CN108900473A - A kind of data monitoring method, device and system - Google Patents
A kind of data monitoring method, device and system Download PDFInfo
- Publication number
- CN108900473A CN108900473A CN201810561433.2A CN201810561433A CN108900473A CN 108900473 A CN108900473 A CN 108900473A CN 201810561433 A CN201810561433 A CN 201810561433A CN 108900473 A CN108900473 A CN 108900473A
- Authority
- CN
- China
- Prior art keywords
- data
- application
- network access
- access request
- private
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
Abstract
This application discloses a kind of data monitoring methods, device and system when this method is applied with data monitoring end may include:The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;The corresponding data packet of the network access request is decoded, the first data are obtained;Whether judge in first data comprising private data;If so, determining the first application leakage private data.In this way, data monitoring end can obtain the network access request that application software is sent in terminal by VPN service terminal, by being parsed to the corresponding data packet of network access request and judging whether it includes private data, application software can be determined with the presence or absence of the security risk of leakage privacy of user data, in this way, the effective monitoring to the data of application software upload may be implemented, to avoid the private data leakage of user, guarantee the safety of user data.
Description
Technical field
This application involves data security arts more particularly to a kind of data monitoring methods, device and system.
Background technique
With the rapid development of science and technology, there are various application software, in general, these application software can be with
Internet service is provided a user by internet, for example, instant message applications can provide a user immediately by internet
Communications service, news software can provide a user real-time news by internet, etc..The appearance extreme enrichment of application software
Daily life.
However, in practical applications, for application software when providing a user Internet service by internet, there are some
The private data of user can be uploaded to internet in the case where user's unaware by Malware, lead to the private data of user
Leakage, there are security risks for user data.How effectively the data of application software upload to be monitored, to avoid user
Private data leakage, the problem of guaranteeing the safety of user data, become urgent need to resolve.
Summary of the invention
The embodiment of the present application provides a kind of data monitoring method, device and system, for how solving to application software
The data of biography are monitored, to avoid the private data leakage of user, the problem of guaranteeing secure user data.
In order to solve the above-mentioned technical problem, the application is realized in:
The embodiment of the present application provides a kind of method of data monitoring, is applied to data monitoring end, including:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
The embodiment of the present application provides a kind of method of data monitoring, is applied to VPN service terminal, including:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network
Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised
Control end.
The embodiment of the present application provides a kind of data monitoring device, is applied to data monitoring end, including:
Receiving unit receives the network access request that the first application is sent from Virtual Private Network VPN service terminal;
Decoding unit is decoded the corresponding data packet of the network access request, obtains the first data;
Whether judging unit judges in first data comprising private data;
Determination unit determines described first when the judging unit judges in first data comprising private data
Using leakage private data.
The embodiment of the present application also provides a kind of data monitoring device, is applied to VPN service terminal, including:
Receiving unit receives the network access request that the first application is sent;
First determination unit determines whether first application is application to be monitored;
Second determination unit determines that first application is to be monitored in application, determining in first determination unit
Whether data monitoring end opens VPN service, and the data monitoring end is used to determine described first according to the network access request
Using whether revealing private data;
Transmission unit, when second determination unit determines that the data monitoring end has turned on VPN service, by the net
Network access request is redirected to the data monitoring end.
The embodiment of the present application provides a kind of electronic equipment, including:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the place when executed
It manages device and executes following operation:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
The embodiment of the present application also provides a kind of electronic equipment, including:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the place when executed
It manages device and executes following operation:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network
Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised
Control end.
The embodiment of the present application provides a kind of computer readable storage medium, the computer-readable recording medium storage one
Or multiple programs, one or more of programs are when the electronic equipment for being included multiple application programs executes, so that the electricity
Sub- equipment executes following operation:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
The embodiment of the present application also provides a kind of computer readable storage medium, the computer-readable recording medium storage one
A or multiple programs, one or more of programs are when the electronic equipment for being included multiple application programs executes, so that described
Electronic equipment executes following operation:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network
Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised
Control end.
The embodiment of the present application provides a kind of data monitoring system, including:VPN service terminal and data monitoring end, wherein:
The VPN service terminal receives the network access request that the first application is sent;Determine it is described first application whether be to
The application of monitoring;If so, determining whether the data monitoring end opens VPN service;If the data monitoring end has turned on VPN
Service, then be redirected to the data monitoring end for the network access request;
The data monitoring end receives the network access request that the first application is sent from the VPN service terminal;To the net
The corresponding data packet of network access request is decoded, and obtains the first data;Whether judge in first data comprising privacy number
According to;If so, determining the first application leakage private data.
At least one above-mentioned technical solution that the embodiment of the present application uses can reach following beneficial effect:
Technical solution provided by the embodiments of the present application, data monitoring end can receive the first application from VPN service terminal and send
Network access request;The corresponding data packet of the network access request is decoded, the first data are obtained;Judge described
It whether include private data in one data;If so, determining the first application leakage private data.In this way, data monitoring end
The network access request that application software is sent in terminal can be obtained by VPN service terminal, by corresponding to network access request
Data packet parsed and judge whether it includes private data, can determine whether application software reveals the privacy number of user
According in this manner it is achieved that the effective monitoring of the data to application software upload is protected to avoid the private data leakage of user
Demonstrate,prove the safety of user data.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The some embodiments recorded in application, for those of ordinary skill in the art, in the premise of not making the creative labor property
Under, it is also possible to obtain other drawings based on these drawings.
Fig. 1 is the flow diagram of one embodiment data monitoring method of the application;
Fig. 2 is the flow diagram of one embodiment data monitoring method of the application;
Fig. 3 is the flow diagram of one embodiment data monitoring method of the application;
Fig. 4 is the flow diagram of one embodiment data monitoring method of the application;
Fig. 5 is the structural schematic diagram of a kind of electronic equipment provided by the embodiments of the present application;
Fig. 6 is a kind of structural schematic diagram of data monitoring device provided by the embodiments of the present application;
Fig. 7 is the structural schematic diagram of a kind of electronic equipment provided by the embodiments of the present application;
Fig. 8 is a kind of structural schematic diagram of data monitoring device provided by the embodiments of the present application;
Fig. 9 is a kind of structural schematic diagram of data monitoring system provided by the embodiments of the present application.
Specific embodiment
For existing application software during providing a user Internet service by internet, there are some malice are soft
The private data of user can be uploaded to internet in the case where user's unaware by part, led to user's therefore leaking data, used
There are security risks for user data.
For example, user can allow it to obtain the contact person of user, short message, call when installing certain application software in the terminal
The private datas such as record, in order to better use the application software.Application software is in the right to use for obtaining privacy of user data
After limit, the private data of user can be advantageously used.However, in this case, some Malwares can be by the hidden of user
Private data lead to the private data leakage of user, bring great loss to user so be uploaded to internet.
In the prior art, in order to avoid the private data leakage of user, the usually available application of the operating system of terminal
The root authority of software can intercept application software upload to internet after obtaining root authority by firewall technology
Data, and the data of interception are analyzed, it is determined whether the private data comprising user, to avoid the private data of user
Leakage.
However, in practical applications, the root authority of some application software (especially third-party application software) be not easy by
It obtains, leads to not be monitored the data of these application software uploads.In addition, even if getting the root power of application software
Limit, while being monitored to privacy of user data, also inevitably brings other security risks.For example, obtaining
To after the root authority of application software, safety wind may be brought to system in malicious modification system setting etc. under root authority
Danger.
It can be seen that how to be effectively monitored to the data of application software upload, identification application software whether there is
Invade the security risk of privacy of user, the problem of becoming urgent need to resolve.
In order to solve the above-mentioned technical problem, the embodiment of the present application provides a kind of data monitoring method, device and system, the party
When method is applied to data monitoring end, may include:The network that the first application is sent is received from Virtual Private Network VPN service terminal to visit
Ask request;The corresponding data packet of the network access request is decoded, the first data are obtained;Judge in first data
It whether include private data;If so, determining the first application leakage private data.
Compared to existing technologies, at least there is following beneficial effect in technical solution provided by the embodiments of the present application, packet
It includes:
(1) data monitoring end obtains the network access request that application software is sent in terminal by VPN service terminal, by right
The corresponding data packet of network access request is parsed and judges whether it includes private data, whether can determine application software
The private data of user is revealed, in this manner it is achieved that the effective monitoring of the data to application software upload, to avoid user's
Private data leakage guarantees the safety of user data.
(2) the embodiment of the present application can be realized soft to application in the case where the root authority without obtaining application software
The effective monitoring for the network access request that part is sent is realizing the data to application software upload compared to existing technologies
While being monitored, other security risks will not be brought.
Technical scheme is clearly and completely retouched below with reference to the application specific embodiment and corresponding attached drawing
It states.Obviously, the described embodiments are only a part but not all of the embodiments of the present application.Based in the application
Embodiment, every other embodiment obtained by those of ordinary skill in the art without making creative efforts,
It shall fall in the protection scope of this application.
It should be noted that (Virtual Private Network, local virtual are dedicated by VPN in the embodiment of the present application
Network) server-side can be understood as terminal (for example, smart phone, tablet computer, mobile TV etc.) operating system it is included
VPN service, for terminal after opening VPN service, VPN service terminal can obtain the network row of application software in control and management terminal
For permission.
Data monitoring end can be understood as may be mounted in terminal, data for the application software for carrying out data monitoring
The permission that monitoring client can obtain VPN service in the case where user authorizes can be from VPN after the permission for obtaining VPN service
Server-side obtains the network access request that application software is sent, and determines the privacy number that user whether is carried in network access request
According to, and then realize the effective monitoring to the data of application software upload.
The private data of user can be understood as the non-shared of individual subscriber, including but not limited to the short message of user,
Contact person, communications records, the geographical location information being currently located, user's head portrait, user name, pet name of user etc., wherein different
Application software can correspond to different private datas, can be determined according to the actual situation, the embodiment of the present application, which is not done, to be had
Body limits.
Below in conjunction with attached drawing, the technical scheme provided by various embodiments of the present application will be described in detail.
Fig. 1 is a kind of flow diagram of data monitoring method provided by the embodiments of the present application.The method is applied to number
According to monitoring client, the method is as described below.
Step 102:The network access request that the first application is sent is received from Virtual Private Network VPN service terminal.
In a step 102, first in terminal is applied when initiating network access request, network access request can be sent out
It gives terminal operating system included VPN service, network access request is transmitted to internet by VPN service terminal.
First application can be the application software that terminal carries when leaving the factory, be also possible to the of SS later installation
Tripartite's application software, is not specifically limited here.
First application send network access request can be understood as described first apply with internet carry out data friendship
When mutual, the arbitrary data request sent to internet is also not specifically limited here.
VPN service terminal is after receiving the network access request that the first application is sent, in order to determine in network access request
Whether the private data of user is carried, and network access request can be redirected to data monitoring end by VPN service terminal.
The network access request can be redirected to number when redirecting the network access request by VPN service terminal
According to the local service process of monitoring client, data monitoring end can receive the network from VPN service terminal by local service process
Access request.
In the embodiment of the present application, data monitoring end is receiving the network access request that the first application is sent from VPN service terminal
Before, the method may include:
The authorization message that user sends is received, the authorization message, which is used to characterize, authorizes the VPN permission of service;
According to the authorization message, the VPN is opened by calling system interface and is serviced.
That is, data monitoring end is needed before the network access request that VPN service terminal receives that the first application is sent
The access right for obtaining VPN service can receive network access after the access right for obtaining VPN service from VPN service terminal
Request.
In the embodiment of the present application, the permission that data monitoring end uses VPN service can be authorized by user.Specifically, true
When determining to be monitored the network behavior of application software in terminal, data monitoring end can issue the user with prompt and request to obtain
The permission of VPN service, if at this point, user's agreement authorization, can send authorization message, the authorization message to data monitoring end
It can be used for characterizing and authorize the access right that data monitoring end obtains VPN.
Data monitoring end can open VPN service after receiving authorization message by calling system interface.In this way, working as
When VPN service terminal receives the network access request of application software transmission, network access request can be redirected to data prison
End is controlled, at this point, data monitoring end can receive network access request from VPN service terminal.
It should be noted that since VPN services the power of the network behavior of available control and management other application software
Limit, therefore, for user after authorizing permission of the data monitoring end using VPN service, data monitoring end can be to other application software
With higher control, in this way, can be monitored in order to the subsequent network access request to other application software.
Data monitoring end receives the network access that the first application is sent from VPN service terminal in the method by above-mentioned record
After request, step 104 can be executed.
Step 104:The corresponding data packet of the network access request is decoded, the first data are obtained.
At step 104, it first applies when sending network access request, can usually send in the form of data packet,
Data monitoring end after receiving the network access request that the first application is sent, in order to determine in network access request whether include
The private data of user can be decoded the corresponding data packet of the network access request, obtain the network access and ask
The detailed data for including is sought, the detailed data can be considered as the first data.
Data monitoring end is decoded the corresponding data packet of the network access request, obtains the first data, can wrap
It includes:
According to the identification information of the corresponding data packet of the network access request, searched and the mark from data the package list
Know the corresponding decoding rule of information, the solution of the identification information comprising different data packet and different data packet in described data the package list
Mapping relations between code rule;
According to the decoding rule found, the corresponding data packet of the network access request is decoded, obtains first
Data.
In the embodiment of the present application, the identification information of the corresponding data packet of same application software can be identical, and different application is soft
The identification information of the corresponding data packet of part can be different, for the data packet with different identification information, can use different
Decoding rule is decoded.
In order to parse to the corresponding data packet of network access request, data monitoring end can be different data in advance
Packet determines corresponding decoding rule, and the mapping established between the identification information of different data packet and corresponding decoding rule is closed
System, which is stored into data the package list.
It wherein, can be to the corresponding number of different application software when determining corresponding decoding rule for different data packets
Learnt according to the feature of packet, decoding rule is determined based on a large amount of learning outcome.
After establishing described data the package list, described data the package list can be stored in the corresponding service in data monitoring end
In device, when data monitoring termination receives network access request, the predetermined data packet can be pulled from server
List is searched and the data from described data the package list according to the identification information of the corresponding data packet of network access request
The identification information of packet corresponding decoding rule when in described data the package list including the identification information of the data packet, and is searched
To after corresponding decoding rule, the decoding rule found can be used, the data packet is decoded, and obtains the first number
According to.
It is decoded to the corresponding data packet of the network access request, obtains the first data, step can be executed
106。
Step 106:Whether judge in first data comprising private data.
In step 106, data monitoring end can determine institute by judging whether first data include private data
It states whether comprising private data in network request, and then determines whether first application leaks private data.
When whether data monitoring end includes private data in judging first data, may include:
The private data for including in first data and private data library is compared, is judged in first data
Whether the private data in the private data library is included;
If so, determining includes private data in first data;
If not, it is determined that do not include private data in first data.
Specifically, the embodiment of the present application can pre-establish the private data library, can wrap in the private data library
All private datas containing user in the terminal, data monitoring end after decoding obtains the first data, can by the first data with
Whether the private data for including in private data library compares, judged in the first data according to comparing result comprising privacy number
According to.
In the embodiment of the present application, if in the first data including at least one of private data library private data,
The private data in the network access request comprising user can be determined, at this point it is possible to execute step 108;If the first data
In do not include the private data library in any private data, then can determine in the network access request do not include use
The private data at family, i.e., private data of described first application without leakage user.
Step 108:Determine the first application leakage private data.
In step 108, due in the network access request include user private data, hence, it can be determined that institute
State the first application leakage private data.
In this way, data monitoring end can obtain the network access request that application software is sent in terminal by VPN service terminal,
By being parsed to the corresponding data packet of network access request and judging whether it includes private data, can determine using soft
Whether part reveals the private data of user, in this manner it is achieved that the effective monitoring of the data to application software upload, to avoid
The private data leakage of user guarantees the safety of user data.
In one embodiment of the application, determining first application in the presence of the security risk of leakage private data
Afterwards, the method can also include:
Safety instruction information is generated, the safety instruction information is for prompting in the network access request comprising privacy number
According to.
The safety instruction information can be picture prompting, is also possible to text prompt, can also be voice prompting, here
It is not specifically limited.
For example, after determining the contact data in the network access request sent using A comprising user, data monitoring end
It can determine that using A be Malware, there is the security risk of leakage privacy of user data, at this point, data monitoring end can give birth to
At text prompt information " uploading your contact data using A ", to prompt user.
After generating safety instruction information, user can determine that the network is visited according to safety instruction information at data monitoring end
Ask the private data in request comprising user.
In the embodiment of the present application, in order to not influence user's normal use application software, data monitoring end is determining network visit
When asking in request comprising private data, application software will not directly be forbidden to send the network access request, but to user into
Row prompt, takes corresponding measure by user, for example, user can unload first application, can also close described first and answer
With the access right etc. to privacy of user data.In this way, it is possible to prevente effectively from privacy of user leaking data, guarantees privacy of user number
According to safety.
For the clearer data monitoring method introduced in the embodiment of the present application, Fig. 2 may refer to, Fig. 2 is the application's
The flow diagram of one embodiment data monitoring method.The method may include:
Step 201:Receive the authorization message that user sends.
The authorization message, which can be used for characterizing, authorizes the data monitoring end VPN permission of service.
Step 202:According to the authorization message, the VPN is opened by calling system interface and is serviced.
Data monitoring end can determine that user agrees to authorization, at this point, data monitoring end after receiving the authorization requests
It can be serviced by calling the system interface of terminal inner to open the VPN.
Step 203:The network access request that the first application is sent is received from VPN service terminal.
VPN service terminal can receive what the first application was sent with the network behavior of the first application in real-time monitoring terminal
After network access request, network access request can be redirected to the local service process at data monitoring end, data monitoring end
The network access request can be received from VPN service terminal by local service process.
Step 204:According to the identification information of the corresponding data packet of the network access request, searched from data the package list
Decoding rule corresponding with the identification information.
It may include the identification information of different data packet and the decoding rule of different data packet in described data the package list
Between mapping relations, if the mark of the corresponding data packet of the network access request can be found from described data the package list
Information can then find corresponding decoding rule.
Step 205:According to the decoding rule found, the corresponding data packet of the network request is decoded, is obtained
First data.
First data can be considered as the detailed data carried in the network access request.
Step 206:It whether determines in first data comprising private data.
The private data for including in first data and privacy of user database can be compared, if described first
Comprising any private data in the private data library in data, then can determine in first data comprising privacy number
According to;Private data is not included in first data conversely, can then determine.
If in first data including private data, the privacy number of the first application leakage user can be determined
According to, and execute step 207;Otherwise, it can determine that described first applies the private data without revealing user, and execute step
208。
Step 207:Generate safety instruction information.
The safety instruction information is for prompting in the network access request comprising private data.User mentions according to safety
After showing the private data that information determines the first application leakage user, it can choose the first application of unloading, first can also be closed and answered
Guarantee privacy of user data with the access right to privacy of user data to avoid the private data of the first application leakage user
Safety.
Step 208:Terminate.
Technical solution provided by the embodiments of the present application, data monitoring end can receive the first application from VPN service terminal and send
Network access request;The corresponding data packet of the network access request is decoded, the first data are obtained;Judge described
It whether include private data in one data;If so, determining the first application leakage private data.In this way, data monitoring end
The network access request that application software is sent in terminal can be obtained by VPN service terminal, by corresponding to network access request
Data packet parsed and judge whether it includes private data, can determine whether application software reveals the privacy number of user
According in this manner it is achieved that the effective monitoring of the data to application software upload is protected to avoid the private data leakage of user
Demonstrate,prove the safety of user data.
Fig. 3 is the flow diagram of one embodiment data monitoring method of the application.The method can be applied to VPN
Server-side, the method are as described below.
Step 302:Receive the network access request that the first application is sent.
In step 302, the VPN service function in terminal can be opened, after opening VPN service function, VPN service terminal
The application software installed in terminal (can be can be by the application software carried when terminal factory, be also possible to SS later peace
The third-party application software of dress) network behavior monitored in real time, when detect first application to internet send network visit
When asking request, VPN service terminal can receive the network access request.
VPN service terminal can execute step 304 after receiving the network access request.
Step 304:Determine whether first application is application to be monitored.
In step 304, VPN service terminal can choose a part of application software in terminal and be monitored, and receive
When network access request, can determine whether the first application for sending the network access request is application to be monitored.
Determining whether first application is to be monitored in application, may include:
The mark comprising first application is searched whether from list to be monitored, includes wait supervise in the list to be monitored
The mark of the application of control;
If so, determining that first application is application to be monitored.
In the embodiment of the present application, VPN service terminal can pre-establish list to be monitored according to application software to be monitored,
It may include the mark of at least one application software to be monitored in the list to be monitored.
After receiving network access request, identifying whether for the first application for sending the network access request can be determined
Included in the list to be monitored, if so, can determine that first application is application to be monitored, and step is executed
306;If it is not, can then determine that first application is not application to be monitored, at this point it is possible to normally access the network
Request is handled.
For example, in list to be monitored comprising using A, using the mark of B and application C, if the first application for using A,
It can illustrate using A to be application to be monitored, if the first application is using D, it can be said that bright is not to be monitored answer using D
With.
Step 306:Determine whether data monitoring end opens VPN service.
Within step 306, the data monitoring end can be used for determining that described first answers according to the network access request
With whether revealing private data.VPN service terminal determine it is described first application be it is to be monitored in application, in order to further determine
Whether first application leaks the private data of user, the network access request can be sent to the data monitoring
End, in order to which the data monitoring end is monitored.
VPN service terminal needs to judge data monitoring end when sending the network access request to the data monitoring end
VPN service whether is had turned on, that is, determines whether the data monitoring end can carry out data interaction with VPN service terminal.If so,
Determination can send network access request to data monitoring end, and execute step 308;If it is not, can then terminate process.
Step 308:The network access request is redirected to the data monitoring end.
In step 308, VPN service terminal, can be by described the after determining that the data monitoring end has turned on VPN service
The network access request that one application is sent is redirected to data monitoring end, i.e., the network access request is sent to the data
Monitoring client.
It data monitoring end, can be to the corresponding data of the network access request after receiving the network access request
Packet is decoded, and obtains the first data;Whether judge in first data comprising private data;If so, determining described the
There is the security risk of leakage private data in one application.Concrete methods of realizing may refer to record in embodiment illustrated in fig. 1 interior
Hold, description is not repeated herein.In this manner it is achieved that the effective monitoring of the data uploaded to the first application.
Technical solution provided by the embodiments of the present application, can open the VPN service function in terminal, and VPN service terminal can be with
The network behavior of application software in terminal is monitored in real time, in the network access request for receiving the first application transmission
When, determine whether first application is application to be monitored;If so, determining whether data monitoring end opens VPN service;If
The data monitoring end has turned on VPN service, then the network access request is redirected to data monitoring end, in order to described
Data monitoring end can determine whether first application reveals private data according to the network access request.In this way, passing through
The network access request of application software in terminal is redirected to data monitoring end by VPN service terminal, so that data monitoring end can be with
The network access request of application software is got, and then can determine whether application software reveals user according to network access request
Private data, to avoid the private data leakage of user, protected with realizing the effective monitoring to the data of application software upload
Demonstrate,prove the safety of user data.
Fig. 4 is the flow diagram of one embodiment data monitoring method of the application.The embodiment of the present application and Fig. 1 and figure
Embodiment shown in 3 belongs to identical inventive concept, and the method is as described below.
Step 401:First application sends network access request to VPN service terminal.
In the case where terminal opens VPN service, the first application can send network access request to VPN service terminal.
Step 402:VPN service terminal determines whether first application is application to be monitored.
VPN service terminal can determine whether first application is wait supervise according to the method recorded in embodiment illustrated in fig. 3
The application of control, type are not repeated to describe.
If first application is application to be monitored, step 403 can be executed;Otherwise, step 404 can be executed.
It should be noted that determining that the first application is application to be monitored, in order to not influence described in user's normal use
First application, can also execute step 404.
Step 403:VPN service terminal determines whether data monitoring end opens VPN service.
The embodiment of the present application is illustrated so that the data monitoring end has turned on VPN service as an example.Wherein, data monitoring end
VPN service can be opened by the method recorded in embodiment illustrated in fig. 1, description is not repeated herein.
VPN service terminal can execute step 405 when determining that the data monitoring end has turned on VPN service.
Step 404:The network access request is sent to internet by VPN service terminal.
Step 405:The network access request is redirected to data monitoring end by VPN service terminal.
Step 406:Data monitoring end is decoded the corresponding data packet of the network access request, obtains the first number
According to.
When data monitoring end is decoded the network access request corresponding data packet, it may refer to real shown in Fig. 1
The content recorded in example is applied, description is not repeated herein.
Step 407:Whether data monitoring end judges in first data comprising private data.
Data monitoring end can judge according to the method recorded in embodiment illustrated in fig. 1 in first data whether include
Private data, if so, step 408 can be executed;If it is not, can then execute step 410.
Step 408:Data monitoring end determines the first application leakage private data.
When determining the first application leakage private data, step 309 can also be performed.
Step 409:Data monitoring end generates safety instruction information.
The safety instruction information is for prompting in the network access request comprising private data.
After generating safety instruction information, user can take corresponding measure according to the safety instruction information, for example, unloading
First application is carried, or closes first application to the access right etc. of privacy of user data, to guarantee privacy of user
The safety of data.
Step 410:Terminate.
Technical solution provided by the embodiments of the present application opens the VPN service function of terminal, and VPN service terminal can be in real time
The network behavior of application software in terminal is monitored, is asked receiving the network access that application software to be monitored is sent
When asking, under the premise of data monitoring section has turned on VPN service, which is redirected to data monitoring end, this
Sample, data monitoring end can parse the corresponding data packet of network access request and judge whether it includes private data,
And then determine whether application software reveals the private data of user, realize the effective monitoring to the data of application software upload, from
And the private data leakage of user is avoided, guarantee the safety of user data.
It is above-mentioned that this specification specific embodiment is described.Other embodiments are in the scope of the appended claims
It is interior.In some cases, the movement recorded in detail in the claims or step can be come according to the sequence being different from embodiment
It executes and desired result still may be implemented.In addition, process depicted in the drawing not necessarily require show it is specific suitable
Sequence or consecutive order are just able to achieve desired result.In some embodiments, multitasking and parallel processing be also can
With or may be advantageous.
Fig. 5 is the structural schematic diagram of one embodiment electronic equipment of the application.Referring to FIG. 5, in hardware view, the electricity
Sub- equipment includes processor, optionally further comprising internal bus, network interface, memory.Wherein, memory may be comprising interior
It deposits, such as high-speed random access memory (Random-Access Memory, RAM), it is also possible to further include non-volatile memories
Device (non-volatile memory), for example, at least 1 magnetic disk storage etc..Certainly, which is also possible that other
Hardware required for business.
Processor, network interface and memory can be connected with each other by internal bus, which can be ISA
(Industry Standard Architecture, industry standard architecture) bus, PCI (Peripheral
Component Interconnect, Peripheral Component Interconnect standard) bus or EISA (Extended Industry Standard
Architecture, expanding the industrial standard structure) bus etc..The bus can be divided into address bus, data/address bus, control always
Line etc..Only to be indicated with a four-headed arrow in Fig. 5, it is not intended that an only bus or a type of convenient for indicating
Bus.
Memory, for storing program.Specifically, program may include program code, and said program code includes calculating
Machine operational order.Memory may include memory and nonvolatile memory, and provide instruction and data to processor.
Processor is from the then operation into memory of corresponding computer program is read in nonvolatile memory, in logical layer
Data monitoring device is formed on face.Processor executes the program that memory is stored, and is specifically used for executing following operation:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
The method that data monitoring device disclosed in the above-mentioned embodiment illustrated in fig. 5 such as the application executes can be applied to processor
In, or realized by processor.Processor may be a kind of IC chip, the processing capacity with signal.It was realizing
Each step of Cheng Zhong, the above method can be complete by the integrated logic circuit of the hardware in processor or the instruction of software form
At.Above-mentioned processor can be general processor, including central processing unit (Central Processing Unit, CPU),
Network processing unit (Network Processor, NP) etc.;It can also be digital signal processor (Digital Signal
Processor, DSP), it is specific integrated circuit (Application Specific Integrated Circuit, ASIC), existing
Field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device are divided
Vertical door or transistor logic, discrete hardware components.It may be implemented or execute and is in the embodiment of the present application disclosed each
Method, step and logic diagram.General processor can be microprocessor or the processor is also possible to any conventional place
Manage device etc..The step of method in conjunction with disclosed in the embodiment of the present application, can be embodied directly in hardware decoding processor and execute
At, or in decoding processor hardware and software module combination execute completion.Software module can be located at random access memory,
This fields such as flash memory, read-only memory, programmable read only memory or electrically erasable programmable memory, register maturation
In storage medium.The storage medium is located at memory, and processor reads the information in memory, completes above-mentioned side in conjunction with its hardware
The step of method.
The method that the electronic equipment can also carry out Fig. 1, and realize the function of data monitoring device embodiment shown in Fig. 1,
Details are not described herein for the embodiment of the present application.
Certainly, other than software realization mode, other implementations are not precluded in the electronic equipment of the application, for example patrol
Collect device or the mode of software and hardware combining etc., that is to say, that the executing subject of following process flow is not limited to each patrol
Unit is collected, hardware or logical device are also possible to.
The embodiment of the present application also proposed a kind of computer readable storage medium, the computer-readable recording medium storage one
A or multiple programs, the one or more program include instruction, and the instruction is when by the portable electronic including multiple application programs
When equipment executes, the method that the portable electronic device can be made to execute embodiment illustrated in fig. 1, and be specifically used for executing following behaviour
Make:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
Fig. 6 is a kind of structural schematic diagram of data monitoring device provided by the embodiments of the present application.Described device can be applied
In data monitoring end, can specifically include:Receiving unit 61, decoding unit 62, judging unit 63 and determination unit 64,
In:
Receiving unit 61 receives the network access request that the first application is sent from Virtual Private Network VPN service terminal;
Decoding unit 62 is decoded the corresponding data packet of the network access request, obtains the first data;
Whether judging unit 63 judges in first data comprising private data;
Determination unit 64 determines described the when the judging unit judges in first data comprising private data
One application leakage private data.
Optionally, the decoding unit 62 is decoded the corresponding data packet of the network access request, obtains first
Data, including:
According to the identification information of the corresponding data packet of the network access request, searched and the mark from data the package list
Know the corresponding decoding rule of information, the solution of the identification information comprising different data packet and different data packet in described data the package list
Mapping relations between code rule;
According to the decoding rule found, the corresponding data packet of the network access request is decoded, obtains first
Data.
Optionally, whether the judging unit 63 judge in first data comprising private data, including:
The private data for including in first data and private data library is compared, is judged in first data
Whether the private data in the private data library is included;
If so, determining includes private data in first data;
If not, it is determined that do not include private data in first data.
Optionally, described device further includes:Opening unit 65, wherein:
The opening unit 65 receives the first application hair from Virtual Private Network VPN service terminal in the receiving unit 64
Before the network access request sent, the authorization message that user sends is received, the authorization message, which is used to characterize, authorizes VPN service
Permission;
According to the authorization message, the VPN is opened by calling system interface and is serviced.
Optionally, described device further includes:Prompt unit 66, wherein:
The prompt unit 66 determines that first application has the safety of leakage private data in the determination unit 64
After hidden danger, safety instruction information is generated, the safety instruction information is for prompting in the network access request comprising privacy number
According to.
Fig. 7 is the structural schematic diagram of one embodiment electronic equipment of the application.Referring to FIG. 7, in hardware view, the electricity
Sub- equipment includes processor, optionally further comprising internal bus, network interface, memory.Wherein, memory may be comprising interior
It deposits, such as high-speed random access memory (Random-Access Memory, RAM), it is also possible to further include non-volatile memories
Device (non-volatile memory), for example, at least 1 magnetic disk storage etc..Certainly, which is also possible that other
Hardware required for business.
Processor, network interface and memory can be connected with each other by internal bus, which can be ISA
(Industry Standard Architecture, industry standard architecture) bus, PCI (Peripheral
Component Interconnect, Peripheral Component Interconnect standard) bus or EISA (Extended Industry Standard
Architecture, expanding the industrial standard structure) bus etc..The bus can be divided into address bus, data/address bus, control always
Line etc..Only to be indicated with a four-headed arrow in Fig. 7, it is not intended that an only bus or a type of convenient for indicating
Bus.
Memory, for storing program.Specifically, program may include program code, and said program code includes calculating
Machine operational order.Memory may include memory and nonvolatile memory, and provide instruction and data to processor.
Processor is from the then operation into memory of corresponding computer program is read in nonvolatile memory, in logical layer
Data monitoring device is formed on face.Processor executes the program that memory is stored, and is specifically used for executing following operation:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network
Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised
Control end.
The method that data monitoring device disclosed in the above-mentioned embodiment illustrated in fig. 7 such as the application executes can be applied to processor
In, or realized by processor.Processor may be a kind of IC chip, the processing capacity with signal.It was realizing
Each step of Cheng Zhong, the above method can be complete by the integrated logic circuit of the hardware in processor or the instruction of software form
At.Above-mentioned processor can be general processor, including central processing unit (Central Processing Unit, CPU),
Network processing unit (Network Processor, NP) etc.;It can also be digital signal processor (Digital Signal
Processor, DSP), it is specific integrated circuit (Application Specific Integrated Circuit, ASIC), existing
Field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device are divided
Vertical door or transistor logic, discrete hardware components.It may be implemented or execute and is in the embodiment of the present application disclosed each
Method, step and logic diagram.General processor can be microprocessor or the processor is also possible to any conventional place
Manage device etc..The step of method in conjunction with disclosed in the embodiment of the present application, can be embodied directly in hardware decoding processor and execute
At, or in decoding processor hardware and software module combination execute completion.Software module can be located at random access memory,
This fields such as flash memory, read-only memory, programmable read only memory or electrically erasable programmable memory, register maturation
In storage medium.The storage medium is located at memory, and processor reads the information in memory, completes above-mentioned side in conjunction with its hardware
The step of method.
The method that the electronic equipment can also carry out Fig. 3, and realize the function of data monitoring device embodiment shown in Fig. 3,
Details are not described herein for the embodiment of the present application.
Certainly, other than software realization mode, other implementations are not precluded in the electronic equipment of the application, for example patrol
Collect device or the mode of software and hardware combining etc., that is to say, that the executing subject of following process flow is not limited to each patrol
Unit is collected, hardware or logical device are also possible to.
The embodiment of the present application also proposed a kind of computer readable storage medium, the computer-readable recording medium storage one
A or multiple programs, the one or more program include instruction, and the instruction is when by the portable electronic including multiple application programs
When equipment executes, the method that the portable electronic device can be made to execute embodiment illustrated in fig. 2, and be specifically used for executing following behaviour
Make:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network
Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised
Control end.
Fig. 8 is a kind of structural schematic diagram of data monitoring device provided by the embodiments of the present application.Described device can be applied
In VPN service terminal, can specifically include:Receiving unit 81, the first determination unit 82, the second determination unit 83 and transmission unit
84, wherein:
Receiving unit 81 receives the network access request that the first application is sent;
First determination unit 82 determines whether first application is application to be monitored;
Second determination unit 83, first determination unit 82 determine it is described first application be it is to be monitored in application,
Determine whether data monitoring end opens VPN service, the data monitoring end is used for according to network access request determination
Whether the first application reveals private data;
Transmission unit 84, when second determination unit 83 determines that the data monitoring end has turned on VPN service, by institute
It states network access request and is redirected to the data monitoring end.
