CN108092970A - A kind of wireless network maintaining method and its equipment, storage medium, terminal - Google Patents
A kind of wireless network maintaining method and its equipment, storage medium, terminal Download PDFInfo
- Publication number
- CN108092970A CN108092970A CN201711330383.9A CN201711330383A CN108092970A CN 108092970 A CN108092970 A CN 108092970A CN 201711330383 A CN201711330383 A CN 201711330383A CN 108092970 A CN108092970 A CN 108092970A
- Authority
- CN
- China
- Prior art keywords
- network
- risk
- information
- application
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Abstract
The embodiment of the present invention discloses a kind of wireless network maintaining method and its equipment, storage medium, terminal, and wherein method includes the following steps:Obtain the network quality information for the wireless network that terminal is connected;The corresponding network operation state of the wireless network is obtained according to the network quality information;The network operations information of the application software in the terminal is installed on based on network operation state acquisition;When the network operations information is unsatisfactory for network operation reference information, the Web vector graphic permission of the application software is adjusted according to the software type of the application software, the network configuration information of the wireless network is adjusted according to the software type of the application software.Using the present invention, loiter network risk can be fundamentally solved, reaches the realization of anti-loiter network technology, and can be in the anti-loiter network risk of specific opportunity active detecting, while improving intelligent anti-loiter network detection and accuracy, the waste that resource is scanned in no loiter network risk is decreased.
Description
Technical field
The present invention relates to Internet technical field more particularly to a kind of wireless network maintaining methods and its equipment, storage to be situated between
Matter, terminal.
Background technology
With cracking the application software of Wi-Fi (Wireless-Fidelity, Wireless Fidelity) network authentication information (such as
" Wi-Fi skeleton keys ") gradually popularization, the situation that Wi-Fi is freely enjoyed by other people are more and more common.These crack Wi-
The application of Fi network authentication informations can connect other people Wi-Fi in the case of without mandate and carry out " loiter network ".And it " rubs
Net " user often occupied bandwidth, so as to influence normal use of owner Wi-Fi to wireless network.
In the prior art, to prevent stranger's loiter network, by whether there is the connection of strange equipment to make with place network gateway
It is strange to forbid by changing gateway configuration information when detecting loiter network risk whether to have the basis for estimation of loiter network risk
Equipment connects the network.However, this mode, there is no loiter network risk is fundamentally solved, amended gateway configuration information is complete
It can be cracked again entirely, be not really achieved the realization of anti-loiter network technology.
The content of the invention
The embodiment of the present invention provides a kind of wireless network maintaining method and its equipment, storage medium, terminal, can be from basic
Upper solution loiter network risk, reaches the realization of anti-loiter network technology, and can be improved in the anti-loiter network risk of specific opportunity active detecting
While the intelligent and accuracy of anti-loiter network detection, the waste that resource is scanned in no loiter network risk is decreased.
First aspect of the embodiment of the present invention provides a kind of wireless network maintaining method, it may include:
Obtain the network quality information for the wireless network that terminal is connected;
The corresponding network operation state of the wireless network is obtained according to the network quality information;
The network operations information of the application software in the terminal is installed on based on network operation state acquisition;
When the network operations information is unsatisfactory for network operation reference information, according to the software type of the application software
The Web vector graphic permission of the application software is adjusted, and the wireless network is adjusted according to the software type of the application software
Network configuration information.
Second aspect of the embodiment of the present invention provides a kind of wireless network maintained equipment, it may include:
Quality acquiring unit, for obtaining the network quality information for the wireless network that terminal is connected;
State acquiring unit, for obtaining the corresponding network operation shape of the wireless network according to the network quality information
State;
Information acquisition unit, for being installed on the application software in the terminal based on network operation state acquisition
Network operations information;
Information adjustment unit, for when the network operations information is unsatisfactory for network operation reference information, according to described
The software type of application software adjusts the Web vector graphic permission of the application software, and according to the software type of the application software
Adjust the network configuration information of the wireless network.
The third aspect of the embodiment of the present invention provides a kind of computer storage media, and the computer storage media is stored with
A plurality of instruction, described instruction are suitable for being loaded by processor and performing the method and step of above-mentioned first aspect.
Fourth aspect of the embodiment of the present invention provides a kind of terminal, it may include:Processor and memory;Wherein, it is described to deposit
Reservoir is stored with computer program, and the computer program is suitable for being loaded by the processor and performing following steps:
Obtain the network quality information for the wireless network that terminal is connected;
The corresponding network operation state of the wireless network is obtained according to the network quality information;
The network operations information of the application software in the terminal is installed on based on network operation state acquisition;
When the network operations information is unsatisfactory for network operation reference information, according to the software type of the application software
The Web vector graphic permission of the application software is adjusted, and the wireless network is adjusted according to the software type of the application software
Network configuration information.
In embodiments of the present invention, the network quality information of the wireless network connected by obtaining terminal determines that this is wireless
The network operation state of network, and the network operation for the application software being installed on based on the acquisition of network operation state in terminal is believed
Breath, when network operations information is unsatisfactory for network operation reference information, to the Web vector graphic permission and wireless network of application software
The network configuration information of network is adjusted.It is detected by combining the detection of loiter network terminal and risk application software, and respectively to net
The Web vector graphic permission of network configuration information and risk application software is adjusted, and fundamentally prevents risk application software pair
Network configuration information cracks, and solves loiter network risk, reaches the realization of anti-loiter network technology.And it can actively be examined on specific opportunity
Anti- loiter network risk is surveyed, while improving the intelligent and accuracy of anti-loiter network detection, decreases and is swept in no loiter network risk
Retouch the waste of resource.
Description of the drawings
It in order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention, for those of ordinary skill in the art, without creative efforts, can be with
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is a kind of flow diagram of wireless network maintaining method provided in an embodiment of the present invention;
Fig. 2 is the flow diagram of another wireless network maintaining method provided in an embodiment of the present invention;
Fig. 3 a are a kind of interface schematic diagrams of wireless network detection scene provided in an embodiment of the present invention;
Fig. 3 b are the interface schematic diagrams of another wireless network detection scene provided in an embodiment of the present invention;
Fig. 3 c are the interface schematic diagrams of another wireless network detection scene provided in an embodiment of the present invention;
Fig. 4 is a kind of interface schematic diagram of network operation state provided in an embodiment of the present invention;
Fig. 5 is the flow diagram of another wireless network maintaining method provided in an embodiment of the present invention;
Fig. 6 is the flow diagram of another software network maintaining method provided in an embodiment of the present invention;
Fig. 7 a are a kind of interface schematic diagrams of malice loiter network application software provided in an embodiment of the present invention;
Fig. 7 b are a kind of interface schematic diagrams of potential loiter network application software provided in an embodiment of the present invention;
Fig. 8 is a kind of interface schematic diagram of loiter network terminal processes provided in an embodiment of the present invention;
Fig. 9 is a kind of interface schematic diagram of terminal application software security sweep provided in an embodiment of the present invention;
Figure 10 is a kind of interface schematic diagram of application software monitoring result provided in an embodiment of the present invention;
Figure 11 is a kind of structure diagram of wireless network maintained equipment provided in an embodiment of the present invention;
Figure 12 is the structure diagram of another wireless network maintained equipment provided in an embodiment of the present invention;
Figure 13 is a kind of structure diagram of state acquiring unit provided in an embodiment of the present invention;
Figure 14 is the structure diagram of another state acquiring unit provided in an embodiment of the present invention;
Figure 15 is a kind of structure diagram of terminal provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, those of ordinary skill in the art are obtained every other without making creative work
Embodiment belongs to the scope of protection of the invention.
Wireless network maintaining method provided in an embodiment of the present invention can be applied to anti-loiter network and be solved after loiter network occurs
The scene of wireless network loiter network problem, the network quality information of the wireless network connected by obtaining terminal determine the wireless network
The network operation state of network, and the network operations information for being installed on the application software in terminal is obtained based on network operation state,
When network operations information is unsatisfactory for network operation reference information, Web vector graphic permission and wireless network to application software
Network configuration information is adjusted.It is detected by combining the detection of loiter network terminal and risk application software, and network is matched somebody with somebody respectively
Confidence ceases and the Web vector graphic permission of risk application software is adjusted, and fundamentally prevents risk application software to network
Configuration information cracks, and solves loiter network risk, reaches the realization of anti-loiter network technology.And it can prevent in specific opportunity active detecting
Loiter network risk while improving the intelligent and accuracy of anti-loiter network detection, decreases and money is scanned in no loiter network risk
The waste in source.
