CN111046388A - Method for identifying third-party SDK in application, intelligent terminal and storage medium - Google Patents
Method for identifying third-party SDK in application, intelligent terminal and storage medium Download PDFInfo
- Publication number
- CN111046388A CN111046388A CN201911293328.6A CN201911293328A CN111046388A CN 111046388 A CN111046388 A CN 111046388A CN 201911293328 A CN201911293328 A CN 201911293328A CN 111046388 A CN111046388 A CN 111046388A
- Authority
- CN
- China
- Prior art keywords
- party sdk
- party
- feature
- sdk
- identifying
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Stored Programmes (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a method for identifying a third-party SDK in an application, an intelligent terminal and a storage device, wherein the method for identifying the third-party SDK in the application comprises the following steps: acquiring the characteristics of the third-party SDK, inputting the characteristics into a characteristic library and defining characteristic rules; and the decompiling application acquires a decompiling code, and retrieves the decompiling code according to the characteristic rule to acquire the third-party SDK. The method comprises the steps of establishing a feature library by obtaining features of a third-party SDK, wherein the obtained features of the third-party SDK are at least one item of the features of the third-party SDK; during retrieval, the feature rules of the third-party SDK are defined by the feature sets in the feature library, the range of retrieving the third-party SDK is expanded or reduced, and the accuracy of retrieving the third-party SDK in the application program is improved.
Description
Technical Field
The invention relates to the technical field of mobile application detection, in particular to a method for identifying a third-party SDK in an application, an intelligent terminal and a storage medium.
Background
In the safety monitoring of Android applications, it is necessary to identify which third-party SDKs are integrated in the applications. The third-party SDK is a software development kit integrated in the application according to the service requirement in the Android application development process. After the application containing the third-party SDK is installed, part of the third-party SDK can acquire the related information of the intelligent terminal: for example, the IMEI, the user location information, and other private information may also cause a vulnerability in the application program, making the intelligent terminal vulnerable to virus attacks, and causing a data security problem.
The existing detection method is to extract the name of a Java code packet of the third-party SDK as an identification feature, and search whether the decompiled code contains the third-party SDK or not through the code packet after decompiling a file.
Disclosure of Invention
In order to solve the problem that the third-party SDK in the inverse coding code is difficult to screen out or accurately search for the third-party SDK by taking the code packet as the third-party SDK characteristic in the prior art, the invention provides a method for identifying the third-party SDK in application, an intelligent terminal and a storage device.
The invention is realized by the following technical scheme:
a method of identifying a third party SDK in an application, comprising:
acquiring the characteristics of the third-party SDK, inputting the characteristics into a characteristic library and defining characteristic rules;
the decompiling application acquires a decompiling code, and retrieves the decompiling code according to the characteristic rule to acquire a third-party SDK;
and if the third-party SDK cannot be obtained, updating the feature library and/or modifying the feature rule until the third-party SDK in the inverse coding code is obtained.
The method for identifying the third-party SDK in the application, wherein the characteristics comprise: packet name, string and operation code.
The method for identifying the third-party SDK in the application, wherein the obtaining the feature of the third-party SDK, inputting the feature into the feature library, and defining the feature rule specifically includes:
acquiring a plurality of third-party SDKs and a plurality of feature input feature libraries of the third-party SDKs;
selecting a plurality of said features as identifying features;
defining the characteristic rule as follows: according to any one of the identification features;
the retrieving the inverse encoding code according to the feature rule to obtain the third-party SDK specifically comprises the following steps:
and if the inverse coding code contains any one of the identification features, acquiring the third-party SDK according to the identification features.
The method for identifying the third-party SDK in the application, wherein the obtaining the feature of the third-party SDK, inputting the feature into the feature library, and defining the feature rule specifically includes:
acquiring a plurality of third-party SDKs and a plurality of feature input feature libraries of the third-party SDKs;
selecting a plurality of said features as identifying features;
defining the characteristic rule as follows: all the identification features are met;
the retrieving the inverse encoding code according to the feature rule to obtain the third-party SDK specifically comprises the following steps:
and if the inverse coding code contains all the characteristics in the identification characteristics, acquiring the third-party SDK according to the identification characteristics.
The method for identifying the third-party SDK in the application, wherein the step of retrieving the inverse coding code according to the characteristic rule to obtain the third-party SDK further comprises the following steps:
and if a plurality of third-party SDKs are obtained, updating the feature library and/or modifying the feature rule, and reducing the number of the third-party SDKs in the obtained inverse coding code.
The method for identifying the third-party SDK in the application, wherein the updating the feature library specifically includes:
and adding a new third-party SDK in the feature library, and adding the features of the third-party SDK in the feature library.
The method for identifying the third-party SDK in the application, wherein the updating the feature library specifically includes:
and selecting the existing third-party SDK in the feature library, and modifying the features of the third-party SDK.
The method for identifying the third-party SDK in the application, wherein the updating the feature library specifically includes:
deleting the existing third-party SDK in the feature library, or deleting the features of the third-party SDK.
An intelligent terminal, comprising: the device comprises a memory, a processor and a third-party SDK program in the identification application, wherein the third-party SDK program is stored on the memory and can run on the processor, and when the third-party SDK program in the identification application is executed by the processor, the method for identifying the third-party SDK in the application is realized.
A storage medium stores a third-party SDK program in an identification application, and when the third-party SDK program in the identification application is executed by a processor, the method for identifying the third-party SDK in the application is realized.
The invention has the beneficial effects that:
the method for identifying the third-party SDK in the application, provided by the invention, comprises the steps of establishing a feature library by acquiring the features of the third-party SDK, wherein the acquired features of the third-party SDK are at least one of the features of the third-party SDK; during retrieval, the feature rules of the third-party SDK are defined by the feature sets in the feature library, the range of retrieving the third-party SDK is expanded or reduced, and the accuracy of retrieving the third-party SDK in the application program is improved.
Drawings
FIG. 1 is a schematic workflow diagram of a method of identifying third party SDKs in an application according to the present invention;
fig. 2 is a schematic diagram of an operating environment of an intelligent terminal according to the present invention.
Detailed Description
In order to make the objects, technical solutions and effects of the present invention clearer and clearer, the present invention is further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, the present invention discloses a method for identifying a third-party SDK in an application, which specifically includes the following steps:
s100, obtaining the characteristics of the third-party SDK, inputting the characteristics into a characteristic library and defining characteristic rules.
In step S100, the features are features of the third-party SDK, which include but are not limited to: packet name, string and operation code. For example, the extracted data packets are all expression forms of the third-party SDK in the application code, for example, the name of the data packet is the name of the third-party SDK, the character string is a variable of a certain statement in a certain function in the third-party SDK, and the operation code is a part of an instruction or a field of the third-party SDK when the third-party SDK executes an operation. Through the characteristics, whether the third-party SDK is contained in the application program or not can be identified. Different from the prior art, the method and the device for acquiring the third-party SDK are not limited to a certain specified characteristic of the third-party SDK, but all characteristics acquired by the third-party SDK are input into the characteristic library for recording, so that the screening condition for acquiring the third-party SDK is improved, and the third-party SDK is ensured to be acquired in an application program in a matching manner.
As can be seen from the above, the third-party SDK is identified and screened by identifying a plurality of the features, and is specifically represented by defining feature rules according to the plurality of features, and then retrieving the third-party SDK according to the feature rules, and the specific operation manner is as follows:
s101, obtaining a plurality of third-party SDKs and obtaining a plurality of feature input feature libraries of the third-party SDKs.
S102, selecting a plurality of characteristics as identification characteristics.
S103, defining the characteristic rule as follows: any one of the identification features is met.
The requirement concrete expression of the above process is that if the application program includes a software development kit, and the software development kit conforms to any one of the identification features, the third-party SDK is acquired, and the non-conforming item in the identification features is ignored. When the feature rule is defined, the plurality of identification features are in an or relationship, and because the third-party SDK only meets one identification feature, namely is obtained by screening, the screening range of the third-party SDK can be expanded, and the third-party SDK specified in the application program can be searched for according to functions and categories.
In steps S101 to S103, the step S103 may be replaced by:
s104, defining the characteristic rule as follows: all of the identifying features are met.
The requirement concrete expression of the above process is that if the application program includes a software development kit, and the software development kit conforms to all the identification features, the third-party SDK is acquired. And if any one of the identification features is not met, ignoring. When the feature rule is defined, the identification features are in an and relationship, and the third-party SDK is required to meet the identification features and is obtained through screening, so that the screening range of the third-party SDK can be reduced, and the third-party SDK specified in the application program can be accurately searched.
S200, the decompiling application acquires a decompiling code, and retrieves the decompiling code according to the characteristic rule to acquire a third-party SDK.
In step S200, a reverse-coded code is retrieved according to a plurality of the features. The reverse coding is to reversely analyze and deduce the source code of the application program according to the executable function of the application program, and the obtained source code is the reverse coding. And searching the part which accords with the characteristic rule in the inverse coding code to obtain the third-party SDK contained in the inverse coding code.
Since the search of the third-party SDK is obtained through the feature rule, the work flow of the step S200 has a difference according to the feature rule established in the above steps S101 to S103 and according to the feature rule specified in the above steps S101 to S104:
according to the feature rules formulated in steps S101-S103, the specific process of S200 is:
and if the inverse coding code contains any one of the identification features, acquiring the third-party SDK according to the identification features.
According to the feature rules formulated in steps S101-S104, the specific process of S200 is:
and if the inverse coding code contains all the characteristics in the identification characteristics, acquiring the third-party SDK according to the identification characteristics.
When the third-party SDK is acquired, the conditions for acquiring the third-party SDK are different: if so, accurately acquiring a certain third-party SDK in the application program; it is sometimes necessary to obtain a third party SDK that includes the same function or type in an application. Therefore, a feature library is required that allows modification of the original feature rules.
For the existing third-party SDK, updating new features also needs to be performed on the corresponding third-party SDK features in the feature library, otherwise, correct screening conditions cannot be matched, and the third-party SDK cannot be obtained. Thus, the method for identifying a third-party SDK in an application further includes, after step S200:
and S301, if the third-party SDK cannot be obtained, updating the feature library and/or modifying the feature rule until the third-party SDK in the inverse coding code is obtained.
Step S301 indicates that in the screening process, there are many identification features, and the identification features are in an and relationship, and the screening condition is more stringent, and whether the application program includes the third party SDK may be determined by deleting part of the identification features, or modifying part of the and relationship, i.e., changing the feature rule to change the screening condition.
In step S301, there is also a case that part of the features in the feature library are error features, and the user can update the feature library by modifying the features in the feature library, so as to ensure correct identification of the method for identifying the third-party SDK in the application.
In the process of retrieving the third party SDK, in addition to step S301, the number of the acquired third party SDKs may be too large to accurately locate the required third party SDK, and therefore, the method for identifying the third party SDK in the application further includes, after step S200:
s302, if a plurality of third-party SDKs are obtained, the feature library is updated and/or the feature rule is modified, and the number of the third-party SDKs in the inverse coding code is reduced.
Similar to step S301, the filtering condition may be narrowed down according to the "and" relationship in the updated feature library and the modified feature rule, so as to accurately locate the third party SDK.
In steps S301 and S302, there are three ways to update the feature library, which are addition, update, or deletion, specifically:
adding: adding a new third-party SDK in the feature library, and adding the features of the third-party SDK in the feature library; or selecting an existing third-party SDK in the feature library, and adding the features of the third-party SDK.
Updating: and selecting the existing third-party SDK in the feature library, and modifying the features of the third-party SDK.
And (3) deleting: deleting the existing third-party SDK in the feature library, or deleting the features of the third-party SDK.
The significance of updating the feature library is that the user can increase the number of features in time according to the type of the third-party SDK, and the accuracy of the feature library is improved; features that have been obsolete or erroneous are deleted, reducing redundancy in the feature library. The convenience and accuracy of the use of the feature library are improved.
Referring to fig. 2, based on the above method for identifying the third party SDK in the application, the present invention further provides an intelligent terminal 10, which specifically includes: a memory 11, a processor 12, and a third-party SDK program 13 stored on the memory 11 and operable on the processor 12, wherein when the processor 12 executes the third-party SDK program 13, the following steps are implemented:
s100, obtaining the characteristics of the third-party SDK, inputting the characteristics into a characteristic library and defining characteristic rules.
The S100 includes:
s101, obtaining a plurality of third-party SDKs and obtaining a plurality of feature input feature libraries of the third-party SDKs.
S102, selecting a plurality of characteristics as identification characteristics.
S103, defining the characteristic rule as follows: any one of the identification features is met.
The S103 may instead be:
s104, defining the characteristic rule as follows: all of the identifying features are met.
S200, the decompiling application acquires a decompiling code, and retrieves the decompiling code according to the characteristic rule to acquire a third-party SDK.
According to the feature rules formulated in steps S101-S103, the specific process of S200 is:
s201, if the inverse coding code contains any one of the identification features, the third-party SDK is obtained according to the identification features.
According to the feature rules formulated in steps S101-S104, the specific process of S200 is:
s202, if the inverse coding code contains all the characteristics in the identification characteristics, the third-party SDK is obtained according to the identification characteristics.
After S200 is:
and S301, if the third-party SDK cannot be obtained, updating the feature library and/or modifying the feature rule until the third-party SDK in the inverse coding code is obtained.
Or, after the step S200:
s302, if a plurality of third-party SDKs are obtained, the feature library is updated and/or the feature rule is modified, and the number of the third-party SDKs in the inverse coding code is reduced.
Based on the method for identifying the third-party SDK in the application, the present invention further provides a storage medium, where the storage medium stores a third-party SDK program in the identification application, and when the third-party SDK program in the identification application is executed by the processor, the method for identifying the third-party SDK in the application is implemented.
The method for identifying the third-party SDK in the application inputs a plurality of feature information of the third-party SDK in the feature library, selects the plurality of feature information to establish the relation of AND and or, defines the relation as a feature rule, and screens out the third-party SDK in the inverse coding and decoding through feature rule retrieval. If the retrieval number of the third-party SDK is too large or the required third-party SDK is not retrieved after retrieval, the third-party SDK can be retrieved again by modifying the characteristic rule or updating the characteristics of the third-party SDK. When the characteristics of the third-party SDK are changed, the characteristics in the characteristic library can be updated in time, and the problem that the third-party SDK in the application program cannot be searched due to characteristic errors is avoided.
The intelligent terminal 10 and the storage medium disclosed in the present invention are based on the method for identifying the third party SDK in the application disclosed in the present invention, so that when the intelligent terminal 10 is running and the storage medium is executed by the processor, the same technical effect as the above-mentioned method for identifying the third party SDK in the application can be achieved.
It is to be understood that the invention is not limited to the examples described above, but that modifications and variations may be effected thereto by those of ordinary skill in the art in light of the foregoing description, and that all such modifications and variations are intended to be within the scope of the invention as defined by the appended claims.
Claims (10)
1. A method for identifying a third-party SDK in an application is characterized in that the method for identifying the third-party SDK in the application comprises the following steps:
acquiring the characteristics of the third-party SDK, inputting the characteristics into a characteristic library and defining characteristic rules;
the decompiling application acquires a decompiling code, and retrieves the decompiling code according to the characteristic rule to acquire a third-party SDK;
and if the third-party SDK cannot be obtained, updating the feature library and/or modifying the feature rule until the third-party SDK in the inverse coding code is obtained.
2. The method of identifying a third party SDK in an application of claim 1, wherein the features include: packet name, string and operation code.
3. The method according to claim 1, wherein the obtaining the characteristics of the third-party SDK, inputting the characteristics into a characteristic library, and defining characteristic rules specifically comprises:
acquiring a plurality of third-party SDKs and a plurality of feature input feature libraries of the third-party SDKs;
selecting a plurality of said features as identifying features;
defining the characteristic rule as follows: according to any one of the identification features;
the retrieving the inverse encoding code according to the feature rule to obtain the third-party SDK specifically comprises the following steps:
and if the inverse coding code contains any one of the identification features, acquiring the third-party SDK according to the identification features.
4. The method according to claim 1, wherein the obtaining the characteristics of the third-party SDK, inputting the characteristics into a characteristic library, and defining characteristic rules specifically comprises:
acquiring a plurality of third-party SDKs and a plurality of feature input feature libraries of the third-party SDKs;
selecting a plurality of said features as identifying features;
defining the characteristic rule as follows: all the identification features are met;
the retrieving the inverse encoding code according to the feature rule to obtain the third-party SDK specifically comprises the following steps:
and if the inverse coding code contains all the characteristics in the identification characteristics, acquiring the third-party SDK according to the identification characteristics.
5. The method of claim 3 or 4, wherein the retrieving the inverse code according to the feature rule to obtain the third-party SDK further comprises:
and if a plurality of third-party SDKs are obtained, updating the feature library and/or modifying the feature rule, and reducing the number of the third-party SDKs in the obtained inverse coding code.
6. The method for identifying a third-party SDK in an application of claim 5, wherein the updating the feature library specifically comprises:
and adding a new third-party SDK in the feature library, and adding the features of the third-party SDK in the feature library.
7. The method for identifying a third party SDK in an application according to claim 1, wherein the updating the feature library specifically comprises:
and selecting the existing third-party SDK in the feature library, and modifying the features of the third-party SDK.
8. The method for identifying a third party SDK in an application according to claim 1, wherein the updating the feature library specifically comprises:
deleting the existing third-party SDK in the feature library, or deleting the features of the third-party SDK.
9. An intelligent terminal, characterized in that, intelligent terminal includes: the device comprises a memory, a processor and a third-party SDK program in the identification application, wherein the third-party SDK program in the identification application is stored on the memory and can run on the processor, and when the third-party SDK program in the identification application is executed by the processor, the method for identifying the third-party SDK in the application is realized according to any one of claims 1 to 8.
10. A storage medium storing a third-party SDK program for identifying applications, wherein the third-party SDK program for identifying applications is executed by a processor to implement the method for identifying third-party SDKs in applications according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911293328.6A CN111046388B (en) | 2019-12-16 | 2019-12-16 | Method for identifying third-party SDK in application, intelligent terminal and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911293328.6A CN111046388B (en) | 2019-12-16 | 2019-12-16 | Method for identifying third-party SDK in application, intelligent terminal and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111046388A true CN111046388A (en) | 2020-04-21 |
| CN111046388B CN111046388B (en) | 2022-09-13 |
Family
ID=70236652
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911293328.6A Active CN111046388B (en) | 2019-12-16 | 2019-12-16 | Method for identifying third-party SDK in application, intelligent terminal and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111046388B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111338622A (en) * | 2020-05-15 | 2020-06-26 | 支付宝(杭州)信息技术有限公司 | Supply chain code identification method, device, server and readable storage medium |
| CN111654495A (en) * | 2020-06-03 | 2020-09-11 | 百度在线网络技术(北京)有限公司 | Method, apparatus, device and storage medium for determining traffic generation source |
| CN112287343A (en) * | 2020-10-16 | 2021-01-29 | 深圳市和讯华谷信息技术有限公司 | SDK monitoring method and device, computer equipment and storage medium |
Citations (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102184234A (en) * | 2011-05-13 | 2011-09-14 | 百度在线网络技术(北京)有限公司 | Method and equipment used for inquiring, increasing, updating or deleting information processing rules |
| CN102779257A (en) * | 2012-06-28 | 2012-11-14 | 奇智软件(北京)有限公司 | Security detection method and system of Android application program |
| CN102831338A (en) * | 2012-06-28 | 2012-12-19 | 北京奇虎科技有限公司 | Security detection method and system of Android application program |
| CN103729384A (en) * | 2012-10-16 | 2014-04-16 | 中国移动通信集团公司 | Information filtering method, system and device |
| CN103761475A (en) * | 2013-12-30 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for detecting malicious code in intelligent terminal |
| CN104933368A (en) * | 2014-03-21 | 2015-09-23 | 腾讯科技(深圳)有限公司 | Network security vulnerability detection method and apparatus |
| CN105184160A (en) * | 2015-07-24 | 2015-12-23 | 哈尔滨工程大学 | API object calling relation graph based method for detecting malicious behavior of application program in Android mobile phone platform |
| CN106453256A (en) * | 2016-09-09 | 2017-02-22 | 四川长虹电器股份有限公司 | Password feature library system with automatic learning function and learning method thereof |
| CN106528421A (en) * | 2016-11-09 | 2017-03-22 | 国网浙江省电力公司电力科学研究院 | Method for processing SDKs in Android applications |
| CN107196828A (en) * | 2016-03-15 | 2017-09-22 | 北京京东尚科信息技术有限公司 | Access and the method using equipment in intelligence networks network |
| CN107547536A (en) * | 2017-08-28 | 2018-01-05 | 新华三信息安全技术有限公司 | A kind of feature database update method and device |
| CN107634931A (en) * | 2016-07-18 | 2018-01-26 | 深圳市深信服电子科技有限公司 | Processing method, cloud server, gateway and the terminal of abnormal data |
| CN107844705A (en) * | 2017-11-14 | 2018-03-27 | 苏州棱镜七彩信息科技有限公司 | Third party's component leak detection method based on binary code feature |
| CN108037928A (en) * | 2017-12-13 | 2018-05-15 | 北京小米移动软件有限公司 | Software development kit tools SDK detection method and device |
| CN109284380A (en) * | 2018-09-25 | 2019-01-29 | 平安科技(深圳)有限公司 | Illegal user's recognition methods and device, electronic equipment based on big data analysis |
| CN109376743A (en) * | 2018-09-28 | 2019-02-22 | 北京旷视科技有限公司 | Image processing method, device, image recognition apparatus and storage medium |
| WO2019143412A1 (en) * | 2018-01-19 | 2019-07-25 | Umajin Inc. | Configurable server kit |
| CN110399729A (en) * | 2019-04-11 | 2019-11-01 | 国家计算机网络与信息安全管理中心 | A kind of binary software analysis1 method based on module diagnostic weight |
| CN110543506A (en) * | 2019-09-10 | 2019-12-06 | 百度在线网络技术(北京)有限公司 | Data analysis method and device, electronic equipment and storage medium |
-
2019
- 2019-12-16 CN CN201911293328.6A patent/CN111046388B/en active Active
Patent Citations (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102184234A (en) * | 2011-05-13 | 2011-09-14 | 百度在线网络技术(北京)有限公司 | Method and equipment used for inquiring, increasing, updating or deleting information processing rules |
| CN102779257A (en) * | 2012-06-28 | 2012-11-14 | 奇智软件(北京)有限公司 | Security detection method and system of Android application program |
| CN102831338A (en) * | 2012-06-28 | 2012-12-19 | 北京奇虎科技有限公司 | Security detection method and system of Android application program |
| CN103729384A (en) * | 2012-10-16 | 2014-04-16 | 中国移动通信集团公司 | Information filtering method, system and device |
| CN103761475A (en) * | 2013-12-30 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for detecting malicious code in intelligent terminal |
| CN104933368A (en) * | 2014-03-21 | 2015-09-23 | 腾讯科技(深圳)有限公司 | Network security vulnerability detection method and apparatus |
| CN105184160A (en) * | 2015-07-24 | 2015-12-23 | 哈尔滨工程大学 | API object calling relation graph based method for detecting malicious behavior of application program in Android mobile phone platform |
| CN107196828A (en) * | 2016-03-15 | 2017-09-22 | 北京京东尚科信息技术有限公司 | Access and the method using equipment in intelligence networks network |
| CN107634931A (en) * | 2016-07-18 | 2018-01-26 | 深圳市深信服电子科技有限公司 | Processing method, cloud server, gateway and the terminal of abnormal data |
| CN106453256A (en) * | 2016-09-09 | 2017-02-22 | 四川长虹电器股份有限公司 | Password feature library system with automatic learning function and learning method thereof |
| CN106528421A (en) * | 2016-11-09 | 2017-03-22 | 国网浙江省电力公司电力科学研究院 | Method for processing SDKs in Android applications |
| CN107547536A (en) * | 2017-08-28 | 2018-01-05 | 新华三信息安全技术有限公司 | A kind of feature database update method and device |
| CN107844705A (en) * | 2017-11-14 | 2018-03-27 | 苏州棱镜七彩信息科技有限公司 | Third party's component leak detection method based on binary code feature |
| CN108037928A (en) * | 2017-12-13 | 2018-05-15 | 北京小米移动软件有限公司 | Software development kit tools SDK detection method and device |
| WO2019143412A1 (en) * | 2018-01-19 | 2019-07-25 | Umajin Inc. | Configurable server kit |
| CN109284380A (en) * | 2018-09-25 | 2019-01-29 | 平安科技(深圳)有限公司 | Illegal user's recognition methods and device, electronic equipment based on big data analysis |
| CN109376743A (en) * | 2018-09-28 | 2019-02-22 | 北京旷视科技有限公司 | Image processing method, device, image recognition apparatus and storage medium |
| CN110399729A (en) * | 2019-04-11 | 2019-11-01 | 国家计算机网络与信息安全管理中心 | A kind of binary software analysis1 method based on module diagnostic weight |
| CN110543506A (en) * | 2019-09-10 | 2019-12-06 | 百度在线网络技术(北京)有限公司 | Data analysis method and device, electronic equipment and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| TAEGUEN KIM 等: "A Multimodal Deep Learning Method for Android Malware Detection Using Various Feature", 《IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY》 * |
| 张楠 等: "Android平台安全防护系统的设计与实现", 《软件工程师》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111338622A (en) * | 2020-05-15 | 2020-06-26 | 支付宝(杭州)信息技术有限公司 | Supply chain code identification method, device, server and readable storage medium |
| CN111338622B (en) * | 2020-05-15 | 2020-08-11 | 支付宝(杭州)信息技术有限公司 | Supply chain code identification method, device, server and readable storage medium |
| CN111654495A (en) * | 2020-06-03 | 2020-09-11 | 百度在线网络技术(北京)有限公司 | Method, apparatus, device and storage medium for determining traffic generation source |
| CN112287343A (en) * | 2020-10-16 | 2021-01-29 | 深圳市和讯华谷信息技术有限公司 | SDK monitoring method and device, computer equipment and storage medium |
| CN112287343B (en) * | 2020-10-16 | 2024-06-25 | 深圳市和讯华谷信息技术有限公司 | SDK monitoring method, device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111046388B (en) | 2022-09-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111046388B (en) | Method for identifying third-party SDK in application, intelligent terminal and storage medium | |
| CN106874180B (en) | Detection system and method thereof | |
| CN106951228B (en) | Method and device for processing differences in version iteration | |
| US9449175B2 (en) | Method and apparatus for analyzing and detecting malicious software | |
| CN106325927B (en) | interception method and device applied to dynamic library API in linux system | |
| CN107346284B (en) | Application program detection method and detection device | |
| US7688757B2 (en) | Method and apparatus for assessing sourced elements | |
| CN107368513B (en) | Method and device for updating client database | |
| CN112154420A (en) | Automatic intelligent cloud service testing tool | |
| CN108268773B (en) | Android application upgrade package local storage security detection method | |
| US20180246717A1 (en) | Identification of duplicate function implementations | |
| WO2021120628A1 (en) | Blockchain-based sensitive word detection method and apparatus, computer device and computer-readable storage medium | |
| CN113672628A (en) | Data blood margin analysis method, terminal device and medium | |
| CN113282799A (en) | Node operation method and device, computer equipment and storage medium | |
| JP2021002326A (en) | Refinement of repair patterns for static analysis violations in software programs | |
| CN108710492B (en) | Method for identifying third-party library in APP program | |
| CN116933316A (en) | Method and device for analyzing consistency of intelligent terminal application sensitive behavior and privacy policy | |
| CN107451050B (en) | Function acquisition method and device and server | |
| CN107506474B (en) | Database operation method and device based on object mapping | |
| CN113626823B (en) | Method and device for detecting interaction threat among components based on reachability analysis | |
| CN115951916A (en) | Component processing method and device, electronic equipment and storage medium | |
| CN110598408B (en) | App clone detection method and system based on function layer coding | |
| CN112887328A (en) | Sample detection method, device, equipment and computer readable storage medium | |
| CN112130860A (en) | JSON object analysis method and device, electronic device and storage medium | |
| CN109213490A (en) | A kind of program processing method, device and relevant device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |