CN108133137A - Interface safety detection method and device in intelligent terminal - Google Patents
Interface safety detection method and device in intelligent terminal Download PDFInfo
- Publication number
- CN108133137A CN108133137A CN201711328162.8A CN201711328162A CN108133137A CN 108133137 A CN108133137 A CN 108133137A CN 201711328162 A CN201711328162 A CN 201711328162A CN 108133137 A CN108133137 A CN 108133137A
- Authority
- CN
- China
- Prior art keywords
- interface
- focus
- specified
- intelligent terminal
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer And Data Communications (AREA)
- User Interface Of Digital Computer (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses the interface safety detection method and device in intelligent terminal, the method includes:After application on intelligent terminal starts, the focus information at the specified interface of the application is obtained;Judge whether the specified interface loses focus event according to the focus information;When losing focus event at the specified interface, the characteristic information at intelligent terminal top layer interface is obtained;Judge whether the top layer interface is safe according to the characteristic information.The technical solution fast can accurately know the opportunity for needing to carry out interface safety detection, and correctly judge whether the interface currently shown is the legal interface jumped to using needs, user is avoided to lead to information leakage in unsafe interface input sensitive information or even make intelligent terminal by malicious sabotage, poisoning etc..
Description
Technical field
The present invention relates to computer security technique fields, and in particular to interface safety detection method in intelligent terminal and
Device.
Background technology
Login function is the basic function of most of applications, and user is stepped on by can be completed in the application into login interface
Record, but since login interface is typically to click the separate interface jumped to after login button, it can be by Malware
Attack, for example, user click login button after, Malware generate one with real login interface seem complete one
The false login interface of cause if user inputs account information in the falseness login interface, can be got by Malware, lead
Cause information leakage.Be not limited only to log in scene, payment etc. need input information scene all there are similar problems.
Invention content
In view of the above problems, it is proposed that the present invention overcomes the above problem in order to provide one kind or solves at least partly
State interface safety detection method and the device in the intelligent terminal of problem.
One side according to the present invention provides the interface safety detection method in a kind of intelligent terminal, including:
After application on intelligent terminal starts, the focus information at the specified interface of the application is obtained;
Judge whether the specified interface loses focus event according to the focus information;
When losing focus event at the specified interface, the feature letter at intelligent terminal top layer interface is obtained
Breath;
Judge whether the top layer interface is safe according to the characteristic information.
Optionally, the focus information at the specified interface for obtaining the application includes:
The attribute information of the focus method of Activity components corresponding with the specified interface is monitored, wherein, the coke
Point methods are inherited from onWindowFocusChanged () method of system.
Optionally, this method further includes:
When the application starts, registration one is used to obtain the auxiliary of the characteristic information at intelligent terminal top layer interface
Class is helped, the characteristic information got is stored in specified class by the assisted class;
It is described when losing focus event at the specified interface, obtain the feature at intelligent terminal top layer interface
Information includes:When losing focus event at the specified interface, newest characteristic information is read from the specified class.
Optionally, the specified class is WindowInfo classes.
Optionally, the characteristic information is packet name, described whether to judge the top layer interface according to the characteristic information
Safety includes:
Judge whether the packet name applied described in the Bao Mingyu got is consistent, and the top layer interface is judged if inconsistent
It is dangerous.
Optionally, this method further includes:
Whitelist file is preset in the application, and the Activity components at the specified interface read institute when being created
State whitelist file;
It is described to judge whether the top layer interface further includes safely according to the characteristic information:If the packet name got exists
In the whitelist file, then judge the top layer interface for safety.
Optionally, when the Activity components at the specified interface are created the whitelist file is read to include:
The creation method reading whitelist file of Activity components corresponding with the specified interface is called,
In, the creation method is inherited from onCreate () method of system.
Another aspect according to the present invention provides the interface safety detection device in a kind of intelligent terminal, including:
Focus information acquiring unit after starting suitable for the application on intelligent terminal, obtains the specified interface of the application
Focus information;
First judging unit, suitable for judging whether the specified interface loses focus thing according to the focus information
Part;
Characteristic acquisition unit during suitable for losing focus event at the specified interface, obtains the intelligence eventually
Hold the characteristic information at top layer interface;
Second judgment unit, suitable for judging whether the top layer interface is safe according to the characteristic information.
Optionally, the focus information acquiring unit is adapted for listening for Activity components corresponding with the specified interface
Focus method attribute information, wherein, the focus method be inherited from system onWindowFocusChanged () side
Method.
Optionally, the characteristic acquisition unit, suitable for when the application starts, registration one is described for obtaining
The characteristic information got is stored in specified class by the assisted class of the characteristic information at intelligent terminal top layer interface, the assisted class
In, when losing focus event at the specified interface, newest characteristic information is read from the specified class.
Optionally, the specified class is WindowInfo classes.
Optionally, the characteristic information is packet name, the second judgment unit, suitable for judging described in the Bao Mingyu that gets
Whether the packet name of application is consistent, judges the top layer interface to be dangerous if inconsistent.
Optionally, the second judgment unit, suitable for presetting whitelist file in the application, at the specified interface
Activity components read the whitelist file when being created, if the packet name got in the whitelist file,
Judge the top layer interface for safety.
Optionally, the second judgment unit, suitable for calling the wound of Activity components corresponding with the specified interface
Construction method reads the whitelist file, wherein, the creation method is inherited from onCreate () method of system.
Another aspect according to the present invention, provides a kind of computer readable storage medium, wherein, it is described computer-readable
The one or more programs of storage medium storage, one or more of programs when being executed by a processor, are realized as any of the above-described
Method described in.
It can be seen from the above, technical scheme of the present invention, the application on intelligent terminal is obtained to refer in application after starting and be delimited
The focus information in face judges whether specified interface loses focus accordingly, obtains intelligent terminal top layer interface when losing focus
Characteristic information come judge top layer interface whether safety.The technical solution, which fast can accurately be known, to be needed to carry out interface peace
The opportunity that full inspection is surveyed, and correctly judge whether the interface currently shown is the legal interface jumped to using needs, avoid user
At unsafe interface, input sensitive information leads to information leakage or even makes intelligent terminal by malicious sabotage, poisoning etc..
Above description is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, below the special specific embodiment for lifting the present invention.
Description of the drawings
By reading the detailed description of hereafter preferred embodiment, it is various other the advantages of and benefit it is common for this field
Technical staff will become clear.Attached drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention
Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows the stream of the interface safety detection method in a kind of intelligent terminal according to an embodiment of the invention
Journey schematic diagram;
Fig. 2 shows the knots of the interface safety detection device in a kind of intelligent terminal according to an embodiment of the invention
Structure schematic diagram;
Fig. 3 shows a kind of structure diagram of computer readable storage medium according to an embodiment of the invention.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although the disclosure is shown in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
Completely it is communicated to those skilled in the art.
Fig. 1 shows the stream of the interface safety detection method in a kind of intelligent terminal according to an embodiment of the invention
Journey schematic diagram, as shown in Figure 1, this method includes:
Step S110 after the application on intelligent terminal starts, obtains the focus information at the specified interface of application.
Wherein, specified interface can be the interface for needing to jump to login interface, payment interface, control interface etc., refer to
Can there are the corresponding control that triggering redirects, such as login button, payment button etc. on demarcation face.
Step S120 judges whether specified interface loses focus event according to focus information.
It is no longer the interface that user is immediately seen to lose focus and be meant to refer to demarcation face, and certain user may also see that this refers to
The part in demarcation face, such as pop up one on former interface and be not take up full frame dialog box (dialog box is also the one kind at interface
Form) when, former interface can lose focus, and dialog box can obtain focus.Under the scene redirected, former interface can lose focus, jump
New interface after turning can obtain focus.Therefore, it gets when losing focus event, it is meant that user sees on intelligent terminal
Be another interface.
Step S130 when losing focus event at specified interface, obtains the feature letter at intelligent terminal top layer interface
Breath.
Step S140 judges whether top layer interface is safe according to characteristic information.
As it can be seen that method shown in FIG. 1, the application on intelligent terminal obtains the focus letter for referring to demarcation face in application after starting
Breath judges whether specified interface loses focus accordingly, and the characteristic information at intelligent terminal top layer interface is obtained when losing focus
To judge whether top layer interface is safe.The technical solution fast can accurately know need carry out interface safety detection when
Machine, and correctly judge whether the interface currently shown is the legal interface jumped to using needs, user is avoided unsafe
Interface input sensitive information leads to information leakage or even makes intelligent terminal by malicious sabotage, poisoning etc..
In one embodiment of the invention, in the above method, the focus information for obtaining the specified interface of application includes:Prison
The attribute information of the focus method of Activity components corresponding with specified interface is listened, wherein, focus method is inherited from system
OnWindowFocusChanged () method.
In the present embodiment, it needs in advance to be written over the focus method of Activity components corresponding in application, because
If focus method is inherited from onWindowFocusChanged () method of system, only Activity components oneself completely
Know that it loses focus or obtains focus, it is not easy to be directly obtained such information.It, can be straight in specific implementation
Rewriting onWindowFocusChanged () method in Activity components is connected on, attribute information, Huo Zheshe can be provided
Put one it is intermediate, this it is intermediate it is middle rewriting onWindowFocusChanged () method, make Activity components inherit should
It is intermediate.Such benefit be can by the intermediate developer for being realized with a general SDK, being supplied to multiple applications,
Developers of these applications do not need to rewrite method and only need to change the inheritance of class, reduce the workload of exploitation.
In this way, when specified interface loses focus or obtains focus, the focus method of Activity components can be
Unite the parameter returned, such as true or false, and getting false can then determine that Activity components lose focus.
In one embodiment of the invention, the above method further includes:When application starts, registration one is used to obtain intelligence
The characteristic information got is stored in specified class by the assisted class of the characteristic information at energy terminal top layer interface, assisted class;
When specified interface loses focus event, the characteristic information for obtaining intelligent terminal top layer interface includes:It is sent out at specified interface
When life loses focus event, newest characteristic information is read from specified class.
For example, an AccessibilityService class is registered, AccessibilityService classes is allowed to monitor
The variation at interface on current intelligent terminal, when allowing the interface to change, system is notified that AccessibilityService classes, and
The method onAccessibilityEvent of AccessibilityService classes is adjusted back, in method
The acquisition of the characteristic information to present uppermost interface can be completed in onAccessibilityEvent, and be stored in another
Inside class members's variable of class, in one embodiment of the invention, such (specified class namely above) can be
WindowInfo classes.
In one embodiment of the invention, in the above method, characteristic information is packet name, is judged according to characteristic information most upper
Whether bed boundary includes safely:Judge whether the packet name of the Bao Mingyu got applications is consistent, and top layer is judged if inconsistent
Interface is dangerous.
For example, jumping to B interfaces from A interfaces using a, showing as Activity A in bottom loses focus, Activity
B obtains focus, at this moment obtains the packet name of Activity B, judges whether the packet name of its Bao Mingyu application a is consistent, if inconsistent,
It is not the interface of the application then to think interface that intelligent terminal is currently presented, judges top layer interface to be dangerous.
Such judgment mode, can in some scenarios there may be payment purchase stage property in wrong report, such as game application
It can need to jump to the payment interface that payment is applied, in another example using the certain addresses of the browser access needed in opening system,
In this case the packet name got is necessarily inconsistent with the packet name of application, but the application corresponding to these new interfaces is simultaneously
It is not malicious application.Therefore, in one embodiment of the invention, the above method further includes:White list text is preset in the application
Part, the Activity components at specified interface read whitelist file when being created;Top layer interface is judged according to characteristic information
Whether safety further includes:If the packet name got in whitelist file, judges top layer interface for safety.Whitelist file
In can store the packet names of some known security applications, such as browser, the application of payment class, system main interface etc..
