CN106897622A - The method and apparatus of checking application leak - Google Patents

The method and apparatus of checking application leak Download PDF

Info

Publication number
CN106897622A
CN106897622A CN201510966913.3A CN201510966913A CN106897622A CN 106897622 A CN106897622 A CN 106897622A CN 201510966913 A CN201510966913 A CN 201510966913A CN 106897622 A CN106897622 A CN 106897622A
Authority
CN
China
Prior art keywords
application
data
mobile terminal
vulnerability information
leak
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510966913.3A
Other languages
Chinese (zh)
Inventor
申迪
卢加磊
田从新
龚广
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201510966913.3A priority Critical patent/CN106897622A/en
Publication of CN106897622A publication Critical patent/CN106897622A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Abstract

The present invention provides a kind of method and apparatus for verifying application leak, and method includes:Obtain the vulnerability information of application to be verified;According to the vulnerability information of application, the input data of the system to application of mobile terminal is generated;The installation kit and input data of application are sent to mobile terminal, are applied with being installed in mobile terminal, and input data is input into the output data that application is applied by the system of control mobile terminal;Leak whether there is according to output data checking application.According to the present invention, because input data is generated according to vulnerability information, so the data volume of input data is limited but with the specific aim for vulnerability information, it is possible to being verified for the part that application there may be leak, whether there is leak according to the input data analysis application, transition time, resource will not be taken, but analytical effect is preferable.

Description

The method and apparatus of checking application leak
Technical field
The present invention relates to field of computer technology, in particular to a kind of method for verifying application leak And device.
Background technology
With the development of intelligent terminal system, increasing developer is added to application and development camp, this A little developers are very different, and some exploitation side's awareness of safety lack, in causing the application of intelligent terminal system There are various security breaches.
At present, the effective detection project plan comparison to application leak lacks:Leak to applying is examined comprehensively Survey, generally require to take substantial amounts of time and resource;And if compressing the time for detecting application and money Source, can cause the detection to application leak not abundant enough again.
The content of the invention
In view of the above problems, it is proposed that the present invention overcomes above mentioned problem or at least part of to provide one kind Solve the above problems checking application leak method and apparatus.
According to a kind of method for verifying application leak of the invention, including:Obtain the leakage of application to be verified Hole information;According to the vulnerability information of the application, the system of the mobile terminal is generated to the application Input data;The installation kit of the application and the input data are sent to mobile terminal, with described Mobile terminal installs the application, and controls the system of the mobile terminal to be input into the input data The application obtains the output data of the application;Whether deposited according to the output data checking application In leak.
According to a kind of device for verifying application leak of the invention, including:Vulnerability information acquisition module, uses In the vulnerability information for obtaining application to be verified;Data generation module, for the leak according to the application Information, generates the input data of the system to the application of the mobile terminal;Input module, for inciting somebody to action The installation kit of the application and the input data are sent to mobile terminal, are installed with the mobile terminal The application, and control the system of the mobile terminal to obtain the input data input application The output data of the application;Validating vulnerability module, for verifying the application according to the output data With the presence or absence of leak.
According to above technical scheme, the method and apparatus of checking application leak of the invention are at least with following Advantage:
Technology according to the present invention scheme, believes when the security of analysis application is needed according to the leak of user Breath generation input data, and input data is sent on mobile terminal and carried out with the installation kit applied, Applied with installing to be input into using and by input data;Because input data is generated according to vulnerability information, The data volume of input data is limited but with the specific aim for vulnerability information, it is possible to can for application The part that can there is leak is verified, according to the input data analysis application with the presence or absence of leak, will not Transition time, resource are taken, but analytical effect is preferable.
Described above is only the general introduction of technical solution of the present invention, in order to better understand skill of the invention Art means, and can be practiced according to the content of specification, and it is of the invention above and other in order to allow Objects, features and advantages can become apparent, below especially exemplified by specific embodiment of the invention.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are for this Field those of ordinary skill will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, And it is not considered as limitation of the present invention.And in whole accompanying drawing, be denoted by the same reference numerals Identical part.In the accompanying drawings:
Fig. 1 shows the flow chart of the method for checking application leak according to an embodiment of the invention;
Fig. 2 shows the flow chart of the method for checking application leak according to an embodiment of the invention;
Fig. 3 shows the flow chart of the method for checking application leak according to an embodiment of the invention;
Fig. 4 shows the block diagram of the device of checking application leak according to an embodiment of the invention;
Fig. 5 shows the block diagram of the device of checking application leak according to an embodiment of the invention.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although being shown in accompanying drawing The exemplary embodiment of the disclosure, it being understood, however, that may be realized in various forms the disclosure without Should be limited by embodiments set forth here.Conversely, there is provided these embodiments are able to more thoroughly Understand the disclosure, and can by the scope of the present disclosure it is complete convey to those skilled in the art.
As shown in figure 1, providing a kind of method for verifying application leak, bag in one embodiment of the present of invention Include:
Step 110, obtains the vulnerability information of application to be verified.In the present embodiment, for vulnerability information Scope is not limited, and it represents logic error or misprogrammed present in application.
Step 120, according to the vulnerability information of application, generates the input data of the system to application of mobile terminal. Because the application by input data to safety on mobile terminals is tested, it is necessary to holding time and money Source;So in the present embodiment, according to vulnerability information generate data volume it is limited with being targetedly input into Data, then time, the resource-constrained for being taken using the input data analysis application leak, but analysis result It is very good.
Step 130, mobile terminal is sent to by the installation kit and input data of application, is pacified with mobile terminal Input data is input into the output data that application is applied by dress application, and the system of control mobile terminal. In the present embodiment, for example for the mobile terminal of android system, the installation kit of use is apk files.
Step 140, leak is whether there is according to output data checking application.
As shown in Fig. 2 providing a kind of method for verifying application leak, bag in one embodiment of the present of invention Include:
Step 210, the installation kit to applying carries out the code that decompiling is applied, and code analysis are answered Vulnerability information.Specifically, the known bugs of application are obtained from default server, according to known leakage The vulnerability information of application is extracted from the code of application in hole.In the present embodiment, answered by decompiling Code, can retrieve with the presence or absence of vulnerability information from code;Further, vulnerability information can be The application leak for having reported, can retrieve corresponding vulnerability information according to known bugs from code.
Step 220, according to the vulnerability information of application, generates the input data of the system to application of mobile terminal. Input data includes the executable data of application.
Step 230, mobile terminal is sent to by the installation kit and input data of application, is pacified with mobile terminal Executable data is activation perform being answered by dress application, and the system of control mobile terminal to application Output data.In the present embodiment, the feelings that may be malfunctioned in operation can be applied for vulnerability information Condition, carries out detecting whether there is corresponding leak using the control application operation of executable data.
Step 240, leak is whether there is according to output data checking application.
Step 250, according to the result, analyzes the validity of vulnerability information.In the present embodiment, due to Input data vulnerability information generation according to known to, so the result obtained based on input data, energy The enough validity to known bugs information is verified.
As shown in figure 3, providing a kind of method for verifying application leak, bag in one embodiment of the present of invention Include:
Step 310, configuration file is extracted from the installation kit of application, according to the leakage of configuration file analysis application Hole information.In the present embodiment, the key message of application is often have recorded in configuration file, can basis The key message can be analyzed using with the presence or absence of leak.
Step 320, according to the vulnerability information of application, generates the input data of the system to application of mobile terminal. Input data includes the attack data to applying.
Step 330, mobile terminal is sent to by the installation kit and input data of application, is pacified with mobile terminal Dress application, and the system of control mobile terminal to application attack be applied defeated by data are attacked Go out data.In the present embodiment, the leak of application may cause using easily being attacked, so the present embodiment Data are attacked in middle generation, judge that it whether there is corresponding leak by being attacked application.
Step 340, leak is whether there is according to output data checking application.
As shown in figure 4, providing a kind of device for verifying application leak, bag in one embodiment of the present of invention Include:
Vulnerability information acquisition module 410, obtains the vulnerability information of application to be verified.It is right in the present embodiment It is not limited in the scope of vulnerability information, it represents logic error or misprogrammed present in application.
Data generation module 420, according to the vulnerability information of application, generates the system of mobile terminal to application Input data.Because the application by input data to safety on mobile terminals is tested, it is necessary to be accounted for With time and resource;So in the present embodiment, according to vulnerability information generate data volume it is limited with pin To the input data of property, then using time, the resource-constrained of input data analysis application leak occupancy, But analysis result is very good.
Input module 430, mobile terminal is sent to by the installation kit and input data of application, with mobile whole Application is installed at end, and input data is input into the output that application is applied by the system of control mobile terminal Data.In the present embodiment, for example for the mobile terminal of android system, the installation kit of use is Apk files.
Validating vulnerability module 440, leak is whether there is according to output data checking application.
As shown in figure 5, providing a kind of device for verifying application leak, bag in one embodiment of the present of invention Include:
Vulnerability information acquisition module 510, the installation kit to applying carries out the code that decompiling is applied, point The vulnerability information that analysis code is applied.Specifically, the known bugs of application are obtained from default server, The vulnerability information of application is extracted from the code of application according to known bugs.In the present embodiment, by anti- The code that compiling is applied, can retrieve with the presence or absence of vulnerability information from code;Further, leak Information can be the application leak for having reported, and can be retrieved accordingly from code according to known bugs Vulnerability information.
Data generation module 520, according to the vulnerability information of application, generates the system of mobile terminal to application Input data.Input data includes the executable data of application.
Input module 530, mobile terminal is sent to by the installation kit and input data of application, with mobile whole Application is installed at end, and executable data is activation to application perform by the system of control mobile terminal To the output data of application.In the present embodiment, can be using possible error in operation for vulnerability information Situation, carry out detecting whether there is corresponding leak using the control application operation of executable data.
Input module 540, leak is whether there is according to output data checking application.
Efficiency analysis module 550, according to the result, analyzes the validity of vulnerability information.In this implementation In example, the vulnerability information generation according to known to due to input data, so based on testing that input data is obtained Card to the validity of known bugs information as a result, it is possible to verify.
A kind of device for verifying application leak is provided in one embodiment of the present of invention, including:
Vulnerability information acquisition module 410, extracts configuration file, according to configuration file from the installation kit of application Analyze the vulnerability information of application.In the present embodiment, the crucial letter of application is often have recorded in configuration file Breath, be able to can analyze using with the presence or absence of leak according to the key message.
Data generation module 420, according to the vulnerability information of application, generates the system of mobile terminal to application Input data.Input data includes the attack data to applying.
Input module 430, mobile terminal is sent to by the installation kit and input data of application, with mobile whole Application is installed at end, and the system of control mobile terminal carries out attack and be applied by data are attacked to application Output data.In the present embodiment, the leak of application may cause using easily being attacked, so this reality Data are attacked in generation in applying example, judge that it whether there is corresponding leak by being attacked application.
Validating vulnerability module 440, leak is whether there is according to output data checking application.
Algorithm and display be not solid with any certain computer, virtual system or miscellaneous equipment provided herein There is correlation.Various general-purpose systems can also be used together with based on teaching in this.As described above, It is obvious to construct the structure required by this kind of system.Additionally, the present invention is not also for any specific Programming language.It is understood that, it is possible to use various programming languages realize the content of invention described herein, And the description done to language-specific above is to disclose preferred forms of the invention.
In specification mentioned herein, numerous specific details are set forth.It is to be appreciated, however, that this hair Bright embodiment can be put into practice in the case of without these details.In some instances, not in detail Known method, structure and technology are carefully shown, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help understand one in each inventive aspect or Multiple, in above to the description of exemplary embodiment of the invention, each feature of the invention sometimes by It is grouped into together in single embodiment, figure or descriptions thereof.However, should not be by the disclosure Method is construed to reflect following intention:I.e. the present invention for required protection requirement ratio is in each claim The more features of feature being expressly recited.More precisely, as the following claims reflect Like that, inventive aspect is all features less than single embodiment disclosed above.Therefore, it then follows tool Thus claims of body implementation method are expressly incorporated in the specific embodiment, and wherein each right will Itself is asked all as separate embodiments of the invention.
Those skilled in the art are appreciated that can be carried out certainly to the module in the equipment in embodiment Adaptively change and they are arranged in one or more equipment different from the embodiment.Can be with Module or unit or component in embodiment is combined into a module or unit or component, and in addition may be used To be divided into multiple submodule or subelement or sub-component.Except such feature and/or process or Outside at least some in unit exclude each other, can be using any combinations to this specification (including companion With claim, summary and accompanying drawing) disclosed in all features and so disclosed any method or All processes or unit of person's equipment are combined.Unless expressly stated otherwise, this specification (including companion With claim, summary and accompanying drawing) disclosed in each feature can it is identical by offers, equally or phase Replace like the alternative features of purpose.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other Some included features are rather than further feature, but the combination of the feature of different embodiments in embodiment Mean to be within the scope of the present invention and formed different embodiments.For example, in following right In claim, the one of any of embodiment required for protection mode can use in any combination.
All parts embodiment of the invention can realize with hardware, or with one or more processor The software module of upper operation is realized, or is realized with combinations thereof.Those skilled in the art should manage Solution, can be realized according to this hair using microprocessor or digital signal processor (DSP) in practice The some or all functions of some or all parts in the device of the checking application leak of bright embodiment. The present invention be also implemented as some or all equipment for performing method as described herein or Person's program of device (for example, computer program and computer program product).It is such realize it is of the invention Program can be stored on a computer-readable medium, or can have the form of one or more signal. Such signal can be downloaded from internet website and obtained, or be provided on carrier signal, or with Any other form is provided.
It should be noted that above-described embodiment the present invention will be described rather than limiting the invention, and And those skilled in the art can design replacement implementation without departing from the scope of the appended claims Example.In the claims, any reference symbol being located between bracket should not be configured to claim Limitation.Word "comprising" does not exclude the presence of element or step not listed in the claims.Positioned at unit Word "a" or "an" before part does not exclude the presence of element as multiple.The present invention can be borrowed Help to include the hardware of some different elements and realized by means of properly programmed computer.In row If in having lifted the unit claim of equipment for drying, several in these devices can be by same hard Part is embodied.The use of word first, second, and third does not indicate that any order.Can These words are construed to title.
A1, a kind of method of checking application leak, including:
Obtain the vulnerability information of application to be verified;
According to the vulnerability information of the application, input of the system of the mobile terminal to the application is generated Data;
The installation kit of the application and the input data are sent to mobile terminal, with described mobile whole Hold and the application is installed, and control the system of the mobile terminal that the input data is input into described answering With the output data for obtaining the application;
Verify that the application whether there is leak according to the output data.
A2, the method according to A1, obtain the vulnerability information of application to be verified, specifically include:
Installation kit to the application carries out the code that decompiling obtains the application, analyzes the code and obtains To the vulnerability information of the application.
A3, the method according to A2, obtain the vulnerability information of application to be verified, specifically include:
The known bugs of the application are obtained from default server, is answered from described according to the known bugs The vulnerability information of the application is extracted in code.
A4, the method according to A1, obtain the vulnerability information of application to be verified, specifically include:
Configuration file is extracted from the installation kit of the application, the application is analyzed according to the configuration file Vulnerability information.
A5, the method according to A1, the input data include the executable data of the application; Control the system of the mobile terminal that the input data is input into the output that the application obtains the application Data, specifically include:
Control the system of the mobile terminal that the executable data is activation is performed to the application.
A6, the method according to A1, the input data include the attack data to the application; Control the system of the mobile terminal that the input data is input into the output that the application obtains the application Data, specifically include:
The system of the mobile terminal is controlled to be attacked the application by the attack data.
A7, the method according to any one of A1 to A6, also include:
According to the result, the validity of the vulnerability information is analyzed.
A8, a kind of device of checking application leak, including:
Vulnerability information acquisition module, the vulnerability information for obtaining application to be verified;
Data generation module, for the vulnerability information according to the application, generate the mobile terminal is The input data united to the application;
Input module, for the installation kit of the application and the input data to be sent into mobile terminal, The application is installed with the mobile terminal, and controls the system of the mobile terminal by the input Using the output data for obtaining the application described in data input;
Validating vulnerability module, for verifying that the application whether there is leak according to the output data.
A9, the device according to A8,
The vulnerability information acquisition module carries out decompiling and obtains the application to the installation kit of the application Code, analyzes the vulnerability information that the code obtains the application.
A10, the device according to A9,
The vulnerability information acquisition module obtains the known bugs of the application from default server, according to The known bugs extract the vulnerability information of the application from the code of the application.
A11, the device according to A8,
The vulnerability information acquisition module extracts configuration file from the installation kit of the application, according to described Configuration file analyzes the vulnerability information of the application.
A12, the device according to A8, the input data include the executable data of the application;
The input module controls the system of the mobile terminal that the executable data is activation is answered to described With being performed.
A13, the device according to A8, the input data include the attack data to the application;
The system of the input module control mobile terminal is carried out by the attack data to the application Attack.
A14, the device according to any one of A8 to A13, also include:
Efficiency analysis module, for according to the result, analyzing the validity of the vulnerability information.

Claims (10)

1. it is a kind of to verify using the method for leak, it is characterised in that including:
Obtain the vulnerability information of application to be verified;
According to the vulnerability information of the application, input of the system of the mobile terminal to the application is generated Data;
The installation kit of the application and the input data are sent to mobile terminal, with described mobile whole Hold and the application is installed, and control the system of the mobile terminal that the input data is input into described answering With the output data for obtaining the application;
Verify that the application whether there is leak according to the output data.
2. method according to claim 1, it is characterised in that obtain the leak of application to be verified Information, specifically includes:
Installation kit to the application carries out the code that decompiling obtains the application, analyzes the code and obtains To the vulnerability information of the application.
3. method according to claim 2, it is characterised in that obtain the leak of application to be verified Information, specifically includes:
The known bugs of the application are obtained from default server, is answered from described according to the known bugs The vulnerability information of the application is extracted in code.
4. method according to claim 1, it is characterised in that obtain the leak of application to be verified Information, specifically includes:
Configuration file is extracted from the installation kit of the application, the application is analyzed according to the configuration file Vulnerability information.
5. method according to claim 1, it is characterised in that the input data include it is described should Executable data;Control the system of the mobile terminal that the input data is input into described application To the output data of the application, specifically include:
Control the system of the mobile terminal that the executable data is activation is performed to the application.
6. method according to claim 1, it is characterised in that the input data is included to described The attack data of application;Control the system of the mobile terminal that the input data is input into described application To the output data of the application, specifically include:
The system of the mobile terminal is controlled to be attacked the application by the attack data.
7. method according to any one of claim 1 to 6, it is characterised in that also include:
According to the result, the validity of the vulnerability information is analyzed.
8. it is a kind of to verify using the device of leak, it is characterised in that including:
Vulnerability information acquisition module, the vulnerability information for obtaining application to be verified;
Data generation module, for the vulnerability information according to the application, generate the mobile terminal is The input data united to the application;
Input module, for the installation kit of the application and the input data to be sent into mobile terminal, The application is installed with the mobile terminal, and controls the system of the mobile terminal by the input Using the output data for obtaining the application described in data input;
Validating vulnerability module, for verifying that the application whether there is leak according to the output data.
9. device according to claim 8, it is characterised in that
The vulnerability information acquisition module carries out decompiling and obtains the application to the installation kit of the application Code, analyzes the vulnerability information that the code obtains the application.
10. device according to claim 9, it is characterised in that
The vulnerability information acquisition module obtains the known bugs of the application from default server, according to The known bugs extract the vulnerability information of the application from the code of the application.
CN201510966913.3A 2015-12-21 2015-12-21 The method and apparatus of checking application leak Pending CN106897622A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510966913.3A CN106897622A (en) 2015-12-21 2015-12-21 The method and apparatus of checking application leak

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510966913.3A CN106897622A (en) 2015-12-21 2015-12-21 The method and apparatus of checking application leak

Publications (1)

Publication Number Publication Date
CN106897622A true CN106897622A (en) 2017-06-27

Family

ID=59191422

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510966913.3A Pending CN106897622A (en) 2015-12-21 2015-12-21 The method and apparatus of checking application leak

Country Status (1)

Country Link
CN (1) CN106897622A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110674506A (en) * 2019-09-10 2020-01-10 深圳开源互联网安全技术有限公司 Method and system for rapidly verifying vulnerability state of application program
CN113569256A (en) * 2021-08-12 2021-10-29 京东科技信息技术有限公司 Vulnerability scanning method and device, vulnerability scanning system, electronic equipment and computer readable medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101312393A (en) * 2007-05-24 2008-11-26 北京启明星辰信息技术有限公司 Detection method and system for SQL injection loophole
CN104537309A (en) * 2015-01-23 2015-04-22 北京奇虎科技有限公司 Application program bug detection method, application program bug detection device and server
CN104537308A (en) * 2015-01-23 2015-04-22 北京奇虎科技有限公司 System and method for providing application security auditing function

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101312393A (en) * 2007-05-24 2008-11-26 北京启明星辰信息技术有限公司 Detection method and system for SQL injection loophole
CN104537309A (en) * 2015-01-23 2015-04-22 北京奇虎科技有限公司 Application program bug detection method, application program bug detection device and server
CN104537308A (en) * 2015-01-23 2015-04-22 北京奇虎科技有限公司 System and method for providing application security auditing function

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110674506A (en) * 2019-09-10 2020-01-10 深圳开源互联网安全技术有限公司 Method and system for rapidly verifying vulnerability state of application program
CN110674506B (en) * 2019-09-10 2020-10-27 深圳开源互联网安全技术有限公司 Method and system for rapidly verifying vulnerability state of application program
CN113569256A (en) * 2021-08-12 2021-10-29 京东科技信息技术有限公司 Vulnerability scanning method and device, vulnerability scanning system, electronic equipment and computer readable medium

Similar Documents

Publication Publication Date Title
CN109359468B (en) Vulnerability detection method, device and equipment
US9372779B2 (en) System, method, apparatus and computer program for automatic evaluation of user interfaces in software programs
CN106203007B (en) Code processing method and device and computing equipment
TWI541669B (en) Detection systems and methods for static detection applications, and computer program products
US10049031B2 (en) Correlation of violating change sets in regression testing of computer software
US11888885B1 (en) Automated security analysis of software libraries
CN110929264B (en) Vulnerability detection method and device, electronic equipment and readable storage medium
Huang et al. Detecting sensitive data disclosure via bi-directional text correlation analysis
CN109614107B (en) Integration method and device of software development kit
US11269988B2 (en) Automated software application verification system
Morgado et al. Mobile GUI testing
EP2722783A2 (en) License verification method and apparatus
CN108062474B (en) File detection method and device
CN114021142A (en) Android application program vulnerability detection method
US20180018253A1 (en) Automation of software verification
CN108197469B (en) Method and device for verifying application program, storage medium and electronic equipment
CN109543409B (en) Method, device and equipment for detecting malicious application and training detection model
Boxler et al. Static taint analysis tools to detect information flows
CN112534400A (en) Method for analyzing source code
CN106897622A (en) The method and apparatus of checking application leak
Usman et al. Test case generation from android mobile applications focusing on context events
CN111159712B (en) Detection method, device and storage medium
WO2021038704A1 (en) Backdoor test device, backdoor test method, and non-transitory computer-readable medium
US20120131669A1 (en) Determining whether method of computer program is a validator
CN105809040A (en) Method and apparatus for detecting application privacy security information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170627

RJ01 Rejection of invention patent application after publication