CN109376529A - Application program operation method and device - Google Patents

Application program operation method and device Download PDF

Info

Publication number
CN109376529A
CN109376529A CN201811625257.0A CN201811625257A CN109376529A CN 109376529 A CN109376529 A CN 109376529A CN 201811625257 A CN201811625257 A CN 201811625257A CN 109376529 A CN109376529 A CN 109376529A
Authority
CN
China
Prior art keywords
plug
application
application program
identification information
executable
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811625257.0A
Other languages
Chinese (zh)
Inventor
陈磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201811625257.0A priority Critical patent/CN109376529A/en
Publication of CN109376529A publication Critical patent/CN109376529A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Abstract

The invention discloses a kind of application program operation method and devices, are related to information technology field, and the safety of application program operation can be improved.The described method includes: obtaining the identification information for needing application plug-in to be loaded when application program operation first;Then the identification information for whether preserving the need application plug-in to be loaded in preset executable plug-in unit list is detected, includes the identification information of the corresponding executable application plug-in of each application program in the preset executable plug-in unit list;If so, executing the application plug-in while running the application program.The present invention is suitable for protecting the operation of application program.

Description

Application program operation method and device
The application is the divisional application based on female case " application program operation method and device ", female case " application program operation Method and device " the applying date be on 06 30th, 2015, application No. is 2015103749435, Publication No. CN104915594A。
Technical field
The present invention relates to a kind of information technology fields, more particularly to a kind of application program operation method and device.
Background technique
In recent years, the development of intelligent mobile operating system is also increasingly rapider with the continuous development of terminal device.Apple The ios system of fruit company has system stability height, the software compatibility as operating system popular currently on the market By force, the features such as speed of service is fast.But preferably ios system would generally be carried out operation of escaping from prison, obtained by experience, user in order to obtain The highest permission for taking system, for carrying out such as replacing system theme, the application of modification system, installing the third-party software behaviour that escapes from prison Make.When starting has the application software of payment function, load operating may escape from prison software simultaneously, if being carried in software of escaping from prison There is viral wooden horse file, the account and encrypted message of input can be stolen utilization by hacker.
The software of escaping from prison that can be run together with application program by antivirus software pair at present detects, however it is soft to kill virus Part is not usually real time execution, if not receiving enabled instruction, will not carry out killing to each file in terminal device, because This antivirus software can only passively handle viral wooden horse file, cannot accomplish Initiative Defense, cause to deposit in application program operational process In security risk.
Summary of the invention
In view of this, the present invention provides a kind of application program operation method and device, main purpose, which is can be improved, is answered The safety run with program.
According to the present invention on one side, a kind of application program operation method is provided, comprising:
When receiving application start instruction, application plug-in to be loaded is needed when obtaining application program operation Identification information;
Detect the identification information that the need application plug-in to be loaded whether is preserved in preset executable plug-in unit list, institute State include in preset executable plug-in unit list the corresponding executable application plug-in of each application program identification information;
If so, executing the application plug-in while running the application program.
According to the present invention on the other hand, a kind of application program running gear is provided, comprising:
Acquiring unit needs to add when for when receiving application start instruction, obtaining application program operation The identification information of the application plug-in of load;
Detection unit, for detecting the needs whether preserving the acquiring unit in preset executable plug-in unit list and obtaining The identification information of the application plug-in of load includes that each application program is corresponding in the preset executable plug-in unit list The identification information of executable application plug-in;
Execution unit, if detecting that preserving the needs in preset executable plug-in unit list adds for the detection unit The identification information of the application plug-in of load then executes the application plug-in while running the application program.
By above-mentioned technical proposal, technical solution provided in an embodiment of the present invention is at least had the advantage that
A kind of application program operation method and device provided by the invention, it is first when receiving application start instruction First obtain the identification information that application plug-in to be loaded is needed when application program operation;Then preset executable plug-in unit column are detected The identification information of the need application plug-in to be loaded whether is preserved in table, includes in the preset executable plug-in unit list The identification information of the corresponding executable application plug-in of each application program;If so, running the same of the application program When, execute the application plug-in.It is detected at present by the software of escaping from prison that antivirus software pair is run together with application program Mode compare, there is the identification information for needing application plug-in to be loaded in detecting preset executable plug-in unit list in the present invention And then while running the application program, the application plug-in is executed, it can accomplish Initiative Defense, so as to mention The safety of high application program operation, reduces the security risk in application program operational process.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention, And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the present invention Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows a kind of application program operation method flow diagram provided in an embodiment of the present invention;
Fig. 2 shows another application program operation method flow diagrams provided in an embodiment of the present invention;
Fig. 3 shows a kind of application program running gear structural schematic diagram provided in an embodiment of the present invention;
Fig. 4 shows another application program running gear structural schematic diagram provided in an embodiment of the present invention;
Fig. 5 shows a kind of payment protection interface schematic diagram provided in an embodiment of the present invention;
Fig. 6 shows a kind of payment protection administration interface schematic diagram provided in an embodiment of the present invention;
Fig. 7 shows a kind of administration interface schematic diagram for shielding application plug-in provided in an embodiment of the present invention.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure It is fully disclosed to those skilled in the art.
The embodiment of the invention provides a kind of application program operation methods, as shown in Figure 1, which comprises
101, when receiving application start instruction, application to be loaded is needed to insert when obtaining application program operation The identification information of part.
Wherein, the identification information can be name information, ID (Identity, identity number) information etc..It is described Application plug-in is a kind of program for following the application programming interfaces centainly standardized and writing out.
For example, in iOS (i operation system, the Mobile operating system of Apple Inc.) system, and in iOS System has been completed in the case that iOS escapes from prison, and it is a kind of technology hand for obtaining iOS system highest permission that the iOS, which escapes from prison, Section obtains the application program operation when receiving the enabled instruction of the application program with input account and cryptographic function When need the name informations of the software packages of escaping from prison such as inputting method to be loaded.
102, the mark letter that the need application plug-in to be loaded whether is preserved in preset executable plug-in unit list detected Breath.
It wherein, include that the corresponding executable application of each application program is inserted in the preset executable plug-in unit list The identification information of part.The preset executable plug-in unit list can be configured by user demand, can also be matched by system default It sets, the embodiment of the present invention is without limitation.
For example, saving in preset executable plug-in unit list, there are three the corresponding executable application plug-ins of application program Name information, three application programs be respectively apply 1, using 2, using 3, using 1 corresponding two executable application plug-ins Name information is respectively application plug-in 11, application plug-in 12, using the name information point of 2 corresponding three executable application plug-ins Not Wei application plug-in 21, application plug-in 22, application plug-in 23, using the name information of a 3 corresponding executable application plug-ins For application plug-in 31.Start the instruction for applying 1 when receiving, and needs the name information difference of two application plug-ins to be loaded When for application plug-in 11, application plug-in 12, determining to preserve in the preset executable plug-in unit list described to be loaded need to be answered With the identification information of plug-in unit;Start the instruction for applying 3 when receiving, and needs the name information of two application plug-ins to be loaded Respectively application plug-in 31, application plug-in 32 determine that there are the unsaved needs in the preset executable plug-in unit list The identification information of the application plug-in of load.
103, if so, executing the application plug-in while running the application program.
For the embodiment of the present invention, inserted if preserving the need application to be loaded in the preset executable plug-in unit list The identification information of part executes the application plug-in then while running the application program, for example, needing when starting is using a It loads name information and is the application plug-in of application plug-in a1, and preserved in preset executable plug-in unit list corresponding using a Executable application plug-in name information a1, then while operation is using a, loading the name information is application plug-in a1 Application plug-in.
Can be as follows for concrete application scene of the embodiment of the present invention, but not limited to this, comprising:
In the smart phone of iOS system, and iOS system has completed what iOS escaped from prison based on MSHook method of escaping from prison In the case of, the MSHook method of escaping from prison is software commonly used approach of escaping from prison at present, such as 360 mobile guards, Tencent's hand Machine house keeper, input method escape from prison version etc..Due to escape from prison software can with the All Files of random access system or monitor networking data, and And software of escaping from prison when starting application program can load simultaneously, will lead to user occur when software of escaping from prison infects trojan horse in this way Situations such as privacy leakage.Solution can change original for the CydiaSubstrate basic framework for exploitation of escaping from prison DYLD_INSERT_LIBRARIES environmental variance further realizes, the work of specific CydiaSubstrate basic framework Process includes: that " SubstrateLauncher.dylib " file is injected into Launchd application process by Cynject first In, the Launchd application process is used to create each application process in iOS system, creates in this way in Launchd application process When building new process, " SubstrateLauncher.dylib " file can be performed simultaneously;It is intercepted and captured again by hookinging means Hook " posix_spawn " function in " SubstrateLauncher.dylib " file, " posix_spawn " function are creations The function of one new process, when each new process initiation, can execute;Again by " SubstrateBootstrap.dylib " file It is injected into " posix_spawn " function;Then " SubstrateLoader.dylib " is injected into In " SubstrateBootstrap.dylib " file, in " posix_spawn " function, " SubstrateLauncher.dylib " file can load " SubstrateBootstrap.dylib " file and be arranged and currently answer With the environmental variance of process, DYLD_INSERT_LIBRARIES environmental variance is set as " SubstrateLoader.dylib " File path;Finally by " SubstrateLoader.dylib " file, detects and load the file under the file path. To solve the above-mentioned problems, specific file road can be loaded by " SubstrateLoader.dylib " file rewritten Application plug-in under diameter, the application plug-in are according to preset executable plug-in unit list, from need multiple application plug-ins to be loaded What middle screening obtained.
A kind of application program operation method provided by the invention obtains first when receiving application start instruction The identification information of application plug-in to be loaded is needed when the application program is run;Then detecting in preset executable plug-in unit list is It is no preserve it is described need to application plug-in to be loaded identification information, include each answer in the preset executable plug-in unit list With the identification information of the corresponding executable application plug-in of program;If so, being executed while running the application program The application plug-in.With the phase in such a way that the software of escaping from prison that antivirus software pair is run together with application program detects at present Than, the present invention exist in detecting preset executable plug-in unit list the identification information for needing application plug-in to be loaded and then While running the application program, the application plug-in is executed, can accomplish Initiative Defense, applies journey so as to improve The safety of sort run reduces the security risk in application program operational process.
The embodiment of the invention provides another application program operation methods, as shown in Figure 2, which comprises
201, each application program that terminal device locally saves is obtained.
Wherein, the terminal device can be smart phone, tablet computer etc..
For example, obtain three application programs saving in smart phone, respectively mobile phone Taobao, 360 mobile phone assistant, micro- Letter.
202, the corresponding executable application plug-in of each application program is configured.
For the embodiment of the present invention, can be inserted according to the executable application for all applications that server-side is sent to terminal device The list of part configures the corresponding executable application plug-in of each application program that the terminal device locally saves.
For example, according to server-side into the list of the executable application plug-in for all applications that terminal device is sent there are It is application plug-in 1, application plug-in 2, application plug-in 3 using the corresponding application plug-in of a, is application using the corresponding application plug-in of b Plug-in unit 4 is application plug-in 5 using the corresponding application plug-in of c, is application plug-in 6 using the corresponding application plug-in of d.And terminal is set Standby there are two applications, respectively using a, using b.Can configure using the corresponding executable application plug-in of a is application plug-in 1 With application plug-in 2, application plug-in 3;Can configure using the corresponding executable application plug-in of b is application plug-in 4.
For example, in iOS system, in iOS system, due to app (Application, the application software) tool in system There is sandbox access authority, when running such as Alipay, Taobao app, will cause can not read data, Jin Erhui outside sandbox path Lead to not the list that the executable application plug-in for all applications that server-side is sent to terminal device is obtained outside sandbox path, Solution string length can be split according to, be encrypted by exclusive or, by the executable application plug-in of all applications List be sent in the environmental variance of sandbox.
203, executable application plug-in list corresponding with the terminal device is generated.
Wherein, each application program that the terminal device locally saves is preserved in the executable application plug-in list The identification information of corresponding executable application plug-in.The identification information of the executable application plug-in can be held to be described The plugin name information and/or Secure Hash Algorithm sha1 value of row application plug-in.For example, Baidu's input method mobile phone of Android version is answered Sha1 value is 570640977F338740DA26B40AC4255F360AEC4749.
204, when receiving application start instruction, application to be loaded is needed to insert when obtaining application program operation The identification information of part.
For example, in iOS system, and in the case where iOS system has completed iOS and escapes from prison, when receiving with branch When paying the enabled instruction of the application program of function, need inputting method to be loaded, system when obtaining application program operation The name information of the software packages of escaping from prison such as optimization.
205, the mark letter that the need application plug-in to be loaded whether is preserved in preset executable plug-in unit list detected Breath.
It wherein, include that the corresponding executable application of each application program is inserted in the preset executable plug-in unit list The identification information of part.
For the embodiment of the present invention, the step 205 is specifically included: can be performed corresponding with the terminal device of detection is answered With the identification information for whether preserving the need application plug-in to be loaded in plug-in unit list.For example, terminal device is plate electricity Brain is preserved using 5 corresponding two executable application plug-ins in executable application plug-in list corresponding with tablet computer Name information, respectively application plug-in 51, application plug-in 55 when 5 starting of application, and need the mark letter of application plug-in to be loaded When breath is application plug-in 51, application plug-in 55, determining to preserve in executable application plug-in list corresponding with terminal device is needed The identification information of application plug-in to be loaded;When 5 starting of application, and needing the name information of application plug-in to be loaded is that application is inserted When part 51, application plug-in 56, determining need to be to be loaded without preservation in executable application plug-in list corresponding with terminal device The identification information of application plug-in.
For the embodiment of the present invention, each application program locally saved according to terminal device first is generated and the end Then the corresponding executable application plug-in list of end equipment detects executable application plug-in list corresponding with the terminal device In whether preserve it is described need to application plug-in to be loaded identification information, the corresponding executable application of all applications can be inserted Part lists are the corresponding executable application plug-in list of each application program locally saved for terminal device, are reduced The data for needing to detect, and then the efficiency of detection can be improved.
206, if so, executing the application plug-in while running the application program.
For the embodiment of the present invention, if being preserved in executable application plug-in list corresponding with the terminal device described The identification information of application plug-in to be loaded is needed to execute the application plug-in then while running the application program.Example Such as, when starting is using b, need to load the application plug-in that name information is application plug-in b1, and corresponding with the terminal device Executable application plug-in list in preserve identification information b1 using the corresponding executable application plug-in of b, then answered in operation While with b, the application plug-in that the identification information is application plug-in b1 is loaded.
For the embodiment of the present invention, by detect in executable application plug-in list corresponding with the terminal device whether The identification information of the need application plug-in to be loaded is preserved, if so, executing institute while running the application program Application plug-in is stated, with the phase in such a way that the software of escaping from prison that antivirus software pair is run together with application program detects at present Than the safety of application program operation can be improved, it is possible to reduce the security risk in application program operational process.
Further, described need to exist in the identification information of application plug-in to be loaded if the method can also include: The identification information for the application plug-in not saved in the preset executable plug-in unit list, then shield the application plug-in.
For example, when application a starting, need two application plug-ins to be loaded identification information be respectively application plug-in a1, Application plug-in a2 only preserves the mark using the corresponding executable application plug-in of a in preset executable plug-in unit list Information, identification information are application plug-in a1, and application plug-in a2 is not held in the preset executable plug-in unit list, can delete Remove or unload application plug-in a2.
For the embodiment of the present invention, if described preset need to hold in the identification information of application plug-in to be loaded there are described The identification information for the application plug-in not saved in row plug-in unit list, then shield the application plug-in, can be unknown by safety Application plug-in without load, can be improved application program operation safety, it is possible to reduce in application program operational process Security risk.
Further, the method can also include: to save to the identification information of the application plug-in of shielding.For this The identification information of the application plug-in of shielding can be stored in the database of terminal device, can also save by inventive embodiments In the predetermined file of terminal device, the embodiment of the present invention is without limitation.
For example, in iOS system, since system is limited with sandbox, shielding application being saved first in sandbox and is inserted Then the record of part notifies SpringBoard process in backstage to be read out, and then can be stored in the predetermined file of terminal device In.
For the embodiment of the present invention, is saved by the identification information of the application plug-in to shielding, family can be used Solution loads failed application plug-in information, and further, user can believe according to the mark of the application plug-in of the shielding of preservation Breath carries out the operation such as selection deletion, unloading or recovery, enhances the experience of user.
Further, the method can also include: to update the preset executable plug-in unit column according to prefixed time interval The identification information of the corresponding executable application plug-in of application program and each application program in table.Wherein, described default Time interval can be configured according to the demand of user, can also be configured according to default mode, and the embodiment of the present invention is not It limits.For example, time interval can be set to 1 minute, 10 minutes, 1 hour etc..
Can be as follows for concrete application scene of the embodiment of the present invention, but not limited to this, comprising:
It in the tablet computer under iOS system, obtains there are two the application programs in tablet computer, respectively applies a, answers With b, from server-side, into the list of the executable application plug-in for all applications that tablet computer is sent, there are application a is corresponding Application plug-in is application plug-in 1, application plug-in 2, is application plug-in 3, application plug-in 4 using the corresponding application plug-in of b, using c Corresponding application plug-in is application plug-in 5, is application plug-in 6 using the corresponding application plug-in of d, can configure corresponding using a Executable application plug-in is application plug-in 1 and application plug-in 2;Can configure using the corresponding executable application plug-in of b is application Plug-in unit 3, application plug-in 4, according to the identification information of application a and the corresponding executable application plug-in of application b, generate with it is described The corresponding executable application plug-in list of tablet computer.When receiving the enabled instruction using a, obtains run using a first When need the identification information of application plug-in to be loaded to have 2 two identification informations of application plug-in 1 and application plug-in, detect at this time with It include described two identification informations in the corresponding executable application plug-in list of the tablet computer, then in operation using a's Meanwhile loading application plug-in 1 and application plug-in 2.When receiving the enabled instruction for applying b, need to add when obtaining using b operation The identification information of the application plug-in of load has 5 three application plug-in 3, application plug-in 4, application plug-in identification informations, detects at this time There are the identification informations of unsaved application plug-in 5 in executable application plug-in list corresponding with the tablet computer, then will Application plug-in 5 is shielded, and the identification information of application plug-in 5 is recorded.
Payment protection software specific or in the smart phone under iOS system when 1 starting of application, and applies 1 It, can be as shown in figure 5, the display screen upper end in smart phone shows " payment protection when for application program with payment function In " text prompt information, help user can clearly use payment function safely;User can also configure in smart phone The payment protection function of each application, as shown in fig. 6, user is facilitated to configure;User can also look at answering of being shielded With the record information of plug-in unit, as shown in fig. 7, further, user can believe according to the mark of the application plug-in of the shielding of preservation Breath carries out the operation such as selection deletion, unloading or recovery, enhances the experience of user.
Another kind application program operation method provided by the invention obtains first when receiving application start instruction The identification information of application plug-in to be loaded is needed when the application program being taken to run;Then it detects in preset executable plug-in unit list The identification information of the need application plug-in to be loaded whether is preserved, includes each in the preset executable plug-in unit list The identification information of the corresponding executable application plug-in of application program;If so, being held while running the application program The row application plug-in.With at present in such a way that the software of escaping from prison that antivirus software pair is run together with application program detects It compares, after there is the identification information for needing application plug-in to be loaded in detecting preset executable plug-in unit list in the present invention, Again while running the application program, the application plug-in is executed, can accomplish Initiative Defense, so as to improve application The safety of program operation, reduces the security risk in application program operational process.
Further, the specific implementation as method shown in Fig. 1, the embodiment of the invention provides a kind of operations of application program Device, as shown in figure 3, described device includes: acquiring unit 31, detection unit 32, execution unit 33.
The acquiring unit 31, can be used for when receiving application start instruction, obtain the application program fortune The identification information of application plug-in to be loaded is needed when row.
The detection unit 32 can be used for detecting in preset executable plug-in unit list whether preserve the acquiring unit The identification information of the 31 need application plug-ins to be loaded obtained includes each in the preset executable plug-in unit list using journey The identification information of the corresponding executable application plug-in of sequence.
The execution unit 33 detects to save in preset executable plug-in unit list if can be used for the detection unit 32 There is the identification information of the application plug-in for needing to load, then while running the application program, executes the application and insert Part.
It should be noted that each functional unit involved by a kind of application program running gear provided in an embodiment of the present invention Other correspond to description, can be with reference to the corresponding description in Fig. 1, and details are not described herein.
A kind of application program running gear provided by the invention obtains first when receiving application start instruction The identification information of application plug-in to be loaded is needed when the application program is run;Then detecting in preset executable plug-in unit list is It is no preserve it is described need to application plug-in to be loaded identification information, include each answer in the preset executable plug-in unit list With the identification information of the corresponding executable application plug-in of program;If so, being executed while running the application program The application plug-in.With the phase in such a way that the software of escaping from prison that antivirus software pair is run together with application program detects at present Than, the present invention exist in detecting preset executable plug-in unit list the identification information for needing application plug-in to be loaded and then While running the application program, the application plug-in is executed, can accomplish Initiative Defense, applies journey so as to improve The safety of sort run reduces the security risk in application program operational process.
Still further, the specific implementation as method shown in Fig. 2, the embodiment of the invention provides another application programs Running gear, as shown in figure 4, described device includes: acquiring unit 41, detection unit 42, execution unit 43.
The acquiring unit 41, can be used for when receiving application start instruction, obtain the application program fortune The identification information of application plug-in to be loaded is needed when row.
The detection unit 42 can be used for detecting in preset executable plug-in unit list whether preserve the acquiring unit The identification information of the 41 need application plug-ins to be loaded obtained includes each in the preset executable plug-in unit list using journey The identification information of the corresponding executable application plug-in of sequence.
The execution unit 43 detects to save in preset executable plug-in unit list if can be used for the detection unit 42 There is the identification information of the application plug-in for needing to load, then while running the application program, executes the application and insert Part.
Further, described device further include: screen unit 44.
The screen unit 44, if can be used in the identification information of the need application plug-in to be loaded, there are described pre- The identification information for setting the application plug-in not saved in executable plug-in unit list, then shield the application plug-in.
Further, described device further include: configuration unit 45, generation unit 46.
The acquiring unit 41 can be used for obtaining each application program that terminal device locally saves.
It is corresponding to can be used for configuring each application program that the acquiring unit 41 obtains for the configuration unit 45 Executable application plug-in.
The generation unit 46 can be used for generating executable application plug-in list corresponding with the terminal device, institute It states and preserves that each application program that the terminal device locally saves is corresponding to be held in executable application plug-in list The identification information of row application plug-in.
The detection unit 42 specifically can be used for detecting the corresponding with the terminal device of the generation of generation unit 46 Executable application plug-in list in whether preserve it is described need to application plug-in to be loaded identification information.
Further, described device further include: updating unit 47.
The updating unit 47 can be used for updating according to prefixed time interval in the preset executable plug-in unit list The identification information of application program and the corresponding executable application plug-in of each application program.
Further, described device further include: storage unit 48.
The storage unit 48 can be used for saving the identification information of the application plug-in of shielding.
Optionally, the identification information of the application plug-in is that the plugin name information of the application plug-in and/or safety are breathed out Uncommon algorithm sha1 value.
It should be noted that each functional unit involved by another kind application program running gear provided in an embodiment of the present invention Other correspond to description, can be with reference to the corresponding description in Fig. 2, details are not described herein.
Another kind application program running gear provided by the invention obtains first when receiving application start instruction The identification information of application plug-in to be loaded is needed when the application program being taken to run;Then it detects in preset executable plug-in unit list The identification information of the need application plug-in to be loaded whether is preserved, includes each in the preset executable plug-in unit list The identification information of the corresponding executable application plug-in of application program;If so, being held while running the application program The row application plug-in.With at present in such a way that the software of escaping from prison that antivirus software pair is run together with application program detects It compares, after there is the identification information for needing application plug-in to be loaded in detecting preset executable plug-in unit list in the present invention, Again while running the application program, the application plug-in is executed, can accomplish Initiative Defense, so as to improve application The safety of program operation, reduces the security risk in application program operational process.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, there is no the portion being described in detail in some embodiment Point, reference can be made to the related descriptions of other embodiments.
It is understood that the correlated characteristic in the above method and device can be referred to mutually.In addition, in above-described embodiment " first ", " second " etc. be and not represent the superiority and inferiority of each embodiment for distinguishing each embodiment.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
Algorithm and display are not inherently related to any particular computer, virtual system, or other device provided herein. Various general-purpose systems can also be used together with teachings based herein.As described above, it constructs required by this kind of system Structure be obvious.In addition, the present invention is also not directed to any particular programming language.It should be understood that can use various Programming language realizes summary of the invention described herein, and the description done above to language-specific is to disclose this hair Bright preferred forms.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of the various inventive aspects, Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes In example, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention: i.e. required to protect Shield the present invention claims features more more than feature expressly recited in each claim.More precisely, as following Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore, Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself All as a separate embodiment of the present invention.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments In included certain features rather than other feature, but the combination of the feature of different embodiments mean it is of the invention Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed Meaning one of can in any combination mode come using.
Various component embodiments of the invention can be implemented in hardware, or to run on one or more processors Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice Microprocessor or digital signal processor (DSP) realize application program operation method and device according to an embodiment of the present invention In some or all components some or all functions.The present invention is also implemented as described herein for executing Some or all device or device programs (for example, computer program and computer program product) of method.In this way Realization program of the invention can store on a computer-readable medium, or can have the shape of one or more signal Formula.Such signal can be downloaded from an internet website to obtain, and perhaps be provided on the carrier signal or with any other shape Formula provides.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame Claim.
A1, a kind of application program operation method, comprising:
When receiving application start instruction, application plug-in to be loaded is needed when obtaining application program operation Identification information;
Detect the identification information that the need application plug-in to be loaded whether is preserved in preset executable plug-in unit list, institute State include in preset executable plug-in unit list the corresponding executable application plug-in of each application program identification information;
If so, executing the application plug-in while running the application program.
A2, the application program operation method as described in 1, the method also includes:
If in the identification information of the need application plug-in to be loaded, there are do not protect in the preset executable plug-in unit list The identification information for the application plug-in deposited then shields the application plug-in.
A3, the application program operation method as described in A 1 need to be loaded answer when the acquisition application program is run Before the identification information of plug-in unit, further includes:
Obtain each application program that terminal device locally saves;
Configure the corresponding executable application plug-in of each application program;
Executable application plug-in list corresponding with the terminal device is generated, is protected in the executable application plug-in list There is the identification information for the corresponding executable application plug-in of each application program that the terminal device locally saves.
Whether A 4, the application program operation method as described in A 3, described detect save in preset executable plug-in unit list Have and described needs the identification information of application plug-in loaded to include:
It is to be loaded whether the need are preserved in detection executable application plug-in list corresponding with the terminal device The identification information of application plug-in.
A 5, the application program operation method as described in A 1 or A 3, the method also includes:
The application program and each application program in the preset executable plug-in unit list are updated according to prefixed time interval The identification information of corresponding executable application plug-in.
A 6, the application program operation method as described in A 2, the method also includes:
The identification information of the application plug-in of shielding is saved.
The described in any item application program operation methods of A 7, such as A 1-A 6, the identification information of the application plug-in is institute State the plugin name information and/or Secure Hash Algorithm sha1 value of application plug-in.
B 8, a kind of application program running gear, comprising:
Acquiring unit needs to add when for when receiving application start instruction, obtaining application program operation The identification information of the application plug-in of load;
Detection unit, for detecting the needs whether preserving the acquiring unit in preset executable plug-in unit list and obtaining The identification information of the application plug-in of load includes that each application program is corresponding in the preset executable plug-in unit list The identification information of executable application plug-in;
Execution unit, if detecting that preserving the needs in preset executable plug-in unit list adds for the detection unit The identification information of the application plug-in of load executes the application plug-in then while running the application program.
B 9, the application program running gear as described in B 8, described device further include:
Screen unit, if for there are described preset executable slotting in the identification information of the need application plug-in to be loaded The identification information for the application plug-in not saved in part list then shields the application plug-in.
B 10, the application program running gear as described in B 8, described device further include: configuration unit and generation unit;
The acquiring unit, each application program locally saved for obtaining terminal device;
The configuration unit is answered for configuring corresponding can be performed of each application program that the acquiring unit obtains Use plug-in unit;
The generation unit, it is described to hold for generating executable application plug-in list corresponding with the terminal device The corresponding executable application of each application program that the terminal device locally saves is preserved in row application plug-in list The identification information of plug-in unit.
B 11, the application program running gear as described in B 10,
The detection unit, specifically for detecting the corresponding with the terminal device executable of the generation unit generation Whether the identification information of the need to be loaded application plug-in is preserved in application plug-in list.
B 12, the application program running gear as described in B 8 or B 10, described device further include:
Updating unit, for updated according to prefixed time interval the application program in the preset executable plug-in unit list and The identification information of the corresponding executable application plug-in of each application program.
B 13, the application program running gear as described in B 9, described device further include:
Storage unit, the identification information for the application plug-in to shielding save.
The described in any item application program running gears of B 14, such as B 8-B 13, the identification information of the application plug-in are The plugin name information and/or Secure Hash Algorithm sha1 value of the application plug-in.

Claims (10)

1. a kind of application program operation method characterized by comprising
When receiving application start instruction, the mark that application plug-in to be loaded is needed when application program operation is obtained Information;
The identification information that the need application plug-in to be loaded whether is preserved in preset executable plug-in unit list is detected, it is described pre- Set include in executable plug-in unit list the corresponding executable application plug-in of each application program identification information;
If so, executing the application plug-in while running the application program.
2. application program operation method according to claim 1, which is characterized in that the method also includes:
If in the identification information of the need application plug-in to be loaded, there are do not saved in the preset executable plug-in unit list Application plug-in identification information, then shield the application plug-in.
3. application program operation method according to claim 1, which is characterized in that described to obtain the application program operation When need application plug-in to be loaded identification information before, further includes:
Obtain each application program that terminal device locally saves;
Configure the corresponding executable application plug-in of each application program;
Executable application plug-in list corresponding with the terminal device is generated, is preserved in the executable application plug-in list The identification information of the corresponding executable application plug-in of each application program that the terminal device locally saves.
4. application program operation method according to claim 3, which is characterized in that the preset executable plug-in unit column of detection Whether preserved in table it is described need to the identification information of application plug-in to be loaded include:
It detects and whether preserves the need application to be loaded in executable application plug-in list corresponding with the terminal device The identification information of plug-in unit.
5. application program operation method according to claim 1 or 3, which is characterized in that the method also includes:
The application program and each application program difference in the preset executable plug-in unit list are updated according to prefixed time interval The identification information of corresponding executable application plug-in.
6. a kind of application program running gear characterized by comprising
Acquiring unit needs to be loaded when for when receiving application start instruction, obtaining application program operation The identification information of application plug-in;
Detection unit, for detect whether preserve that the acquiring unit obtains in preset executable plug-in unit list need to load Application plug-in identification information, including that each application program is corresponding in the preset executable plug-in unit list holds The identification information of row application plug-in;
Execution unit, if for the detection unit detect to preserve in preset executable plug-in unit list it is described need to be to be loaded The identification information of application plug-in executes the application plug-in then while running the application program.
7. application program running gear according to claim 6, which is characterized in that described device further include:
Screen unit, if for there are the preset executable plug-in unit column in the identification information of the need application plug-in to be loaded The identification information for the application plug-in not saved in table then shields the application plug-in.
8. application program running gear according to claim 6, which is characterized in that described device further include: configuration unit And generation unit;
The acquiring unit, each application program locally saved for obtaining terminal device;
The configuration unit is inserted for configuring the corresponding executable application of each application program that the acquiring unit obtains Part;
The generation unit, for generating executable application plug-in list corresponding with the terminal device, described can be performed is answered With preserving the corresponding executable application plug-in of each application program that the terminal device locally saves in plug-in unit list Identification information.
9. application program running gear according to claim 8, which is characterized in that
The detection unit, the executable application corresponding with the terminal device generated specifically for detecting the generation unit Whether the identification information of the need to be loaded application plug-in is preserved in plug-in unit list.
10. the application program running gear according to claim 6 or 8, which is characterized in that described device further include:
Updating unit, for updating application program in the preset executable plug-in unit list and each according to prefixed time interval The identification information of the corresponding executable application plug-in of application program.
CN201811625257.0A 2015-06-30 2015-06-30 Application program operation method and device Pending CN109376529A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811625257.0A CN109376529A (en) 2015-06-30 2015-06-30 Application program operation method and device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510374943.5A CN104915594B (en) 2015-06-30 2015-06-30 Application program operation method and device
CN201811625257.0A CN109376529A (en) 2015-06-30 2015-06-30 Application program operation method and device

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201510374943.5A Division CN104915594B (en) 2015-06-30 2015-06-30 Application program operation method and device

Publications (1)

Publication Number Publication Date
CN109376529A true CN109376529A (en) 2019-02-22

Family

ID=54084656

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201510374943.5A Active CN104915594B (en) 2015-06-30 2015-06-30 Application program operation method and device
CN201811625257.0A Pending CN109376529A (en) 2015-06-30 2015-06-30 Application program operation method and device

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201510374943.5A Active CN104915594B (en) 2015-06-30 2015-06-30 Application program operation method and device

Country Status (1)

Country Link
CN (2) CN104915594B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106022117A (en) * 2016-05-18 2016-10-12 北京金山安全软件有限公司 Method and device for preventing system environment variable from being modified and electronic equipment
CN106203107A (en) * 2016-06-29 2016-12-07 北京金山安全软件有限公司 Method and device for preventing system menu from being maliciously modified and electronic equipment
CN106203089A (en) * 2016-06-29 2016-12-07 北京金山安全软件有限公司 Method and device for preventing system color from being maliciously modified and electronic equipment
CN108334775B (en) * 2018-01-23 2022-09-23 创新先进技术有限公司 Method and device for detecting jail-crossing plug-in
CN117521087B (en) * 2024-01-04 2024-03-15 江苏通付盾科技有限公司 Equipment risk behavior detection method, system and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070136392A1 (en) * 2005-12-12 2007-06-14 Electronics & Telecommunications Research Institute Apparatus and method for managing application context
CN101668325A (en) * 2008-09-03 2010-03-10 中国移动通信集团上海有限公司 Admission control method, admission control device and admission control system
CN101937500A (en) * 2009-06-29 2011-01-05 深圳市联软科技有限公司 Computer terminal security protection method and system
CN103218564A (en) * 2013-04-01 2013-07-24 广东欧珀移动通信有限公司 Mobile terminal protection method and mobile terminal protection device
CN103491543A (en) * 2013-09-30 2014-01-01 北京奇虎科技有限公司 Method for detecting malicious websites through wireless terminal, and wireless terminal
CN104202323A (en) * 2014-09-05 2014-12-10 绿网天下(福建)网络科技股份有限公司 Method for controlling application software based on mobile terminal
CN104243460A (en) * 2014-09-03 2014-12-24 飞天诚信科技股份有限公司 Anti-phishing method
CN104281473A (en) * 2014-09-22 2015-01-14 深圳市金立通信设备有限公司 Plug-in processing method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070136392A1 (en) * 2005-12-12 2007-06-14 Electronics & Telecommunications Research Institute Apparatus and method for managing application context
CN101668325A (en) * 2008-09-03 2010-03-10 中国移动通信集团上海有限公司 Admission control method, admission control device and admission control system
CN101937500A (en) * 2009-06-29 2011-01-05 深圳市联软科技有限公司 Computer terminal security protection method and system
CN103218564A (en) * 2013-04-01 2013-07-24 广东欧珀移动通信有限公司 Mobile terminal protection method and mobile terminal protection device
CN103491543A (en) * 2013-09-30 2014-01-01 北京奇虎科技有限公司 Method for detecting malicious websites through wireless terminal, and wireless terminal
CN104243460A (en) * 2014-09-03 2014-12-24 飞天诚信科技股份有限公司 Anti-phishing method
CN104202323A (en) * 2014-09-05 2014-12-10 绿网天下(福建)网络科技股份有限公司 Method for controlling application software based on mobile terminal
CN104281473A (en) * 2014-09-22 2015-01-14 深圳市金立通信设备有限公司 Plug-in processing method

Also Published As

Publication number Publication date
CN104915594B (en) 2019-02-12
CN104915594A (en) 2015-09-16

Similar Documents

Publication Publication Date Title
EP3568791B1 (en) Early runtime detection and prevention of ransomware
CN104915594B (en) Application program operation method and device
US9171154B2 (en) Systems and methods for scanning packed programs in response to detecting suspicious behaviors
CN105653432B (en) A kind for the treatment of method and apparatus of crash data
WO2016019893A1 (en) Application installation method and apparatus
CN104751049B (en) A kind of application program installation method and mobile terminal
US10176327B2 (en) Method and device for preventing application in an operating system from being uninstalled
WO2015078295A1 (en) Method and apparatus for protecting data of application installation packages
CN105303073B (en) Software code guard method
EP3270318B1 (en) Dynamic security module terminal device and method for operating same
CN104156215B (en) The method and device of application information is obtained based on Mobile operating system
US20160055344A1 (en) Data loss prevention during app execution using e-mail enforcement on a mobile device
CN106326691B (en) Encryption and decryption function realization method and device and server
WO2022078366A1 (en) Application protection method and apparatus, device and medium
CN109688145A (en) The guard method of privacy information and device
CN104252594A (en) Virus detection method and device
US9672353B2 (en) Securing and managing apps on a device using policy gates
CN106203105B (en) File management method and device
CN105550573B (en) The method and apparatus for intercepting bundled software
Rai Android Application Security Essentials
CN105975860B (en) A kind of trust file management method, device and equipment
CN105592105B (en) Guarantee the asynchronous system Network Access Method and device of safety
CN107592217A (en) A kind of user identification method and device
CN104751026A (en) Software protection method and software application method of android system, and related devices
CN107368738A (en) A kind of anti-Root method and devices of smart machine

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190222

RJ01 Rejection of invention patent application after publication