CN106101105A - Data processing method, Apparatus and system - Google Patents
Data processing method, Apparatus and system Download PDFInfo
- Publication number
- CN106101105A CN106101105A CN201610424109.7A CN201610424109A CN106101105A CN 106101105 A CN106101105 A CN 106101105A CN 201610424109 A CN201610424109 A CN 201610424109A CN 106101105 A CN106101105 A CN 106101105A
- Authority
- CN
- China
- Prior art keywords
- application program
- data
- application
- transmission data
- data manipulation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/302—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information gathering intelligence information for situation awareness or reconnaissance
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/308—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information retaining data, e.g. retaining successful, unsuccessful communication attempts, internet access, or e-mail, internet telephony, intercept related information or call content
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Abstract
The disclosure is directed to data processing method, Apparatus and system.The method includes: when the application program of application layer performs transmission data manipulation, obtain the protocol Data Unit data of application transfer;When protocol Data Unit data include presetting sensitive information, obtain the application program identification of application program;When application program identification is not belonging to preset logo collection, stops transmission data manipulation and application program execution transmission data manipulation is reminded.This technical scheme can avoid the sensitive information in terminal to be stolen by trojan horse program or fishing website, and user can know the trojan horse program hidden in terminal the most accurately, and then protects information security and the property safety of terminal use.Further, on the basis of not affecting trusted application work, information intercepting ground accuracy, and the accuracy that suspicious trojan horse program is identified are improved, it is to avoid user sensitive information is compromised, and improves user's experience degree to terminal.
Description
Technical field
It relates to field of information security technology, particularly relate to data processing method, Apparatus and system.
Background technology
At present, the leak of communication field information security is very big, the various application programs that mobile terminal is installed, often some
Trojan horse program fishing website is cut into mobile terminal to steal accounts information and the identifying code of user.In order to prevent various wooden horse journey
Sequence theft account password and verification code information, in the urgent need to safer mechanism, ensure the safety of user profile.
Summary of the invention
Disclosure embodiment provides data processing method, Apparatus and system.Described technical scheme is as follows:
First aspect according to disclosure embodiment, it is provided that a kind of data processing method, is applied to the ccf layer of terminal, institute
The method of stating includes:
When the application program of application layer performs transmission data manipulation, obtain the protocol data list of described application transfer
Metadata;
When described protocol Data Unit data include presetting sensitive information, obtain the application program of described application program
Mark;
When described application program identification is not belonging to preset logo collection, stops described transmission data manipulation and answer described
Perform described transmission data manipulation by program to remind.
Optionally, the application program identification of the described application program of described acquisition, including:
Call the interface process transmitting described protocol Data Unit data;
Call result according to described interface process and determine the mark of described application program.
Optionally, described transmission data manipulation is reminded, including:
Generating prompting message, described prompting message is for reminding the described protocol data list of application transfer described in user
Metadata includes described default sensitive information;
Show described prompting message.
Optionally, described transmission data manipulation is reminded, also includes:
The option terminating described transmission data manipulation is provided;
When receiving the selected operation to described option, terminate described transmission data manipulation.
Optionally, described transmission data manipulation includes sending data manipulation and receiving at least one operation in data manipulation.
Optionally, described default sensitive information includes at least one information following: identifying code, account name, account password, use
Family identity information, instant messaging account and telephone number.
Second aspect according to disclosure embodiment, it is provided that a kind of data processing equipment, is applied to the ccf layer of terminal, institute
State device to include:
First acquisition module, for when the application program of application layer performs transmission data manipulation, obtaining described application journey
The protocol Data Unit data of sequence transmission;
Second acquisition module, includes pre-for the described protocol Data Unit data obtained when described first acquisition module
If during sensitive information, obtain the application program identification of described application program;
Processing module, is not belonging to preset identification sets for the described application program identification obtained when described second acquisition module
During conjunction, stop described transmission data manipulation and the described transmission data manipulation of execution of described application program is reminded.
Optionally, described second acquisition module includes:
Call submodule, for extracting bag name or class from the described protocol Data Unit data of described first acquisition module
Name;
Determine submodule, for according to described in call the interface process of submodule and call result and determine described application program
Mark.
Optionally, described processing module includes:
Generating submodule, be used for generating prompting message, described prompting message is used for reminding application transfer described in user
Described protocol Data Unit data include described default sensitive information;
Show submodule, for showing the prompting message that described generation submodule generates.
Optionally, described processing module also includes:
There is provided submodule, for providing the option terminating described transmission data manipulation;
Terminator module, for when receiving the selected operation to the described option that described offer submodule provides, whole
Only described transmission data manipulation.
Optionally, described transmission data manipulation includes sending data manipulation and receiving at least one operation in data manipulation.
Optionally, described default sensitive information includes at least one information following: identifying code, account name, account password, use
Family identity information, instant messaging account and telephone number.
The third aspect according to disclosure embodiment, it is provided that a kind of data processing equipment, is applied to the ccf layer of terminal, should
Device includes:
Processor;
For storing the memorizer of processor executable;
Wherein, described processor is configured to:
When the application program of application layer performs transmission data manipulation, obtain the protocol data list of described application transfer
Metadata;
When described protocol Data Unit data include presetting sensitive information, obtain the application program of described application program
Mark;
When described application program identification is not belonging to preset logo collection, stops described transmission data manipulation and answer described
Perform described transmission data manipulation by program to remind.
Fourth aspect according to disclosure embodiment, it is provided that a kind of data handling system, including: it is positioned at the application of application layer
Program and be positioned at the data processing equipment of terminal box rack-layer;
Described data processing equipment, for when described application program performs transmission data manipulation, obtaining described application journey
The protocol Data Unit data of sequence transmission;When described protocol Data Unit data include presetting sensitive information, obtain described
The application program identification of application program;When described application program identification is not belonging to preset logo collection, stop described transmission number
Remind according to operation and to the described transmission data manipulation of execution of described application program.
Optionally, described application program, protocol Data Unit data to be sent are sent to described data and process dress
Put;
Described data processing equipment, when receiving the protocol Data Unit data being sent to described application program and described
When protocol Data Unit data do not include presetting sensitive information, described protocol Data Unit data are transmitted to described application journey
Sequence.
Embodiment of the disclosure that the technical scheme of offer can include following beneficial effect:
In the present embodiment, data process and may be located at ccf layer, no matter so all of application program can be detected
It is to authorize or unauthorized upper level applications.These application programs are if it is desired to carry out data transmission with the external world, it is necessary to
Through ccf layer, outgoing messages is packaged into protocol Data Unit serial data.Ccf layer can be to the protocol Data Unit number obtained
Detect according to string, to determine in the transmission data of application program whether comprise default sensitive information.When application program being detected
When the data of transmission include default sensitive information, the most whether checking application program is for having the default sensitive information of acquisition
The application program of authority.For having the application program of authority, do not carry out its data transmitted intercepting alarm;For not having
The application program of authority, stops the operation of its transmission data, and reminds user.The sensitive information in terminal can be avoided by wooden horse
Program or fishing website theft, user can know the trojan horse program hidden in terminal the most accurately, and then protection terminal is used
The information security at family and property safety.Further, on the basis of not affecting trusted application work, information intercepting ground is improved accurate
Really property, and the accuracy being identified suspicious trojan horse program, it is to avoid user sensitive information is compromised, improves user to terminal
Experience degree.
In another embodiment, no matter trusted application or untrusted application program, can be by calling biography
The interface process of these protocol Data Unit data defeated determines its application program identification so that user can be quick to transmission exactly
The application program of sense information positions, and improves information intercepting ground accuracy, it is to avoid user sensitive information is compromised.
In another embodiment, by insincere application transfer sensitive information is reminded so that Yong Huke
Clearly to know that those application programs obtain sensitive information, suspicious trojan horse program can be known the most exactly.
In another embodiment, in addition to display alarm information, also provide the user the option terminating transmission data manipulation.
User can choose whether to intercept the transmission data of suspect application programs, it is to avoid the leakage of user sensitive information.
In another embodiment, from the transmission of angle analysis application program or the protocol Data Unit number of reception of protocol layer
According to, if detecting that in protocol Data Unit data sensitive information and this application program position are incredible, then report user should
Application program outgoing or the sensitive information of intercepting and capturing user, the most fundamentally avoid terminal accounts information to suffer leakage problem.With
Family can clearly know which program is obtaining the sensitive information of terminal use, can be light for some trojan horse programs hidden
It is perceived.
It addition, the technical scheme of disclosure embodiment, low cost, terminal only needs increase to want a detection module, the softest
Part realizes, it is not necessary to additionally increases hardware cost, it is possible to farthest protect the property of user, improves user to end
The experience degree of end.
It should be appreciated that it is only exemplary and explanatory, not that above general description and details hereinafter describe
The disclosure can be limited.
Accompanying drawing explanation
Accompanying drawing herein is merged in description and constitutes the part of this specification, it is shown that meet the enforcement of the disclosure
Example, and for explaining the principle of the disclosure together with description.
Fig. 1 is the flow chart according to a kind of data processing method shown in an exemplary embodiment.
Fig. 2 is the flow chart according to a kind of data processing method shown in another exemplary embodiment.
Fig. 3 is the flow chart according to a kind of data processing method shown in another exemplary embodiment.
Fig. 4 is the surface chart according to the display alarm information shown in an exemplary embodiment.
Fig. 5 is the flow chart according to a kind of data processing method shown in another exemplary embodiment.
Fig. 6 is the surface chart according to the display alarm information shown in another exemplary embodiment.
Fig. 7 is the flow chart according to a kind of data processing method shown in another exemplary embodiment.
Fig. 8 is the flow chart according to a kind of data processing method shown in another exemplary embodiment.
Fig. 9 is the block diagram according to a kind of data processing equipment shown in an exemplary embodiment.
Figure 10 is the block diagram according to the second acquisition module shown in an exemplary embodiment.
Figure 11 is the block diagram according to the processing module shown in an exemplary embodiment.
Figure 12 is the block diagram according to the processing module shown in another exemplary embodiment.
Figure 13 is according to a kind of block diagram for data processing equipment shown in an exemplary embodiment.
Figure 14 is the block diagram according to the data handling system shown in an exemplary embodiment.
Detailed description of the invention
Here will illustrate exemplary embodiment in detail, its example represents in the accompanying drawings.Explained below relates to
During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represents same or analogous key element.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the disclosure.On the contrary, they are only with the most appended
The example of the apparatus and method that some aspects that described in detail in claims, the disclosure are consistent.
Accounts information is revealed and mainly includes three aspect contents: account number, password and identifying code.The account of terminal use
Family information is finally to be delivered to the network platform by two ways: data field and the information in signaling territory.Rogue program can pass through
The information content reading data field and signaling territory obtains accounts information.But for the accounts information stolen, finally will pass through
Sending protocol Data Unit packet to go out, rogue program adulterator just can obtain corresponding accounts information.Disclosure embodiment
The technical scheme provided, it is simply that remind account information to be employed program by information in analysis protocol Data Unit packet and obtain
Taking or send, so programs for some malice just can be found by terminal use stealthily obtaining accounts information.
This terminal can be mobile phone, computer, digital broadcast terminal, messaging devices, game console, flat board
Equipment, armarium, body-building equipment, arbitrary equipment with image identification function such as personal digital assistant.
Fig. 1 is the flow chart according to a kind of data processing method shown in an exemplary embodiment, as it is shown in figure 1, data
Processing method is applied to the ccf layer of terminal, comprises the following steps:
In step s 11, when the application program of application layer performs transmission data manipulation, the association of application transfer is obtained
View data unit data;
In step s 12, when protocol Data Unit data include presetting sensitive information, the application of application program is obtained
Program identification;
In step s 13, when application program identification is not belonging to preset logo collection, stop transmission data manipulation correspondence
Perform transmission data manipulation by program to remind.
Wherein, the default sensitive information in step S13 includes but not limited at least one information following: identifying code, account
Name, account password, subscriber identity information, instant messaging account and telephone number.Wherein, subscriber identity information includes but not limited to
At least one information below: address name, ID (identity number) card No., social insurance number, passport number.
Wherein, default logo collection is to have to obtain the application program identification presetting sensitive information authority, and these apply journey
Sequence is the trusted application that user authorizes.
The operating system of terminal includes four layers from bottom to top, is core layer, system Runtime Library layer, ccf layer and application successively
Layer.The data of disclosure embodiment process and may be located at ccf layer, so all of application program can be detected, are no matter
The most unauthorized upper level applications authorized.These application programs are if it is desired to carry out data transmission with the external world, it is necessary to warp
Cross ccf layer and outgoing messages is packaged into protocol Data Unit serial data.Ccf layer can be to the protocol Data Unit data obtained
String detects, to determine in the transmission data of application program whether comprise default sensitive information.When detecting that application program passes
When defeated data include presetting sensitive information, the most whether checking application program presets sensitive information power for having to obtain
The application program of limit.For having the application program of authority, do not carry out its data transmitted intercepting alarm;For not having power
The application program of limit, stops the operation of its transmission data, and reminds user.
This way it is possible to avoid the sensitive information in terminal is stolen by trojan horse program or fishing website, user can be easily accurate
True knows the trojan horse program hidden in terminal, and then protects information security and the property safety of terminal use.Further, at not shadow
On the basis of ringing trusted application work, with improving information intercepting accuracy, and suspicious trojan horse program is identified
Accuracy, it is to avoid user sensitive information is compromised, improves user's experience degree to terminal.
Fig. 2 is the flow chart according to a kind of data processing method shown in another exemplary embodiment, as in figure 2 it is shown,
In another embodiment, obtain the application program identification of application program, including:
In the step s 21, the interface process of TPDU data is called;
In step S22, call result according to interface process and determine the mark of application program.
Such as, system sends the interface of information to application program, and interface can carry the number being sent to, information centre ground
Location, protocol Data Unit serial data and other data.
sendMultipartTextMessageInternal(
String destinationAddress,String scAddress,ArrayList<String>
parts,
ArrayList<PendingIntent>sentIntents,ArrayList<PendingIntent>
deliveryIntents,
boolean persistMessageForCarrierApp
Therefore, it can by calling interface process ActivityThread.currentPackageName (), obtain and send out
Deliver letters the application identities of breath.
iccISms.sendMultipartTextForSubscriber(getSubscriptionId(),
ActivityThread.currentPackageName(),
destinationAddress,scAddress,parts,
sentIntents,deliveryIntents,persistMessageForCarrierApp)
In the present embodiment, no matter trusted application or untrusted application program, can be by calling this association of transmission
The interface process of view data unit data determines its application program identification so that user can be exactly to transmission sensitive information
Application program position, improve information intercepting ground accuracy, it is to avoid user sensitive information is compromised.
Fig. 3 is the flow chart according to a kind of data processing method shown in another exemplary embodiment, as it is shown on figure 3,
In another embodiment, transmission data manipulation is reminded, including:
In step S31, generate prompting message, the protocol data list that prompting message transmits for reminding user application
Metadata includes presetting sensitive information;
In step s 32, prompting message is shown.
Such as, when having detected that sensitive information is preset in application A transmission, and this application A is not belonging to trusted application
Program, the most as shown in Figure 4, in interface 41, the prompting message of display can be " application A transmission sensitive information ".
In the present embodiment, by insincere application transfer sensitive information is reminded so that user can be clear
Ground knows that those application programs obtain sensitive information, can know suspicious trojan horse program the most exactly.
Fig. 5 is the flow chart according to a kind of data processing method shown in another exemplary embodiment, as it is shown in figure 5,
In another embodiment, transmission data manipulation is reminded, also includes:
In step s 51, it is provided that terminate the option of transmission data manipulation;
In step S52, when receiving the selected operation to option, terminate transmission data manipulation.
In the present embodiment, in addition to display alarm information, also provide the user the option terminating transmission data manipulation.Such as,
As shown in Figure 6, on interface 61 in, in addition to prompting message " application A transmission sensitive information ", also display " whether terminate
The transmission data manipulation of application A ".If user selects "Yes" button, then terminate the transmission data manipulation of application A.
If user selects "No", then application A continues executing with this transmission data manipulation.So, user can choose whether to intercept
The transmission data of suspect application programs, it is to avoid the leakage of user sensitive information.
If it addition, user confirms that this application A is not join the application program in trusted application list, also
"No" button can be selected, continue the transmission data manipulation of this application A, it is ensured that the trouble-free operation of this application program.And also
This application A can be joined in trusted application list, the transmission sensitive information of application A be detected the most again
Operation, does not reminds.
In the above-described embodiments, transmission data manipulation includes sending data manipulation and receiving at least one behaviour in data manipulation
Make.Data processing method the most of this disclosure is specifically described.
(1) application program is sent out data
Fig. 7 is the flow chart according to a kind of data processing method shown in another exemplary embodiment, as it is shown in fig. 7, should
Method comprises the following steps:
In step s 701, when the application A of application layer performs to be sent out data manipulation, application A is obtained
The protocol Data Unit data sent;
In step S702, parsing protocol data unit data;
In step S703, it is judged that whether protocol Data Unit data include preset sensitive information, if it is, perform step
Rapid S704, if it does not, perform step S709;
In step S704, obtain the application program identification of application A;
In step S705, it is judged that whether application program identification belongs to default logo collection, if it is, perform step
S709, if it does not, perform step S706;
In step S706, stop being sent out data manipulation and application A is performed be sent out data manipulation entering
Row is reminded, and such as, reminds " application A is sent out sensitive information ";
In step S707, it may be judged whether receive the selected operation terminating delivery option, if it is, perform step
S708, if it does not, perform step S709;
In step S708, terminate this application A and be sent out data manipulation;
In step S709, continue executing with this application A and be sent out data manipulation.
(2) application program intercepts and captures the data received
Fig. 8 is the flow chart according to a kind of data processing method shown in another exemplary embodiment, as shown in Figure 8, and should
Method comprises the following steps:
In step S801, when application A intercepts and captures protocol Data Unit data, obtain protocol Data Unit data;
In step S802, parsing protocol data unit data;
In step S803, it is judged that whether protocol Data Unit data include preset sensitive information, if it is, perform step
Rapid S804, if it does not, perform step S809;
In step S804, obtain the application program identification of application A;
In step S805, it is judged that whether application program identification belongs to default logo collection, if it is, perform step
S809, if it does not, perform step S806;
In step S806, stop the reception data manipulation of this application A and perform application A to receive data behaviour
Make to remind, such as, remind " application A intercepting and capturing sensitive information ";
In step S807, it may be judged whether receive the selected operation terminating receiving option, if it is, perform step
S808, if it does not, perform step S809;
In step S808, terminate application A and receive data manipulation;
In step S809, continue application A and receive data manipulation.
In above-described embodiment, the protocol Data Unit data sending from the angle analysis application program of protocol layer or receiving,
If detecting that in protocol Data Unit data sensitive information and this application program position are incredible, then report this application of user
Program outgoing or the sensitive information of intercepting and capturing user, the most fundamentally avoid terminal accounts information to suffer leakage problem.User can
Clearly to know which program is obtaining the sensitive information of terminal use, can easily be felt for some trojan horse programs hidden
Know.
It addition, the technical scheme of disclosure embodiment, low cost, terminal only needs increase to want a detection module, the softest
Part realizes, it is not necessary to additionally increases hardware cost, it is possible to farthest protect the property of user, improves user to end
The experience degree of end.
Following for disclosure device embodiment, may be used for performing method of disclosure embodiment.
Fig. 9 is the block diagram according to a kind of data processing equipment shown in an exemplary embodiment, and this device can be by soft
Part, hardware or both be implemented in combination with become the some or all of of electronic equipment.As it is shown in figure 9, this data processing equipment
Being applied to the ccf layer of terminal, this device includes:
First acquisition module 91, when being configured as the application program execution transmission data manipulation of application layer, obtains application
The protocol Data Unit data of program transportation;
Second acquisition module 92, the protocol Data Unit data being configured as the first acquisition module 91 acquisition include pre-
If during sensitive information, obtain the application program identification of application program;
Processing module 93, the application program identification being configured as the second acquisition module 92 acquisition is not belonging to preset identification sets
During conjunction, stop transmission data manipulation and application program execution transmission data manipulation is reminded.
Wherein, default logo collection is to have to obtain the application program identification presetting sensitive information authority, and these apply journey
Sequence is the trusted application that user authorizes.
The operating system of terminal includes four layers from bottom to top, is core layer, system Runtime Library layer, ccf layer and application successively
Layer.The data processing equipment of disclosure embodiment may be located at ccf layer, so all of application program can be detected, no
Pipe is to authorize or unauthorized upper level applications.These application programs are if it is desired to carry out data transmission with the external world, it is necessary to
Through ccf layer, outgoing messages is packaged into protocol Data Unit serial data.Ccf layer can be to the protocol Data Unit obtained
Serial data detects, to determine in the transmission data of application program whether comprise default sensitive information.When application journey being detected
When the data of sequence transmission include default sensitive information, the most whether checking application program is for having acquisition default sensitivity letter
The application program of breath authority.For having the application program of authority, do not carry out its data transmitted intercepting alarm;For not having
The application program having permission, stops the operation of its transmission data, and reminds user.
This way it is possible to avoid the sensitive information in terminal is stolen by trojan horse program or fishing website, user can be easily accurate
True knows the trojan horse program hidden in terminal, and then protects information security and the property safety of terminal use.Further, at not shadow
On the basis of ringing trusted application work, with improving information intercepting accuracy, and suspicious trojan horse program is identified
Accuracy, it is to avoid user sensitive information is compromised, improves user's experience degree to terminal.
Figure 10 is the block diagram according to the second acquisition module shown in an exemplary embodiment, and as shown in Figure 10, second obtains
Module 92 includes:
Call submodule 101, be configured to call the interface process of TPDU data;
Determine submodule 102, be configured to call result according to the interface process calling submodule 101 and determine described application
The mark of program.
Such as, system sends the interface of information to application program, and interface can carry the number being sent to, information centre ground
Location, protocol Data Unit serial data and other data.
sendMultipartTextMessageInternal(
String destinationAddress,String scAddress,ArrayList<String>
parts,
ArrayList<PendingIntent>sentIntents,ArrayList<PendingIntent>
deliveryIntents,
boolean persistMessageForCarrierApp
Therefore, it can by calling interface process ActivityThread.currentPackageName (), obtain and send out
Deliver letters the application identities of breath.
iccISms.sendMultipartTextForSubscriber(getSubscriptionId(),
ActivityThread.currentPackageName(),
destinationAddress,scAddress,parts,
sentIntents,deliveryIntents,persistMessageForCarrierApp)
In the present embodiment, no matter trusted application or untrusted application program, can be by calling this association of transmission
The interface process of view data unit data determines its application program identification so that user can be exactly to transmission sensitive information
Application program position, improve information intercepting ground accuracy, it is to avoid user sensitive information is compromised.
Figure 11 is the block diagram according to the processing module shown in an exemplary embodiment, and as shown in figure 11, processing module 93 is wrapped
Include:
Generating submodule 111, be configurable to generate prompting message, prompting message is configured to remind user application to pass
Defeated protocol Data Unit data include presetting sensitive information;
Show submodule 112, be configured to show generating the prompting message that submodule 111 generates.
Such as, when having detected that sensitive information is preset in application A transmission, and this application A is not belonging to trusted application
Program, the most as shown in Figure 4, in interface 41, the prompting message of display can be " application A transmission sensitive information ".
In the present embodiment, by insincere application transfer sensitive information is reminded so that user can be clear
Ground knows that those application programs obtain sensitive information, can know suspicious trojan horse program the most exactly.
Figure 12 is the block diagram according to the processing module shown in another exemplary embodiment, as shown in figure 12, processing module 93
Also include:
Submodule 121 is provided, is configured to supply the option terminating transmission data manipulation;
Terminator module 122, when being configured as receiving the selected operation to the option providing submodule 121 to provide,
Terminate transmission data manipulation.
In the present embodiment, in addition to display alarm information, also provide the user the option terminating transmission data manipulation.Such as,
In addition to prompting message " application A transmission sensitive information ", whether also display " terminates the transmission data behaviour of application A
Make ".If user selects "Yes" button, then terminate the transmission data manipulation of application A.If user selects "No", then should
This transmission data manipulation is continued executing with by program A.So, user can choose whether to intercept the transmission number of suspect application programs
According to, it is to avoid the leakage of user sensitive information.
If it addition, user confirms that this application A is not join the application program in trusted application list, also
"No" button can be selected, continue the transmission data manipulation of this application A, it is ensured that the trouble-free operation of this application program.And also
This application A can be joined in trusted application list, the transmission sensitive information of application A be detected the most again
Operation, does not reminds.
Optionally, transmission data manipulation includes sending data manipulation and receiving at least one operation in data manipulation.
Optionally, default sensitive information includes at least one information following: identifying code, account name, account password, Yong Hushen
Part information, instant messaging account and telephone number.
The disclosure also provides for a kind of data processing equipment, is applied to the ccf layer of terminal, and this device includes:
Processor;
For storing the memorizer of processor executable;
Wherein, described processor is configured to:
When the application program of application layer performs transmission data manipulation, obtain the protocol data list of described application transfer
Metadata;
When described protocol Data Unit data include presetting sensitive information, obtain from described protocol Data Unit data
Take the application program identification of described application program;
When described application program identification is not belonging to preset logo collection, stops described transmission data manipulation and answer described
Perform described transmission data manipulation by program to remind.
Figure 13 is according to a kind of block diagram for data processing equipment shown in an exemplary embodiment, and this device is applicable to
Terminal unit.Such as, device 1700 can be video camera, sound pick-up outfit, mobile phone, computer, digital broadcast terminal, message
Transceiver, game console, tablet device, armarium, body-building equipment, personal digital assistant etc..
Device 1700 can include following one or more assembly: processes assembly 1702, memorizer 1704, power supply module
1706, multimedia groupware 1708, audio-frequency assembly 1710, the interface 1712 of input/output (I/O), sensor cluster 1714, and
Communications component 1716.
Process assembly 1702 and generally control the integrated operation of device 1700, such as with display, call, data communication,
The operation that camera operation and record operation are associated.Process assembly 1702 and can include that one or more processor 1720 performs
Instruction, to complete all or part of step of above-mentioned method.Additionally, process assembly 1702 can include one or more mould
Block, it is simple to process between assembly 1702 and other assemblies is mutual.Such as, process assembly 1702 and can include multi-media module,
With facilitate multimedia groupware 1708 and process between assembly 1702 mutual.
Memorizer 1704 is configured to store various types of data to support the operation at device 1700.These data
Example include on device 1700 operation any application program or the instruction of method, contact data, telephone book data,
Message, picture, video etc..Memorizer 1704 can by any kind of volatibility or non-volatile memory device or they
Combination realizes, such as static RAM (SRAM), Electrically Erasable Read Only Memory (EEPROM), erasable can
Program read-only memory (EPROM), programmable read only memory (PROM), read only memory (ROM), magnetic memory, flash memory
Reservoir, disk or CD.
The various assemblies that power supply module 1706 is device 1700 provide electric power.Power supply module 1706 can include power management
System, one or more power supplys, and other generate, manage and distribute, with for device 1700, the assembly that electric power is associated.
The screen of one output interface of offer that multimedia groupware 1708 is included between described device 1700 and user.?
In some embodiments, screen can include liquid crystal display (LCD) and touch panel (TP).If screen includes touch panel,
Screen may be implemented as touch screen, to receive the input signal from user.Touch panel includes that one or more touch passes
Sensor is with the gesture on sensing touch, slip and touch panel.Described touch sensor can not only sense touch or slide dynamic
The border made, but also detect the persistent period relevant to described touch or slide and pressure.In certain embodiments, many
Media component 1708 includes a front-facing camera and/or post-positioned pick-up head.When device 1700 is in operator scheme, such as shooting mould
When formula or video mode, front-facing camera and/or post-positioned pick-up head can receive the multi-medium data of outside.Each preposition shooting
Head and post-positioned pick-up head can be a fixing optical lens system or have focal length and optical zoom ability.
Audio-frequency assembly 1710 is configured to output and/or input audio signal.Such as, audio-frequency assembly 1710 includes a wheat
Gram wind (MIC), when device 1700 is in operator scheme, during such as call model, logging mode and speech recognition mode, mike quilt
It is configured to receive external audio signal.The audio signal received can be further stored at memorizer 1704 or via communication
Assembly 1716 sends.In certain embodiments, audio-frequency assembly 1710 also includes a speaker, is used for exporting audio signal.
I/O interface 1712 provides interface, above-mentioned peripheral interface module for processing between assembly 1702 and peripheral interface module
Can be keyboard, put striking wheel, button etc..These buttons may include but be not limited to: home button, volume button, start button and
Locking press button.
Sensor cluster 1714 includes one or more sensor, for providing the state of various aspects to comment for device 1700
Estimate.Such as, what sensor cluster 1714 can detect device 1700 opens/closed mode, the relative localization of assembly, such as institute
Stating display and keypad that assembly is device 1700, sensor cluster 1714 can also detect device 1700 or device 1,700 1
The position change of individual assembly, the presence or absence that user contacts with device 1700, device 1700 orientation or acceleration/deceleration and dress
Put the variations in temperature of 1700.Sensor cluster 1714 can include proximity transducer, is configured to do not having any physics
The existence of object near detection during contact.Sensor cluster 1714 can also include optical sensor, as CMOS or ccd image sense
Device, for using in imaging applications.In certain embodiments, this sensor cluster 1714 can also include acceleration sensing
Device, gyro sensor, Magnetic Sensor, pressure transducer or temperature sensor.
Communications component 1716 is configured to facilitate the communication of wired or wireless mode between device 1700 and other equipment.Dress
Put 1700 and can access wireless network based on communication standard, such as WiFi, 2G or 3G, or combinations thereof.Exemplary at one
In embodiment, broadcast singal or broadcast that communications component 1716 receives from external broadcasting management system via broadcast channel are relevant
Information.In one exemplary embodiment, described communications component 1716 also includes near-field communication (NFC) module, to promote short distance
Communication.Such as, can be based on RF identification (RFID) technology in NFC module, Infrared Data Association (IrDA) technology, ultra broadband
(UWB) technology, bluetooth (BT) technology and other technologies realize.
In the exemplary embodiment, device 1700 can be by one or more application specific integrated circuits (ASIC), numeral
Signal processor (DSP), digital signal processing appts (DSPD), PLD (PLD), field programmable gate array
(FPGA), controller, microcontroller, microprocessor or other electronic components realize, be used for performing said method.
In the exemplary embodiment, a kind of non-transitory computer-readable recording medium including instruction, example are additionally provided
As included the memorizer 1704 of instruction, above-mentioned instruction can have been performed said method by the processor 1720 of device 1700.Example
If, described non-transitory computer-readable recording medium can be ROM, random access memory (RAM), CD-ROM, tape, soft
Dish and optical data storage devices etc..
A kind of non-transitory computer-readable recording medium, when the instruction in described storage medium is by the process of device 1700
When device performs so that device 1700 is able to carry out the method that above-mentioned data process, and described method includes:
When the application program of application layer performs transmission data manipulation, obtain the protocol data list of described application transfer
Metadata;
When described protocol Data Unit data include presetting sensitive information, obtain from described protocol Data Unit data
Take the application program identification of described application program;
When described application program identification is not belonging to preset logo collection, stops described transmission data manipulation and answer described
Perform described transmission data manipulation by program to remind.
Optionally, the described application program identification obtaining described application program from described protocol Data Unit data, bag
Include:
Call the interface process transmitting described protocol Data Unit data;
Call result according to described interface process and determine the mark of described application program.Optionally, to described transmission data
Operation is reminded, including:
Generating prompting message, described prompting message is for reminding the described protocol data list of application transfer described in user
Metadata includes described default sensitive information;
Show described prompting message.
Optionally, described transmission data manipulation is reminded, also includes:
The option terminating described transmission data manipulation is provided;
When receiving the selected operation to described option, terminate described transmission data manipulation.
Optionally, described transmission data manipulation includes sending data manipulation and receiving at least one operation in data manipulation.
Optionally, described default sensitive information includes at least one information following: identifying code, account name, account password, use
Family identity information, instant messaging account and telephone number.
Figure 14 is the block diagram according to the data handling system shown in an exemplary embodiment, as shown in figure 14, at these data
Reason system, including: it is positioned at the application program 141 of application layer and is positioned at the data processing equipment 142 of terminal box rack-layer;
Data processing equipment 142, for when application program 141 performs transmission data manipulation, obtaining application program 141 and pass
Defeated protocol Data Unit data;When protocol Data Unit data include presetting sensitive information, obtain application program 141
Application program identification;When application program identification is not belonging to preset logo collection, stop transmission data manipulation and to application program
Perform transmission data manipulation to remind.
The operating system of terminal includes four layers from bottom to top, is core layer, system Runtime Library layer, ccf layer and application successively
Layer.The data of disclosure embodiment process and may be located at ccf layer, so all of application program can be detected, are no matter
The most unauthorized upper level applications authorized.These application programs are if it is desired to carry out data transmission with the external world, it is necessary to warp
Cross ccf layer and outgoing messages is packaged into protocol Data Unit serial data.Ccf layer can be to the protocol Data Unit data obtained
String detects, to determine in the transmission data of application program whether comprise default sensitive information.When detecting that application program passes
When defeated data include presetting sensitive information, the most whether checking application program presets sensitive information power for having to obtain
The application program of limit.For having the application program of authority, do not carry out its data transmitted intercepting alarm;For not having power
The application program of limit, stops the operation of its transmission data, and reminds user.
This way it is possible to avoid the sensitive information in terminal is stolen by trojan horse program or fishing website, user can be easily accurate
True knows the trojan horse program hidden in terminal, and then protects information security and the property safety of terminal use.Further, at not shadow
On the basis of ringing trusted application work, with improving information intercepting accuracy, and suspicious trojan horse program is identified
Accuracy, it is to avoid user sensitive information is compromised, improves user's experience degree to terminal.
Optionally, application program 141, protocol Data Unit data to be sent are sent to data processing equipment 142;
Data processing equipment 142, when receiving the protocol Data Unit data being sent to application program 141, and agreement number
According to when cell data does not include presetting sensitive information, protocol Data Unit data are transmitted to application program 141.
In above-described embodiment, the protocol Data Unit data sending from the angle analysis application program of protocol layer or receiving,
If detecting that in protocol Data Unit data sensitive information and this application program position are incredible, then report this application of user
Program outgoing or the sensitive information of intercepting and capturing user, the most fundamentally avoid terminal accounts information to suffer leakage problem.User can
Clearly to know which program is obtaining the sensitive information of terminal use, can easily be felt for some trojan horse programs hidden
Know.
It addition, the technical scheme of disclosure embodiment, low cost, terminal only needs increase to want a detection module, the softest
Part realizes, it is not necessary to additionally increases hardware cost, it is possible to farthest protect the property of user, improves user to end
The experience degree of end.
Those skilled in the art, after considering description and putting into practice disclosure disclosed herein, will readily occur to its of the disclosure
Its embodiment.The application is intended to any modification, purposes or the adaptations of the disclosure, these modification, purposes or
Person's adaptations is followed the general principle of the disclosure and includes the undocumented common knowledge in the art of the disclosure
Or conventional techniques means.Description and embodiments is considered only as exemplary, and the true scope of the disclosure and spirit are by following
Claim is pointed out.
It should be appreciated that the disclosure is not limited to precision architecture described above and illustrated in the accompanying drawings, and
And various modifications and changes can carried out without departing from the scope.The scope of the present disclosure is only limited by appended claim.
Claims (15)
1. a data processing method, it is characterised in that be applied to the ccf layer of terminal, described method includes:
When the application program of application layer performs transmission data manipulation, obtain the protocol Data Unit number of described application transfer
According to;
When described protocol Data Unit data include presetting sensitive information, obtain the application program mark of described application program
Know;
When described application program identification is not belonging to preset logo collection, stop described transmission data manipulation and to described application journey
Sequence performs described transmission data manipulation and reminds.
Method the most according to claim 1, it is characterised in that the application program identification of the described application program of described acquisition,
Including:
Call the interface process transmitting described protocol Data Unit data;
Call result according to described interface process and determine the mark of described application program.
Method the most according to claim 1 and 2, it is characterised in that described transmission data manipulation is reminded, including:
Generating prompting message, described prompting message is for reminding the described protocol Data Unit number of application transfer described in user
According to including described default sensitive information;
Show described prompting message.
Method the most according to claim 3, it is characterised in that described transmission data manipulation is reminded, also includes:
The option terminating described transmission data manipulation is provided;
When receiving the selected operation to described option, terminate described transmission data manipulation.
Method the most according to claim 1 and 2, it is characterised in that described transmission data manipulation includes sending data manipulation
At least one operates with receiving in data manipulation.
Method the most according to claim 1 and 2, it is characterised in that described default sensitive information include following at least one
Information: identifying code, account name, account password, subscriber identity information, instant messaging account and telephone number.
7. a data processing equipment, it is characterised in that be applied to the ccf layer of terminal, described device includes:
First acquisition module, for when the application program of application layer performs transmission data manipulation, obtaining described application program and pass
Defeated protocol Data Unit data;
Second acquisition module, the described protocol Data Unit data for obtaining when described first acquisition module include default quick
During sense information, obtain the application program identification of described application program;
Processing module, is not belonging to preset logo collection for the described application program identification obtained when described second acquisition module
Time, stop described transmission data manipulation and the described transmission data manipulation of execution of described application program is reminded.
Device the most according to claim 7, it is characterised in that described second acquisition module includes:
Call submodule, for calling the interface process transmitting described protocol Data Unit data;
Determine submodule, for according to described in call the interface process of submodule and call result and determine the mark of described application program
Know.
9. according to the device described in claim 7 or 8, it is characterised in that described processing module includes:
Generating submodule, be used for generating prompting message, described prompting message is for reminding the institute of application transfer described in user
State protocol Data Unit data and include described default sensitive information;
Show submodule, for showing the prompting message that described generation submodule generates.
Device the most according to claim 9, it is characterised in that described processing module also includes:
There is provided submodule, for providing the option terminating described transmission data manipulation;
Terminator module, for when receiving the selected operation to the described option that described offer submodule provides, terminating institute
State transmission data manipulation.
11. according to the device described in claim 7 or 8, it is characterised in that described transmission data manipulation includes sending data manipulation
At least one operates with receiving in data manipulation.
12. according to the device described in claim 7 or 8, it is characterised in that described default sensitive information include following at least one
Information: identifying code, account name, account password, subscriber identity information, instant messaging account and telephone number.
13. 1 kinds of data processing equipments, it is characterised in that be applied to the ccf layer of terminal, this device includes:
Processor;
For storing the memorizer of processor executable;
Wherein, described processor is configured to:
When the application program of application layer performs transmission data manipulation, obtain the protocol Data Unit number of described application transfer
According to;
When described protocol Data Unit data include presetting sensitive information, obtain the application program mark of described application program
Know;
When described application program identification is not belonging to preset logo collection, stop described transmission data manipulation and to described application journey
Sequence performs described transmission data manipulation and reminds.
14. 1 kinds of data handling systems, it is characterised in that including: be positioned at the application program of application layer and be positioned at terminal box rack-layer
Data processing equipment;
Described data processing equipment, for when described application program performs transmission data manipulation, obtaining described application program and pass
Defeated protocol Data Unit data;When described protocol Data Unit data include presetting sensitive information, obtain described application
The application program identification of program;When described application program identification is not belonging to preset logo collection, stop described transmission data behaviour
Make and described application program performed described transmission data manipulation to remind.
15. systems according to claim 14, it is characterised in that described application program, by protocol data to be sent
Cell data is sent to described data processing equipment;
Described data processing equipment, when receiving the protocol Data Unit data being sent to described application program, and described agreement
When data unit data does not include presetting sensitive information, described protocol Data Unit data are transmitted to described application program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610424109.7A CN106101105A (en) | 2016-06-14 | 2016-06-14 | Data processing method, Apparatus and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610424109.7A CN106101105A (en) | 2016-06-14 | 2016-06-14 | Data processing method, Apparatus and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106101105A true CN106101105A (en) | 2016-11-09 |
Family
ID=57846999
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610424109.7A Pending CN106101105A (en) | 2016-06-14 | 2016-06-14 | Data processing method, Apparatus and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106101105A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106775988A (en) * | 2016-12-30 | 2017-05-31 | 广东欧珀移动通信有限公司 | A kind of data processing method and equipment |
| CN108197495A (en) * | 2018-01-16 | 2018-06-22 | 挖财网络技术有限公司 | The guard method of sensitive information and device in application program |
| CN110210220A (en) * | 2018-07-19 | 2019-09-06 | 腾讯科技(深圳)有限公司 | A kind of information leakage detection method, device and storage medium |
| CN111027095A (en) * | 2019-12-10 | 2020-04-17 | 北京小米移动软件有限公司 | Method, device and equipment for identifying private data and readable storage medium |
| CN113849785A (en) * | 2021-07-29 | 2021-12-28 | 国家计算机网络与信息安全管理中心 | Mobile terminal information asset use behavior identification method for application program |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103327183A (en) * | 2013-06-13 | 2013-09-25 | 中国科学院信息工程研究所 | Black box protecting method and system for private data of Android user based on tag |
| CN104376273A (en) * | 2014-11-18 | 2015-02-25 | 乐视致新电子科技(天津)有限公司 | Data access control method and device |
| CN104462973A (en) * | 2014-12-18 | 2015-03-25 | 上海斐讯数据通信技术有限公司 | System and method for detecting dynamic malicious behaviors of application program in mobile terminal |
| CN105099991A (en) * | 2014-04-28 | 2015-11-25 | 北京奇虎科技有限公司 | Mobile terminal network data packet capturing method and device |
| CN105430195A (en) * | 2015-12-31 | 2016-03-23 | 中科创达软件股份有限公司 | Data transmission method |
-
2016
- 2016-06-14 CN CN201610424109.7A patent/CN106101105A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103327183A (en) * | 2013-06-13 | 2013-09-25 | 中国科学院信息工程研究所 | Black box protecting method and system for private data of Android user based on tag |
| CN105099991A (en) * | 2014-04-28 | 2015-11-25 | 北京奇虎科技有限公司 | Mobile terminal network data packet capturing method and device |
| CN104376273A (en) * | 2014-11-18 | 2015-02-25 | 乐视致新电子科技(天津)有限公司 | Data access control method and device |
| CN104462973A (en) * | 2014-12-18 | 2015-03-25 | 上海斐讯数据通信技术有限公司 | System and method for detecting dynamic malicious behaviors of application program in mobile terminal |
| CN105430195A (en) * | 2015-12-31 | 2016-03-23 | 中科创达软件股份有限公司 | Data transmission method |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106775988A (en) * | 2016-12-30 | 2017-05-31 | 广东欧珀移动通信有限公司 | A kind of data processing method and equipment |
| CN108197495A (en) * | 2018-01-16 | 2018-06-22 | 挖财网络技术有限公司 | The guard method of sensitive information and device in application program |
| CN110210220A (en) * | 2018-07-19 | 2019-09-06 | 腾讯科技(深圳)有限公司 | A kind of information leakage detection method, device and storage medium |
| CN111027095A (en) * | 2019-12-10 | 2020-04-17 | 北京小米移动软件有限公司 | Method, device and equipment for identifying private data and readable storage medium |
| CN113849785A (en) * | 2021-07-29 | 2021-12-28 | 国家计算机网络与信息安全管理中心 | Mobile terminal information asset use behavior identification method for application program |
| CN113849785B (en) * | 2021-07-29 | 2024-01-30 | 国家计算机网络与信息安全管理中心 | Mobile terminal information asset use behavior identification method for application program |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105848134B (en) | Virtual SIM card management device, communication terminal, access control method and management method | |
| KR101839744B1 (en) | Short message service reading method and device | |
| CN106101105A (en) | Data processing method, Apparatus and system | |
| CN105260673A (en) | Short message reading method and apparatus | |
| CN104391870B (en) | Logistics information acquisition methods and device | |
| CN105656948A (en) | Account login method and device | |
| CN106097494A (en) | The method for unlocking of smart lock and device | |
| CN104933351A (en) | Information security processing method and information security processing device | |
| CN105389516A (en) | Sensitive picture reminding method and apparatus | |
| CN104615920A (en) | Notification message display method and device | |
| CN106210238B (en) | Short message storage method and device | |
| CN105844470A (en) | Payment method and device | |
| CN106453052A (en) | Message interaction method and apparatus thereof | |
| CN104376273A (en) | Data access control method and device | |
| CN105847243A (en) | Method and device for accessing smart camera | |
| CN105072079A (en) | Account logon method, account logon device and terminal device | |
| TWI761843B (en) | Access control method and device, electronic device and storage medium | |
| CN106454800A (en) | Identity verification method, device and system | |
| CN106102061A (en) | Method for connecting network and device | |
| CN105791309A (en) | Method, device and system for executing business processing | |
| US20170286927A1 (en) | Method and device for online payment | |
| CN106060098A (en) | Processing method, processing device and processing system for verification codes | |
| CN106446653A (en) | Application authority management method and device and electronic equipment | |
| CN108022349A (en) | Information input method, equipment, smart lock and storage medium | |
| CN105681261A (en) | Security authentication method and apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161109 |