In one embodiment of the invention, in the above method, the Activity components at specified interface are read when being created
Whitelist file is taken to include:The creation method of Activity components corresponding with specified interface is called to read whitelist file,
In, creation method is inherited from onCreate () method of system.
In general, onCreate methods are called earlier than onWindowFocusChanged methods, using this feature, first read
Whitelist file is got, it can be to avoid in subsequent deterministic process.
Fig. 2 shows the knots of the interface safety detection device in a kind of intelligent terminal according to an embodiment of the invention
Structure schematic diagram, as shown in Fig. 2, the interface safety detection device 200 in intelligent terminal includes:
Focus information acquiring unit 210 after starting suitable for the application on intelligent terminal, obtains the specified interface of application
Focus information.
Wherein, specified interface can be the interface for needing to jump to login interface, payment interface, control interface etc., refer to
Can there are the corresponding control that triggering redirects, such as login button, payment button etc. on demarcation face.
First judging unit 220, suitable for judging whether specified interface loses focus event according to focus information.
It is no longer the interface that user is immediately seen to lose focus and be meant to refer to demarcation face, and certain user may also see that this refers to
The part in demarcation face, such as pop up one on former interface and be not take up full frame dialog box (dialog box is also the one kind at interface
Form) when, former interface can lose focus, and dialog box can obtain focus.Under the scene redirected, former interface can lose focus, jump
New interface after turning can obtain focus.Therefore, it gets when losing focus event, it is meant that user sees on intelligent terminal
Be another interface.
During suitable for losing focus event at specified interface, it is most upper to obtain intelligent terminal for characteristic acquisition unit 230
The characteristic information of bed boundary.
Second judgment unit 240, suitable for judging whether top layer interface is safe according to characteristic information.
As it can be seen that device shown in Fig. 2, by the mutual cooperation of each unit, the application on intelligent terminal obtains after starting
The focus information in face is delimited using middle finger, judges whether specified interface loses focus accordingly, obtains intelligence eventually when losing focus
The characteristic information at top layer interface is held to judge whether top layer interface is safe.The technical solution, which fast can accurately be known, to be needed
It carries out the opportunity of interface safety detection, and correctly judges whether the interface currently shown is the legal boundary jumped to using needs
Face, avoid user unsafe interface input sensitive information lead to information leakage in addition make intelligent terminal by malicious sabotage, in
Poison etc..
In one embodiment of the invention, in above device, focus information acquiring unit 210 is adapted for listening for and specifies
The attribute information of the focus method of the corresponding Activity components in interface, wherein, focus method is inherited from system
OnWindowFocusChanged () method.
In one embodiment of the invention, in above device, characteristic acquisition unit 230, suitable for starting in application
When, the assisted class of one characteristic information for being used to obtain intelligent terminal top layer interface of registration, the feature that assisted class will be got
Information is stored in specified class, and when losing focus event at specified interface, newest characteristic information is read from specified class.
In one embodiment of the invention, in above device, it is WindowInfo classes to specify class.
In one embodiment of the invention, in above device, characteristic information is packet name, and second judgment unit 220 is suitable for
Judge whether the packet name of the Bao Mingyu got applications is consistent, judges top layer interface to be dangerous if inconsistent.
In one embodiment of the invention, in above device, second judgment unit 220 is white suitable for presetting in the application
Name monofile, the Activity components at specified interface read whitelist file when being created, if the packet name got is in white name
In monofile, then judge top layer interface for safety.
In one embodiment of the invention, in above device, second judgment unit 220, suitable for calling and specified interface
The creation method of corresponding Activity components reads whitelist file, wherein, creation method is inherited from the onCreate of system
() method.
It should be noted that the specific embodiment of above-mentioned each device embodiment is referred to aforementioned corresponding method embodiment
Specific embodiment carry out, details are not described herein.
In conclusion technical scheme of the present invention, the application on intelligent terminal obtains after starting refers to demarcation face in application
Focus information, judge whether specified interface loses focus accordingly, obtain intelligent terminal top layer interface when losing focus
Characteristic information come judge top layer interface whether safety.The technical solution, which fast can accurately be known, to be needed to carry out interface safety
The opportunity of detection, and correctly judge whether the interface currently shown is the legal interface jumped to using needs, user is avoided to exist
Unsafe interface input sensitive information leads to information leakage or even makes intelligent terminal by malicious sabotage, poisoning etc..
It should be noted that:
Algorithm and display be not inherently related to any certain computer, virtual bench or miscellaneous equipment provided herein.
Various fexible units can also be used together with teaching based on this.As described above, required by constructing this kind of device
Structure be obvious.In addition, the present invention is not also directed to any certain programmed language.It should be understood that it can utilize various
Programming language realizes the content of invention described herein, and the description done above to language-specific is to disclose this hair
Bright preferred forms.
In the specification provided in this place, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention
Example can be put into practice without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of each inventive aspect,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
Shield the present invention claims the more features of feature than being expressly recited in each claim.More precisely, as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim is in itself
Separate embodiments all as the present invention.
Those skilled in the art, which are appreciated that, to carry out adaptively the module in the equipment in embodiment
Change and they are arranged in one or more equipment different from the embodiment.It can be the module or list in embodiment
Member or component be combined into a module or unit or component and can be divided into addition multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it may be used any
Combination is disclosed to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so to appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Profit requirement, abstract and attached drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
One of meaning mode can use in any combination.
The all parts embodiment of the present invention can be with hardware realization or to be run on one or more processor
Software module realize or realized with combination thereof.It will be understood by those of skill in the art that it can use in practice
Microprocessor or digital signal processor (DSP) realize the interface safety in intelligent terminal according to embodiments of the present invention
The some or all functions of some or all components in detection device.The present invention is also implemented as performing here
The some or all equipment or program of device of described method are (for example, computer program and computer program production
Product).Such program for realizing the present invention can may be stored on the computer-readable medium or can have one or more
The form of signal.Such signal can be downloaded from internet website to be obtained either providing or to appoint on carrier signal
What other forms provides.
Fig. 3 shows a kind of structure diagram of computer readable storage medium according to an embodiment of the invention.It should
Computer readable storage medium 300 is stored with the computer readable program code for performing steps of a method in accordance with the invention
310, such as the program code that can be read by the processor of electronic equipment, when these program codes are run by electronic equipment,
The electronic equipment is caused to perform each step in method described above.Program code can be pressed in a suitable form
Contracting.
It should be noted that the present invention will be described rather than limits the invention, and ability for above-described embodiment
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference mark between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any sequence.These words can be explained and run after fame
Claim.
Embodiment of the invention discloses that the interface safety detection method in A1, a kind of intelligent terminal, including:
After application on intelligent terminal starts, the focus information at the specified interface of the application is obtained;
Judge whether the specified interface loses focus event according to the focus information;
When losing focus event at the specified interface, the feature letter at intelligent terminal top layer interface is obtained
Breath;
Judge whether the top layer interface is safe according to the characteristic information.
A2, the method as described in A1, wherein, the focus information at the specified interface for obtaining the application includes:
The attribute information of the focus method of Activity components corresponding with the specified interface is monitored, wherein, the coke
Point methods are inherited from onWindowFocusChanged () method of system.
A3, the method as described in A1, wherein, this method further includes:
When the application starts, registration one is used to obtain the auxiliary of the characteristic information at intelligent terminal top layer interface
Class is helped, the characteristic information got is stored in specified class by the assisted class;
It is described when losing focus event at the specified interface, obtain the feature at intelligent terminal top layer interface
Information includes:When losing focus event at the specified interface, newest characteristic information is read from the specified class.
A4, the method as described in A3, wherein, the specified class is WindowInfo classes.
A5, the method as described in A1, wherein, the characteristic information is packet name, described to judge institute according to the characteristic information
State whether top layer interface includes safely:
Judge whether the packet name applied described in the Bao Mingyu got is consistent, and the top layer interface is judged if inconsistent
It is dangerous.
A6, the method as described in A5, wherein, this method further includes:
Whitelist file is preset in the application, and the Activity components at the specified interface read institute when being created
State whitelist file;
It is described to judge whether the top layer interface further includes safely according to the characteristic information:If the packet name got exists
In the whitelist file, then judge the top layer interface for safety.
A7, the method as described in A6, wherein, the Activity components at the specified interface read described white when being created
Name monofile includes:
The creation method reading whitelist file of Activity components corresponding with the specified interface is called,
In, the creation method is inherited from onCreate () method of system.
The embodiment of the present invention also discloses the interface safety detection device in B8, a kind of intelligent terminal, including:
Focus information acquiring unit after starting suitable for the application on intelligent terminal, obtains the specified interface of the application
Focus information;
First judging unit, suitable for judging whether the specified interface loses focus thing according to the focus information
Part;
Characteristic acquisition unit during suitable for losing focus event at the specified interface, obtains the intelligence eventually
Hold the characteristic information at top layer interface;
Second judgment unit, suitable for judging whether the top layer interface is safe according to the characteristic information.
B9, the device as described in B8, wherein,
The focus information acquiring unit is adapted for listening for the focus side of Activity components corresponding with the specified interface
The attribute information of method, wherein, the focus method is inherited from onWindowFocusChanged () method of system.
B10, the device as described in B9, wherein,
The characteristic acquisition unit, suitable for when the application starts, registration one is whole for obtaining the intelligence
The assisted class of the characteristic information at top layer interface is held, the characteristic information got is stored in specified class by the assisted class,
When the specified interface loses focus event, newest characteristic information is read from the specified class.
B11, the device as described in B10, wherein, the specified class is WindowInfo classes.
B12, the device as described in B9, wherein, the characteristic information be packet name, the second judgment unit, suitable for judge
Whether the packet name applied described in the Bao Mingyu got is consistent, judges the top layer interface to be dangerous if inconsistent.
B13, the device as described in B12, wherein,
The second judgment unit, suitable for presetting whitelist file in the application, at the specified interface
Activity components read the whitelist file when being created, if the packet name got is sentenced in the whitelist file
The top layer interface break as safety.
B14, the device as described in B13, wherein,
The second judgment unit, suitable for calling the creation method reading of Activity components corresponding with the specified interface
The whitelist file is taken, wherein, the creation method is inherited from onCreate () method of system.
The embodiment of the present invention also discloses C15, a kind of computer readable storage medium, wherein, it is described computer-readable
The one or more programs of storage medium storage, one or more of programs when being executed by a processor, are realized as appointed in A1-A7
Method described in one.
Claims (10)
1. the interface safety detection method in a kind of intelligent terminal, including:
After application on intelligent terminal starts, the focus information at the specified interface of the application is obtained;
Judge whether the specified interface loses focus event according to the focus information;
When losing focus event at the specified interface, the characteristic information at intelligent terminal top layer interface is obtained;
Judge whether the top layer interface is safe according to the characteristic information.
2. the method for claim 1, wherein the focus information at the specified interface for obtaining the application includes:
The attribute information of the focus method of Activity components corresponding with the specified interface is monitored, wherein, the focus side
Method is inherited from onWindowFocusChanged () method of system.
3. the method for claim 1, wherein this method further includes:
When the application starts, the auxiliary of one characteristic information for being used to obtain intelligent terminal top layer interface of registration
The characteristic information got is stored in specified class by class, the assisted class;
It is described when losing focus event at the specified interface, obtain the characteristic information at intelligent terminal top layer interface
Including:When losing focus event at the specified interface, newest characteristic information is read from the specified class.
4. method as claimed in claim 3, wherein, the specified class is WindowInfo classes.
5. the method for claim 1, wherein the characteristic information is packet name, described to be judged according to the characteristic information
Whether the top layer interface includes safely:
Judge whether the packet name applied described in the Bao Mingyu got is consistent, judges the top layer interface for not if inconsistent
Safety.
6. method as claimed in claim 5, wherein, this method further includes:
Whitelist file is preset in the application, and the Activity components at the specified interface read described white when being created
Name monofile;
It is described to judge whether the top layer interface further includes safely according to the characteristic information:If the packet name got is described
In whitelist file, then judge the top layer interface for safety.
7. method as claimed in claim 6, wherein, when the Activity components at the specified interface are created read described in
Whitelist file includes:
The creation method reading whitelist file of Activity components corresponding with the specified interface is called, wherein, institute
State onCreate () method that creation method is inherited from system.
8. the interface safety detection device in a kind of intelligent terminal, including:
Focus information acquiring unit after starting suitable for the application on intelligent terminal, obtains the coke at the specified interface of the application
Point information;
First judging unit, suitable for judging whether the specified interface loses focus event according to the focus information;
Characteristic acquisition unit during suitable for losing focus event at the specified interface, obtains the intelligent terminal most
The characteristic information of upper interface;
Second judgment unit, suitable for judging whether the top layer interface is safe according to the characteristic information.
9. device as claimed in claim 8, wherein,
The focus information acquiring unit is adapted for listening for the focus method of Activity components corresponding with the specified interface
Attribute information, wherein, the focus method is inherited from onWindowFocusChanged () method of system.
10. a kind of computer readable storage medium, wherein, the computer-readable recording medium storage one or more program,
One or more of programs when being executed by a processor, realize the method as described in any one of claim 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711328162.8A CN108133137B (en) | 2017-12-13 | 2017-12-13 | Interface security detection method and device in intelligent terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711328162.8A CN108133137B (en) | 2017-12-13 | 2017-12-13 | Interface security detection method and device in intelligent terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108133137A true CN108133137A (en) | 2018-06-08 |
| CN108133137B CN108133137B (en) | 2021-11-23 |
Family
ID=62389483
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711328162.8A Active CN108133137B (en) | 2017-12-13 | 2017-12-13 | Interface security detection method and device in intelligent terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108133137B (en) |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763428A (en) * | 2013-12-12 | 2014-04-30 | 北京宝利明威软件技术有限公司 | Application management system and application management method on mobile terminal |
| CN104123498A (en) * | 2014-07-18 | 2014-10-29 | 广州金山网络科技有限公司 | Method and device for determining safety of Activity of Android system |
| CN104182687A (en) * | 2014-08-01 | 2014-12-03 | 北京奇虎科技有限公司 | Security detecting method and security detecting device for mobile terminal input window |
| CN104346560A (en) * | 2014-06-25 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Security authentication method and security authentication device |
| CN105844470A (en) * | 2016-03-31 | 2016-08-10 | 北京小米移动软件有限公司 | Payment method and device |
| CN105867919A (en) * | 2016-03-28 | 2016-08-17 | 浙江大学 | Front end data bidirectional binding realization method based on accessor hijack |
| CN105992066A (en) * | 2015-02-13 | 2016-10-05 | Tcl集团股份有限公司 | Character input method and character input device applied to intelligent device |
| CN106022114A (en) * | 2016-05-09 | 2016-10-12 | 北京小米移动软件有限公司 | A display method and device for an application lock unlocking interface |
| WO2016197710A1 (en) * | 2015-11-27 | 2016-12-15 | 中兴通讯股份有限公司 | Method and device for identifying fake software interface for mobile terminal |
| CN106485170A (en) * | 2015-09-02 | 2017-03-08 | 阿里巴巴集团控股有限公司 | A kind of data inputting method and device |
| CN106682517A (en) * | 2017-01-16 | 2017-05-17 | 西安电子科技大学 | Method for Activity inference during Android application running |
| CN107037945A (en) * | 2016-02-04 | 2017-08-11 | 阿里巴巴集团控股有限公司 | A kind of focus processing method, device and intelligent terminal |
| CN107239311A (en) * | 2017-06-08 | 2017-10-10 | 迈普通信技术股份有限公司 | Using deployment method and device |
-
2017
- 2017-12-13 CN CN201711328162.8A patent/CN108133137B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763428A (en) * | 2013-12-12 | 2014-04-30 | 北京宝利明威软件技术有限公司 | Application management system and application management method on mobile terminal |
