CN109117642A - A kind of the file reading leak detection method and device of application program - Google Patents
A kind of the file reading leak detection method and device of application program Download PDFInfo
- Publication number
- CN109117642A CN109117642A CN201810935301.1A CN201810935301A CN109117642A CN 109117642 A CN109117642 A CN 109117642A CN 201810935301 A CN201810935301 A CN 201810935301A CN 109117642 A CN109117642 A CN 109117642A
- Authority
- CN
- China
- Prior art keywords
- file
- application program
- loophole
- program
- library file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a kind of files of application program to read leak detection method and device, this method comprises: extracting the library file of the installation kit of application program to be detected;According to whether including that routine call marks in the library file of the installation kit, determine whether the application program can call FFmpeg transcoding program;If the application program can call FFmpeg transcoding program, according to whether including that loophole reparation marks in the library file, determine that the application program reads loophole with the presence or absence of file.It whether include the result of loophole reparation label in this library file according to installation kit to judge application program with the presence or absence of the mode of file reading loophole, allow application developer to read loophole coefficient according to the file of application program and corresponding modification measure is made to the installation kit of application program, the problem of overcoming after malicious attacker in the prior art uploads leaky video/audio, being likely to result in the leakage of mobile phone Chinese part content.
Description
Technical field
The present invention relates to the file of field of computer technology more particularly to a kind of application program read leak detection method and
Device.
Background technique
FFmpeg transcoding program be it is a be used to record, converted digital audio and video, and exempting from for stream can be translated into
Take open source computer program.There is very more cell phone applications (i.e. Application, application program) all to turn using FFmpeg at present
Coded program encodes/decodes audio/video.
Due to FFmpeg transcoding program can handle HLS (HTTP Live Streaming, it is a kind of based on http protocol
Streaming media communication agreement) playlist, and playlist can quote the characteristic of external file, many malicious attackers utilize should
Characteristic uploads leaky video/audio, may cause in this way APP decoded by FFmpeg transcoding program broadcasting video/
The loophole is triggered when audio, and the file in mobile phone is remotely read by malicious attacker, causes the leakage of file content.
Therefore, how to prevent the leakage of mobile phone Chinese part content is the technical problems to be solved by the invention.
Summary of the invention
The file that a kind of application program is provided in the embodiment of the present invention reads leak detection method, to solve the prior art
After middle malicious attacker uploads leaky video/audio, the problem of being likely to result in the leakage of mobile phone Chinese part content.
The file that a kind of application program is additionally provided in the embodiment of the present invention reads Hole Detection device.
In order to solve the above-mentioned technical problem, the present invention is implemented as follows:
In a first aspect, the file for providing a kind of application program reads leak detection method, this method comprises:
Extract the library file of the installation kit of application program to be detected;
According to whether including that routine call marks in the library file of the installation kit, determine that the application program whether can
Call FFmpeg transcoding program;
If the application program can call FFmpeg transcoding program, whether repaired comprising loophole according in the library file
Multiple label determines that the application program reads loophole with the presence or absence of file.
Second aspect, the file for providing a kind of application program read Hole Detection device, which includes:
Acquiring unit, the library file of the installation kit for extracting application program to be detected;
Determination unit is called, for, whether comprising routine call label, determining institute in the library file according to the installation kit
State whether application program can call FFmpeg transcoding program;
Loophole determination unit, if FFmpeg transcoding program can be called for the application program, according to the library text
Whether marked comprising loophole reparation in part, determines that the application program reads loophole with the presence or absence of file.
Using at least one above-mentioned technical solution provided in an embodiment of the present invention, following effect can achieve:
Whether application program is judged due to whether including the result of loophole reparation label in the library file according to installation kit
There are the modes that file reads loophole, allow application developer to read loophole coefficient according to the file of application program and correspond to
Corresponding modification measure is made with the installation kit of program, malicious attacker in the prior art is overcome and uploads leaky view
Frequently after/audio, the problem of being likely to result in the leakage of mobile phone Chinese part content.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present invention, constitutes a part of the invention, this hair
Bright illustrative embodiments and their description are used to explain the present invention, and are not constituted improper limitations of the present invention.In the accompanying drawings:
Fig. 1 is that a kind of file for application program that one embodiment of the present of invention provides reads the process of leak detection method
Schematic diagram;
Fig. 2 is that a kind of file for application program that one embodiment of the present of invention provides reads the structure of Hole Detection device
Schematic diagram.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are some of the embodiments of the present invention, instead of all the embodiments.Based on this hair
Embodiment in bright, every other implementation obtained by those of ordinary skill in the art without making creative efforts
Example, shall fall within the protection scope of the present invention.
Below in conjunction with attached drawing, the technical solution that is provided in each embodiment that the present invention will be described in detail.
Embodiment 1
To solve after malicious attacker uploads leaky video/audio in the prior art, it is likely to result in mobile phone
The problem of leakage of file content, the file that the embodiment of the present invention 1 provides a kind of application program read leak detection method.
The file of the application program reads the executing subject of leak detection method, can be the developer of application program,
Alternatively, the executing subject that the file of the application program reads leak detection method is also possible to the installation for detecting application program
The system, etc. run on the server or server of packet.
The embodiment of the present invention 1 for ease of description, below executing subject in this way be application developer for, to this
Method is introduced.
Figure of description 1 is referred to, for the file reading Hole Detection side for the application program that the embodiment of the present invention 1 provides
The flow diagram of method, the process specifically comprise the following steps:
Step 11: extracting the library file of the installation kit of application program to be detected;
In the embodiment of the present invention 1, in one embodiment, the installation kit of the application program to be detected refers to application
Developer is loaded onto each application program that the needs of application market detect to loaded application market or i.e.
The installation kit of (Application, i.e. APP).
The library file of the installation kit for extracting application program to be detected, in particular to, by tool of compression to the peace
Dress packet is decompressed, and is further extracted under the lib file that decompression obtains and is obtained so library file.
Wherein, above-mentioned tool of compression, for example can be the compressed softwares such as WinRAR compressed software;Above-mentioned lib file is
Refer to, for the file of the library file of application call, there is so library file (dynamic link library file) under file, the library so
File is used to store the program of the function called.
Step 12: according to whether including that routine call marks in the library file of the installation kit, determining the application program
Whether FFmpeg transcoding program can be called;
In the embodiment of the present invention 1, in one embodiment, described program invocation flags refer to, show FFmpeg transcoding
The character string " detect bitstream specification deviations " that program can be called;Wherein, described
FFmpeg transcoding program, in particular to a kind of computer program that video/audio can be carried out to transcoding.
It whether include routine call in the library file of the installation kit in one embodiment in the embodiment of the present invention 1
Label, refers to, is searched whether in all so library files under above-mentioned lib file comprising character string " detect
bitstream specification deviations".Specific lookup mode is for example following shown:
By the system command of (SuSE) Linux OS, character string is searched in all so library files under lib file
" detect bitstream specification deviations ", the order line code specifically: grep-r-l "
detect bitstream specification deviations"\lib。
Wherein, the character string refers to 4 or more arbitrary sequences, with newline or null character knot
Beam.
Then, according to whether including that routine call marks in the library file of the installation kit, whether the application program is determined
FFmpeg transcoding program can be called, specific judgment mode is for example following shown:
By the system command of (SuSE) Linux OS, if finding character in all so library files under lib file
It goes here and there " detect bitstream specification deviations ", then the command interface of system can be matched and be shown
It out include one or more so library files of character string " detect bitstream specification deviations "
Name, then show that the application program can call FFmpeg transcoding program.
If not finding character string " detect bitstream in all so library files under lib file
Specification deviations " then shows the application program then system interface would not show so library file name
FFmpeg transcoding program namely the application program can not be called, and there is no files to read loophole.
It should be noted that determining that the application program can call FFmpeg to turn in the step 12 of the embodiment of the present invention 1
Coded program is the premise that detection application program reads loophole with the presence or absence of file in the step 13 of the embodiment of the present invention 1.
Step 13: if the application program can call FFmpeg transcoding program, whether being wrapped according in the library file
The label of reparation containing loophole determines that the application program reads loophole with the presence or absence of file.
In the embodiment of the present invention 1, in one embodiment, the library file, in particular to it is above-mentioned include character string
One or more so library files of " detect bitstream specification deviations " turn for FFmpeg
The calling of coded program.
In the embodiment of the present invention 1, in one embodiment, loophole reparation label, refer to show loophole by
The character string " file, " generated after system reparation.
In the embodiment of the present invention 1, in one embodiment, whether is marked comprising loophole reparation in the library file, be
Refer to, is looked into so library file comprising character string " detect bitstream specification deviations "
It whether looks for comprising character string " file, ".Specific lookup mode is for example following shown:
By the system command of (SuSE) Linux OS, including character string " detect bitstream
Character string " file, " described order line code is searched in so library file of specification deviations " specifically:
strings ffmpegDemo|egrep--color"^file,\$".Wherein, the ffmpegDemo, refers to, includes character string
The actual file path of so library file of " detect bitstream specification deviations ".
The strings order is for the identification to arbitrary object file or binary file and in obj ect file or two
Printable character string is searched in binary file.
Then, according to whether including that loophole reparation marks in the library file, determine the application program with the presence or absence of file
Loophole is read, specific judgment mode is for example following shown:
By the system command of (SuSE) Linux OS, if including character string " detect bitstream
Character string " file, " is found in so library file of specification deviations ", then show the loophole by
System is repaired namely the loophole that file is read is not present in the application program.
If in so library file comprising character string " detect bitstream specification deviations "
Do not find character string " file, ", then show the loophole not by system repair namely the application program there are files
The loophole of reading.
The scheme provided using the embodiment of the present invention 1, due to whether including loophole reparation in the library file according to installation kit
The result of label reads the mode of loophole to judge application program with the presence or absence of file, allows application developer according to answering
Loophole coefficient is read with the file of program, corresponding modification measure is made to the installation kit of application program, overcome in the prior art
After malicious attacker uploads leaky video/audio, the problem of being likely to result in the leakage of mobile phone Chinese part content.
Embodiment 2
To solve after malicious attacker uploads leaky video/audio in the prior art, it is likely to result in mobile phone
The problem of leakage of file content, the file that the embodiment of the present invention 2 provides a kind of application program read Hole Detection device 20, should
The concrete structure schematic diagram that the file of application program reads Hole Detection device 20 is as shown in Figure 2, comprising: acquiring unit 21 is adjusted
With determination unit 22, loophole determination unit 23.The function of lower each unit is introduced in detail below:
Acquiring unit 21, the library file of the installation kit for extracting application program to be detected;
Determination unit 22 is called, for, whether comprising routine call label, determining in the library file according to the installation kit
Whether the application program can call FFmpeg transcoding program;
Loophole determination unit 23, if FFmpeg transcoding program can be called for the application program, according to the library
Whether marked comprising loophole reparation in file, determines that the application program reads loophole with the presence or absence of file.
In the embodiment of the present invention 2, in one embodiment, the acquiring unit 21 is specifically used for:
The installation kit is decompressed by tool of compression, is further extracted under the lib file that decompression obtains
To so library file.
In the embodiment of the present invention 2, in one embodiment, described program invocation flags, specifically: character string
“detect bitstream specification deviations”。
It whether include routine call in the library file of the installation kit in one embodiment in the embodiment of the present invention 2
Label, specifically: it is searched whether in all so library files under above-mentioned lib file comprising character string " detect
bitstream specification deviations".Specific lookup mode is for example following shown:
By linux system order, character string " detect is searched in all so library files under lib file
Bitstream specification deviations ", the order line code specifically: grep-r-l " detect
bitstream specification deviations"\lib。
Then, whether the calling determination unit 22, is specifically used for: including character string according in so library file
" detect bitstream specification deviations ", determines whether the application program can be called
FFmpeg transcoding program.
It whether include character string according in so library file in one embodiment in the embodiment of the present invention 2
" detect bitstream specification deviations ", determines whether the application program can be called
FFmpeg transcoding program, specific judgment mode are for example following shown:
If finding character string " detect bitstream in so library file by system command
Specification deviations ", then the application program can call FFmpeg transcoding program;
If not finding character string " detect bitstream in so library file by system command
Specification deviations ", then the application program can not call FFmpeg transcoding program namely the application
The loophole that file is read is not present in program.
In the embodiment of the present invention 2, in one embodiment, the loophole reparation label, specifically: character string
“file,”。
Then, the loophole determination unit 23, is specifically used for: if the application program can call FFmpeg transcoding program,
Then according to whether including character string " file, " in so library file, determine that the application program reads leakage with the presence or absence of file
Hole.
It whether include character string according in so library file in one embodiment in the embodiment of the present invention 2
" file, " determines that the application program reads loophole with the presence or absence of file, and specific judgment mode is for example following shown:
If by system command, described comprising character string " detect bitstream specification
In so library file of deviations ", character string " file, " is found, then there is no files to read loophole for the application program;
If by system command, described comprising character string " detect bitstream specification
In so library file of deviations ", character string " file, " is not found, then the application program reads there are file and leaks
Hole.
The scheme provided using the embodiment of the present invention 2, due to whether including loophole reparation in the library file according to installation kit
The result of label reads the mode of loophole to judge application program with the presence or absence of file, allows application developer according to answering
Loophole coefficient is read with the file of program, corresponding modification measure is made to the installation kit of application program, overcome in the prior art
After malicious attacker uploads leaky video/audio, the problem of being likely to result in the leakage of mobile phone Chinese part content.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
In a typical configuration, calculating equipment includes one or more processors (CPU), input/output interface, net
Network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/or
The forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable medium
Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described want
There is also other identical elements in the process, method of element, commodity or equipment.
The above description is only an embodiment of the present invention, is not intended to restrict the invention.For those skilled in the art
For, the invention may be variously modified and varied.All any modifications made within the spirit and principles of the present invention are equal
Replacement, improvement etc., should be included within scope of the presently claimed invention.
Claims (10)
1. a kind of file of application program reads leak detection method characterized by comprising
Extract the library file of the installation kit of application program to be detected;
According to whether including that routine call marks in the library file of the installation kit, determine whether the application program can be called
FFmpeg transcoding program;
It whether include loophole reparation mark according in the library file if the application program can call FFmpeg transcoding program
Note determines that the application program reads loophole with the presence or absence of file.
2. the method as described in claim 1, which is characterized in that extract the library file of the installation kit of application program to be detected, have
Body includes:
It is decompressed by installation kit of the tool of compression to the application program to be detected, under the lib file that decompression obtains
Extract so library file.
3. the method as described in claim 1 to 2 any one, which is characterized in that described program invocation flags, specifically: word
Symbol string " detect bitstream specification deviations ";Then,
According to whether including that routine call marks in the library file of the installation kit, determine whether the application program can be called
FFmpeg transcoding program, specifically includes:
It whether include character string " detect bitstream specification according in so library file
Deviations ", determines whether the application program can call FFmpeg transcoding program.
4. method as claimed in claim 3, which is characterized in that whether include character string according in so library file
" detect bitstream specification deviations ", determines whether the application program can be called
FFmpeg transcoding program, specifically includes:
If finding character string " detect bitstream in so library file by system command
Specification deviations ", then the application program can call FFmpeg transcoding program.
5. the method as described in claim 1, which is characterized in that the loophole reparation label, specifically: character string " file, ";
Then,
It whether include loophole reparation mark according in the library file if the application program can call FFmpeg transcoding program
Note determines that the application program reads loophole with the presence or absence of file, specifically includes:
It whether include character string according in so library file if the application program can call FFmpeg transcoding program
" file, " determines that the application program reads loophole with the presence or absence of file.
6. method as claimed in claim 5, which is characterized in that whether include character string according in so library file
" file, " determines that the application program reads loophole with the presence or absence of file, specifically includes:
If finding character string " file, " in so library file by system command, then there is no texts for the application program
Part reads loophole;
If not finding character string " file, " in so library file by system command, then the application program exists
File reads loophole.
7. a kind of file of application program reads Hole Detection device characterized by comprising
Acquiring unit, the library file of the installation kit for extracting application program to be detected;
Determination unit is called, for whether including that routine call marks in the library file according to the installation kit, is answered described in determination
Whether FFmpeg transcoding program can be called with program;
Loophole determination unit, if FFmpeg transcoding program can be called for the application program, according in the library file
Whether marked comprising loophole reparation, determines that the application program reads loophole with the presence or absence of file.
8. device as claimed in claim 7, which is characterized in that the acquiring unit is specifically used for:
It is decompressed by installation kit of the tool of compression to the application program to be detected, under the lib file that decompression obtains
Extract so library file.
9. the device as described in claim 7 to 8 any one, which is characterized in that described program invocation flags, specifically: word
Symbol string " detect bitstream specification deviations ";Then,
The calling determination unit, is specifically used for:
It whether include character string " detect bitstream specification according in so library file
Deviations ", determines whether the application program can call FFmpeg transcoding program.
10. device as claimed in claim 7, which is characterized in that the loophole reparation label, specifically: character string
"file,";Then,
The loophole determination unit, is specifically used for:
It whether include character string according in so library file if the application program can call FFmpeg transcoding program
" file, " determines that the application program reads loophole with the presence or absence of file.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810935301.1A CN109117642A (en) | 2018-08-16 | 2018-08-16 | A kind of the file reading leak detection method and device of application program |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810935301.1A CN109117642A (en) | 2018-08-16 | 2018-08-16 | A kind of the file reading leak detection method and device of application program |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109117642A true CN109117642A (en) | 2019-01-01 |
Family
ID=64853237
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810935301.1A Pending CN109117642A (en) | 2018-08-16 | 2018-08-16 | A kind of the file reading leak detection method and device of application program |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109117642A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110210230A (en) * | 2019-05-14 | 2019-09-06 | 深圳市腾讯网域计算机网络有限公司 | Improve method, apparatus, electronic equipment and the storage medium of security of system |
CN111914257A (en) * | 2020-08-04 | 2020-11-10 | 中国信息安全测评中心 | Document detection method, device, equipment and computer storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104036193A (en) * | 2014-05-16 | 2014-09-10 | 北京金山安全软件有限公司 | Local cross-domain vulnerability detection method and device for application program |
CN104537309A (en) * | 2015-01-23 | 2015-04-22 | 北京奇虎科技有限公司 | Application program bug detection method, application program bug detection device and server |
CN107800718A (en) * | 2017-11-29 | 2018-03-13 | 中科信息安全共性技术国家工程研究中心有限公司 | A kind of file uploads the method for early warning device of leak |
CN108268777A (en) * | 2018-01-18 | 2018-07-10 | 中国人民大学 | A kind of similarity detection method that unknown loophole discovery is carried out using patch information |
-
2018
- 2018-08-16 CN CN201810935301.1A patent/CN109117642A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104036193A (en) * | 2014-05-16 | 2014-09-10 | 北京金山安全软件有限公司 | Local cross-domain vulnerability detection method and device for application program |
CN104036193B (en) * | 2014-05-16 | 2017-02-01 | 北京金山安全软件有限公司 | Local cross-domain vulnerability detection method and device for application program |
CN104537309A (en) * | 2015-01-23 | 2015-04-22 | 北京奇虎科技有限公司 | Application program bug detection method, application program bug detection device and server |
CN107800718A (en) * | 2017-11-29 | 2018-03-13 | 中科信息安全共性技术国家工程研究中心有限公司 | A kind of file uploads the method for early warning device of leak |
CN108268777A (en) * | 2018-01-18 | 2018-07-10 | 中国人民大学 | A kind of similarity detection method that unknown loophole discovery is carried out using patch information |
Non-Patent Citations (1)
Title |
---|
360NIRVANTEAM & 360VULPECKERTEAM: "FFmpeg远程文件窃取漏洞 – 移动端安全分析报告", 《HTTPS://WWW.ANQUANKE.COM/POST/ID/83955》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110210230A (en) * | 2019-05-14 | 2019-09-06 | 深圳市腾讯网域计算机网络有限公司 | Improve method, apparatus, electronic equipment and the storage medium of security of system |
CN110210230B (en) * | 2019-05-14 | 2021-10-22 | 深圳市腾讯网域计算机网络有限公司 | Method and device for improving system security, electronic equipment and storage medium |
CN111914257A (en) * | 2020-08-04 | 2020-11-10 | 中国信息安全测评中心 | Document detection method, device, equipment and computer storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110737899B (en) | Intelligent contract security vulnerability detection method based on machine learning | |
US20160063244A1 (en) | Method and system for recognizing advertisement plug-ins | |
US10481964B2 (en) | Monitoring activity of software development kits using stack trace analysis | |
US20170316212A1 (en) | Customizing a security report using static analysis | |
JP6816028B2 (en) | Page jump based on text hiding | |
CN113254408B (en) | Invisible mark adding method, device, medium and electronic equipment | |
US10834289B2 (en) | Detection of steganography on the perimeter | |
CN109062582A (en) | A kind of encryption method and device of application installation package | |
US10726357B2 (en) | Cross-platform program analysis using machines learning based on universal features | |
CN111163095A (en) | Network attack analysis method, network attack analysis device, computing device, and medium | |
CN112417485A (en) | Model training method, system and device based on trusted execution environment | |
CN109117642A (en) | A kind of the file reading leak detection method and device of application program | |
CN110362547A (en) | Coding, parsing, storage method and the device of journal file | |
US11501016B1 (en) | Digital password protection | |
CN105760761A (en) | Software behavior analyzing method and device | |
KR20130116408A (en) | Method and apparatus for detecting leak of information resources data | |
US9646157B1 (en) | Systems and methods for identifying repackaged files | |
CN108334775B (en) | Method and device for detecting jail-crossing plug-in | |
CN109165512A (en) | A kind of the intention agreement URL leak detection method and device of application program | |
US10701099B2 (en) | Providing efficient information tracking with dynamically selected precision | |
US20150310207A1 (en) | Method for analysing program code of electronic device and electronic device | |
CN113660658A (en) | Audio data protection method and device and voice equipment | |
CN111178010B (en) | Method and system for displaying digital signature, data editing method and terminal | |
CN113760764A (en) | Application program detection method and device, electronic equipment and storage medium | |
CN112199731A (en) | Data processing method, device and equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190101 |
|
RJ01 | Rejection of invention patent application after publication |