The present embodiments relate to wireless network maintaining method execution dependent on computer program, wireless network can be based on
Network maintained equipment is run on the computer system of Feng Ruoyiman systems.The wireless network maintained equipment can include tablet electricity
The terminal devices such as brain, personal computer (PC), smart mobile phone, palm PC and mobile internet device (MID).
Below in conjunction with attached drawing 1- attached drawings 10, it is situated between in detail to wireless network maintaining method provided in an embodiment of the present invention
It continues.
Fig. 1 is referred to, for an embodiment of the present invention provides a kind of flow diagrams of wireless network maintaining method.Such as Fig. 1
It is shown, the embodiment of the present invention the method may include following steps S101- steps S104.
S101 obtains the network quality information for the wireless network that terminal is connected;
It is understood that the network quality information can include network channel quality, connect the wireless network
Terminal device number, network speed size, the configuration information etc. of network gateway.
In the specific implementation, under several scenes, such as when wireless network maintained equipment carries out network security detection, Huo Zhejin
During the detection protection of the potential loiter network risk of row or detect that the application software in terminal causes potential loiter network
During the behavior of risk, the network quality information of the acquisition of triggering wireless network maintained equipment or detection wireless network.Optionally, also may be used
Periodically or in real time triggering wireless network maintained equipment obtains the network quality information of wireless network.
S102 obtains the corresponding network operation state of the wireless network according to the network quality information;
It is understood that it can determine that the network of wireless network is transported by comparing network quality information and quality criteria information
Row state, such as judge that network network speed determines the network operation state of wireless network with network speed benchmark size, in another example detection net
Whether whether the configuration information that network diagram closes match to judge the configuration information of the network gateway by more with the configuration information of setting
Change, so that it is determined that the network operation state of wireless network.The network operation state includes the terminal iidentification for including loiter network terminal
Network operation state, i.e., instruction there is strange terminal to connect the wireless network;And include the network of risk application hint message
The possible risky application of operating status, i.e. instruction exists, it is necessary to carry out risk application detection.
In the specific implementation, wireless network maintained equipment is by comparing network quality information with quality criteria information to judge
State whether network quality information meets quality criteria information, when the network quality information is unsatisfactory for the quality criteria information
When, that is, more than network quality normal operating range when, obtain wireless network present in loiter network terminal terminal iidentification,
Generation includes the network operation state of the terminal iidentification, when the network quality information meets the quality criteria information,
Although for network quality currently in normal operating range, also needing should with the presence or absence of risk based on the inquiry of risk application set of records ends
With prompt message, when there are during risk application hint message, generation includes the network operation shape of the risk application hint message
State.Optionally, the network quality information that wireless network maintained equipment obtains wireless network can be also triggered periodically or in real time.Its
In, the loiter network terminal refers to the illegal authorization terminal equipment of other malice for connecting wireless network, and the terminal iidentification is for only
One identification loiter network terminal can be medium education (Media Access Control, MAC) address, the end of loiter network terminal
Hold coding, procotol (Internet Protocol, IP) address etc..
S103 is installed on the network operation letter of the application software in the terminal based on network operation state acquisition
Breath;
It is understood that the network operations information can include occupying flow, networking number, networking frequency, access
Whether permission has the behavior for obtaining network relevant sensitization data, if there is the abnormal operation to data backup or data upload
And code of the problem of in abnormal operation etc..
Table 1
In the specific implementation, when network operation state of the generation comprising the terminal iidentification, show there are loiter network terminal or
When generation includes the network operation state of the risk application hint message, show in the application software being installed in terminal
There may be risk application software, then need to obtain the network behaviour of mounted application software in terminal in operation information set
Make information.
Wherein, application identities and network operations information are stored in the operation information set, the information stored can
It is stored in the form of subclass, it can also tabular form storage.
As shown in table 1 be a kind of tabular form operation information set, traversal be mounted on terminal on application software A1,
When traversing A1, A1 and the application identities in table 1 are matched by A2, A3, A4 and A5, if matching with B, obtain the net of B
Network operation information.Adopt the network operations information for obtaining A2, A3, A4 and A5 respectively in a like fashion.
S104, when the network operations information is unsatisfactory for network operation reference information, according to the soft of the application software
Part type adjusts the Web vector graphic permission of the application software, and described wireless according to the adjustment of the software type of the application software
The network configuration information of network.
It is understood that the Web vector graphic permission includes access right of the application software to the wireless network
Limit, the Web vector graphic permission of the adjustment application software can include unloading or isolate the application software, or
Manage network sensitive permission of wireless network described in the accessible with application software etc..Every request is tested just when access right and network
That demonstrate,proves the permission of information is all referred to alternatively as network sensitive permission, because it is related to individual privacy and information security issue.
The network configuration information can include IP address, subnet mask, gateway address, dns server address, network and test
Demonstrate,prove end message of password, gateway management verification password and connection gateway etc..
In the specific implementation, when the network operations information is unsatisfactory for network operation reference information, show that application software is
Risk application software or in application software there are risk application software, then need to carry out at anti-loiter network risk application software
Reason adjusts the Web vector graphic permission of the application software, the software type bag according to the software type of the application software
Malice risk application software and potential risk application software are included, such as when the software type of the application software should for malice risk
During with software, unload or isolate the application software, to interrupt the connection of the application software and the wireless network, when described
When the software type of application software is potential risk application software, the network sensitive permission of the application software is adjusted.Meanwhile also
The network configuration information of adjustment wireless network is needed, to prevent the illegal authorization terminal connection wireless network of other malice.Pass through knot
It closes to the setting of the setting of wireless network and the application software in terminal on the access rights of wireless network, into one
Step prevents loiter network behavior.Wherein, the network operation reference information includes the normal use flow of application software, normal use
Various authority informations of network etc..
It should be noted that the network configuration information of the adjustment wireless network can perform after S101.
That is when generation includes the network operation state of the terminal iidentification, the net for adjusting the wireless network can be immediately performed
Network configuration information, to forbid the connection of loiter network terminal.
In an alternative embodiment, the abnormal networking situation of the application software in terminal can be monitored in real time, and flow makes
With abnormal conditions, the information such as the acquisition situation of network sensitive permission when detecting the presence of exception information, obtain and are mounted on terminal
On each application software Web vector graphic data, and judge the Web vector graphic data whether be more than Web vector graphic threshold range,
So as to detecting the risk application in application software, adjusting the Web vector graphic permission of the application software and adjusting the wireless network
The network configuration information of network.
In an alternative embodiment, when detecting that the application software newly installed or the application software in terminal connect
Net is abnormal or when the application software in terminal obtains special access right, obtains and is mounted in terminal
The network operations information of each application software, and judge whether the network operations information meets network operation reference information, so as to
It detects the risk application in application software, adjust the Web vector graphic permission of the risk application and adjusts the wireless network
Network configuration information.
In an alternative embodiment, wireless network maintained equipment can record and count wireless network Behavior law, based on system
Result selection proper moment triggering network quality information detection and the detection applied to loiter network in application software are counted, improves anti-rub
Net detection efficiency and the effect for saving resource.
In embodiments of the present invention, the network quality information of the wireless network connected by obtaining terminal determines that this is wireless
The network operation state of network, and the network operation for the application software being installed on based on the acquisition of network operation state in terminal is believed
Breath when network operations information is unsatisfactory for network operation reference information, adjusts the Web vector graphic permission of application software and wireless
The network configuration information of network.It is detected by combining the detection of loiter network terminal and risk application software, and respectively to network configuration
The Web vector graphic permission of information and risk application software is adjusted, and risk application software is fundamentally prevented to match somebody with somebody network
Cracking for confidence breath, solves loiter network risk, reaches the realization of anti-loiter network technology.And it can prevent rubbing in specific opportunity active detecting
Net risk while improving the intelligent and accuracy of anti-loiter network detection, decreases and scans resource in no loiter network risk
Waste.
Fig. 2 is referred to, is the flow diagram an embodiment of the present invention provides another wireless network maintaining method.Such as figure
Shown in 2, the embodiment of the present invention the method may include following steps S201- steps S210.
S201 obtains the network quality information for the wireless network that terminal is connected;
It is understood that the network quality information can include network channel quality, connect the wireless network
Terminal device number, network speed size, the configuration information etc. of network gateway.
In the specific implementation, under several scenes, such as when wireless network maintained equipment carries out network security detection, Huo Zhejin
During the detection protection of the potential loiter network risk of row or detect that the application software in terminal causes potential loiter network
During the behavior of risk, the network quality information of the acquisition of triggering wireless network maintained equipment or detection wireless network.Optionally, also may be used
Periodically or in real time triggering wireless network maintained equipment obtains the network quality information of wireless network.
For example, Wi-Fi as shown in Figure 3a accelerates under scene, under the safe physical examination scene shown in Fig. 3 b, shown in Fig. 3 c
Under the scene for detecting loiter network risk of divulging a secret, triggering wireless network maintained equipment obtains the network quality information of wireless network.
S202 when the network quality information is unsatisfactory for quality criteria information, is obtained present in the wireless network
The terminal iidentification of loiter network terminal, generation include the network operation state of the terminal iidentification;
It is understood that the loiter network terminal refers to the illegal authorization terminal equipment of other malice for connecting wireless network,
The terminal iidentification is used for unique identification loiter network terminal, can be MAC Address, terminal coding or IP address of loiter network terminal etc..
In the specific implementation, when detecting that the network quality information is unsatisfactory for the quality criteria information, show exist
Loiter network terminal, that is to say, that there is loiter network terminal to be connected to wireless network, obtain the mark of the loiter network terminal, and generate comprising institute
The network operation state of terminal iidentification is stated, further shows the network operation state.Network operation state as shown in Figure 4,
In " LG Electronics, IP 10.9.84.73 " be loiter network terminal terminal iidentification.
When the network quality information meets quality criteria information, wind is obtained based on risk application set of records ends by S203
Dangerous application hint message, generation include the network operation state of the risk application hint message.
It is understood that the risk application set of records ends is stores the set that risky application records information, it is described
Risk application record information can include reporting the current geographic position of the terminal of risk application software, using the risk using soft
The age of user layer of part is detected as using the attribute (such as campus network, internet) of network, environment letter during risk application software
The attribute informations such as the period cease, reported risk application software can also include application identities, risk index, risk class etc..
The risk application set of records ends can be stored with tabular form, can also the storage of subclass form, in each subclass respectively
Storage application record information.
For example, it is a kind of risk application set of records ends of tabular form as shown in table 2.In the risk application set of records ends
The application message stored can periodically update, also can be after the application message reported with reference to other terminals carries out big data statistics
Renewal time is selected based on statistical result.
It should be noted that the risk application set of records ends can be stored in Wi-Fi maintained equipment local, and deposit
Store up local risk application set of records ends be wireless network maintained equipment in advance to server pull, can be periodically to service
Device request update;The risk application set of records ends can also be stored in server end.
Table 2
In a kind of feasible realization method, as shown in figure 5, described obtain risk application based on risk application set of records ends
Prompt message, network operation state of the generation comprising the risk application hint message comprise the following steps:
S301 parses the risk application set of records ends obtained in advance from server, to obtain and the terminal
The first risk application record information that terminal attributive information matches;
It is understood that the risk application set of records ends in wireless network maintained equipment is to be obtained in advance from server,
A plurality of risk application record information is stored in risk application set of records ends.When wireless network maintained equipment is receiving network
In the case of being connected after quality testing without loiter network terminal, obtain the terminal attributive information of terminal, and by the terminal attributive information with
The risk application record information parsed is matched, if matching the first risk application record information, shows that there may be wind
Dangerous application software then generates the first risk application hint message.
S302 generates the first risk application hint message, by described first based on first risk application record information
Risk application hint message is added in network operation state.
It is understood that the necessity of the risky application detection of network operation state instruction at this time.
In another feasible realization method, as shown in fig. 6, described should based on risk application set of records ends acquisition risk
With prompt message, network operation state of the generation comprising the risk application hint message comprises the following steps:
S401 sends the indicating risk inquiry request for the terminal attributive information for carrying the terminal to server, so that institute
Server is stated to parse risk application set of records ends and find the second risk to match with the terminal attributive information
During using record information, the second risk application hint message is generated based on second risk application record information and is fed back;
It is understood that the storage of risk application set of records ends is on the server, stored in risk application set of records ends
There is a plurality of risk application record information, the risk application record information reports for other-end.When wireless network maintained equipment
In the case where being connected after receiving network quality detection without loiter network terminal, terminal attribute letter of the request server based on terminal
Breath, and the terminal attributive information is matched with the risk application record information parsed, if matching the second risk application
Information is recorded, shows there may be risk application, then to generate the second risk application hint message, and feeds back to wireless network maintenance
Equipment.
S402, generation include the network operation state of the second risk application hint message.
It is understood that wireless network maintained equipment then generates the network for including the second risk application hint message
Operating status performs the detection to being installed on the application software in terminal with triggering.
It should be noted that the first risk application record information can be identical with the second risk record information,
Can be different, it is used only for distinguishing in local and the matching result of server.The first risk application hint message with it is described
Second risk application hint message is similarly.
Optionally, by the risk application software in the application identities of the mounted application software of terminal and risk set of applications
Application identities matched, if there are the application software of successful match, show that there are loiter network application, a sides in application software
The application software of successful match can be determined as malice loiter network application software by face, and adjust malice loiter network application software to wireless
The Web vector graphic permission of network, while the Web vector graphic data for the application software for not having successful match are inquired about in application software, and
Determine whether potential loiter network application software based on Web vector graphic data;On the other hand can be based on matching result " have matching into
The application software of work(" searches the Web vector graphic data of mounted all application software, so that it is determined that going out loiter network application therein
Software.Then the application identities of loiter network application are obtained, and generate the network operation state for including the application identities.
S204, when network operation state of the generation comprising the terminal iidentification or when generation is comprising the risk application
During the network operation state of prompt message, the network operations information of the application software is obtained in operation information set.
It is understood that the network operations information can include occupying flow, networking number, networking frequency, access
Whether the data relevant with network such as permission have the behavior for obtaining network relevant sensitization data, if exist to data backup or
The abnormal operation and code etc. the problem of in abnormal operation that data upload.
In the specific implementation, when network operation state of the generation comprising the terminal iidentification, show there are loiter network terminal or
When generation includes the network operation state of the risk application hint message, show in the application software being installed in terminal
There may be risk application software, then need to obtain the network behaviour of mounted application software in terminal in operation information set
Make information.
Wherein, application identities and network operations information are stored in the operation information set, the information stored can
It is stored in the form of subclass, it can also tabular form storage.
As shown in table 1 be a kind of tabular form operation information set, traversal be mounted on terminal on application software A1,
When traversing A1, A1 and the application identities in table 1 are matched by A2, A3, A4 and A5, if matching with B, obtain the net of B
Network operation information.Adopt the network operations information for obtaining A2, A3, A4 and A5 respectively in a like fashion.
S205 obtains the corresponding application risk grade of the network operations information;
In a kind of feasible realization method, the corresponding risk of the network operations information is searched in network operation set
Grade, in another feasible realization method, the mapping relationship searching wind based on application risk grade and network operations information
The corresponding intended application risk class of network operations information nearly applied.
S206 when the application risk grade is more than the second risk level threshold scope, determines that the application is soft
The software type of part is malice risk application software;
It is understood that setting application risk grade includes three grades, it is respectively safety, potential risk and malice
Risk, corresponding threshold range be no more than the first risk level threshold, more than the first risk level threshold scope and not less than
Second risk level threshold and more than the second risk level threshold scope.
Further, when the definite application software is malice risk application software, the malice risk application software is shown
Risk item details, as shown in Figure 7a, including information such as Apply Names, risk class, risk details and application class.
S207 obtains the 3rd risk application record of the malice risk application software, and by the 3rd risk application
Record is preserved into risk application set of records ends.
It is understood that the 3rd risk can report the current geographic of the terminal of risk application software using record
Position, using the risk application software age of user layer, be detected as risk application software when use the phases such as attribute of network
Close information.If risk application set of records ends is stored in local, the application message can be directly stored into risk set of applications,
And be averaging the local historical risk application record information of scheduling algorithm combination using weighting and handled, it also can directly report to service
Device is locally stored by being back to after server statistics;If risk application set of records ends is stored in server, by the application message
Server is reported to, so that server carries out big data statistics.