Optionally, first determination unit 82 determines whether first application is application to be monitored, including:
The mark comprising first application is searched whether from list to be monitored, includes wait supervise in the list to be monitored
The mark of the application of control;
If so, determining that first application is application to be monitored.
Fig. 9 is the structural schematic diagram of one embodiment data monitoring system of the application, and the data monitoring system includes:
VPN service terminal 91 and data monitoring end 92, wherein:
The VPN service terminal 91 receives the network access request that the first application is sent;Determine it is described first application whether be
Application to be monitored;If so, determining whether the data monitoring end 92 opens VPN service;If the data monitoring end 92 is
VPN service is opened, then the network access request is redirected to the data monitoring end 92;
The data monitoring end 92 receives the network access request that the first application is sent from the VPN service terminal 91;To institute
It states the corresponding data packet of network access request to be decoded, obtains the first data;Whether judge in first data comprising hidden
Private data;If so, determining the first application leakage private data.
The function in Fig. 3 and embodiment illustrated in fig. 4, the data monitoring end 92 may be implemented in the VPN service terminal 91
The function in Fig. 1, Fig. 1 and embodiment illustrated in fig. 4 may be implemented, details are not described herein for the embodiment of the present application.
In short, being not intended to limit the protection scope of the application the foregoing is merely the preferred embodiment of the application.
Within the spirit and principles of this application, any modification, equivalent replacement, improvement and so on should be included in the application's
Within protection scope.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.It is a kind of typically to realize that equipment is computer.Specifically, computer for example may be used
Think personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
It is any in device, navigation equipment, electronic mail equipment, game console, tablet computer, wearable device or these equipment
The combination of equipment.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described want
There is also other identical elements in the process, method of element, commodity or equipment.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for system reality
For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.
Claims (14)
1. a kind of data monitoring method is applied to data monitoring end, which is characterized in that including:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
2. the method as described in claim 1, which is characterized in that solved to the corresponding data packet of the network access request
Code, obtains the first data, including:
According to the identification information of the corresponding data packet of the network access request, searches from data the package list and believe with the mark
Corresponding decoding rule is ceased, the decoding of the identification information comprising different data packet and different data packet is advised in described data the package list
Mapping relations between then;
According to the decoding rule found, the corresponding data packet of the network access request is decoded, the first data are obtained.
3. the method as described in claim 1, which is characterized in that whether judge in first data comprising private data, packet
It includes:
The private data for including in first data and private data library is compared, judge in first data whether
Include the private data in the private data library;
If so, determining includes private data in first data;
If not, it is determined that do not include private data in first data.
4. the method as described in claim 1, which is characterized in that receive the first application hair from Virtual Private Network VPN service terminal
Before the network access request sent, the method also includes:
The authorization message that user sends is received, the authorization message, which is used to characterize, authorizes the VPN permission of service;
According to the authorization message, the VPN is opened by calling system interface and is serviced.
5. such as the described in any item methods of Claims 1-4, which is characterized in that determining that it is hidden that first application has leakage
After the security risk of private data, the method also includes:
Safety instruction information is generated, the safety instruction information is for prompting in the network access request comprising private data.
6. a kind of data monitoring method is applied to VPN service terminal, which is characterized in that including:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be asked according to network access
It asks and determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data monitoring end.
7. method as claimed in claim 6, which is characterized in that determine whether first application is application to be monitored, packet
It includes:
The mark comprising first application is searched whether from list to be monitored, includes to be monitored in the list to be monitored
The mark of application;
If so, determining that first application is application to be monitored.
8. a kind of data monitoring device is applied to data monitoring end, which is characterized in that including:
Receiving unit receives the network access request that the first application is sent from Virtual Private Network VPN service terminal;
Decoding unit is decoded the corresponding data packet of the network access request, obtains the first data;
Whether judging unit judges in first data comprising private data;
Determination unit determines first application when the judging unit judges in first data comprising private data
Reveal private data.
9. a kind of data monitoring device is applied to VPN service terminal, which is characterized in that including:
Receiving unit receives the network access request that the first application is sent;
First determination unit determines whether first application is application to be monitored;
Second determination unit determines that first application is to be monitored in application, determining data in first determination unit
Whether monitoring client opens VPN service, and the data monitoring end is used to determine first application according to the network access request
Whether private data is revealed;
Transmission unit visits the network when second determination unit determines that the data monitoring end has turned on VPN service
Ask that request is redirected to the data monitoring end.
10. a kind of electronic equipment, including:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the processor when executed
Execute following operation:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
11. a kind of electronic equipment, including:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the processor when executed
Execute following operation:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be asked according to network access
It asks and determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data monitoring end.
12. a kind of computer readable storage medium, the computer-readable recording medium storage one or more program, described one
A or multiple programs are when the electronic equipment for being included multiple application programs executes, so that the electronic equipment executes following behaviour
Make:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
13. a kind of computer readable storage medium, the computer-readable recording medium storage one or more program, described one
A or multiple programs are when the electronic equipment for being included multiple application programs executes, so that the electronic equipment executes following behaviour
Make:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be asked according to network access
It asks and determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data monitoring end.
14. a kind of data monitoring system, which is characterized in that including VPN service terminal and data monitoring end, wherein:
The VPN service terminal receives the network access request that the first application is sent;Determine whether first application is to be monitored
Application;If so, determining whether the data monitoring end opens VPN service;If the data monitoring end has turned on VPN clothes
Business, then be redirected to the data monitoring end for the network access request;
The data monitoring end receives the network access request that the first application is sent from the VPN service terminal;The network is visited
It asks that the corresponding data packet of request is decoded, obtains the first data;Whether judge in first data comprising private data;If
It is, it is determined that the first application leakage private data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810561433.2A CN108900473A (en) | 2018-06-04 | 2018-06-04 | A kind of data monitoring method, device and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810561433.2A CN108900473A (en) | 2018-06-04 | 2018-06-04 | A kind of data monitoring method, device and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108900473A true CN108900473A (en) | 2018-11-27 |
Family
ID=64344189
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810561433.2A Pending CN108900473A (en) | 2018-06-04 | 2018-06-04 | A kind of data monitoring method, device and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108900473A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109739748A (en) * | 2018-12-13 | 2019-05-10 | 北京小米移动软件有限公司 | Close rule detection method and device |
CN109922062A (en) * | 2019-03-04 | 2019-06-21 | 腾讯科技(深圳)有限公司 | Source code reveals monitoring method and relevant device |
CN111935095A (en) * | 2020-07-15 | 2020-11-13 | 广东电网有限责任公司 | Source code leakage monitoring method and device and computer storage medium |
CN112165453A (en) * | 2020-09-01 | 2021-01-01 | 珠海格力电器股份有限公司 | Intelligent equipment anti-intrusion method and device, intelligent equipment and server |
CN112417506A (en) * | 2020-11-26 | 2021-02-26 | 北京指掌易科技有限公司 | Private data monitoring method and device, electronic equipment and storage medium |
CN112948835A (en) * | 2021-03-26 | 2021-06-11 | 支付宝(杭州)信息技术有限公司 | Applet risk detection method and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104579879A (en) * | 2014-12-05 | 2015-04-29 | 上海斐讯数据通信技术有限公司 | Virtual private network communication system, connection method and data packet transmission method |
WO2016080986A1 (en) * | 2014-11-19 | 2016-05-26 | Hewlett-Packard Development Company, L.P. | Tracking a mobile device |
CN106332070A (en) * | 2015-06-30 | 2017-01-11 | 北京壹人壹本信息科技有限公司 | Secure communication method, device and system |
CN106599298A (en) * | 2016-12-28 | 2017-04-26 | 北京金山安全软件有限公司 | Advertisement blocking method and device and terminal equipment |
CN107332872A (en) * | 2017-05-23 | 2017-11-07 | 成都联宇云安科技有限公司 | A kind of method that Android device network agile management and control is realized based on VPN connections |
-
2018
- 2018-06-04 CN CN201810561433.2A patent/CN108900473A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016080986A1 (en) * | 2014-11-19 | 2016-05-26 | Hewlett-Packard Development Company, L.P. | Tracking a mobile device |
CN104579879A (en) * | 2014-12-05 | 2015-04-29 | 上海斐讯数据通信技术有限公司 | Virtual private network communication system, connection method and data packet transmission method |
CN106332070A (en) * | 2015-06-30 | 2017-01-11 | 北京壹人壹本信息科技有限公司 | Secure communication method, device and system |
CN106599298A (en) * | 2016-12-28 | 2017-04-26 | 北京金山安全软件有限公司 | Advertisement blocking method and device and terminal equipment |
CN107332872A (en) * | 2017-05-23 | 2017-11-07 | 成都联宇云安科技有限公司 | A kind of method that Android device network agile management and control is realized based on VPN connections |
Non-Patent Citations (1)
Title |
---|
张斯: "Android移动终端隐私数据保护系统设计与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109739748A (en) * | 2018-12-13 | 2019-05-10 | 北京小米移动软件有限公司 | Close rule detection method and device |
CN109739748B (en) * | 2018-12-13 | 2022-06-10 | 北京小米移动软件有限公司 | Compliance detection method and device |
CN109922062A (en) * | 2019-03-04 | 2019-06-21 | 腾讯科技(深圳)有限公司 | Source code reveals monitoring method and relevant device |
CN111935095A (en) * | 2020-07-15 | 2020-11-13 | 广东电网有限责任公司 | Source code leakage monitoring method and device and computer storage medium |
CN112165453A (en) * | 2020-09-01 | 2021-01-01 | 珠海格力电器股份有限公司 | Intelligent equipment anti-intrusion method and device, intelligent equipment and server |
CN112417506A (en) * | 2020-11-26 | 2021-02-26 | 北京指掌易科技有限公司 | Private data monitoring method and device, electronic equipment and storage medium |
CN112948835A (en) * | 2021-03-26 | 2021-06-11 | 支付宝(杭州)信息技术有限公司 | Applet risk detection method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108900473A (en) | A kind of data monitoring method, device and system | |
US9753796B2 (en) | Distributed monitoring, evaluation, and response for multiple devices | |
CN109327314A (en) | Access method, device, electronic equipment and the system of business datum | |
CN108763921B (en) | A kind of method of application software and SDK control | |
US20170318046A1 (en) | Method and system for assessing data security | |
US10685142B2 (en) | External resource control of mobile devices | |
US20150058972A1 (en) | Method And Apparatus For Accessing An Application Program | |
CN109587097A (en) | A kind of system, method and apparatus for realizing secure access internal network | |
CN103607385A (en) | Method and apparatus for security detection based on browser | |
US9235840B2 (en) | Electronic transaction notification system and method | |
Krupp et al. | SPE: security and privacy enhancement framework for mobile devices | |
CN108234509A (en) | FIDO authenticators, Verification System and method based on TEE and PKI certificates | |
CN108347361A (en) | Applied program testing method, device, computer equipment and storage medium | |
CN110246039A (en) | Transaction detection method, apparatus and electronic equipment based on alliance's chain | |
CN104484823B (en) | E-bank's PKI method of servicing and its system | |
CN107197462A (en) | Detection method, device and the electronic equipment of wireless network type | |
CN113542201A (en) | Access control method and device for Internet service | |
CN108416224B (en) | A kind of data encryption/decryption method and device | |
CN110278192A (en) | Method, apparatus, computer equipment and the readable storage medium storing program for executing of extranet access Intranet | |
US10826944B1 (en) | Systems and methods for network security | |
CN105227532B (en) | A kind of blocking-up method and device of malicious act | |
CN111600882A (en) | Block chain-based account password management method and device and electronic equipment | |
CN113114681B (en) | Test message processing method, device, computer system and readable storage medium | |
CN109068303A (en) | A kind of resource sharing method, device and electronic equipment | |
CN111431918B (en) | Method and system for determining state label of target user based on block chain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181127 |
|
RJ01 | Rejection of invention patent application after publication |