e. intended application is not under any state All allow the application run, and risk factor is more than predetermined threshold value, it is determined that the intended application that user is currently used For unsafe condition.
As the optional embodiment of another kind, described determine module 102 specifically for by described at least one In risk factor, the value of each risk factor and the target identification of described intended application upload onto the server, with Described server is made to calculate for representing use based on the value of each risk factor at least one risk factor described The risk factor of the currently used described intended application degree of danger in family, described server according to described risk factor, Determine whether the currently used described intended application of user is safe condition.
Further alternative, this device can also include sending module 103 and receiver module 104;
Sending module 103, for sending the file request issuing configuration file for request to server;
In the embodiment of the present invention, if terminal is configured without file, sending module 103 then needs to send out to server Send the file request issuing configuration file for request, this document request can include the hardware parameter of terminal And the multiple risk factor algorithm of terminal built-in.
Receiver module 104, for receiving the configuration file that described server returns, institute based on described file request State configuration file and include risk factor list;
In the embodiment of the present invention, server returns configuration file according to file request to terminal, this configuration file Include risk factor list, risk factor include but not limited to the geographical position of terminal, walking states and Weather conditions etc..Further alternative, configuration file also includes the server hardware parameter according to terminal The selected target algorithm of calculating risk factor, predetermined threshold value and default white list etc., joining of server Put parameters in file can dynamically change.
Described first acquisition module 100 is specifically for when terminal operating intended application, from described risk factor List selects at least one risk factor associated with described intended application.
In the embodiment of the present invention, when terminal operating intended application, the first acquisition module 100 is from configuration file Risk factor list in select at least one risk factor of associate with intended application, such as, answer with listening to sing Risk factor geographical position and the weather conditions that can include terminal with association etc..
Further alternative, described predetermined threshold value and described default white list are described server and pass through institute State configuration file and push to described terminal;Described device also includes output module the 105, second acquisition module 106 And upper transmission module 107;
For working as, output module 105, determines that the currently used described intended application of described user is unsafe condition, Output prompting user stops using the information of described intended application;
In the embodiment of the present invention, user when using terminal, when detecting that current environment should not use mobile phone And the intended application that is currently in use of active user not in white list time, output module 105 output is used for pointing out User stops using the information of intended application, and optionally, this information can be to eject a dialogue Frame reminds user to be continuing with mobile phone may threaten personal safety due to weather, traffic equivalent risk.
Second acquisition module 106, for obtaining user for the operation information done by described information, institute State operation information to include stopping using described intended application or being continuing with described intended application;
In the embodiment of the present invention, user can make operation instruction for this information, the second acquisition module The 106 operation information obtaining user, this operation information includes stopping using this intended application or being continuing with this mesh Mark application.If user selects to stop using this intended application, then locking terminal;If user selects to continue to make Use this target terminal, then close box, allow user be continuing with.
Upper transmission module 107, for described operation information is uploaded to described server, so that described server root According to the described predetermined threshold value in configuration file described in described operation information updating and/or described default white list.
In the embodiment of the present invention, this operation information is uploaded onto the server by upper transmission module 107, and server is permissible Operation information according to mass users is analyzed, thus predetermined threshold value in more new configuration file and/or preset White list.If it should be noted that the configuration file in server changes, then needing to be issued to terminal.
The embodiment of the present invention, when terminal operating intended application, obtains at least one associated with intended application Risk factor, each risk factor in this at least one risk factor in external environment condition residing for detection present terminal Value, based on the value of each risk factor in this at least one risk factor, calculate and be used for representing that user is current Use the risk factor of this intended application degree of danger, and according to this risk factor, determine user's this mesh currently used Whether mark application is safe condition, and this mode can be according to the risk factor in external environment condition residing for present terminal Determine that user uses whether intended application is safe condition, thus improve user and use the safety of terminal.
One of ordinary skill in the art will appreciate that all or part of flow process realizing in above-described embodiment method, Can be by computer program and complete to instruct relevant hardware, described program can be stored in a calculating In machine read/write memory medium, the program that the detection device of application safety shown in accompanying drawing 4-accompanying drawing 5 is corresponding can store In the readable storage medium storing program for executing of application safety detection device, and by least in this application safety detection device Individual processor performs, and to realize above-mentioned application safety detection method, the method includes that in Fig. 1-Fig. 2, method is real Execute the flow process described in example.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) Deng.
Above disclosed be only present pre-ferred embodiments, certainly can not with this limit the present invention it Interest field, the equivalent variations therefore made according to the claims in the present invention, still belong to the scope that the present invention is contained.

Claims (14)

1. an application safety detection method, it is characterised in that including:
When terminal operating intended application, obtain at least one risk factor associated with described intended application;
Each risk factor at least one risk factor described in external environment condition residing for detection present terminal Value;
Based on the value of each risk factor at least one risk factor described, calculate and be used for representing that user is current Use the risk factor of described intended application degree of danger, and according to described risk factor, determine that user is currently used Whether described intended application is safe condition.
2. the method for claim 1, it is characterised in that described acquisition associates with described intended application At least one risk factor before, also include:
The file request issuing configuration file for request is sent to server;
Receiving the configuration file that described server returns based on described file request, described configuration file includes Risk factor list;
At least one risk factor that described acquisition associates with described intended application, including:
At least one risk factor associated with described intended application is selected from described risk factor list.
3. method as claimed in claim 2, it is characterised in that described based on described at least one dangerous because of The value of each risk factor in element, calculates for representing the currently used described intended application degree of danger of user Risk factor, and according to described risk factor, determine whether the currently used described intended application of user is safe condition, Including:
Based on the value of each risk factor at least one risk factor described, use target algorithm to calculate and be used for Representing the risk factor of the currently used described intended application degree of danger of user, described target algorithm is described service The hardware parameter that device is uploaded according to terminal, the algorithm selected from the polyalgorithm of described terminal built-in;
If described risk factor is more than predetermined threshold value, it is determined that the currently used described intended application of described user is not Safe condition;
If described risk factor is less than predetermined threshold value, it is determined that the currently used described intended application of described user is peace Total state.
4. method as claimed in claim 3, it is characterised in that if described risk factor is more than presetting threshold After value, described determine that the currently used described intended application of described user is unsafe condition before, also include:
The target identification of described intended application is mated with the mark in default white list, described default white The application that mark in list is identified is the application that any state all allows to run;
If described target identification does not mates with the mark in described default white list, it is determined that described user is current Using described intended application is unsafe condition.
5. method as claimed in claim 4, it is characterised in that described predetermined threshold value and described preset white List is described server and pushes to described terminal by described configuration file;
Described determine that the currently used described intended application of described user is unsafe condition after, also include:
Output is for pointing out user the information stopping using described intended application;
Obtain user and include that stopping makes for the operation information done by described information, described operation information By described intended application or be continuing with described intended application;
Described operation information is uploaded to described server, so that described server is according to described operation information more Described predetermined threshold value in new described configuration file and/or described default white list.
6. method as claimed in claim 2, it is characterised in that described based on described at least one dangerous because of The value of each risk factor in element, calculates for representing the currently used described intended application degree of danger of user Risk factor, and according to described risk factor, determine whether the currently used described intended application of user is safe condition, Including:
By the value of each risk factor at least one risk factor described and the target mark of described intended application Knowledge uploads onto the server, so that described server is based on each risk factor at least one risk factor described Value calculate for representing the risk factor of the currently used described intended application degree of danger of user, described server And according to described risk factor, determine whether the currently used described intended application of user is safe condition.
7. the method as described in claim 1-6 any one, it is characterised in that described risk factor includes Any one in the geographical position of terminal, user's walking states and weather conditions.
8. an application safety detection device, it is characterised in that including:
First acquisition module, for when terminal operating intended application, acquisition associates with described intended application At least one risk factor;
Detection module, is used for detecting residing for present terminal every at least one risk factor described in external environment condition The value of individual risk factor;
Determine module, for based on the value of each risk factor at least one risk factor described, calculate and use In the risk factor of the expression currently used described intended application degree of danger of user, and according to described risk factor, really Determine whether the currently used described intended application of user is safe condition.
9. device as claimed in claim 8, it is characterised in that described device also includes:
Sending module, for sending the file request issuing configuration file for request to server;
Receiver module, for receiving the configuration file that described server returns based on described file request, described Configuration file includes risk factor list;
Described first acquisition module is specifically for when terminal operating intended application, from described risk factor list At least one risk factor that middle selection associates with described intended application.
10. device as claimed in claim 9, it is characterised in that described determine that module includes:
Computing unit, for based on the value of each risk factor at least one risk factor described, uses mesh Mark algorithm calculates the risk factor for representing the currently used described intended application degree of danger of user, described target Algorithm is the hardware parameter that described server is uploaded according to terminal, selects from the polyalgorithm of described terminal built-in The algorithm selected;
Determine unit, if for described risk factor more than predetermined threshold value, it is determined that the currently used institute of described user Stating intended application is unsafe condition;If described risk factor is less than predetermined threshold value, it is determined that described user is current Using described intended application is safe condition.
11. devices as claimed in claim 10, it is characterised in that determine that unit is specifically for institute if described State risk factor and be more than predetermined threshold value, the target identification of described intended application is entered with the mark in default white list Row coupling, the application that the mark in described default white list is identified is the application that any state all allows to run; If described target identification does not mates with the mark in described default white list, it is determined that described user is currently used Described intended application is unsafe condition.
12. devices as claimed in claim 11, it is characterised in that described predetermined threshold value and described preset White list is described server and pushes to described terminal by described configuration file;Described device also includes:
Output module, for when determining that the currently used described intended application of described user is unsafe condition, defeated Go out to point out user to stop using the information of described intended application;
Second acquisition module, for obtaining user for the operation information done by described information, described Operation information includes stopping using described intended application or being continuing with described intended application;
Upper transmission module, for described operation information is uploaded to described server so that described server according to Described predetermined threshold value in configuration file described in described operation information updating and/or described default white list.
13. devices as claimed in claim 9, it is characterised in that described determine that module is specifically for by institute The target identification of the value and described intended application of stating each risk factor at least one risk factor is uploaded to Server, so that described server calculates based on the value of each risk factor at least one risk factor described For representing the risk factor of the currently used described intended application degree of danger of user, described server according to institute State risk factor, determine whether the currently used described intended application of user is safe condition.
14. devices as described in claim 8-13 any one, it is characterised in that described risk factor bag Include in the geographical position of terminal, user's walking states and weather conditions any one.
CN201610292374.4A 2016-05-05 2016-05-05 Application security detection method and device Pending CN105847407A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610292374.4A CN105847407A (en) 2016-05-05 2016-05-05 Application security detection method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610292374.4A CN105847407A (en) 2016-05-05 2016-05-05 Application security detection method and device

Publications (1)

Publication Number Publication Date
CN105847407A true CN105847407A (en) 2016-08-10

Family

ID=56591455

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610292374.4A Pending CN105847407A (en) 2016-05-05 2016-05-05 Application security detection method and device

Country Status (1)

Country Link
CN (1) CN105847407A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106506471A (en) * 2016-10-31 2017-03-15 百度在线网络技术(北京)有限公司 Application control method and device
CN112583978A (en) * 2019-09-30 2021-03-30 奇安信科技集团股份有限公司 Method and device for evaluating operating environment of mobile terminal

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103106374A (en) * 2013-01-15 2013-05-15 广东欧珀移动通信有限公司 Safety pre-warning processing method, system and mobile terminal of reminding user of mobile terminal
CN103366121A (en) * 2012-03-26 2013-10-23 腾讯科技(深圳)有限公司 Safety inspection method, device and system
US20140066097A1 (en) * 2012-08-29 2014-03-06 Cellco Partnership D/B/A Verizon Wireless Impending hazard alert
CN104333654A (en) * 2014-10-14 2015-02-04 京东方科技集团股份有限公司 Danger warning method, danger warning device and portable electronic equipment
CN104378494A (en) * 2013-08-16 2015-02-25 联想移动通信科技有限公司 Reminding method and mobile terminal
CN104461021A (en) * 2014-12-29 2015-03-25 北京尚德智产投资管理有限公司 Mobile terminal and control method thereof
CN104469020A (en) * 2014-12-29 2015-03-25 北京尚德智产投资管理有限公司 Mobile terminal and control method thereof
CN104486509A (en) * 2014-12-29 2015-04-01 北京尚德智产投资管理有限公司 Mobile terminal and control method thereof
CN105426179A (en) * 2015-11-05 2016-03-23 深圳市金立通信设备有限公司 Application program control method and terminal

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103366121A (en) * 2012-03-26 2013-10-23 腾讯科技(深圳)有限公司 Safety inspection method, device and system
US20140066097A1 (en) * 2012-08-29 2014-03-06 Cellco Partnership D/B/A Verizon Wireless Impending hazard alert
CN103106374A (en) * 2013-01-15 2013-05-15 广东欧珀移动通信有限公司 Safety pre-warning processing method, system and mobile terminal of reminding user of mobile terminal
CN104378494A (en) * 2013-08-16 2015-02-25 联想移动通信科技有限公司 Reminding method and mobile terminal
CN104333654A (en) * 2014-10-14 2015-02-04 京东方科技集团股份有限公司 Danger warning method, danger warning device and portable electronic equipment
CN104461021A (en) * 2014-12-29 2015-03-25 北京尚德智产投资管理有限公司 Mobile terminal and control method thereof
CN104469020A (en) * 2014-12-29 2015-03-25 北京尚德智产投资管理有限公司 Mobile terminal and control method thereof
CN104486509A (en) * 2014-12-29 2015-04-01 北京尚德智产投资管理有限公司 Mobile terminal and control method thereof
CN105426179A (en) * 2015-11-05 2016-03-23 深圳市金立通信设备有限公司 Application program control method and terminal

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106506471A (en) * 2016-10-31 2017-03-15 百度在线网络技术(北京)有限公司 Application control method and device
CN112583978A (en) * 2019-09-30 2021-03-30 奇安信科技集团股份有限公司 Method and device for evaluating operating environment of mobile terminal

Similar Documents

Publication Publication Date Title
US11809624B2 (en) Sleep detection in a location sharing system
KR102446811B1 (en) Method for combining and providing colltected data from plural devices and electronic device for the same
KR101399267B1 (en) Method and apparatus for recommending application in mobile device
CN110298176A (en) Intelligent terminal App permission privacy risk monitoring and evaluation system and method
CN106663223A (en) Systems and methods for probabilistic semantic sensing in a sensory network
US20100077020A1 (en) Method, apparatus and computer program product for providing intelligent updates of emission values
CN108960785B (en) Information prompting method and device
US20070229350A1 (en) Apparatus and Method for Providing Location Information on Individuals and Objects using Tracking Devices
US20090119119A1 (en) System and method for creating and managing a personalized web interface for monitoring location information on individuals and objects using tracking devices
US20130184031A1 (en) Mobile device and method of determining a state transition of a mobile device
CN107106030A (en) The dynamic wearable device operating condition detected based on planning chart
CN109937595A (en) For determining the electronic device and method of position
US9026083B2 (en) Method for determining mobile device password settings based on acceleration information
CN109544746A (en) A kind of community's access control system control method and its device
CN111047907B (en) Parking space management method, device, equipment and computer readable storage medium
US20210095986A1 (en) Travel based notifications
KR102598270B1 (en) Method for recognizing of boarding vehicle and electronic device for the same
CN110431376A (en) Information analysis apparatus and routing information analysis method
CN108632758B (en) Terminal tracking method, processing device, terminal and storage medium
CN105847407A (en) Application security detection method and device
FR3047102A1 (en) METHOD FOR DETECTING PASSENGERS, MANAGING AND OPTIMIZING THEIR SHARED TRANSPORTS
US20140031061A1 (en) Systems And Methods For Monitoring Device And Vehicle
WO2015157487A1 (en) System utilizing location-based data and methods of its use
CN110472162A (en) Appraisal procedure, system, terminal and readable storage medium storing program for executing
KR20170054876A (en) Method for managing schedule information and electronic device thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20160810

RJ01 Rejection of invention patent application after publication