S208 is unloaded or is isolated the application software, to interrupt the connection of the application software and the wireless network, and
Adjust the network configuration information of the wireless network;
For example, as shown in Figure 7a, by the control in the display interface for the malice loiter network application software for selecting to detect by
Key " unloading " is to unload the malice loiter network application software, so as to interrupt the connection of the malicious application software and wireless network.Together
When, it is also necessary to the network configuration information of wireless network, such as IP address, subnet mask, gateway address, dns server address, net
End message of network verification password, gateway management verification password and connection gateway etc. is adjusted and sets, to prevent having cracked this
The loiter network terminal of the network configuration information of wireless network is again coupled to the wireless network.
It optionally, can be to the terminal iidentification after the network operation state of the terminal iidentification including loiter network terminal is generated
Corresponding loiter network terminal is handled (unknown device in such as Fig. 8), and such as " forbidding networking " manages loiter network risk to be located in time.
S209, when the application risk grade is more than the first risk level threshold scope and not less than the second risk class threshold
When being worth scope, the software type for determining the application software is potential risk application software;
Further, when the definite application software is potential risk application software, the potential risk application software is shown
Risk item details, as shown in Figure 7b, including information such as Apply Names, risk class, risk details and application class.
S210, adjusts the network sensitive permission of the application software, and adjusts the network configuration information of the wireless network.
It is understood that every request is all referred to alternatively as network just when the permission of access right and network authentication information
Sensitive permission, because it is related to individual privacy and information security issue.
For example, as shown in Figure 7b, detect that application software " B applications " for potential loiter network risk application software, passes through selection
Control button " management sensitive permission " in shown interface is to be configured and adjust.It is also desirable to wireless network
Network configuration information, such as IP address, subnet mask, gateway address, dns server address, network verification password, gateway management
End message of verification password and connection gateway etc. is adjusted and sets, to prevent having cracked the network configuration of wireless network letter
The loiter network terminal of breath is again coupled to the wireless network.
In an alternative embodiment, when carrying out the security sweep operation of application software, as shown in figure 9, if it find that rubbing
Net risk related application can also carry out it relevant processing, and triggering is rubbed based on network quality information after processing
Network termination detects and carries out loiter network application detection.
In an alternative embodiment, when the application software for monitoring newly to install or mounted application software networking are different
There are during loiter network application software often or when the application software in terminal obtains special access right, displaying
Relevant indicating risk information as shown in Figure 10, is inputted when receiving " immediately treating " control of user for the display interface
Touch command when, then jump to the details page shown in Fig. 3 c, and can perform " processing risk application " and " network detection " two
A operation.
In embodiments of the present invention, the network quality information of the wireless network connected by obtaining terminal determines that this is wireless
The network operation state of network, and the network operation for the application software being installed on based on the acquisition of network operation state in terminal is believed
Breath when network operations information is unsatisfactory for network operation reference information, adjusts the Web vector graphic permission of application software and wireless
The network configuration information of network.It is detected by combining the detection of loiter network terminal and risk application software, and respectively to network configuration
The Web vector graphic permission of information and risk application software is adjusted, and risk application software is fundamentally prevented to match somebody with somebody network
Cracking for confidence breath, solves loiter network risk, reaches the realization of anti-loiter network technology.And it can prevent rubbing in specific opportunity active detecting
Net risk while improving the intelligent and accuracy of anti-loiter network detection, decreases and scans resource in no loiter network risk
Waste.
Below in conjunction with attached drawing 11- attached drawings 13, wireless network maintained equipment provided in an embodiment of the present invention is carried out detailed
It introduces.It should be noted that the wireless network maintained equipment shown in attached drawing 11, for performing implementation shown in Fig. 1-Figure 10 of the present invention
The method of example, for convenience of description, illustrates only and is not disclosed with the relevant part of the embodiment of the present invention, particular technique details,
It refer to Fig. 1 of the present invention-embodiment shown in Fig. 10.
Figure 11 is referred to, for an embodiment of the present invention provides a kind of structure diagrams of wireless network maintained equipment.Such as figure
Shown in 11, the wireless network maintained equipment 10 of the embodiment of the present invention can include:Quality acquiring unit 101, state obtain
Unit 102, information acquisition unit 103 and information adjustment unit 104.
Quality acquiring unit 101, for obtaining the network quality information for the wireless network that terminal is connected;
It is understood that the network quality information can include network channel quality, connect the wireless network
Terminal device number, network speed size, the configuration information etc. of network gateway.
In the specific implementation, under several scenes, such as when quality acquiring unit 101 carries out network security detection, Huo Zhejin
During the detection protection of the potential loiter network risk of row or detect that the application software in terminal causes potential loiter network
During the behavior of risk, triggering quality acquiring unit 101 gathers or detects the network quality information of wireless network.Optionally, also may be used
Periodically or in real time triggering quality acquiring unit 101 obtains the network quality information of wireless network.
State acquiring unit 102 is transported for obtaining the corresponding network of the wireless network according to the network quality information
Row state;
It is understood that it can determine that the network of wireless network is transported by comparing network quality information and quality criteria information
Row state, such as judge that network network speed determines the network operation state of wireless network with network speed benchmark size, in another example detection net
Whether whether the configuration information that network diagram closes match to judge the configuration information of the network gateway by more with the configuration information of setting
Change, so that it is determined that the network operation state of wireless network.The network operation state includes the terminal iidentification for including loiter network terminal
Network operation state, i.e., instruction may there is strange terminal to connect the wireless network;And include risk application hint message
The possible risky application of network operation state, i.e. instruction exists, it is necessary to carry out risk application detection.
In the specific implementation, state acquiring unit 102 is by comparing network quality information with quality criteria information to judge
State whether network quality information meets quality criteria information, when the network quality information is unsatisfactory for the quality criteria information
When, that is, more than network quality normal operating range when, obtain wireless network present in loiter network terminal terminal iidentification,
Generation includes the network operation state of the terminal iidentification, when the network quality information meets the quality criteria information,
Although for network quality currently in normal operating range, also needing should with the presence or absence of risk based on the inquiry of risk application set of records ends
With prompt message, when there are during risk application hint message, generation includes the network operation shape of the risk application hint message
State.Optionally, also can periodical or real-time triggering state acquiring unit 102 obtain the network quality information of wireless network.Its
In, the loiter network terminal refers to the illegal authorization terminal equipment of other malice for connecting wireless network, and the terminal iidentification is for only
One identification loiter network terminal can be MAC address, terminal coding, IP address of loiter network terminal etc..
Information acquisition unit 103, it is soft for obtaining the application being installed in the terminal based on the network operation state
The network operations information of part;
It is understood that the network operations information can include occupying flow, networking number, networking frequency, access
Whether permission has the behavior for obtaining network relevant sensitization data, if there is the abnormal operation to data backup or data upload
And code of the problem of in abnormal operation etc..
In the specific implementation, when network operation state of the generation comprising the terminal iidentification, show there are loiter network terminal or
When generation includes the network operation state of the risk application hint message, show in the application software being installed in terminal
There may be risk application software, then need to obtain the network behaviour of mounted application software in terminal in operation information set
Make information.
Wherein, described using application identities and network operations information is stored in operation information, the information stored can
It is stored in the form of subclass, it can also tabular form storage.
It is a kind of operation information set of tabular form as shown in table 1, travels through mounted application software A1, A2, A3, A4
And A5, when traversing A1, A1 and the application identities in table 1 are matched, if matching with B, obtain the network operation letter of B
Breath.Adopt the network operations information for obtaining A2, A3, A4 and A5 respectively in a like fashion.
Information adjustment unit 104, for when the network operations information is unsatisfactory for network operation reference information, according to institute
The software type for stating application software adjusts the Web vector graphic permission of the application software, and according to the software class of the application software
Type adjusts the network configuration information of the wireless network.
It is understood that the Web vector graphic permission includes access right of the application software to the wireless network
Limit, the Web vector graphic permission of the adjustment application software can include unloading or isolate the application software, or
Manage network sensitive permission of wireless network described in the accessible with application software etc..Every request is tested just when access right and network
That demonstrate,proves the permission of information is all referred to alternatively as network sensitive permission, because it is related to individual privacy and information security issue.
The network configuration information can include IP address, subnet mask, gateway address, dns server address, network and test
Demonstrate,prove end message of password, gateway management verification password and connection gateway etc..
In the specific implementation, when the network operations information is unsatisfactory for network operation reference information, show that application software is
Risk application software or in application software there are risk application software, then need to carry out at anti-loiter network risk application software
Reason adjusts the Web vector graphic permission of the application software, the software type bag according to the software type of the application software
Malice risk application software and potential risk application software are included, such as when the software type of the application software should for malice risk
During with software, unload or isolate the application software, to interrupt the connection of the application software and the wireless network, when described
When the software type of application software is potential risk application software, the network sensitive permission of the application software is adjusted.Meanwhile also
The network configuration information of adjustment wireless network is needed, to prevent the illegal authorization terminal connection wireless network of other malice.Pass through knot
It closes to the setting of the setting of wireless network and the application software in terminal on the access rights of wireless network, into one
Step prevents loiter network behavior.Wherein, the network operation reference information includes the normal use flow of application software, normal use
Various authority informations of network etc..
It should be noted that the network configuration information of the adjustment wireless network can perform after 101.Also
It is to say, when generation includes the network operation state of the terminal iidentification, the network for adjusting the wireless network can be immediately performed
Configuration information, to forbid the connection of loiter network terminal.
In an alternative embodiment, the abnormal networking situation of the application software in terminal can be monitored in real time, and flow makes
With abnormal conditions, the information such as the acquisition situation of network sensitive permission when detecting the presence of exception information, trigger acquisition of information list
Member 103 obtains the Web vector graphic data for each application software being mounted in terminal, and judges whether the Web vector graphic data surpass
Web vector graphic threshold range is crossed, so as to detect the loiter network terminal in application software, adjusts the Web vector graphic of the application software
Permission and the network configuration information for adjusting the wireless network.
In an alternative embodiment, when detecting that the application software newly installed or the application software in terminal connect
Net is abnormal or when the application software in terminal obtains special access right, triggers information acquisition unit 103
The network operations information for each application software being mounted in terminal is obtained, and judges whether the network operations information meets network
Reference information is operated, so as to detect the risk application in application software, adjusts the Web vector graphic permission of the risk application simultaneously
Adjust the network configuration information of the wireless network.
In an alternative embodiment, it can record and count wireless network Behavior law, when selecting suitable based on statistical result
Machine triggering state acquiring unit 102 carries out network quality information detection and triggering information acquisition unit 103 in application software
The detection of loiter network application improves anti-loiter network detection efficiency and saves the effect of resource.
In embodiments of the present invention, the network quality information of the wireless network connected by obtaining terminal determines that this is wireless
The network operation state of network, and the network operation for the application software being installed on based on the acquisition of network operation state in terminal is believed
Breath when network operations information is unsatisfactory for network operation reference information, adjusts the Web vector graphic permission of application software and wireless
The network configuration information of network.It is detected by combining the detection of loiter network terminal and risk application software, and respectively to network configuration
The Web vector graphic permission of information and risk application software is adjusted, and risk application software is fundamentally prevented to match somebody with somebody network
Cracking for confidence breath, solves loiter network risk, reaches the realization of anti-loiter network technology.And it can prevent rubbing in specific opportunity active detecting
Net risk while improving the intelligent and accuracy of anti-loiter network detection, decreases and scans resource in no loiter network risk
Waste.
Figure 12 is referred to, is the structure diagram an embodiment of the present invention provides another wireless network maintained equipment.Such as
Shown in Figure 12, the wireless network maintained equipment 10 of the embodiment of the present invention can include:Quality acquiring unit 101, state obtain
Take unit 102, information acquisition unit 103, information adjustment unit 104, grade acquiring unit 105, malicious application determination unit
106th, potential application determination unit 107, information holding unit 108.
Quality acquiring unit 101, for obtaining the network quality information for the wireless network that terminal is connected;
It is understood that the network quality information can include network channel quality, connect the wireless network
Terminal device number, network speed size, the configuration information etc. of network gateway.
In the specific implementation, under several scenes, such as when quality acquiring unit 101 carries out network security detection, Huo Zhejin
During the detection protection of the potential loiter network risk of row or detect that the application software in terminal causes potential loiter network
During the behavior of risk, triggering quality acquiring unit 101 gathers or detects the network quality information of wireless network.Optionally, also may be used
Periodically or in real time triggering quality acquiring unit 101 obtains the network quality information of wireless network.
For example, Wi-Fi as shown in Figure 3a accelerates under scene, under the safe physical examination scene shown in Fig. 3 b, shown in Fig. 3 c
Under the scene for detecting loiter network risk of divulging a secret, triggering quality acquiring unit 101 obtains the network quality information of wireless network.
It is corresponding to obtain the wireless network for the network quality information based on wireless network for state acquiring unit 102
Network operation state;
Optionally, the state acquiring unit 102 is specifically used for being unsatisfactory for quality criteria letter when the network quality information
During breath, the terminal iidentification of loiter network terminal present in the wireless network is obtained, network of the generation comprising the terminal iidentification is transported
Row state;
It is understood that the loiter network terminal refers to the illegal authorization terminal equipment of other malice for connecting wireless network,
The terminal iidentification is used for unique identification loiter network terminal, can be MAC Address, terminal coding or IP address of loiter network terminal etc..
In the specific implementation, when detecting that the network quality information is unsatisfactory for the quality criteria information, show exist
Loiter network terminal, that is to say, that there is loiter network terminal to be connected to wireless network, obtain the mark of the loiter network terminal, and generate comprising institute
The network operation state of terminal iidentification is stated, further shows the network operation state, network operation state as shown in Figure 4,
In " LG Electronics, IP 10.9.84.73 " be loiter network terminal terminal iidentification.
Optionally, state acquiring unit 102 is specifically used for when the network quality information meets quality criteria information, base
Risk application hint message is obtained in risk application set of records ends, generation includes the network operation of the risk application hint message
State.
It is understood that the risk application set of records ends is stores the set that risky application records information, it is described
Risk application record information can include reporting the current geographic position of the terminal of risk application software, using the risk using soft
The age of user layer of part is detected as using the attribute (such as campus network, internet) of network, environment letter during risk application software
The attribute informations such as the period cease, reported risk application software can also include application identities, risk index, risk class etc..
The risk application set of records ends can be stored with tabular form, can also the storage of subclass form, in each subclass respectively
Storage application record information.
For example, it is a kind of risk application set of records ends of tabular form as shown in table 2.In the risk application set of records ends
The application message stored can periodically update, also can be after the application message reported with reference to other terminals carries out big data statistics
Renewal time is selected based on statistical result.
It should be noted that the risk application set of records ends can be stored in state acquiring unit 102 locally, and store
Local risk application set of records ends be state acquiring unit 102 in advance to server pull, can be periodically to server
Request update;The risk application set of records ends can also be stored in server end.
Optionally, as shown in figure 13, the state acquiring unit 102, including:
Set parsing subelement 1021, for being parsed to the risk application set of records ends obtained in advance from server,
To obtain the first risk to match with the terminal attributive information of the terminal application record information;
It is understood that the risk application set of records ends in state acquiring unit 102 is to be obtained in advance from server,
A plurality of risk application record information is stored in risk application set of records ends.When set parsing subelement 1021 is receiving network
In the case of being connected after quality testing without loiter network terminal, obtain the terminal attributive information of terminal, and by the terminal attributive information with
The risk application record information parsed is matched, if matching the first risk application record information, shows that there may be wind
Dangerous application software then generates the first risk application hint message.
State adds subelement 1022, is carried for being based on the first risk application record information first risk application of generation
Show information, the first risk application hint message is added in network operation state.
It is understood that the necessity of the risky application detection of network operation state instruction at this time.
Optionally, as shown in figure 14, the state acquiring unit 102, including:
Transmission sub-unit 1023 is asked, the risk for sending the terminal attributive information for carrying the terminal to server carries
Show inquiry request, so that the server parses risk application set of records ends and finds and the terminal attributive information
During the second risk application record information to match, the second risk application is generated based on second risk application record information and is carried
Show information and feed back;
It is understood that the storage of risk application set of records ends is on the server, stored in risk application set of records ends
There is a plurality of risk application record information, the risk application record information reports for other-end.When request transmission sub-unit
1023 after receiving network quality detection without loiter network terminal in the case where connecting, terminal attribute of the request server based on terminal
Information, and the terminal attributive information is matched with the risk application record information parsed, it should if matching the second risk
With record information, show there may be risk application, then to generate the second risk application hint message, and feed back to request and send son
Unit 1023.
State generates subelement 1024, for generating the network operation shape for including the second risk application hint message
State.
It is understood that state generation subelement 1024 then generates the net for including the second risk application hint message
Network operating status performs the detection to being installed on the application software in terminal with triggering.
It should be noted that the first risk application record information can be identical with the second risk record information,
Can be different, it is used only for distinguishing in local and the matching result of server.The first risk application hint message with it is described
Second risk application hint message is similarly.
Information acquisition unit 103, it is soft for obtaining the application being installed in the terminal based on the network operation state
The network operations information of part;
It is understood that the network operations information can include occupying flow, networking number, networking frequency, access
Whether the data relevant with network such as permission have the behavior for obtaining network relevant sensitization data, if exist to data backup or
The abnormal operation and code etc. the problem of in abnormal operation that data upload.
Optionally, described information acquiring unit 103 is specifically used for:
When generation comprising the terminal iidentification the network operation state when or when generation comprising the risk Application Hints believe
During the network operation state of breath, the network operations information of the application software is obtained in operation information set.
In the specific implementation, when network operation state of the generation comprising the terminal iidentification, show there are loiter network terminal or
When generation includes the network operation state of the risk application hint message, show in the application software being installed in terminal
There may be risk application software, then need to obtain the network behaviour of mounted application software in terminal in operation information set
Make information.
Wherein, application identities and Web vector graphic data are stored in the operation information set, the information stored can
It is stored with subclass, it can also tabular form storage.
As shown in table 1 be a kind of tabular form operation information set, traversal be mounted on terminal on application software A1,
When traversing A1, A1 and the application identities in table 1 are matched by A2, A3, A4 and A5, if matching with B, obtain the net of B
Network operation information.Adopt the network operations information for obtaining A2, A3, A4 and A5 respectively in a like fashion.
Information adjustment unit 104, for when the network operations information is unsatisfactory for network operation reference information, according to institute
The software type for stating application software adjusts the Web vector graphic permission of the application software, and according to the software class of the application software
Type adjusts the network configuration information of the wireless network.
Optionally, as shown in figure 12, the equipment 10 further includes:
Grade acquiring unit 105, for obtaining the corresponding application risk grade of the network operations information;
In a kind of feasible realization method, the corresponding risk of the network operations information is searched in operation information set
Grade, in another feasible realization method, the mapping relationship searching wind based on application risk grade and network operations information
The corresponding intended application risk class of network operations information nearly applied.
Malicious application determination unit 106, for working as the application risk grade more than the second risk level threshold model
When enclosing, the software type for determining the application software is malice risk application software;
Potential application determination unit 107, for working as the application risk grade more than the first risk level threshold scope and
During not less than the second risk level threshold scope, the software type for determining the application software is potential risk application software.
It is understood that setting application risk grade includes three grades, it is respectively safety, potential risk and malice
Risk, corresponding threshold range be no more than the first risk level threshold, more than the first risk level threshold scope and not less than
Second risk level threshold and more than the second risk level threshold scope.
Further, when the definite application software is malice risk application software, the malice risk application software is shown
Risk item details, as shown in Figure 7a, including information such as Apply Names, risk class, risk details and application class.
Further, when the definite application software is potential risk application software, the potential risk application software is shown
Risk item details, as shown in Figure 7b, including information such as Apply Names, risk class, risk details and application class.
Further, described information adjustment unit 104 is specifically used for:
When the software type of the application software is malice risk application software, unloads or isolate the application software,
To interrupt the connection of the application software and the wireless network;
For example, as shown in Figure 7a, by the control in the display interface for the malice loiter network application software for selecting to detect by
Key " unloading " is to unload the malice loiter network application software, so as to interrupt the connection of the malicious application software and wireless network.Together
When, it is also necessary to the network configuration information of wireless network, such as IP address, subnet mask, gateway address, dns server address, net
End message of network verification password, gateway management verification password and connection gateway etc. is adjusted and sets, to prevent having cracked this
The loiter network terminal of the network configuration information of wireless network is again coupled to the wireless network.
It optionally, can be to the terminal iidentification after the network operation state of the terminal iidentification including loiter network terminal is generated
Corresponding loiter network terminal is handled (unknown device in such as Fig. 8), and such as " forbidding networking " manages loiter network risk to be located in time.
When the software type of the application software is potential risk in application, adjusting the network sensitivity power of the application software
Limit.
It is understood that every request is all referred to alternatively as network just when the permission of access right and network authentication information
Sensitive permission, because it is related to individual privacy and information security issue.
For example, as shown in Figure 7b, detect that application software " B applications " for potential loiter network risk application software, passes through selection
Control button " management sensitive permission " in shown interface is to be configured and adjust.It is also desirable to wireless network
Network configuration information, such as IP address, subnet mask, gateway address, dns server address, network verification password, gateway management
End message of verification password and connection gateway etc. is adjusted and sets, to prevent having cracked the network configuration of wireless network letter
The loiter network terminal of breath is again coupled to the wireless network.
Optionally, as shown in figure 12, the equipment 10 further includes:
Information holding unit 108, for obtaining the 3rd risk of malice risk application software application record information, and
3rd risk application record information is preserved into risk application set of records ends.
It is understood that it is understood that the 3rd risk can report risk application software using record
The current geographic position of terminal, using the risk application software age of user layer, be detected as risk application software when used
The relevant informations such as the attribute of network.If risk application set of records ends is stored in local, the application message can be directly stored extremely
In risk set of applications, and it is averaging the local historical risk application record information of scheduling algorithm combination using weighting and is handled,
Server can be directly reported to, is locally stored by being back to after server statistics;If risk application set of records ends is stored in service
The application message is then reported to server by device, so that server carries out big data statistics.
In embodiments of the present invention, the network quality information of the wireless network connected by obtaining terminal determines that this is wireless
The network operation state of network, and the network operation for the application software being installed on based on the acquisition of network operation state in terminal is believed
Breath when network operations information is unsatisfactory for network operation reference information, adjusts the Web vector graphic permission of application software and wireless
The network configuration information of network.It is detected by combining the detection of loiter network terminal and risk application software, and respectively to network configuration
The Web vector graphic permission of information and risk application software is adjusted, and risk application software is fundamentally prevented to match somebody with somebody network
Cracking for confidence breath, solves loiter network risk, reaches the realization of anti-loiter network technology.And it can prevent rubbing in specific opportunity active detecting
Net risk while improving the intelligent and accuracy of anti-loiter network detection, decreases and scans resource in no loiter network risk
Waste.
The embodiment of the present invention additionally provides a kind of computer storage media, and the computer storage media can be stored with more
Item instructs, and described instruction is suitable for being loaded by processor and being performed such as the method and step of above-mentioned Fig. 1-embodiment illustrated in fig. 10, specifically
Implementation procedure may refer to illustrating for Fig. 1-embodiment illustrated in fig. 10, herein without repeating.
Figure 15 is referred to, for an embodiment of the present invention provides a kind of structure diagrams of terminal.As shown in figure 15, the end
End 1000 can include:At least one processor 1001, such as CPU, at least one network interface 1004, user interface 1003,
Memory 1005, at least one communication bus 1002.Wherein, the connection that communication bus 1002 is used to implement between these components is led to
Letter.Wherein, user interface 1003 can include display screen (Display), keyboard (Keyboard), and optional user interface 1003 is also
It can include standard wireline interface and wireless interface.Network interface 1004 can optionally include the wireline interface, wireless of standard
Interface (such as WI-FI interfaces).Memory 1005 can be high-speed RAM memory or non-labile memory (non-
Volatile memory), a for example, at least magnetic disk storage.Memory 1005 optionally can also be at least one and be located at
Storage device away from aforementioned processor 1001.As shown in figure 15, as in a kind of memory 1005 of computer storage media
It can include operating system, network communication module, Subscriber Interface Module SIM and wireless network maintenance applications.
In the terminal 1000 shown in Figure 15, user interface 1003 is mainly used for providing to the user the interface of input, obtains
Data input by user;Network interface 1004 is mainly used for user terminal into row data communication;And processor 1001 can be used
In calling the wireless network maintenance applications that are stored in memory 1005, and specifically perform following operation:
Obtain the network quality information for the wireless network that terminal is connected;
The corresponding network operation state of the wireless network is obtained according to the network quality information;
The network operations information of the application software in the terminal is installed on based on network operation state acquisition;
When the network operations information is unsatisfactory for network operation reference information, according to the software type of the application software
The Web vector graphic permission of the application software is adjusted, and the wireless network is adjusted according to the software type of the application software
Network configuration information.
In one embodiment, the processor 1001 is being performed according to the network quality information acquisition wireless network
It is specific to perform following operation during the corresponding network operation state of network:
When the network quality information is unsatisfactory for quality criteria information, it is whole to obtain loiter network present in the wireless network
The terminal iidentification at end, generation include the network operation state of the terminal iidentification.
In one embodiment, the processor 1001 is being performed according to the network quality information acquisition wireless network
It is specific to perform following operation during the corresponding network operation state of network:
When the network quality information meets quality criteria information, risk application is obtained based on risk application set of records ends
Prompt message, generation include the network operation state of the risk application hint message.
In one embodiment, the processor 1001 obtains risk application based on risk application set of records ends in execution and carries
Show information, it is specific to perform following operation when generation includes the network operation state of the risk application hint message:
The risk application set of records ends obtained in advance from server is parsed, to obtain the terminal category with the terminal
Property information match the first risk application record information;
First risk application hint message is generated based on first risk application record information, it should by first risk
It is added to prompt message in network operation state.
In one embodiment, the processor 1001 obtains risk application based on risk application set of records ends in execution and carries
Show information, it is specific to perform following operation when generation includes the network operation state of the risk application hint message:
The indicating risk inquiry request for the terminal attributive information for carrying the terminal is sent to server, so that the service
Device parses risk application set of records ends and finds the second risk application note to match with the terminal attributive information
When recording information, the second risk application hint message is generated based on second risk application record information and is fed back;
Generation includes the network operation state of the second risk application hint message.
In one embodiment, the processor 1001 perform be installed on based on network operation state acquisition it is described
It is specific to perform following operation during the network operations information of the application software in terminal:
When generation comprising the terminal iidentification the network operation state when or when generation comprising the risk Application Hints believe
During the network operation state of breath, the network operations information of the application software is obtained in operation information set
In one embodiment, the processor 1001 also performs following operation:
Obtain the corresponding application risk grade of the network operations information;
When the application risk grade is more than the first risk level threshold scope and not less than the second risk level threshold model
When enclosing, the software type for determining the application software is potential risk application software;
When the application risk grade is more than the second risk level threshold scope, the soft of the application software is determined
Part type is malice risk application software.
In one embodiment, the processor 1001 is when performing the Web vector graphic permission for adjusting the application software,
It is specific to perform following operation:
When the software type of the application software is malice risk application software, unloads or isolate the application software,
To interrupt the connection of the application software and the wireless network;
When the software type of the application software is potential risk application software, the network for adjusting the application software is quick
Feel permission.
In one embodiment, the processor 1001 also performs following operation:
The 3rd risk application record information of the malice risk application software is obtained, and the 3rd risk application is remembered
Record information is preserved into risk application set of records ends.
In embodiments of the present invention, the network quality information of the wireless network connected by obtaining terminal determines that this is wireless
The network operation state of network, and the network operation for the application software being installed on based on the acquisition of network operation state in terminal is believed
Breath when network operations information is unsatisfactory for network operation reference information, adjusts the Web vector graphic permission of application software and wireless
The network configuration information of network.It is detected by combining the detection of loiter network terminal and risk application software, and respectively to network configuration
The Web vector graphic permission of information and risk application software is adjusted, and risk application software is fundamentally prevented to match somebody with somebody network
Cracking for confidence breath, solves loiter network risk, reaches the realization of anti-loiter network technology.And it can prevent rubbing in specific opportunity active detecting
Net risk while improving the intelligent and accuracy of anti-loiter network detection, decreases and scans resource in no loiter network risk
Waste.
One of ordinary skill in the art will appreciate that realizing all or part of flow in above-described embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the program can be stored in a computer read/write memory medium
In, the program is upon execution, it may include such as the flow of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic
Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access
Memory, RAM) etc..
The above disclosure is only the preferred embodiments of the present invention, cannot limit the right model of the present invention with this certainly
It encloses, therefore equivalent variations made according to the claims of the present invention, it is still within the scope of the present invention.
Claims (15)
1. a kind of wireless network maintaining method, which is characterized in that including:
Obtain the network quality information for the wireless network that terminal is connected;
The corresponding network operation state of the wireless network is obtained according to the network quality information;
The network operations information of the application software in the terminal is installed on based on network operation state acquisition;
When the network operations information is unsatisfactory for network operation reference information, adjusted according to the software type of the application software
The Web vector graphic permission of the application software, and according to the network of the software type of the application software adjustment wireless network
Configuration information.
It is 2. according to the method described in claim 1, it is characterized in that, described described wireless according to network quality information acquisition
The corresponding network operation state of network, including:
When the network quality information is unsatisfactory for quality criteria information, loiter network terminal present in the wireless network is obtained
Terminal iidentification, generation include the network operation state of the terminal iidentification.
It is 3. according to the method described in claim 1, it is characterized in that, described described wireless according to network quality information acquisition
The corresponding network operation state of network, including:
When the network quality information meets quality criteria information, risk Application Hints is obtained based on risk application set of records ends
Information, generation include the network operation state of the risk application hint message.
4. according to the method described in claim 3, it is characterized in that, described obtain risk application based on risk application set of records ends
Prompt message, generation include the network operation state of the risk application hint message, including:
The risk application set of records ends obtained in advance from server is parsed, is believed with obtaining with the terminal attribute of the terminal
The matched first risk application record information of manner of breathing;
First risk application hint message is generated based on first risk application record information, the first risk application is carried
Show that information is added in network operation state.
5. according to the method described in claim 3, it is characterized in that, described obtain risk application based on risk application set of records ends
Prompt message, generation include the network operation state of the risk application hint message, including:
The indicating risk inquiry request for the terminal attributive information for carrying the terminal is sent to server, so that the server pair
Risk application set of records ends is parsed and finds the second risk application record letter to match with the terminal attributive information
During breath, the second risk application hint message is generated based on second risk application record information and is fed back;
Generation includes the network operation state of the second risk application hint message.
6. according to the method in claim 2 or 3, which is characterized in that described that installation is obtained based on the network operation state
In the network operations information of the application software in the terminal, including:
When network operation state of the generation comprising the terminal iidentification or when generation is comprising the risk application hint message
During network operation state, the network operations information of the application software is obtained in operation information set.
7. according to the method described in claim 1, it is characterized in that, the method further includes:
Obtain the corresponding application risk grade of the network operations information;
When the application risk grade is more than the first risk level threshold scope and during not less than the second risk level threshold scope,
The software type for determining the application software is potential risk application software;
When the application risk grade is more than the second risk level threshold scope, the software class of the application software is determined
Type is malice risk application software.
8. the method according to the description of claim 7 is characterized in that described adjust institute according to the software type of the application software
The Web vector graphic permission of application software is stated, including:
When the software type of the application software is malice risk application software, unloads or isolate the application software, in
The application software of breaking and the connection of the wireless network;
When the software type of the application software is potential risk application software, the sensitive power of network of the application software is adjusted
Limit.
9. the method according to the description of claim 7 is characterized in that the method further includes:
The 3rd risk application record information of the malice risk application software is obtained, and the 3rd risk application record is believed
Breath is preserved into risk application set of records ends.
10. a kind of wireless network maintained equipment, which is characterized in that including:
Quality acquiring unit, for obtaining the network quality information for the wireless network that terminal is connected;
State acquiring unit, for obtaining the corresponding network operation state of the wireless network according to the network quality information;
Information acquisition unit, for being installed on the network of the application software in the terminal based on network operation state acquisition
Operation information;
Information adjustment unit, for when the network operations information is unsatisfactory for network operation reference information, according to the application
The software type of software adjusts the Web vector graphic permission of the application software, and is adjusted according to the software type of the application software
The network configuration information of the wireless network.
11. equipment according to claim 10, which is characterized in that the state acquiring unit is specifically used for:
When the network quality information is unsatisfactory for quality criteria information, loiter network terminal present in the wireless network is obtained
Terminal iidentification, generation include the network operation state of the terminal iidentification;
When the network quality information meets quality criteria information, risk Application Hints is obtained based on risk application set of records ends
Information, generation include the network operation state of the risk application hint message.
12. equipment according to claim 11, which is characterized in that the state acquiring unit, including:
Set parsing subelement, for in advance from server obtain risk application set of records ends parse, with obtain and
The first risk application record information that the terminal attributive information of the terminal matches;
State adds subelement, and the first risk application hint message is generated for being based on the first risk application record information,
The first risk application hint message is added in network operation state.
13. equipment according to claim 11, which is characterized in that the state acquiring unit, including:
Transmission sub-unit is asked, for sending the indicating risk inquiry request for carrying current terminal attributive information to server,
So that the server risk application set of records ends is parsed and find match with the terminal attributive information
During two risks application record information, the second risk application hint message and anti-is generated based on second risk application record information
Feedback;
State generates subelement, for generating the network operation state for including the second risk application hint message.
14. a kind of computer storage media, which is characterized in that the computer storage media is stored with a plurality of instruction, the finger
Order is suitable for being loaded by processor and being performed such as the method and step of claim 1~9 any one.
15. a kind of terminal, which is characterized in that including:Processor and memory;Wherein, the memory storage has computer journey
Sequence, the computer program are suitable for being loaded by the processor and performing following steps:
Obtain the network quality information for the wireless network that terminal is connected;
The corresponding network operation state of the wireless network is obtained according to the network quality information;
The Web vector graphic data of the application software in the terminal are installed on based on network operation state acquisition;
When the Web vector graphic data be more than Web vector graphic threshold range when, adjust the Web vector graphic permission of the application software with
And the network configuration information of the wireless network.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711330383.9A CN108092970B (en) | 2017-12-13 | 2017-12-13 | Wireless network maintenance method and equipment, storage medium and terminal thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711330383.9A CN108092970B (en) | 2017-12-13 | 2017-12-13 | Wireless network maintenance method and equipment, storage medium and terminal thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108092970A true CN108092970A (en) | 2018-05-29 |
CN108092970B CN108092970B (en) | 2021-01-15 |
Family
ID=62175284
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711330383.9A Active CN108092970B (en) | 2017-12-13 | 2017-12-13 | Wireless network maintenance method and equipment, storage medium and terminal thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108092970B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110213281A (en) * | 2019-06-10 | 2019-09-06 | 昆山顶象数据科技有限公司 | Safety protecting method and device |
CN110493786A (en) * | 2019-10-15 | 2019-11-22 | 北京翼辉信息技术有限公司 | The method, apparatus and storage medium of a kind of electronic equipment intelligent link network |
CN112822681A (en) * | 2019-10-29 | 2021-05-18 | 中移物联网有限公司 | Network security detection method and device, floor sweeping robot and gateway |
CN112995156A (en) * | 2021-02-09 | 2021-06-18 | 江苏信息职业技术学院 | Wireless network security detection device and method |
CN114465789A (en) * | 2022-01-21 | 2022-05-10 | 成都全景智能科技有限公司 | Analysis method, device and equipment for network rubbing equipment and storage medium |
CN114679738A (en) * | 2022-03-24 | 2022-06-28 | 杨志 | Network communication signal abnormity diagnosis and analysis method, equipment and storage medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102318314A (en) * | 2011-07-29 | 2012-01-11 | 华为技术有限公司 | Method and devices for handling access authorities |
CN103813368A (en) * | 2012-11-12 | 2014-05-21 | 中国移动通信集团公司 | Method, device and system for monitoring network running states |
CN104038929A (en) * | 2014-05-09 | 2014-09-10 | 宇龙计算机通信科技(深圳)有限公司 | Network access anomaly identification method and network access anomaly identification device |
CN105163335A (en) * | 2015-07-31 | 2015-12-16 | 腾讯科技(深圳)有限公司 | Network access management method, network access server, mobile terminal and network access management system |
US20170034758A1 (en) * | 2013-08-12 | 2017-02-02 | Telefonaktiebolaget Lm Ericsson (Publ) | Handover Improvement for High Speed User Equipment in LTE |
CN106412901A (en) * | 2016-10-28 | 2017-02-15 | 上海斐讯数据通信技术有限公司 | Network-loitering prevention wireless routing method and system |
CN107094088A (en) * | 2016-11-10 | 2017-08-25 | 腾讯科技(深圳)有限公司 | A kind of loiter network device identification method, device and system |
CN107182094A (en) * | 2017-06-01 | 2017-09-19 | 深圳天珑无线科技有限公司 | Wireless network connecting method, terminal and storage medium |
-
2017
- 2017-12-13 CN CN201711330383.9A patent/CN108092970B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102318314A (en) * | 2011-07-29 | 2012-01-11 | 华为技术有限公司 | Method and devices for handling access authorities |
CN103813368A (en) * | 2012-11-12 | 2014-05-21 | 中国移动通信集团公司 | Method, device and system for monitoring network running states |
US20170034758A1 (en) * | 2013-08-12 | 2017-02-02 | Telefonaktiebolaget Lm Ericsson (Publ) | Handover Improvement for High Speed User Equipment in LTE |
CN104038929A (en) * | 2014-05-09 | 2014-09-10 | 宇龙计算机通信科技(深圳)有限公司 | Network access anomaly identification method and network access anomaly identification device |
CN105163335A (en) * | 2015-07-31 | 2015-12-16 | 腾讯科技(深圳)有限公司 | Network access management method, network access server, mobile terminal and network access management system |
CN106412901A (en) * | 2016-10-28 | 2017-02-15 | 上海斐讯数据通信技术有限公司 | Network-loitering prevention wireless routing method and system |
CN107094088A (en) * | 2016-11-10 | 2017-08-25 | 腾讯科技(深圳)有限公司 | A kind of loiter network device identification method, device and system |
CN107182094A (en) * | 2017-06-01 | 2017-09-19 | 深圳天珑无线科技有限公司 | Wireless network connecting method, terminal and storage medium |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110213281A (en) * | 2019-06-10 | 2019-09-06 | 昆山顶象数据科技有限公司 | Safety protecting method and device |
CN110493786A (en) * | 2019-10-15 | 2019-11-22 | 北京翼辉信息技术有限公司 | The method, apparatus and storage medium of a kind of electronic equipment intelligent link network |
CN112822681A (en) * | 2019-10-29 | 2021-05-18 | 中移物联网有限公司 | Network security detection method and device, floor sweeping robot and gateway |
CN112995156A (en) * | 2021-02-09 | 2021-06-18 | 江苏信息职业技术学院 | Wireless network security detection device and method |
CN112995156B (en) * | 2021-02-09 | 2023-05-26 | 江苏信息职业技术学院 | Wireless network security detection device and method |
CN114465789A (en) * | 2022-01-21 | 2022-05-10 | 成都全景智能科技有限公司 | Analysis method, device and equipment for network rubbing equipment and storage medium |
CN114679738A (en) * | 2022-03-24 | 2022-06-28 | 杨志 | Network communication signal abnormity diagnosis and analysis method, equipment and storage medium |
CN114679738B (en) * | 2022-03-24 | 2023-01-24 | 中咨数据有限公司 | Network communication signal abnormity diagnosis and analysis method, equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN108092970B (en) | 2021-01-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108092970A (en) | A kind of wireless network maintaining method and its equipment, storage medium, terminal | |
US9990507B2 (en) | Adapting decoy data present in a network | |
US10158670B1 (en) | Automatic privilege determination | |
US7788366B2 (en) | Centralized network control | |
EP2723034A1 (en) | System for Detection of Mobile Applications Network Behavior - Netwise | |
CN111274583A (en) | Big data computer network safety protection device and control method thereof | |
US20160021111A1 (en) | Method, Terminal Device, and Network Device for Improving Information Security | |
CN103607385A (en) | Method and apparatus for security detection based on browser | |
US10965680B2 (en) | Authority management method and device in distributed environment, and server | |
US20080141369A1 (en) | Method, Device and Program for Detecting Address Spoofing in a Wireless Network | |
CN110399748A (en) | A kind of screenshot method and device based on image recognition | |
US20100223668A1 (en) | Apparatus and method for managing terminal users | |
CN114124476B (en) | Sensitive information leakage vulnerability detection method, system and device for Web application | |
CN107124420A (en) | Auth method and device | |
CN113614718A (en) | Abnormal user session detector | |
CN104639387A (en) | Users' network behavior tracking method and equipment | |
CN112307441A (en) | Computer software protection system | |
CN110958236A (en) | Dynamic authorization method of operation and maintenance auditing system based on risk factor insight | |
CN106254375B (en) | A kind of recognition methods of hotspot equipment and device | |
CN114257451B (en) | Verification interface replacement method and device, storage medium and computer equipment | |
US20210209067A1 (en) | Network activity identification and characterization based on characteristic active directory (ad) event segments | |
CN104994078B (en) | Information transmission, acquisition methods and device, information processing system in local area network | |
CN111259383A (en) | Safety management center system | |
US11843946B2 (en) | Device-specific wireless access point password authentication | |
CN113347209B (en) | Service behavior analysis method, system, equipment and storage medium based on state machine |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |