CN108900473A - A kind of data monitoring method, device and system - Google Patents

A kind of data monitoring method, device and system Download PDF

Info

Publication number
CN108900473A
CN108900473A CN201810561433.2A CN201810561433A CN108900473A CN 108900473 A CN108900473 A CN 108900473A CN 201810561433 A CN201810561433 A CN 201810561433A CN 108900473 A CN108900473 A CN 108900473A
Authority
CN
China
Prior art keywords
data
application
network access
access request
private
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810561433.2A
Other languages
Chinese (zh)
Inventor
王达
王一达
丁祎
李涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kylin Seing Network Technology Ltd By Share Ltd
Original Assignee
Kylin Seing Network Technology Ltd By Share Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kylin Seing Network Technology Ltd By Share Ltd filed Critical Kylin Seing Network Technology Ltd By Share Ltd
Priority to CN201810561433.2A priority Critical patent/CN108900473A/en
Publication of CN108900473A publication Critical patent/CN108900473A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources

Abstract

This application discloses a kind of data monitoring methods, device and system when this method is applied with data monitoring end may include:The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;The corresponding data packet of the network access request is decoded, the first data are obtained;Whether judge in first data comprising private data;If so, determining the first application leakage private data.In this way, data monitoring end can obtain the network access request that application software is sent in terminal by VPN service terminal, by being parsed to the corresponding data packet of network access request and judging whether it includes private data, application software can be determined with the presence or absence of the security risk of leakage privacy of user data, in this way, the effective monitoring to the data of application software upload may be implemented, to avoid the private data leakage of user, guarantee the safety of user data.

Description

A kind of data monitoring method, device and system
Technical field
This application involves data security arts more particularly to a kind of data monitoring methods, device and system.
Background technique
With the rapid development of science and technology, there are various application software, in general, these application software can be with Internet service is provided a user by internet, for example, instant message applications can provide a user immediately by internet Communications service, news software can provide a user real-time news by internet, etc..The appearance extreme enrichment of application software Daily life.
However, in practical applications, for application software when providing a user Internet service by internet, there are some The private data of user can be uploaded to internet in the case where user's unaware by Malware, lead to the private data of user Leakage, there are security risks for user data.How effectively the data of application software upload to be monitored, to avoid user Private data leakage, the problem of guaranteeing the safety of user data, become urgent need to resolve.
Summary of the invention
The embodiment of the present application provides a kind of data monitoring method, device and system, for how solving to application software The data of biography are monitored, to avoid the private data leakage of user, the problem of guaranteeing secure user data.
In order to solve the above-mentioned technical problem, the application is realized in:
The embodiment of the present application provides a kind of method of data monitoring, is applied to data monitoring end, including:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
The embodiment of the present application provides a kind of method of data monitoring, is applied to VPN service terminal, including:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised Control end.
The embodiment of the present application provides a kind of data monitoring device, is applied to data monitoring end, including:
Receiving unit receives the network access request that the first application is sent from Virtual Private Network VPN service terminal;
Decoding unit is decoded the corresponding data packet of the network access request, obtains the first data;
Whether judging unit judges in first data comprising private data;
Determination unit determines described first when the judging unit judges in first data comprising private data Using leakage private data.
The embodiment of the present application also provides a kind of data monitoring device, is applied to VPN service terminal, including:
Receiving unit receives the network access request that the first application is sent;
First determination unit determines whether first application is application to be monitored;
Second determination unit determines that first application is to be monitored in application, determining in first determination unit Whether data monitoring end opens VPN service, and the data monitoring end is used to determine described first according to the network access request Using whether revealing private data;
Transmission unit, when second determination unit determines that the data monitoring end has turned on VPN service, by the net Network access request is redirected to the data monitoring end.
The embodiment of the present application provides a kind of electronic equipment, including:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the place when executed It manages device and executes following operation:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
The embodiment of the present application also provides a kind of electronic equipment, including:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the place when executed It manages device and executes following operation:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised Control end.
The embodiment of the present application provides a kind of computer readable storage medium, the computer-readable recording medium storage one Or multiple programs, one or more of programs are when the electronic equipment for being included multiple application programs executes, so that the electricity Sub- equipment executes following operation:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
The embodiment of the present application also provides a kind of computer readable storage medium, the computer-readable recording medium storage one A or multiple programs, one or more of programs are when the electronic equipment for being included multiple application programs executes, so that described Electronic equipment executes following operation:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised Control end.
The embodiment of the present application provides a kind of data monitoring system, including:VPN service terminal and data monitoring end, wherein:
The VPN service terminal receives the network access request that the first application is sent;Determine it is described first application whether be to The application of monitoring;If so, determining whether the data monitoring end opens VPN service;If the data monitoring end has turned on VPN Service, then be redirected to the data monitoring end for the network access request;
The data monitoring end receives the network access request that the first application is sent from the VPN service terminal;To the net The corresponding data packet of network access request is decoded, and obtains the first data;Whether judge in first data comprising privacy number According to;If so, determining the first application leakage private data.
At least one above-mentioned technical solution that the embodiment of the present application uses can reach following beneficial effect:
Technical solution provided by the embodiments of the present application, data monitoring end can receive the first application from VPN service terminal and send Network access request;The corresponding data packet of the network access request is decoded, the first data are obtained;Judge described It whether include private data in one data;If so, determining the first application leakage private data.In this way, data monitoring end The network access request that application software is sent in terminal can be obtained by VPN service terminal, by corresponding to network access request Data packet parsed and judge whether it includes private data, can determine whether application software reveals the privacy number of user According in this manner it is achieved that the effective monitoring of the data to application software upload is protected to avoid the private data leakage of user Demonstrate,prove the safety of user data.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this The some embodiments recorded in application, for those of ordinary skill in the art, in the premise of not making the creative labor property Under, it is also possible to obtain other drawings based on these drawings.
Fig. 1 is the flow diagram of one embodiment data monitoring method of the application;
Fig. 2 is the flow diagram of one embodiment data monitoring method of the application;
Fig. 3 is the flow diagram of one embodiment data monitoring method of the application;
Fig. 4 is the flow diagram of one embodiment data monitoring method of the application;
Fig. 5 is the structural schematic diagram of a kind of electronic equipment provided by the embodiments of the present application;
Fig. 6 is a kind of structural schematic diagram of data monitoring device provided by the embodiments of the present application;
Fig. 7 is the structural schematic diagram of a kind of electronic equipment provided by the embodiments of the present application;
Fig. 8 is a kind of structural schematic diagram of data monitoring device provided by the embodiments of the present application;
Fig. 9 is a kind of structural schematic diagram of data monitoring system provided by the embodiments of the present application.
Specific embodiment
For existing application software during providing a user Internet service by internet, there are some malice are soft The private data of user can be uploaded to internet in the case where user's unaware by part, led to user's therefore leaking data, used There are security risks for user data.
For example, user can allow it to obtain the contact person of user, short message, call when installing certain application software in the terminal The private datas such as record, in order to better use the application software.Application software is in the right to use for obtaining privacy of user data After limit, the private data of user can be advantageously used.However, in this case, some Malwares can be by the hidden of user Private data lead to the private data leakage of user, bring great loss to user so be uploaded to internet.
In the prior art, in order to avoid the private data leakage of user, the usually available application of the operating system of terminal The root authority of software can intercept application software upload to internet after obtaining root authority by firewall technology Data, and the data of interception are analyzed, it is determined whether the private data comprising user, to avoid the private data of user Leakage.
However, in practical applications, the root authority of some application software (especially third-party application software) be not easy by It obtains, leads to not be monitored the data of these application software uploads.In addition, even if getting the root power of application software Limit, while being monitored to privacy of user data, also inevitably brings other security risks.For example, obtaining To after the root authority of application software, safety wind may be brought to system in malicious modification system setting etc. under root authority Danger.
It can be seen that how to be effectively monitored to the data of application software upload, identification application software whether there is Invade the security risk of privacy of user, the problem of becoming urgent need to resolve.
In order to solve the above-mentioned technical problem, the embodiment of the present application provides a kind of data monitoring method, device and system, the party When method is applied to data monitoring end, may include:The network that the first application is sent is received from Virtual Private Network VPN service terminal to visit Ask request;The corresponding data packet of the network access request is decoded, the first data are obtained;Judge in first data It whether include private data;If so, determining the first application leakage private data.
Compared to existing technologies, at least there is following beneficial effect in technical solution provided by the embodiments of the present application, packet It includes:
(1) data monitoring end obtains the network access request that application software is sent in terminal by VPN service terminal, by right The corresponding data packet of network access request is parsed and judges whether it includes private data, whether can determine application software The private data of user is revealed, in this manner it is achieved that the effective monitoring of the data to application software upload, to avoid user's Private data leakage guarantees the safety of user data.
(2) the embodiment of the present application can be realized soft to application in the case where the root authority without obtaining application software The effective monitoring for the network access request that part is sent is realizing the data to application software upload compared to existing technologies While being monitored, other security risks will not be brought.
Technical scheme is clearly and completely retouched below with reference to the application specific embodiment and corresponding attached drawing It states.Obviously, the described embodiments are only a part but not all of the embodiments of the present application.Based in the application Embodiment, every other embodiment obtained by those of ordinary skill in the art without making creative efforts, It shall fall in the protection scope of this application.
It should be noted that (Virtual Private Network, local virtual are dedicated by VPN in the embodiment of the present application Network) server-side can be understood as terminal (for example, smart phone, tablet computer, mobile TV etc.) operating system it is included VPN service, for terminal after opening VPN service, VPN service terminal can obtain the network row of application software in control and management terminal For permission.
Data monitoring end can be understood as may be mounted in terminal, data for the application software for carrying out data monitoring The permission that monitoring client can obtain VPN service in the case where user authorizes can be from VPN after the permission for obtaining VPN service Server-side obtains the network access request that application software is sent, and determines the privacy number that user whether is carried in network access request According to, and then realize the effective monitoring to the data of application software upload.
The private data of user can be understood as the non-shared of individual subscriber, including but not limited to the short message of user, Contact person, communications records, the geographical location information being currently located, user's head portrait, user name, pet name of user etc., wherein different Application software can correspond to different private datas, can be determined according to the actual situation, the embodiment of the present application, which is not done, to be had Body limits.
Below in conjunction with attached drawing, the technical scheme provided by various embodiments of the present application will be described in detail.
Fig. 1 is a kind of flow diagram of data monitoring method provided by the embodiments of the present application.The method is applied to number According to monitoring client, the method is as described below.
Step 102:The network access request that the first application is sent is received from Virtual Private Network VPN service terminal.
In a step 102, first in terminal is applied when initiating network access request, network access request can be sent out It gives terminal operating system included VPN service, network access request is transmitted to internet by VPN service terminal.
First application can be the application software that terminal carries when leaving the factory, be also possible to the of SS later installation Tripartite's application software, is not specifically limited here.
First application send network access request can be understood as described first apply with internet carry out data friendship When mutual, the arbitrary data request sent to internet is also not specifically limited here.
VPN service terminal is after receiving the network access request that the first application is sent, in order to determine in network access request Whether the private data of user is carried, and network access request can be redirected to data monitoring end by VPN service terminal.
The network access request can be redirected to number when redirecting the network access request by VPN service terminal According to the local service process of monitoring client, data monitoring end can receive the network from VPN service terminal by local service process Access request.
In the embodiment of the present application, data monitoring end is receiving the network access request that the first application is sent from VPN service terminal Before, the method may include:
The authorization message that user sends is received, the authorization message, which is used to characterize, authorizes the VPN permission of service;
According to the authorization message, the VPN is opened by calling system interface and is serviced.
That is, data monitoring end is needed before the network access request that VPN service terminal receives that the first application is sent The access right for obtaining VPN service can receive network access after the access right for obtaining VPN service from VPN service terminal Request.
In the embodiment of the present application, the permission that data monitoring end uses VPN service can be authorized by user.Specifically, true When determining to be monitored the network behavior of application software in terminal, data monitoring end can issue the user with prompt and request to obtain The permission of VPN service, if at this point, user's agreement authorization, can send authorization message, the authorization message to data monitoring end It can be used for characterizing and authorize the access right that data monitoring end obtains VPN.
Data monitoring end can open VPN service after receiving authorization message by calling system interface.In this way, working as When VPN service terminal receives the network access request of application software transmission, network access request can be redirected to data prison End is controlled, at this point, data monitoring end can receive network access request from VPN service terminal.
It should be noted that since VPN services the power of the network behavior of available control and management other application software Limit, therefore, for user after authorizing permission of the data monitoring end using VPN service, data monitoring end can be to other application software With higher control, in this way, can be monitored in order to the subsequent network access request to other application software.
Data monitoring end receives the network access that the first application is sent from VPN service terminal in the method by above-mentioned record After request, step 104 can be executed.
Step 104:The corresponding data packet of the network access request is decoded, the first data are obtained.
At step 104, it first applies when sending network access request, can usually send in the form of data packet, Data monitoring end after receiving the network access request that the first application is sent, in order to determine in network access request whether include The private data of user can be decoded the corresponding data packet of the network access request, obtain the network access and ask The detailed data for including is sought, the detailed data can be considered as the first data.
Data monitoring end is decoded the corresponding data packet of the network access request, obtains the first data, can wrap It includes:
According to the identification information of the corresponding data packet of the network access request, searched and the mark from data the package list Know the corresponding decoding rule of information, the solution of the identification information comprising different data packet and different data packet in described data the package list Mapping relations between code rule;
According to the decoding rule found, the corresponding data packet of the network access request is decoded, obtains first Data.
In the embodiment of the present application, the identification information of the corresponding data packet of same application software can be identical, and different application is soft The identification information of the corresponding data packet of part can be different, for the data packet with different identification information, can use different Decoding rule is decoded.
In order to parse to the corresponding data packet of network access request, data monitoring end can be different data in advance Packet determines corresponding decoding rule, and the mapping established between the identification information of different data packet and corresponding decoding rule is closed System, which is stored into data the package list.
It wherein, can be to the corresponding number of different application software when determining corresponding decoding rule for different data packets Learnt according to the feature of packet, decoding rule is determined based on a large amount of learning outcome.
After establishing described data the package list, described data the package list can be stored in the corresponding service in data monitoring end In device, when data monitoring termination receives network access request, the predetermined data packet can be pulled from server List is searched and the data from described data the package list according to the identification information of the corresponding data packet of network access request The identification information of packet corresponding decoding rule when in described data the package list including the identification information of the data packet, and is searched To after corresponding decoding rule, the decoding rule found can be used, the data packet is decoded, and obtains the first number According to.
It is decoded to the corresponding data packet of the network access request, obtains the first data, step can be executed 106。
Step 106:Whether judge in first data comprising private data.
In step 106, data monitoring end can determine institute by judging whether first data include private data It states whether comprising private data in network request, and then determines whether first application leaks private data.
When whether data monitoring end includes private data in judging first data, may include:
The private data for including in first data and private data library is compared, is judged in first data Whether the private data in the private data library is included;
If so, determining includes private data in first data;
If not, it is determined that do not include private data in first data.
Specifically, the embodiment of the present application can pre-establish the private data library, can wrap in the private data library All private datas containing user in the terminal, data monitoring end after decoding obtains the first data, can by the first data with Whether the private data for including in private data library compares, judged in the first data according to comparing result comprising privacy number According to.
In the embodiment of the present application, if in the first data including at least one of private data library private data, The private data in the network access request comprising user can be determined, at this point it is possible to execute step 108;If the first data In do not include the private data library in any private data, then can determine in the network access request do not include use The private data at family, i.e., private data of described first application without leakage user.
Step 108:Determine the first application leakage private data.
In step 108, due in the network access request include user private data, hence, it can be determined that institute State the first application leakage private data.
In this way, data monitoring end can obtain the network access request that application software is sent in terminal by VPN service terminal, By being parsed to the corresponding data packet of network access request and judging whether it includes private data, can determine using soft Whether part reveals the private data of user, in this manner it is achieved that the effective monitoring of the data to application software upload, to avoid The private data leakage of user guarantees the safety of user data.
In one embodiment of the application, determining first application in the presence of the security risk of leakage private data Afterwards, the method can also include:
Safety instruction information is generated, the safety instruction information is for prompting in the network access request comprising privacy number According to.
The safety instruction information can be picture prompting, is also possible to text prompt, can also be voice prompting, here It is not specifically limited.
For example, after determining the contact data in the network access request sent using A comprising user, data monitoring end It can determine that using A be Malware, there is the security risk of leakage privacy of user data, at this point, data monitoring end can give birth to At text prompt information " uploading your contact data using A ", to prompt user.
After generating safety instruction information, user can determine that the network is visited according to safety instruction information at data monitoring end Ask the private data in request comprising user.
In the embodiment of the present application, in order to not influence user's normal use application software, data monitoring end is determining network visit When asking in request comprising private data, application software will not directly be forbidden to send the network access request, but to user into Row prompt, takes corresponding measure by user, for example, user can unload first application, can also close described first and answer With the access right etc. to privacy of user data.In this way, it is possible to prevente effectively from privacy of user leaking data, guarantees privacy of user number According to safety.
For the clearer data monitoring method introduced in the embodiment of the present application, Fig. 2 may refer to, Fig. 2 is the application's The flow diagram of one embodiment data monitoring method.The method may include:
Step 201:Receive the authorization message that user sends.
The authorization message, which can be used for characterizing, authorizes the data monitoring end VPN permission of service.
Step 202:According to the authorization message, the VPN is opened by calling system interface and is serviced.
Data monitoring end can determine that user agrees to authorization, at this point, data monitoring end after receiving the authorization requests It can be serviced by calling the system interface of terminal inner to open the VPN.
Step 203:The network access request that the first application is sent is received from VPN service terminal.
VPN service terminal can receive what the first application was sent with the network behavior of the first application in real-time monitoring terminal After network access request, network access request can be redirected to the local service process at data monitoring end, data monitoring end The network access request can be received from VPN service terminal by local service process.
Step 204:According to the identification information of the corresponding data packet of the network access request, searched from data the package list Decoding rule corresponding with the identification information.
It may include the identification information of different data packet and the decoding rule of different data packet in described data the package list Between mapping relations, if the mark of the corresponding data packet of the network access request can be found from described data the package list Information can then find corresponding decoding rule.
Step 205:According to the decoding rule found, the corresponding data packet of the network request is decoded, is obtained First data.
First data can be considered as the detailed data carried in the network access request.
Step 206:It whether determines in first data comprising private data.
The private data for including in first data and privacy of user database can be compared, if described first Comprising any private data in the private data library in data, then can determine in first data comprising privacy number According to;Private data is not included in first data conversely, can then determine.
If in first data including private data, the privacy number of the first application leakage user can be determined According to, and execute step 207;Otherwise, it can determine that described first applies the private data without revealing user, and execute step 208。
Step 207:Generate safety instruction information.
The safety instruction information is for prompting in the network access request comprising private data.User mentions according to safety After showing the private data that information determines the first application leakage user, it can choose the first application of unloading, first can also be closed and answered Guarantee privacy of user data with the access right to privacy of user data to avoid the private data of the first application leakage user Safety.
Step 208:Terminate.
Technical solution provided by the embodiments of the present application, data monitoring end can receive the first application from VPN service terminal and send Network access request;The corresponding data packet of the network access request is decoded, the first data are obtained;Judge described It whether include private data in one data;If so, determining the first application leakage private data.In this way, data monitoring end The network access request that application software is sent in terminal can be obtained by VPN service terminal, by corresponding to network access request Data packet parsed and judge whether it includes private data, can determine whether application software reveals the privacy number of user According in this manner it is achieved that the effective monitoring of the data to application software upload is protected to avoid the private data leakage of user Demonstrate,prove the safety of user data.
Fig. 3 is the flow diagram of one embodiment data monitoring method of the application.The method can be applied to VPN Server-side, the method are as described below.
Step 302:Receive the network access request that the first application is sent.
In step 302, the VPN service function in terminal can be opened, after opening VPN service function, VPN service terminal The application software installed in terminal (can be can be by the application software carried when terminal factory, be also possible to SS later peace The third-party application software of dress) network behavior monitored in real time, when detect first application to internet send network visit When asking request, VPN service terminal can receive the network access request.
VPN service terminal can execute step 304 after receiving the network access request.
Step 304:Determine whether first application is application to be monitored.
In step 304, VPN service terminal can choose a part of application software in terminal and be monitored, and receive When network access request, can determine whether the first application for sending the network access request is application to be monitored.
Determining whether first application is to be monitored in application, may include:
The mark comprising first application is searched whether from list to be monitored, includes wait supervise in the list to be monitored The mark of the application of control;
If so, determining that first application is application to be monitored.
In the embodiment of the present application, VPN service terminal can pre-establish list to be monitored according to application software to be monitored, It may include the mark of at least one application software to be monitored in the list to be monitored.
After receiving network access request, identifying whether for the first application for sending the network access request can be determined Included in the list to be monitored, if so, can determine that first application is application to be monitored, and step is executed 306;If it is not, can then determine that first application is not application to be monitored, at this point it is possible to normally access the network Request is handled.
For example, in list to be monitored comprising using A, using the mark of B and application C, if the first application for using A, It can illustrate using A to be application to be monitored, if the first application is using D, it can be said that bright is not to be monitored answer using D With.
Step 306:Determine whether data monitoring end opens VPN service.
Within step 306, the data monitoring end can be used for determining that described first answers according to the network access request With whether revealing private data.VPN service terminal determine it is described first application be it is to be monitored in application, in order to further determine Whether first application leaks the private data of user, the network access request can be sent to the data monitoring End, in order to which the data monitoring end is monitored.
VPN service terminal needs to judge data monitoring end when sending the network access request to the data monitoring end VPN service whether is had turned on, that is, determines whether the data monitoring end can carry out data interaction with VPN service terminal.If so, Determination can send network access request to data monitoring end, and execute step 308;If it is not, can then terminate process.
Step 308:The network access request is redirected to the data monitoring end.
In step 308, VPN service terminal, can be by described the after determining that the data monitoring end has turned on VPN service The network access request that one application is sent is redirected to data monitoring end, i.e., the network access request is sent to the data Monitoring client.
It data monitoring end, can be to the corresponding data of the network access request after receiving the network access request Packet is decoded, and obtains the first data;Whether judge in first data comprising private data;If so, determining described the There is the security risk of leakage private data in one application.Concrete methods of realizing may refer to record in embodiment illustrated in fig. 1 interior Hold, description is not repeated herein.In this manner it is achieved that the effective monitoring of the data uploaded to the first application.
Technical solution provided by the embodiments of the present application, can open the VPN service function in terminal, and VPN service terminal can be with The network behavior of application software in terminal is monitored in real time, in the network access request for receiving the first application transmission When, determine whether first application is application to be monitored;If so, determining whether data monitoring end opens VPN service;If The data monitoring end has turned on VPN service, then the network access request is redirected to data monitoring end, in order to described Data monitoring end can determine whether first application reveals private data according to the network access request.In this way, passing through The network access request of application software in terminal is redirected to data monitoring end by VPN service terminal, so that data monitoring end can be with The network access request of application software is got, and then can determine whether application software reveals user according to network access request Private data, to avoid the private data leakage of user, protected with realizing the effective monitoring to the data of application software upload Demonstrate,prove the safety of user data.
Fig. 4 is the flow diagram of one embodiment data monitoring method of the application.The embodiment of the present application and Fig. 1 and figure Embodiment shown in 3 belongs to identical inventive concept, and the method is as described below.
Step 401:First application sends network access request to VPN service terminal.
In the case where terminal opens VPN service, the first application can send network access request to VPN service terminal.
Step 402:VPN service terminal determines whether first application is application to be monitored.
VPN service terminal can determine whether first application is wait supervise according to the method recorded in embodiment illustrated in fig. 3 The application of control, type are not repeated to describe.
If first application is application to be monitored, step 403 can be executed;Otherwise, step 404 can be executed.
It should be noted that determining that the first application is application to be monitored, in order to not influence described in user's normal use First application, can also execute step 404.
Step 403:VPN service terminal determines whether data monitoring end opens VPN service.
The embodiment of the present application is illustrated so that the data monitoring end has turned on VPN service as an example.Wherein, data monitoring end VPN service can be opened by the method recorded in embodiment illustrated in fig. 1, description is not repeated herein.
VPN service terminal can execute step 405 when determining that the data monitoring end has turned on VPN service.
Step 404:The network access request is sent to internet by VPN service terminal.
Step 405:The network access request is redirected to data monitoring end by VPN service terminal.
Step 406:Data monitoring end is decoded the corresponding data packet of the network access request, obtains the first number According to.
When data monitoring end is decoded the network access request corresponding data packet, it may refer to real shown in Fig. 1 The content recorded in example is applied, description is not repeated herein.
Step 407:Whether data monitoring end judges in first data comprising private data.
Data monitoring end can judge according to the method recorded in embodiment illustrated in fig. 1 in first data whether include Private data, if so, step 408 can be executed;If it is not, can then execute step 410.
Step 408:Data monitoring end determines the first application leakage private data.
When determining the first application leakage private data, step 309 can also be performed.
Step 409:Data monitoring end generates safety instruction information.
The safety instruction information is for prompting in the network access request comprising private data.
After generating safety instruction information, user can take corresponding measure according to the safety instruction information, for example, unloading First application is carried, or closes first application to the access right etc. of privacy of user data, to guarantee privacy of user The safety of data.
Step 410:Terminate.
Technical solution provided by the embodiments of the present application opens the VPN service function of terminal, and VPN service terminal can be in real time The network behavior of application software in terminal is monitored, is asked receiving the network access that application software to be monitored is sent When asking, under the premise of data monitoring section has turned on VPN service, which is redirected to data monitoring end, this Sample, data monitoring end can parse the corresponding data packet of network access request and judge whether it includes private data, And then determine whether application software reveals the private data of user, realize the effective monitoring to the data of application software upload, from And the private data leakage of user is avoided, guarantee the safety of user data.
It is above-mentioned that this specification specific embodiment is described.Other embodiments are in the scope of the appended claims It is interior.In some cases, the movement recorded in detail in the claims or step can be come according to the sequence being different from embodiment It executes and desired result still may be implemented.In addition, process depicted in the drawing not necessarily require show it is specific suitable Sequence or consecutive order are just able to achieve desired result.In some embodiments, multitasking and parallel processing be also can With or may be advantageous.
Fig. 5 is the structural schematic diagram of one embodiment electronic equipment of the application.Referring to FIG. 5, in hardware view, the electricity Sub- equipment includes processor, optionally further comprising internal bus, network interface, memory.Wherein, memory may be comprising interior It deposits, such as high-speed random access memory (Random-Access Memory, RAM), it is also possible to further include non-volatile memories Device (non-volatile memory), for example, at least 1 magnetic disk storage etc..Certainly, which is also possible that other Hardware required for business.
Processor, network interface and memory can be connected with each other by internal bus, which can be ISA (Industry Standard Architecture, industry standard architecture) bus, PCI (Peripheral Component Interconnect, Peripheral Component Interconnect standard) bus or EISA (Extended Industry Standard Architecture, expanding the industrial standard structure) bus etc..The bus can be divided into address bus, data/address bus, control always Line etc..Only to be indicated with a four-headed arrow in Fig. 5, it is not intended that an only bus or a type of convenient for indicating Bus.
Memory, for storing program.Specifically, program may include program code, and said program code includes calculating Machine operational order.Memory may include memory and nonvolatile memory, and provide instruction and data to processor.
Processor is from the then operation into memory of corresponding computer program is read in nonvolatile memory, in logical layer Data monitoring device is formed on face.Processor executes the program that memory is stored, and is specifically used for executing following operation:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
The method that data monitoring device disclosed in the above-mentioned embodiment illustrated in fig. 5 such as the application executes can be applied to processor In, or realized by processor.Processor may be a kind of IC chip, the processing capacity with signal.It was realizing Each step of Cheng Zhong, the above method can be complete by the integrated logic circuit of the hardware in processor or the instruction of software form At.Above-mentioned processor can be general processor, including central processing unit (Central Processing Unit, CPU), Network processing unit (Network Processor, NP) etc.;It can also be digital signal processor (Digital Signal Processor, DSP), it is specific integrated circuit (Application Specific Integrated Circuit, ASIC), existing Field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device are divided Vertical door or transistor logic, discrete hardware components.It may be implemented or execute and is in the embodiment of the present application disclosed each Method, step and logic diagram.General processor can be microprocessor or the processor is also possible to any conventional place Manage device etc..The step of method in conjunction with disclosed in the embodiment of the present application, can be embodied directly in hardware decoding processor and execute At, or in decoding processor hardware and software module combination execute completion.Software module can be located at random access memory, This fields such as flash memory, read-only memory, programmable read only memory or electrically erasable programmable memory, register maturation In storage medium.The storage medium is located at memory, and processor reads the information in memory, completes above-mentioned side in conjunction with its hardware The step of method.
The method that the electronic equipment can also carry out Fig. 1, and realize the function of data monitoring device embodiment shown in Fig. 1, Details are not described herein for the embodiment of the present application.
Certainly, other than software realization mode, other implementations are not precluded in the electronic equipment of the application, for example patrol Collect device or the mode of software and hardware combining etc., that is to say, that the executing subject of following process flow is not limited to each patrol Unit is collected, hardware or logical device are also possible to.
The embodiment of the present application also proposed a kind of computer readable storage medium, the computer-readable recording medium storage one A or multiple programs, the one or more program include instruction, and the instruction is when by the portable electronic including multiple application programs When equipment executes, the method that the portable electronic device can be made to execute embodiment illustrated in fig. 1, and be specifically used for executing following behaviour Make:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
Fig. 6 is a kind of structural schematic diagram of data monitoring device provided by the embodiments of the present application.Described device can be applied In data monitoring end, can specifically include:Receiving unit 61, decoding unit 62, judging unit 63 and determination unit 64, In:
Receiving unit 61 receives the network access request that the first application is sent from Virtual Private Network VPN service terminal;
Decoding unit 62 is decoded the corresponding data packet of the network access request, obtains the first data;
Whether judging unit 63 judges in first data comprising private data;
Determination unit 64 determines described the when the judging unit judges in first data comprising private data One application leakage private data.
Optionally, the decoding unit 62 is decoded the corresponding data packet of the network access request, obtains first Data, including:
According to the identification information of the corresponding data packet of the network access request, searched and the mark from data the package list Know the corresponding decoding rule of information, the solution of the identification information comprising different data packet and different data packet in described data the package list Mapping relations between code rule;
According to the decoding rule found, the corresponding data packet of the network access request is decoded, obtains first Data.
Optionally, whether the judging unit 63 judge in first data comprising private data, including:
The private data for including in first data and private data library is compared, is judged in first data Whether the private data in the private data library is included;
If so, determining includes private data in first data;
If not, it is determined that do not include private data in first data.
Optionally, described device further includes:Opening unit 65, wherein:
The opening unit 65 receives the first application hair from Virtual Private Network VPN service terminal in the receiving unit 64 Before the network access request sent, the authorization message that user sends is received, the authorization message, which is used to characterize, authorizes VPN service Permission;
According to the authorization message, the VPN is opened by calling system interface and is serviced.
Optionally, described device further includes:Prompt unit 66, wherein:
The prompt unit 66 determines that first application has the safety of leakage private data in the determination unit 64 After hidden danger, safety instruction information is generated, the safety instruction information is for prompting in the network access request comprising privacy number According to.
Fig. 7 is the structural schematic diagram of one embodiment electronic equipment of the application.Referring to FIG. 7, in hardware view, the electricity Sub- equipment includes processor, optionally further comprising internal bus, network interface, memory.Wherein, memory may be comprising interior It deposits, such as high-speed random access memory (Random-Access Memory, RAM), it is also possible to further include non-volatile memories Device (non-volatile memory), for example, at least 1 magnetic disk storage etc..Certainly, which is also possible that other Hardware required for business.
Processor, network interface and memory can be connected with each other by internal bus, which can be ISA (Industry Standard Architecture, industry standard architecture) bus, PCI (Peripheral Component Interconnect, Peripheral Component Interconnect standard) bus or EISA (Extended Industry Standard Architecture, expanding the industrial standard structure) bus etc..The bus can be divided into address bus, data/address bus, control always Line etc..Only to be indicated with a four-headed arrow in Fig. 7, it is not intended that an only bus or a type of convenient for indicating Bus.
Memory, for storing program.Specifically, program may include program code, and said program code includes calculating Machine operational order.Memory may include memory and nonvolatile memory, and provide instruction and data to processor.
Processor is from the then operation into memory of corresponding computer program is read in nonvolatile memory, in logical layer Data monitoring device is formed on face.Processor executes the program that memory is stored, and is specifically used for executing following operation:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised Control end.
The method that data monitoring device disclosed in the above-mentioned embodiment illustrated in fig. 7 such as the application executes can be applied to processor In, or realized by processor.Processor may be a kind of IC chip, the processing capacity with signal.It was realizing Each step of Cheng Zhong, the above method can be complete by the integrated logic circuit of the hardware in processor or the instruction of software form At.Above-mentioned processor can be general processor, including central processing unit (Central Processing Unit, CPU), Network processing unit (Network Processor, NP) etc.;It can also be digital signal processor (Digital Signal Processor, DSP), it is specific integrated circuit (Application Specific Integrated Circuit, ASIC), existing Field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device are divided Vertical door or transistor logic, discrete hardware components.It may be implemented or execute and is in the embodiment of the present application disclosed each Method, step and logic diagram.General processor can be microprocessor or the processor is also possible to any conventional place Manage device etc..The step of method in conjunction with disclosed in the embodiment of the present application, can be embodied directly in hardware decoding processor and execute At, or in decoding processor hardware and software module combination execute completion.Software module can be located at random access memory, This fields such as flash memory, read-only memory, programmable read only memory or electrically erasable programmable memory, register maturation In storage medium.The storage medium is located at memory, and processor reads the information in memory, completes above-mentioned side in conjunction with its hardware The step of method.
The method that the electronic equipment can also carry out Fig. 3, and realize the function of data monitoring device embodiment shown in Fig. 3, Details are not described herein for the embodiment of the present application.
Certainly, other than software realization mode, other implementations are not precluded in the electronic equipment of the application, for example patrol Collect device or the mode of software and hardware combining etc., that is to say, that the executing subject of following process flow is not limited to each patrol Unit is collected, hardware or logical device are also possible to.
The embodiment of the present application also proposed a kind of computer readable storage medium, the computer-readable recording medium storage one A or multiple programs, the one or more program include instruction, and the instruction is when by the portable electronic including multiple application programs When equipment executes, the method that the portable electronic device can be made to execute embodiment illustrated in fig. 2, and be specifically used for executing following behaviour Make:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be visited according to the network Ask that request determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data and is supervised Control end.
Fig. 8 is a kind of structural schematic diagram of data monitoring device provided by the embodiments of the present application.Described device can be applied In VPN service terminal, can specifically include:Receiving unit 81, the first determination unit 82, the second determination unit 83 and transmission unit 84, wherein:
Receiving unit 81 receives the network access request that the first application is sent;
First determination unit 82 determines whether first application is application to be monitored;
Second determination unit 83, first determination unit 82 determine it is described first application be it is to be monitored in application, Determine whether data monitoring end opens VPN service, the data monitoring end is used for according to network access request determination Whether the first application reveals private data;
Transmission unit 84, when second determination unit 83 determines that the data monitoring end has turned on VPN service, by institute It states network access request and is redirected to the data monitoring end.
Optionally, first determination unit 82 determines whether first application is application to be monitored, including:
The mark comprising first application is searched whether from list to be monitored, includes wait supervise in the list to be monitored The mark of the application of control;
If so, determining that first application is application to be monitored.
Fig. 9 is the structural schematic diagram of one embodiment data monitoring system of the application, and the data monitoring system includes: VPN service terminal 91 and data monitoring end 92, wherein:
The VPN service terminal 91 receives the network access request that the first application is sent;Determine it is described first application whether be Application to be monitored;If so, determining whether the data monitoring end 92 opens VPN service;If the data monitoring end 92 is VPN service is opened, then the network access request is redirected to the data monitoring end 92;
The data monitoring end 92 receives the network access request that the first application is sent from the VPN service terminal 91;To institute It states the corresponding data packet of network access request to be decoded, obtains the first data;Whether judge in first data comprising hidden Private data;If so, determining the first application leakage private data.
The function in Fig. 3 and embodiment illustrated in fig. 4, the data monitoring end 92 may be implemented in the VPN service terminal 91 The function in Fig. 1, Fig. 1 and embodiment illustrated in fig. 4 may be implemented, details are not described herein for the embodiment of the present application.
In short, being not intended to limit the protection scope of the application the foregoing is merely the preferred embodiment of the application. Within the spirit and principles of this application, any modification, equivalent replacement, improvement and so on should be included in the application's Within protection scope.
System, device, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity, Or it is realized by the product with certain function.It is a kind of typically to realize that equipment is computer.Specifically, computer for example may be used Think personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play It is any in device, navigation equipment, electronic mail equipment, game console, tablet computer, wearable device or these equipment The combination of equipment.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data. The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM), Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described want There is also other identical elements in the process, method of element, commodity or equipment.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for system reality For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method Part explanation.

Claims (14)

1. a kind of data monitoring method is applied to data monitoring end, which is characterized in that including:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
2. the method as described in claim 1, which is characterized in that solved to the corresponding data packet of the network access request Code, obtains the first data, including:
According to the identification information of the corresponding data packet of the network access request, searches from data the package list and believe with the mark Corresponding decoding rule is ceased, the decoding of the identification information comprising different data packet and different data packet is advised in described data the package list Mapping relations between then;
According to the decoding rule found, the corresponding data packet of the network access request is decoded, the first data are obtained.
3. the method as described in claim 1, which is characterized in that whether judge in first data comprising private data, packet It includes:
The private data for including in first data and private data library is compared, judge in first data whether Include the private data in the private data library;
If so, determining includes private data in first data;
If not, it is determined that do not include private data in first data.
4. the method as described in claim 1, which is characterized in that receive the first application hair from Virtual Private Network VPN service terminal Before the network access request sent, the method also includes:
The authorization message that user sends is received, the authorization message, which is used to characterize, authorizes the VPN permission of service;
According to the authorization message, the VPN is opened by calling system interface and is serviced.
5. such as the described in any item methods of Claims 1-4, which is characterized in that determining that it is hidden that first application has leakage After the security risk of private data, the method also includes:
Safety instruction information is generated, the safety instruction information is for prompting in the network access request comprising private data.
6. a kind of data monitoring method is applied to VPN service terminal, which is characterized in that including:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be asked according to network access It asks and determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data monitoring end.
7. method as claimed in claim 6, which is characterized in that determine whether first application is application to be monitored, packet It includes:
The mark comprising first application is searched whether from list to be monitored, includes to be monitored in the list to be monitored The mark of application;
If so, determining that first application is application to be monitored.
8. a kind of data monitoring device is applied to data monitoring end, which is characterized in that including:
Receiving unit receives the network access request that the first application is sent from Virtual Private Network VPN service terminal;
Decoding unit is decoded the corresponding data packet of the network access request, obtains the first data;
Whether judging unit judges in first data comprising private data;
Determination unit determines first application when the judging unit judges in first data comprising private data Reveal private data.
9. a kind of data monitoring device is applied to VPN service terminal, which is characterized in that including:
Receiving unit receives the network access request that the first application is sent;
First determination unit determines whether first application is application to be monitored;
Second determination unit determines that first application is to be monitored in application, determining data in first determination unit Whether monitoring client opens VPN service, and the data monitoring end is used to determine first application according to the network access request Whether private data is revealed;
Transmission unit visits the network when second determination unit determines that the data monitoring end has turned on VPN service Ask that request is redirected to the data monitoring end.
10. a kind of electronic equipment, including:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the processor when executed Execute following operation:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
11. a kind of electronic equipment, including:
Processor;And
It is arranged to the memory of storage computer executable instructions, the executable instruction makes the processor when executed Execute following operation:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be asked according to network access It asks and determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data monitoring end.
12. a kind of computer readable storage medium, the computer-readable recording medium storage one or more program, described one A or multiple programs are when the electronic equipment for being included multiple application programs executes, so that the electronic equipment executes following behaviour Make:
The network access request that the first application is sent is received from Virtual Private Network VPN service terminal;
The corresponding data packet of the network access request is decoded, the first data are obtained;
Whether judge in first data comprising private data;
If so, determining the first application leakage private data.
13. a kind of computer readable storage medium, the computer-readable recording medium storage one or more program, described one A or multiple programs are when the electronic equipment for being included multiple application programs executes, so that the electronic equipment executes following behaviour Make:
Receive the network access request that the first application is sent;
Determine whether first application is application to be monitored;
If so, determining whether data monitoring end opens VPN service, the data monitoring end is used to be asked according to network access It asks and determines whether first application reveals private data;
If the data monitoring end has turned on VPN service, the network access request is redirected to the data monitoring end.
14. a kind of data monitoring system, which is characterized in that including VPN service terminal and data monitoring end, wherein:
The VPN service terminal receives the network access request that the first application is sent;Determine whether first application is to be monitored Application;If so, determining whether the data monitoring end opens VPN service;If the data monitoring end has turned on VPN clothes Business, then be redirected to the data monitoring end for the network access request;
The data monitoring end receives the network access request that the first application is sent from the VPN service terminal;The network is visited It asks that the corresponding data packet of request is decoded, obtains the first data;Whether judge in first data comprising private data;If It is, it is determined that the first application leakage private data.
CN201810561433.2A 2018-06-04 2018-06-04 A kind of data monitoring method, device and system Pending CN108900473A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810561433.2A CN108900473A (en) 2018-06-04 2018-06-04 A kind of data monitoring method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810561433.2A CN108900473A (en) 2018-06-04 2018-06-04 A kind of data monitoring method, device and system

Publications (1)

Publication Number Publication Date
CN108900473A true CN108900473A (en) 2018-11-27

Family

ID=64344189

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810561433.2A Pending CN108900473A (en) 2018-06-04 2018-06-04 A kind of data monitoring method, device and system

Country Status (1)

Country Link
CN (1) CN108900473A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109739748A (en) * 2018-12-13 2019-05-10 北京小米移动软件有限公司 Close rule detection method and device
CN109922062A (en) * 2019-03-04 2019-06-21 腾讯科技(深圳)有限公司 Source code reveals monitoring method and relevant device
CN111935095A (en) * 2020-07-15 2020-11-13 广东电网有限责任公司 Source code leakage monitoring method and device and computer storage medium
CN112165453A (en) * 2020-09-01 2021-01-01 珠海格力电器股份有限公司 Intelligent equipment anti-intrusion method and device, intelligent equipment and server
CN112417506A (en) * 2020-11-26 2021-02-26 北京指掌易科技有限公司 Private data monitoring method and device, electronic equipment and storage medium
CN112948835A (en) * 2021-03-26 2021-06-11 支付宝(杭州)信息技术有限公司 Applet risk detection method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104579879A (en) * 2014-12-05 2015-04-29 上海斐讯数据通信技术有限公司 Virtual private network communication system, connection method and data packet transmission method
WO2016080986A1 (en) * 2014-11-19 2016-05-26 Hewlett-Packard Development Company, L.P. Tracking a mobile device
CN106332070A (en) * 2015-06-30 2017-01-11 北京壹人壹本信息科技有限公司 Secure communication method, device and system
CN106599298A (en) * 2016-12-28 2017-04-26 北京金山安全软件有限公司 Advertisement blocking method and device and terminal equipment
CN107332872A (en) * 2017-05-23 2017-11-07 成都联宇云安科技有限公司 A kind of method that Android device network agile management and control is realized based on VPN connections

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016080986A1 (en) * 2014-11-19 2016-05-26 Hewlett-Packard Development Company, L.P. Tracking a mobile device
CN104579879A (en) * 2014-12-05 2015-04-29 上海斐讯数据通信技术有限公司 Virtual private network communication system, connection method and data packet transmission method
CN106332070A (en) * 2015-06-30 2017-01-11 北京壹人壹本信息科技有限公司 Secure communication method, device and system
CN106599298A (en) * 2016-12-28 2017-04-26 北京金山安全软件有限公司 Advertisement blocking method and device and terminal equipment
CN107332872A (en) * 2017-05-23 2017-11-07 成都联宇云安科技有限公司 A kind of method that Android device network agile management and control is realized based on VPN connections

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张斯: "Android移动终端隐私数据保护系统设计与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109739748A (en) * 2018-12-13 2019-05-10 北京小米移动软件有限公司 Close rule detection method and device
CN109739748B (en) * 2018-12-13 2022-06-10 北京小米移动软件有限公司 Compliance detection method and device
CN109922062A (en) * 2019-03-04 2019-06-21 腾讯科技(深圳)有限公司 Source code reveals monitoring method and relevant device
CN111935095A (en) * 2020-07-15 2020-11-13 广东电网有限责任公司 Source code leakage monitoring method and device and computer storage medium
CN112165453A (en) * 2020-09-01 2021-01-01 珠海格力电器股份有限公司 Intelligent equipment anti-intrusion method and device, intelligent equipment and server
CN112417506A (en) * 2020-11-26 2021-02-26 北京指掌易科技有限公司 Private data monitoring method and device, electronic equipment and storage medium
CN112948835A (en) * 2021-03-26 2021-06-11 支付宝(杭州)信息技术有限公司 Applet risk detection method and device

Similar Documents

Publication Publication Date Title
CN108900473A (en) A kind of data monitoring method, device and system
US9753796B2 (en) Distributed monitoring, evaluation, and response for multiple devices
CN109327314A (en) Access method, device, electronic equipment and the system of business datum
CN108763921B (en) A kind of method of application software and SDK control
US20170318046A1 (en) Method and system for assessing data security
US10685142B2 (en) External resource control of mobile devices
US20150058972A1 (en) Method And Apparatus For Accessing An Application Program
CN109587097A (en) A kind of system, method and apparatus for realizing secure access internal network
CN103607385A (en) Method and apparatus for security detection based on browser
US9235840B2 (en) Electronic transaction notification system and method
Krupp et al. SPE: security and privacy enhancement framework for mobile devices
CN108234509A (en) FIDO authenticators, Verification System and method based on TEE and PKI certificates
CN108347361A (en) Applied program testing method, device, computer equipment and storage medium
CN110246039A (en) Transaction detection method, apparatus and electronic equipment based on alliance's chain
CN104484823B (en) E-bank's PKI method of servicing and its system
CN107197462A (en) Detection method, device and the electronic equipment of wireless network type
CN113542201A (en) Access control method and device for Internet service
CN108416224B (en) A kind of data encryption/decryption method and device
CN110278192A (en) Method, apparatus, computer equipment and the readable storage medium storing program for executing of extranet access Intranet
US10826944B1 (en) Systems and methods for network security
CN105227532B (en) A kind of blocking-up method and device of malicious act
CN111600882A (en) Block chain-based account password management method and device and electronic equipment
CN113114681B (en) Test message processing method, device, computer system and readable storage medium
CN109068303A (en) A kind of resource sharing method, device and electronic equipment
CN111431918B (en) Method and system for determining state label of target user based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20181127

RJ01 Rejection of invention patent application after publication