| CN104346560A (en) * | 2014-06-25 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Security authentication method and security authentication device |
| CN104123498A (en) * | 2014-07-18 | 2014-10-29 | 广州金山网络科技有限公司 | Method and device for determining safety of Activity of Android system |
| CN104182687A (en) * | 2014-08-01 | 2014-12-03 | 北京奇虎科技有限公司 | Security detecting method and security detecting device for mobile terminal input window |
| CN105992066A (en) * | 2015-02-13 | 2016-10-05 | Tcl集团股份有限公司 | Character input method and character input device applied to intelligent device |
| CN106485170A (en) * | 2015-09-02 | 2017-03-08 | 阿里巴巴集团控股有限公司 | A kind of data inputting method and device |
| WO2016197710A1 (en) * | 2015-11-27 | 2016-12-15 | 中兴通讯股份有限公司 | Method and device for identifying fake software interface for mobile terminal |
| CN107037945A (en) * | 2016-02-04 | 2017-08-11 | 阿里巴巴集团控股有限公司 | A kind of focus processing method, device and intelligent terminal |
| CN105867919A (en) * | 2016-03-28 | 2016-08-17 | 浙江大学 | Front end data bidirectional binding realization method based on accessor hijack |
| CN105844470A (en) * | 2016-03-31 | 2016-08-10 | 北京小米移动软件有限公司 | Payment method and device |
| CN106022114A (en) * | 2016-05-09 | 2016-10-12 | 北京小米移动软件有限公司 | A display method and device for an application lock unlocking interface |
| CN106682517A (en) * | 2017-01-16 | 2017-05-17 | 西安电子科技大学 | Method for Activity inference during Android application running |
| CN107239311A (en) * | 2017-06-08 | 2017-10-10 | 迈普通信技术股份有限公司 | Using deployment method and device |
Non-Patent Citations (2)
| Title |
|---|
| FRANZISKA ROESNER 等: "Securing Embedded User Interface:Android and Beyond", 《22ND USENIX SECURITY SYMPOSIUM(2013)》 * |
| 唐宇敬: "Android平台下软件安全漏洞挖掘方法研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108133137B (en) | 2021-11-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105468529B (en) | A kind of accurate traversal method of Android application UI controls and device | |
| Patnaik et al. | Usability Smells: An Analysis of {Developers’} Struggle With Crypto Libraries | |
| US8776239B2 (en) | In-development vulnerability response management | |
| CN103595708B (en) | The browser processing method of closing, system, browser and server extremely | |
| CN105224869B (en) | Assembly test method and device | |
| JP2008171391A (en) | Method for creating requirement description for embedded system | |
| US20070169065A1 (en) | Computer program with metadata management function | |
| CN107944278A (en) | A kind of kernel leak detection method and device | |
| CN108228321A (en) | A kind of Android system application method for closing and device | |
| CN105095753B (en) | Broadcast safe detection method, device | |
| CN106933642B (en) | Application program processing method and processing device | |
| CN110598419B (en) | Block chain client vulnerability mining method, device, equipment and storage medium | |
| US20160283225A1 (en) | Increasing accuracy of traceability links and structured data | |
| KR20080043345A (en) | Declaratively defined control actions | |
| CN106126425A (en) | Function traversal method based on Android automated test frame and system | |
| CN117370203B (en) | Automatic test method, system, electronic equipment and storage medium | |
| CN112100620B (en) | Code security detection method, apparatus, device and readable storage medium | |
| CN108133137A (en) | Interface safety detection method and device in intelligent terminal | |
| US20170308379A1 (en) | Evaluating documentation coverage | |
| CN111027073B (en) | Vulnerability detection method, device, equipment and storage medium | |
| Balland et al. | A case for human-driven software development | |
| Malavolta et al. | Engineering mobile apps for disaster management: The case of COVID-19 apps in the Google Play Store | |
| CN105117243B (en) | A kind of method and apparatus for the startup time obtaining application program | |
| CN109683994B (en) | Method and device for determining view construction time, storage medium and electronic equipment | |
| CN113935847A (en) | Online process risk processing method, device, server and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |