CN106716382B - 用于移动装置行为的聚集多应用程序行为分析的方法和系统 - Google Patents

用于移动装置行为的聚集多应用程序行为分析的方法和系统 Download PDF

Info

Publication number
CN106716382B
CN106716382B CN201580047922.0A CN201580047922A CN106716382B CN 106716382 B CN106716382 B CN 106716382B CN 201580047922 A CN201580047922 A CN 201580047922A CN 106716382 B CN106716382 B CN 106716382B
Authority
CN
China
Prior art keywords
behavior
software applications
information
processor
computing device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201580047922.0A
Other languages
English (en)
Chinese (zh)
Other versions
CN106716382A (zh
Inventor
M·萨拉耶格埃
陈茵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN106716382A publication Critical patent/CN106716382A/zh
Application granted granted Critical
Publication of CN106716382B publication Critical patent/CN106716382B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computing arrangements using knowledge-based models
    • G06N5/04Inference or reasoning models
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • G06F11/3017Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system is implementing multitasking
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3447Performance evaluation by modeling
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3452Performance evaluation by statistical analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3466Performance evaluation by tracing or monitoring
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computing arrangements using knowledge-based models
    • G06N5/01Dynamic search techniques; Heuristics; Dynamic trees; Branch-and-bound
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3466Performance evaluation by tracing or monitoring
    • G06F11/3476Data logging
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2201/00Indexing scheme relating to error detection, to error correction, and to monitoring
    • G06F2201/865Monitoring of software
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • G06F8/44Encoding
    • G06F8/443Optimisation

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Quality & Reliability (AREA)
  • Computer Hardware Design (AREA)
  • Evolutionary Computation (AREA)
  • Data Mining & Analysis (AREA)
  • Artificial Intelligence (AREA)
  • Computer Security & Cryptography (AREA)
  • Computational Linguistics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Evolutionary Biology (AREA)
  • Medical Informatics (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Probability & Statistics with Applications (AREA)
  • Debugging And Monitoring (AREA)
CN201580047922.0A 2014-09-11 2015-08-28 用于移动装置行为的聚集多应用程序行为分析的方法和系统 Active CN106716382B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/483,800 US9710752B2 (en) 2014-09-11 2014-09-11 Methods and systems for aggregated multi-application behavioral analysis of mobile device behaviors
US14/483,800 2014-09-11
PCT/US2015/047489 WO2016040015A1 (en) 2014-09-11 2015-08-28 Methods and systems for aggregated multi-application behavioral analysis of mobile device behaviors

Publications (2)

Publication Number Publication Date
CN106716382A CN106716382A (zh) 2017-05-24
CN106716382B true CN106716382B (zh) 2019-05-28

Family

ID=54145987

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201580047922.0A Active CN106716382B (zh) 2014-09-11 2015-08-28 用于移动装置行为的聚集多应用程序行为分析的方法和系统

Country Status (6)

Country Link
US (1) US9710752B2 (enExample)
EP (1) EP3191960B1 (enExample)
JP (1) JP6650439B2 (enExample)
KR (1) KR102377817B1 (enExample)
CN (1) CN106716382B (enExample)
WO (1) WO2016040015A1 (enExample)

Families Citing this family (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8869274B2 (en) 2012-09-28 2014-10-21 International Business Machines Corporation Identifying whether an application is malicious
US10089582B2 (en) * 2013-01-02 2018-10-02 Qualcomm Incorporated Using normalized confidence values for classifying mobile device behaviors
US10552290B2 (en) * 2014-05-15 2020-02-04 Micro Focus Llc Measuring user interface responsiveness
US9910984B2 (en) * 2015-02-27 2018-03-06 Qualcomm Incorporated Methods and systems for on-device high-granularity classification of device behaviors using multi-label models
US9940187B2 (en) * 2015-04-17 2018-04-10 Microsoft Technology Licensing, Llc Nexus determination in a computing device
US10762517B2 (en) 2015-07-01 2020-09-01 Ebay Inc. Subscription churn prediction
US11567962B2 (en) * 2015-07-11 2023-01-31 Taascom Inc. Computer network controlled data orchestration system and method for data aggregation, normalization, for presentation, analysis and action/decision making
US10148678B2 (en) * 2015-10-01 2018-12-04 The Boeing Company Cybersecurity system with differentiated capacity to deal with complex cyber attacks
US10027692B2 (en) * 2016-01-05 2018-07-17 International Business Machines Corporation Modifying evasive code using correlation analysis
US10055199B2 (en) * 2016-02-10 2018-08-21 NodeSource, Inc. Transparent node runtime and management layer
US10318887B2 (en) 2016-03-24 2019-06-11 Cisco Technology, Inc. Dynamic application degrouping to optimize machine learning model accuracy
US10893059B1 (en) 2016-03-31 2021-01-12 Fireeye, Inc. Verification and enhancement using detection systems located at the network periphery and endpoint devices
US10826933B1 (en) * 2016-03-31 2020-11-03 Fireeye, Inc. Technique for verifying exploit/malware at malware detection appliance through correlation with endpoints
US10331542B2 (en) 2016-06-23 2019-06-25 International Business Machines Corporation System and method for detecting and alerting unexpected behavior of software applications
US10250642B2 (en) * 2016-07-29 2019-04-02 International Business Machines Corporation System, method and apparatus for fine-grained privacy specification and verification
US10671722B2 (en) * 2016-08-06 2020-06-02 Advanced Micro Devices, Inc. Mechanism for throttling untrusted interconnect agents
US10534925B2 (en) * 2016-10-05 2020-01-14 Microsoft Technology Licensing, Llc Detection of compromised devices via user states
US10776332B2 (en) * 2017-02-08 2020-09-15 International Business Machines Corporation Managing cooperative computer software applications
JP6770454B2 (ja) * 2017-02-16 2020-10-14 日本電信電話株式会社 異常検知システム及び異常検知方法
CN107102935A (zh) * 2017-03-01 2017-08-29 网易(杭州)网络有限公司 一种服务器压力测试方法及装置
CN107146616B (zh) * 2017-06-13 2020-05-08 Oppo广东移动通信有限公司 设备控制方法及相关产品
US20190102543A1 (en) * 2017-09-29 2019-04-04 AVAST Software s.r.o. Observation and classification of device events
CN107729087B (zh) * 2017-10-31 2019-08-06 Oppo广东移动通信有限公司 后台应用清理方法、装置、存储介质及电子设备
KR102604735B1 (ko) * 2017-11-30 2023-11-22 삼성전자주식회사 전자장치에서 소모 전력 관리장치 및 방법
CN108399700A (zh) * 2018-01-31 2018-08-14 上海乐愚智能科技有限公司 防盗方法和智能设备
AU2019201241B2 (en) * 2018-02-23 2020-06-25 Accenture Global Solutions Limited Automated structuring of unstructured data
GB2572160B (en) * 2018-03-20 2020-11-25 F Secure Corp Using a generated list of expected and prohibited events of a cluster that represents applications associated therewith for application behaviour monitoring
US11017077B2 (en) * 2018-03-21 2021-05-25 Nxp Usa, Inc. Run-time security protection system and method
US10834112B2 (en) 2018-04-24 2020-11-10 At&T Intellectual Property I, L.P. Web page spectroscopy
US10778547B2 (en) * 2018-04-26 2020-09-15 At&T Intellectual Property I, L.P. System for determining a predicted buffer condition based on flow metrics and classifier rules generated in response to the creation of training data sets
FR3085498A1 (fr) * 2018-09-05 2020-03-06 Commissariat A L'energie Atomique Et Aux Energies Alternatives Surveillance d’acces en memoire
US11641406B2 (en) * 2018-10-17 2023-05-02 Servicenow, Inc. Identifying applications with machine learning
CN109348065B (zh) * 2018-11-27 2020-12-25 湘潭大学 一种基于qq聊天互动行为的手机电磁辐射预测方法
JP7031569B2 (ja) 2018-11-29 2022-03-08 日本電信電話株式会社 情報作成装置、情報作成方法、および、情報作成プログラム
US10846383B2 (en) 2019-07-01 2020-11-24 Advanced New Technologies Co., Ltd. Applet-based account security protection method and system
US12101349B2 (en) 2019-09-16 2024-09-24 The Toronto-Dominion Bank Systems and methods for detecting changes in data access pattern of third-party applications
US11275842B2 (en) 2019-09-20 2022-03-15 The Toronto-Dominion Bank Systems and methods for evaluating security of third-party applications
US11436336B2 (en) 2019-09-23 2022-09-06 The Toronto-Dominion Bank Systems and methods for evaluating data access signature of third-party applications
GB2589900B (en) * 2019-12-12 2022-06-01 Sony Interactive Entertainment Inc Apparatus and method for source code optimisation
US11204744B1 (en) 2020-05-26 2021-12-21 International Business Machines Corporation Multidimensional digital experience analysis
US12056239B2 (en) * 2020-08-18 2024-08-06 Micro Focus Llc Thread-based malware detection
US11082315B1 (en) * 2020-12-14 2021-08-03 Qualcomm Incorporated Method of sub flow or activity classification
CN114676029B (zh) * 2022-04-02 2024-09-13 中国民航信息网络股份有限公司 一种软件接入能力评估方法、装置、系统和介质
CN116489655B (zh) * 2023-03-14 2024-03-15 广州爱浦路网络技术有限公司 基于5gs的恶意应用程序监测方法
US12493802B2 (en) * 2024-03-05 2025-12-09 Squirrel Applications Llc System and method for cross-platform personalized information management
CN119106417B (zh) * 2024-11-11 2025-03-11 开元华创科技(集团)有限公司 用于应用程序的安全检测方法、系统及存储介质

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014126779A1 (en) * 2013-02-15 2014-08-21 Qualcomm Incorporated On-line behavioral analysis engine in mobile device with multiple analyzer model providers

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3916652B2 (ja) * 2006-10-20 2007-05-16 株式会社日立製作所 リソース割り当てシステム、方法及びプログラム
US20110113491A1 (en) 2009-11-12 2011-05-12 Deutsche Telekom Ag Collaborative system for protecting against the propagation of malwares in a network
WO2012046406A1 (ja) * 2010-10-04 2012-04-12 パナソニック株式会社 情報処理装置およびアプリケーション不正連携防止方法
US8499197B2 (en) * 2010-11-15 2013-07-30 Microsoft Corporation Description language for identifying performance issues in event traces
US9832211B2 (en) * 2012-03-19 2017-11-28 Qualcomm, Incorporated Computing device to detect malware
US9202047B2 (en) * 2012-05-14 2015-12-01 Qualcomm Incorporated System, apparatus, and method for adaptive observation of mobile device behavior
US9686023B2 (en) * 2013-01-02 2017-06-20 Qualcomm Incorporated Methods and systems of dynamically generating and using device-specific and device-state-specific classifier models for the efficient classification of mobile device behaviors
US9129058B2 (en) * 2013-02-19 2015-09-08 Microsoft Technology Licensing, Llc Application monitoring through continuous record and replay

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014126779A1 (en) * 2013-02-15 2014-08-21 Qualcomm Incorporated On-line behavioral analysis engine in mobile device with multiple analyzer model providers

Also Published As

Publication number Publication date
US9710752B2 (en) 2017-07-18
US20160078347A1 (en) 2016-03-17
EP3191960B1 (en) 2018-01-24
JP6650439B2 (ja) 2020-02-19
EP3191960A1 (en) 2017-07-19
WO2016040015A1 (en) 2016-03-17
CN106716382A (zh) 2017-05-24
JP2017536594A (ja) 2017-12-07
KR20170055962A (ko) 2017-05-22
KR102377817B1 (ko) 2022-03-22

Similar Documents

Publication Publication Date Title
CN106716382B (zh) 用于移动装置行为的聚集多应用程序行为分析的方法和系统
CN105830081B (zh) 生成用于有针对性地保护重要应用的特定于应用的模型的方法和系统
US9703962B2 (en) Methods and systems for behavioral analysis of mobile device behaviors based on user persona information
KR102474048B1 (ko) 개선된 멀웨어 보호를 위해 모바일 디바이스와의 페이크 사용자 상호작용들을 검출하기 위한 방법들 및 시스템들
US9910984B2 (en) Methods and systems for on-device high-granularity classification of device behaviors using multi-label models
CN104885099B (zh) 使用推升式决策树桩和联合特征选择及剔选算法来对移动设备行为进行高效分类的方法和系统
US9578049B2 (en) Methods and systems for using causal analysis for boosted decision stumps to identify and respond to non-benign behaviors
US20170024660A1 (en) Methods and Systems for Using an Expectation-Maximization (EM) Machine Learning Framework for Behavior-Based Analysis of Device Behaviors
CN109478218A (zh) 用于分类执行会话的装置和方法
US20160379136A1 (en) Methods and Systems for Automatic Extraction of Behavioral Features from Mobile Applications
CN104541293A (zh) 用于客户端-云行为分析器的架构
CN107408178A (zh) 用于通过云与客户端行为的差异来识别恶意软件的方法及系统
EP3295360A1 (en) Methods and systems for behavior-specific actuation for real-time whitelisting
JP2017517796A (ja) モバイルデバイスにおいて挙動分析動作を実行することによってアプリケーション状態を推論するための方法およびシステム

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant