CN111143831A - Installation package privacy permission scanning method and device and computer equipment - Google Patents
Installation package privacy permission scanning method and device and computer equipment Download PDFInfo
- Publication number
- CN111143831A CN111143831A CN201911348222.1A CN201911348222A CN111143831A CN 111143831 A CN111143831 A CN 111143831A CN 201911348222 A CN201911348222 A CN 201911348222A CN 111143831 A CN111143831 A CN 111143831A
- Authority
- CN
- China
- Prior art keywords
- installation package
- sensitive
- preset
- authority
- permission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Telephone Function (AREA)
Abstract
The invention provides an installation package privacy permission scanning method and device, wherein the method comprises the following steps: acquiring a preset sensitive authority list in an intelligent terminal; acquiring an aggregation of function names corresponding to each sensitive authority list; taking an aggregate of function names of the preset sensitive permission list as a preset keyword; acquiring an apk android installation package, and converting the apk android installation package to obtain a corresponding java source code; scanning and retrieving preset keywords for the java source codes; and when the preset keyword is retrieved, judging that the android installation package has the authority of acquiring the sensitive information. The method comprises the steps of extracting source codes of an android installation package, and comparing the source codes with preset keywords to judge whether the installation package has sensitive permission information. Whether the operation of obtaining the sensitive authority exists can be obtained in advance before the apk is installed, and the method is favorable for protecting the sensitive information of the user from being damaged.
Description
Technical Field
The invention relates to the field of network security, in particular to a method and a device for scanning privacy authorities of an installation package and computer equipment.
Background
Some third parties sdk (Software Development Kit) are often accessed in the Android system, it is generally difficult for sdk of these third parties to detect whether it can acquire sensitive information of the device, such as an Identification (ID) of the device, a Media Access Control (Mac) address, and the like, which may cause privacy disclosure of the user, and all actions of acquiring the sensitive information of the user need to add a privacy policy and be agreed by the user, otherwise privacy risk of the apk (Android Package) is increased. The financial risk that information is stolen exists when a user uses the android mobile phone. When the user installs the apk software, the pop-up prompt message is selected to be accepted by default, so that the risk exists after the apk software is installed.
Disclosure of Invention
The invention aims to solve the problems in the prior art, and provides an installation package privacy authority scanning method, an installation package privacy authority scanning device and a computer device, which are used for solving the defects in the prior art.
Specifically, an embodiment of the present invention provides an installation package privacy permission scanning method, including:
acquiring a preset sensitive authority list in an intelligent terminal;
acquiring an aggregation of function names corresponding to each sensitive authority list;
taking an aggregate of function names of the preset sensitive permission list as a preset keyword;
acquiring an apk android installation package, and converting the apk android installation package to obtain a corresponding java source code;
scanning and retrieving preset keywords for the java source codes;
and when the preset keyword is retrieved, judging that the android installation package has the authority of acquiring the sensitive information.
Further, obtaining an apk android installation package, and converting the apk android installation package to obtain a corresponding java source code specifically includes:
modifying the suffix name of the android installation package into a format which can be identified by preset decompression software;
decompressing the android installation package with the modified suffix name by using preset decompressing software to obtain a dex file;
converting the dex file into a jar file by using a first preset tool;
and converting the jar file into java source code by using a second preset tool.
Further, after it is determined that the android installation package has the authority to acquire sensitive information, the method further includes:
displaying preset keywords which are searched in the installation package and used for reflecting the permission of obtaining the sensitive information to a user through a graphical interface, and giving operation prompt information for subsequent operation of each piece of sensitive permission information;
responding to the operation of a user on the graphical interface, and correspondingly modifying the java source code;
and recompiling and packaging the modified java source codes to generate a new android software apk package.
Further, after it is determined that the android installation package has the authority to acquire sensitive information, the method further includes:
determining the directory position of the android installation package;
and generating a corresponding txt document at the directory position according to the sensitive permission list, wherein the document is used for recording the related content of the sensitive permission.
Further, after it is determined that the android installation package has the authority to acquire sensitive information, the method further includes:
receiving a selection instruction of a user, wherein the selection instruction is an instruction for selecting a sensitive authority from the sensitive authority list by the user;
determining a function statement corresponding to the selected sensitive permission;
performing shielding annotation on the function statement;
and recording the relevant information generated by the shielding annotation in the txt document.
Further, the sensitive permission list includes: the method comprises the steps of obtaining a device ID, obtaining a device Mac, obtaining contact person information, obtaining a call record, obtaining memory information, obtaining position information, performing screen capture operation and automatically recording.
The embodiment of the invention also provides a device for scanning the privacy authority of the installation package, which comprises:
the sensitive authority acquisition module is used for acquiring a sensitive authority list preset in the intelligent terminal;
the function name acquisition module is used for acquiring an aggregation of function names corresponding to each sensitive authority list;
the keyword selection module is used for taking the aggregation of the function names of the preset sensitive authority list as a preset keyword;
the installation package obtaining and converting module is used for obtaining an apk android installation package and converting the apk android installation package to obtain a corresponding java source code;
the scanning retrieval module is used for scanning and retrieving preset keywords for the java source codes;
and the judging module is used for judging that the android installation package has the permission to acquire the sensitive information when the preset keywords are retrieved.
Further, the acquiring and converting module specifically includes:
a suffix name modifying unit, configured to modify a suffix name of the android installation package into a format that can be recognized by preset decompression software;
the decompression operation unit is used for carrying out decompression operation on the android installation package with the modified suffix name by utilizing preset decompression software to obtain a dex file;
the first conversion unit is used for converting the dex file into the jar file by using a first preset tool;
and the second conversion unit is used for converting the jar file into the java source code by using a second preset tool.
The embodiment of the invention also provides computer equipment, which comprises a memory and a processor, wherein the memory is used for storing a computer program, and the processor runs the computer program to enable the computer equipment to execute the installation package privacy authority scanning method.
An embodiment of the present invention further provides a computer-readable storage medium, which stores the computer program used in the computer device described above.
Compared with the prior art, the technical scheme provided by the invention at least has the following beneficial effects: firstly, extracting source codes of the android installation package, and then comparing the source codes with preset keywords to judge whether the installation package has sensitive authority information. The user can acquire whether the operation of acquiring the sensitive authority exists in advance before the apk is installed. And giving a corresponding permission risk prompt. Therefore, the method can ensure that the sensitive risk prompt is sent to the user before installation, and is favorable for protecting the sensitive information of the user from being damaged.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 is a flowchart of an installation package privacy authority scanning method according to an embodiment of the present invention;
fig. 2 is a specific flowchart of the conversion of the apk android installation package to obtain corresponding java source code according to the embodiment of the present invention;
fig. 3 is a flowchart of an installation package privacy authority scanning method according to a second embodiment of the present invention;
fig. 4 is a flowchart of an installation package privacy authority scanning method according to a third embodiment of the present invention;
fig. 5 is a flowchart of an installation package privacy authority scanning method according to a fourth embodiment of the present invention;
fig. 6 is a block diagram of an installation package privacy authority scanning apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The terminology used in the various embodiments of the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the various embodiments of the present disclosure. Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the various embodiments of the present disclosure belong. The terms (such as those defined in commonly used dictionaries) should be interpreted as having a meaning that is consistent with their contextual meaning in the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined in various embodiments of the present disclosure.
Example one
As shown in fig. 1, an embodiment of the present invention provides an installation package privacy permission scanning method, including:
s101, a preset sensitive authority list in the intelligent terminal is obtained.
Acquiring a preset sensitive authority list in an intelligent terminal; the sensitive permission list includes: the method comprises the steps of obtaining a device ID, obtaining a device Mac, obtaining contact person information, obtaining a call record, obtaining memory information, obtaining position information, performing screen capture operation, automatically recording and the like.
Corresponding risk grade classification can be carried out on each sensitive authority list; and classifying according to the degree of obtaining the user privacy information. For example: the risk level of obtaining the call record is higher than the risk level of obtaining the device ID.
And S102, acquiring an aggregation of function names corresponding to each sensitive authority list.
There may be multiple function names corresponding to each sensitive permission list, and it is necessary to find out the aggregate of all possible function names. The aggregate of functions for sensitive authority to get device id operations is, for example, getDeviceId, etc. functions.
And S103, taking the aggregation of the function names of the preset sensitive authority list as a preset keyword.
The preset keyword is determined by performing similarity analysis on the original preset keyword provided by the user to obtain a preset keyword set. The selection of the preset keyword is important. If getDeviceId and the like are functions defined by developers, for the action of acquiring the id information of the device, the developer A can be realized by the getDeviceId function, but the developer B can also be realized by the getDeviceId function, and since the naming of the functions defined by the developers in java source codes is not uniquely determined, the scheme needs to screen out all possible function name sets. The function name set may be obtained through website collection. For example: common keywords for the id function of a device can be obtained from programming-related websites. For example: functions such as getDeviceId, etc. may all represent the id of the acquiring device. In the process, function content corresponding to the preset keyword needs to be identified and detected, because the function defined by the developer may be an empty statement, the number of lines of codes in the function can be counted to determine whether the function is the empty statement. Artificial intelligent semantic analysis software can be used for judging whether the function statement has the authority to acquire the sensitive privacy information. Acquiring an aggregation of function names corresponding to each sensitive authority; the aggregate of functions for sensitive authority to get device id operations is, for example, getDeviceId, etc. functions. And carrying out corresponding risk grade classification on each sensitive authority and prompting the user so as to protect the property safety and privacy safety of the user.
S104, obtaining an apk android installation package, and converting the apk android installation package to obtain a corresponding java source code.
As shown in fig. 2, obtaining an apk android installation package, and converting to obtain a java source code corresponding to the apk android installation package specifically includes:
s1041, modifying the suffix name of the android installation package into a format which can be identified by preset decompression software.
The apk suffix is modified into a suffix format which can be identified by zip, rar and other decompression software.
S1042, carrying out decompression operation on the android installation package with the modified suffix name by using preset decompression software to obtain a dex file.
And decompressing after one apk packet is modified to be zip to obtain file directories such as META-INF, res, classes, dex and the like, wherein the classes, dex file is a Java byte code file generated after Java source code compiling, and all source codes of apk are in the classes, dex file. The suffix name of the modified installation package can also be a suffix name which can be identified by decompression software such as rar and the like. And decompressing the installation package with the changed name by using decompression software of the system to obtain corresponding files and folders.
S1043, converting the dex file into a jar file by using a first preset tool.
Specifically, a dex2jar tool can be used to convert class.
S1044, converting the jar file into a java source code by using a second preset tool.
All class files in class jar files generated in the previous step can be converted into java files, including class files of third party sdk, by using a jd-gui tool.
S105, scanning and retrieving preset keywords for the java source codes.
The preset key is a function name aggregation which contains the set of all function names that acquire sensitive rights.
And S106, when the preset keyword is retrieved, judging that the android installation package has the authority of acquiring the sensitive information.
In the embodiment of the invention, the source code of the android installation package can be scanned, whether the source code comprises the preset keyword or not is identified, so that whether the installation package can acquire the sensitive information in the user equipment or not is identified, if the android installation package has the authority of acquiring the sensitive information, the installation of the android installation package can be prohibited, or after the corresponding code of the installation package is modified or deleted, the relevant code of the android installation package for acquiring the sensitive privacy authority is deleted, so that the installation of the android installation package can be permitted, the privacy of a user can be ensured, the sensitive or private information is prevented from being illegally acquired, and the safety is improved.
Example two
As shown in fig. 3, a second embodiment of the present invention provides an installation package privacy permission scanning method, including:
s201, a preset sensitive authority list in the intelligent terminal is obtained.
Acquiring a preset sensitive authority list in an intelligent terminal; the sensitive permission list includes: the method comprises the steps of obtaining a device ID, obtaining a device Mac, obtaining contact person information, obtaining a call record, obtaining memory information, obtaining position information, performing screen capture operation, automatically recording and the like.
S202, acquiring an aggregation of function names corresponding to each sensitive authority list.
There may be multiple function names corresponding to each sensitive permission list, and it is necessary to find out the aggregate of all possible function names. The aggregate of functions for sensitive authority to get device id operations is, for example, getDeviceId, etc. functions.
And S203, taking the aggregation of the function names of the preset sensitive authority list as a preset keyword.
S204, obtaining an apk android installation package, and converting the apk android installation package to obtain a corresponding java source code. Specifically, the apk suffix can be modified into a suffix format which can be identified by decompression software such as zip and rar, the preset decompression software is used for decompressing the installation package with the modified suffix name to obtain a dex file, the first preset tool is used for converting the dex file into a jar file, and the second preset tool is used for converting the jar file into a java source code.
S205, scanning and retrieving preset keywords for the java source code.
The user can customize a preset keyword or a preset key field corresponding to the sensitive permission list in software, and the common sensitive permission list comprises the following steps: the method comprises the steps of obtaining a device ID, obtaining a device Mac, obtaining contact person information, obtaining a call record, obtaining memory information, obtaining position information, carrying out screen capture operation and automatic recording, modifying system setting and the like. The keyword or the key field corresponding to each sensitive permission may be set in advance, for example, a preset keyword "getdeviceild" corresponding to the obtaining device ID is set, and in the process of scanning and retrieving the android installation package, it is identified whether the source code of the android installation package includes "getdeviceild" or a preset keyword corresponding to the obtaining sensitive information or the sensitive permission.
S206, when the preset keywords are retrieved, the android installation package is judged to have the permission of acquiring the sensitive information. For example, the preset keyword includes "getdeviceipid", and when scanning and retrieving the android installation package, it is recognized that the source code of the installation package includes "getdeviceipid", it may be determined that the android installation package has the authority to acquire sensitive information.
And S207, displaying the preset keywords of the acquired sensitive information authority retrieved from the installation package to a user through a graphical interface, and giving operation prompt information for subsequent operation of each piece of sensitive authority information.
Displaying the preset keywords for acquiring the sensitive permission information retrieved from the android installation package to a user through a graphical interface; giving operation prompt information for the subsequent operation of each sensitive authority information; the user can conveniently carry out subsequent self-processing. If keywords for acquiring the sensitive privacy authority are retrieved from the android installation package, a corresponding prompt can be output on a user interface, for example, a prompt is output on the user interface: 1. the application is displayed on top of other applications; 2. modifying or deleting the content in the SD card; 3. taking a picture and recording a video; 4. reading the content in the SD card; 5. acquiring an equipment identification code and a state; 6. modify system settings, etc.
In addition to giving the prompt, all options that the subsequent user of the sensitive permission information can manually operate can be given through the graphical interface, for example, an option of "allow" or "prohibit" is given after each piece of the prompt information, if the user selects "allow", the android installation package can be further installed, if the user selects "prohibit", the android installation package cannot be further installed, or even if the android installation package is installed, the related functions cannot be executed.
After the android installation package is judged to have the permission of acquiring the sensitive information, the method further comprises the following steps:
determining the directory position of the android installation package;
and generating a corresponding txt document at the directory position according to the sensitive permission list, wherein the document is used for recording the related content of the sensitive permission.
For the sensitive permission list, a txt document of permission description is generated under the same-name directory of the apk installation package, and the txt document can record the sensitive risk permissions stored in the apk installation package in detail. The name of the txt document is the same as that of the apk installation package, except that the suffix name of the installation package is apk, and the suffix name of the authority description document is txt.
And S208, responding to the operation of the user on the graphical interface, and correspondingly modifying the java source code.
After the android installation package is judged to have the permission of acquiring the sensitive information, the method further comprises the following steps:
receiving a selection instruction of a user, wherein the selection instruction is an instruction for selecting a sensitive authority from the sensitive authority list by the user;
determining a function statement corresponding to the selected sensitive permission;
performing shielding annotation on the function statement;
and recording the relevant information generated by the shielding annotation in the txt document.
Responding to the operation of a user on the graphical interface, and correspondingly modifying the java source code; specifically, codes can be used/annotated off at key codes in function statements with sensitive permission, and targeted annotation shielding can be performed on the function statements which are targeted to acquire sensitive permission operation according to the requirement of software per se. The java source code can be correspondingly modified through AI artificial intelligence. The relevant record information of the modification mask code operation can be recorded into a txt document of the authority specification.
S209, recompiling and packaging the modified java source codes to generate a new android software apk package.
The new installation software package is generated, and because the function of the sensitive authority which is not needed by the user is annotated in the code, the risk of acquiring the sensitive information of the user does not exist. And the actual requirements of the user are met. The associated recompiled package information may also be recorded in the txt document of the rights expression. And detecting that a sensitive function (such as functions for acquiring device ID information, such as getDeviceId, getDeviceID and the like) appears in the source code, automatically annotating the line where the source code is located, and after masking the function of the line of code, recompiling to generate a new apk installation package. the txt document makes a detailed record for each operation of the apk. The user can view the code mask modification information before and after the sensitive authority information is displayed through the document.
In the scheme, the method and the device have the advantages that the keywords are retrieved for the source codes, the annotation shielding is carried out on the source codes, the source codes are compiled again and packaged to generate the new android apk installation package, the permission for acquiring the sensitive information can be appointed according to the user requirements, and the user can clearly acquire which sensitive permissions for the corresponding apk installation package. Whether the android apk installation package has the permission of acquiring the sensitive information or not is judged, risk prompt and follow-up operation prompt information are given, and a user carries out corresponding risk clearing operation, namely the user carries out code function shielding on the unnecessary sensitive permission, recompilation and packaging are carried out again, and a new apk installation package is generated. The new apk installation package does not contain sensitive authority operation which is not needed by the user, and the security risk is small.
EXAMPLE III
As shown in fig. 4, a third embodiment of the present invention provides an installation package privacy permission scanning method, including:
s301, obtaining an apk android installation package to be installed on user equipment (such as a smart phone, a tablet computer and the like);
s302, converting the program code of android installation to be installed to obtain a java source code corresponding to the apk android installation package. Specifically, the apk suffix can be modified into a suffix format which can be identified by decompression software such as zip and rar, the preset decompression software is used for decompressing the installation package with the modified suffix name to obtain a dex file, the first preset tool is used for converting the dex file into a jar file, and the second preset tool is used for converting the jar file into a java source code.
S303, scanning and retrieving preset keywords for the java source code.
The user can customize a preset keyword or a preset key field corresponding to the sensitive permission list in software, and the common sensitive permission list comprises the following steps: the method comprises the steps of obtaining a device ID, obtaining a device Mac, obtaining contact person information, obtaining a call record, obtaining memory information, obtaining position information, carrying out screen capture operation and automatic recording, modifying system setting and the like. The keyword or the key field corresponding to each sensitive permission may be set in advance, for example, a preset keyword "getdeviceild" corresponding to the obtaining device ID is set, and in the process of scanning and retrieving the android installation package, it is identified whether the source code of the android installation package includes "getdeviceild" or a preset keyword corresponding to the obtaining sensitive information or the sensitive permission.
S304, when the preset keywords are retrieved, the android installation package is judged to have the permission of acquiring the sensitive information. For example, the preset keyword includes "getdeviceipid", and when scanning and retrieving the android installation package, it is recognized that the source code of the installation package includes "getdeviceipid", it may be determined that the android installation package has the authority to acquire sensitive information.
S305, carrying out risk level identification on the risk of the permission of acquiring the sensitive information contained in the android installation package to judge whether the risk is a high-risk apk.
S306, if the android package is a high-risk apk, outputting a prompt, and automatically stopping installation of the android installation package.
S307, if the android installation package is not a high-risk apk, displaying a corresponding prompt for acquiring the authority of the sensitive information retrieved from the android installation package to a user through a graphical interface, and giving a corresponding operation option after each prompt message, for example, giving options such as "allow", "prohibit", "modify", or "delete" after each prompt message, if the user selects "allow", the android installation package can be further installed, if the user selects "prohibit", the android installation package cannot be further installed, or even if the android installation package cannot execute related functions, if the user selects "modify" or "delete", the code of the android installation package needs to be modified or partially deleted, and then the installation of the apk can be further executed.
In the embodiment of the invention, the source code of the android installation package can be scanned, whether the source code comprises the preset keywords or not is identified, whether the installation package can acquire the sensitive information in the user equipment or not is identified, and if the android installation package has the permission of acquiring the sensitive information and belongs to a high risk level, the installation of the android installation package is automatically prevented; if the installation package does not belong to the high risk level, operation options can be provided for the user, after the corresponding codes of the installation package are modified or deleted, the relevant codes of the android installation package, which are used for acquiring the sensitive privacy authority, are deleted, so that the installation of the android installation package can be allowed, the privacy of the user can be guaranteed, the sensitive or private information is prevented from being illegally acquired, and the safety is improved.
Example four
As shown in fig. 5, a fourth embodiment of the present invention provides an installation package privacy permission scanning method, including:
s401, obtaining an apk android installation package to be installed on user equipment (such as a smart phone, a tablet computer and the like);
s402, converting the program code of android installation to be installed to obtain a java source code corresponding to the apk android installation package. Specifically, the apk suffix can be modified into a suffix format which can be identified by decompression software such as zip and rar, the preset decompression software is used for decompressing the installation package with the modified suffix name to obtain a dex file, the first preset tool is used for converting the dex file into a jar file, and the second preset tool is used for converting the jar file into a java source code.
And S403, scanning and retrieving preset keywords for the java source code.
The user can customize a preset keyword or a preset key field corresponding to the sensitive permission list in software, and the common sensitive permission list comprises the following steps: the method comprises the steps of obtaining a device ID, obtaining a device Mac, obtaining contact person information, obtaining a call record, obtaining memory information, obtaining position information, carrying out screen capture operation and automatic recording, modifying system setting and the like. The keyword or the key field corresponding to each sensitive permission may be set in advance, for example, a preset keyword "getdeviceild" corresponding to the obtaining device ID is set, and in the process of scanning and retrieving the android installation package, it is identified whether the source code of the android installation package includes "getdeviceild" or a preset keyword corresponding to the obtaining sensitive information or the sensitive permission.
S404, when the preset keyword is searched, the android installation package is judged to have the permission of acquiring the sensitive information. For example, the preset keyword includes "getdeviceipid", and when scanning and retrieving the android installation package, it is recognized that the source code of the installation package includes "getdeviceipid", it may be determined that the android installation package has the authority to acquire sensitive information.
S405, outputting security risk prompt information and providing corresponding operation options, and if the following risks exist in the apk installation package, displaying the following prompt information on an interface: 1. the application is displayed on top of other applications; 2. modifying or deleting the content in the SD card; 3. taking a picture and recording a video; 4. reading the content in the SD card; 5. acquiring an equipment identification code and a state; 6. modify system settings, etc. And giving options such as 'allow', 'forbid', 'modify', or 'delete' after each reminding message, if the user selects 'allow', the android installation package can be further installed, if 'forbid', the android installation package can not be installed continuously, or related functions can not be executed even if the installation is carried out, if the user selects 'modify' or 'delete', the installation of the apk can be carried out continuously after the code of the android installation package is modified or partially deleted.
S406, if the java source code is identified to comprise the code the meaning of which cannot be identified, performing secondary identification or outputting a corresponding prompt on a graphical user interface, wherein the prompt information can comprise 'installation package risk exists, please confirm whether to continue installation', if the user selects to continue installation, continuing to install the apk installation package, and if the user selects to stop installation, stopping installation of the apk installation package.
S407, if the android installation package is identified to have neither preset keywords nor codes which cannot identify the meanings of the preset keywords, the android installation package can be automatically continuously installed.
In the embodiment of the invention, the source code of the android installation package can be scanned, whether the source code comprises the preset keywords or not is identified, whether the installation package can acquire the sensitive information in the user equipment or not is identified, and if the android installation package has the authority of acquiring the sensitive information, the risk prompt information is output and operation options can be provided for a user so that the user can select whether to continue to install the apk installation package or not; if some codes which can not identify the meanings of the codes are identified, secondary identification is carried out to confirm whether the codes have risks or not again, suspicious information can be prompted to a user, so that the user can continuously install the apk installation package or prevent the installation of the apk installation package when selecting, and the installation of the apk installation package can be automatically continuously executed as long as the codes which can not acquire the sensitive privacy authority of the user and the suspicious codes which can not identify the meanings of the apk installation package are identified, so that the privacy of the user can be guaranteed, the sensitive or private information can be prevented from being illegally acquired, and the safety is improved.
EXAMPLE five
As shown in fig. 6, with reference to the foregoing embodiment, a fifth embodiment of the present invention provides an installation package privacy authority scanning apparatus, which is configured to execute the installation package privacy authority scanning method in the foregoing embodiment. The installation package privacy authority scanning device comprises: the system comprises a sensitive authority acquisition module 100, a function name acquisition module 200, a keyword selection module 300, an installation package acquisition and conversion module 400, a scanning retrieval module 500 and a judgment module 600.
The sensitive permission obtaining module 100 is configured to obtain a sensitive permission list preset in the intelligent terminal.
The function name obtaining module 200 is configured to obtain an aggregate of function names corresponding to each sensitive permission list.
The keyword selection module 300 is configured to use an aggregate of function names of the preset sensitive permission list as a preset keyword.
The installation package obtaining and converting module 400 is configured to obtain an apk android installation package, and convert a code set of the apk installation package to obtain a java source code corresponding to the apk android installation package.
The scanning and retrieving module 500 is configured to perform preset keyword scanning and retrieving on the java source code. The preset keyword may be customized by a user, for example, the keyword for obtaining the device ID is "getdeviceipid", and the scan retrieval module 500 may identify whether there is the preset keyword "getdeviceipid" in the Java source code during the preset keyword scan retrieval of the Java source code.
The determining module 600 is configured to determine that the android installation package has an authority to acquire the sensitive information when the preset keyword is retrieved. For example, if a preset keyword "getdeviceid" or other preset keywords for acquiring sensitive privacy authority is identified in the Java source code, it is determined that the android installation package has the authority for acquiring sensitive information. The installation package obtaining and converting module 400 specifically includes: a suffix name modification unit 401, a decompression operation unit 402, a first conversion unit 403, and a second conversion unit 404.
The suffix name modifying unit 401 is configured to modify a suffix name of the installation package so as to be recognizable by preset decompression software; in particular, the apk suffix may be modified into a suffix format recognizable by zip, rar, etc. decompression software.
The decompression operation unit 402 is configured to perform a decompression operation on the modified suffix name installation package by using preset decompression software to obtain a dex file; for example, after an apk packet is modified and fixed to zip, decompression is performed to obtain file directories such as META-INF, res, classes. The suffix name of the apk installation package can be changed into rar or the suffix name which can be identified by other decompression software, and then the decompression software of the system is used for decompressing the installation package with the changed suffix name to obtain the corresponding file and folder.
The first converting unit 403 is configured to convert the dex file into a jar file by using a first preset tool; specifically, class.
The second conversion unit 404 converts the jar file into a java source code by using a second preset tool, and specifically may convert all class files in the classes.
The installation package privacy authority scanning device may further include a sensitive authority prompting module 700, a code modifying module 800, and a compiling and packaging module 900.
The sensitive permission prompting module 700 is configured to display the preset keyword of the permission to acquire the sensitive information retrieved from the installation package to the user through a graphical interface, and provide operation prompting information for subsequent operations of each piece of sensitive permission information. If the following risks are identified in the apk installation package, the following information or list of information is presented on the interface: 1. the application is displayed on top of other applications; 2. modifying or deleting the content in the SD card; 3. taking a picture and recording a video; 4. reading the content in the SD card; 5. acquiring an equipment identification code and a state; 6. modify system settings, etc. And giving options such as 'allow', 'forbid', 'modify', or 'delete' after each reminding message, if the user selects 'allow', the android installation package can be further installed, if 'forbid', the android installation package can not be installed continuously, or related functions can not be executed even if the installation is carried out, if the user selects 'modify' or 'delete', the installation of the apk can be carried out continuously after the code of the android installation package is modified or partially deleted.
The code modification module 800 is configured to respond to an operation of a user on a graphical interface, and perform corresponding modification on java source code. Specifically, in response to a user operating the graphical interface, for example, the user selecting a "modify" option, the java source code may be modified accordingly. The modification may be that the code is annotated out using "//", at key code in function statements with sensitive permissions, and the compiler discards directly for a certain segment of code starting with "//", when the compiler compiles. The segment of code is functionally disabled, corresponding to the code being annotated. And (4) performing targeted annotation shielding on the functional statement of the sensitive permission operation according to the requirement of the software per se. The java source code can be correspondingly modified through AI artificial intelligence. The relevant record information of the modification mask code operation can be recorded into a txt document of the authority specification.
The compiling and packaging module 900 is configured to recompile and package the modified java source code to generate a new android software apk package.
In the embodiment of the invention, the new installation software package is generated, and because the function of the sensitive authority which is not needed by the user is annotated in the code, the risk of acquiring the sensitive information of the user does not exist. And the actual requirements of the user are met. The associated recompiled package information may also be recorded in the txt document of the rights expression. And detecting that a sensitive function (such as functions for acquiring device ID information, such as getDeviceId, getDeviceID and the like) appears in the source code, automatically annotating the line where the source code is located, and after masking the function of the line of code, recompiling to generate a new apk installation package. the txt document makes a detailed record for each operation of the apk. The user can view the code mask modification information before and after the sensitive authority information is displayed through the document.
In addition, the present invention also provides a computer device, as shown in fig. 7, the computer device includes a memory 10 and a processor 20, the memory 10 may be used to store a computer program, and the processor 20 may execute the computer program, so that the computer device performs the functions of the installation package privacy authority scanning method or the modules in the installation package privacy authority scanning apparatus.
The memory may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the computer device, and the like. Further, the memory may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
The embodiment also provides a computer storage medium for storing a computer program used in the computer device.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative and, for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, each functional module or unit in each embodiment of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention or a part of the technical solution that contributes to the prior art in essence can be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a smart phone, a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A method for scanning privacy authorities of an installation package is characterized by comprising the following steps:
acquiring a preset sensitive authority list in an intelligent terminal;
acquiring an aggregation of function names corresponding to each sensitive authority list;
taking an aggregate of function names of the preset sensitive permission list as a preset keyword;
acquiring an apk android installation package, and converting the apk android installation package to obtain a corresponding java source code;
scanning and retrieving preset keywords for the java source codes;
and when the preset keyword is retrieved, judging that the android installation package has the authority of acquiring the sensitive information.
2. The method for scanning the privacy authority of the installation package according to claim 1, wherein the obtaining of the apk android installation package and the converting of the apk android installation package to obtain the corresponding java source code specifically comprise:
modifying the suffix name of the android installation package into a format which can be identified by preset decompression software;
decompressing the android installation package with the modified suffix name by using preset decompressing software to obtain a dex file;
converting the dex file into a jar file by using a first preset tool;
and converting the jar file into java source code by using a second preset tool.
3. The installation package privacy permission scanning method according to claim 1, wherein after determining that the android installation package has permission to acquire sensitive information, the method further comprises:
displaying preset keywords which are searched in the installation package and used for reflecting the permission of obtaining the sensitive information to a user through a graphical interface, and giving operation prompt information for subsequent operation of each piece of sensitive permission information;
responding to the operation of a user on the graphical interface, and correspondingly modifying the java source code;
and recompiling and packaging the modified java source codes to generate a new android software apk package.
4. The installation package privacy permission scanning method according to claim 1, wherein after determining that the android installation package has permission to acquire sensitive information, the method further comprises:
determining the directory position of the android installation package;
and generating a corresponding txt document at the directory position according to the sensitive permission list, wherein the document is used for recording the related content of the sensitive permission.
5. The installation package privacy permission scanning method according to claim 4, wherein after determining that the android installation package has permission to acquire sensitive information, the method further comprises:
receiving a selection instruction of a user, wherein the selection instruction is an instruction for selecting a sensitive authority from the sensitive authority list by the user;
determining a function statement corresponding to the selected sensitive permission;
performing shielding annotation on the function statement;
and recording the relevant information generated by the shielding annotation in the txt document.
6. The installation package privacy authority scanning method according to claim 1, wherein the sensitive authority list includes: the method comprises the steps of obtaining a device ID, obtaining a device Mac, obtaining contact person information, obtaining a call record, obtaining memory information, obtaining position information, performing screen capture operation and automatically recording.
7. An installation package privacy authority scanning device, comprising:
the sensitive authority acquisition module is used for acquiring a sensitive authority list preset in the intelligent terminal;
the function name acquisition module is used for acquiring an aggregation of function names corresponding to each sensitive authority list;
the keyword selection module is used for taking the aggregation of the function names of the preset sensitive authority list as a preset keyword;
the installation package obtaining and converting module is used for obtaining an apk android installation package and converting the apk android installation package to obtain a corresponding java source code;
the scanning retrieval module is used for scanning and retrieving preset keywords for the java source codes;
and the judging module is used for judging that the android installation package has the permission to acquire the sensitive information when the preset keywords are retrieved.
8. The installation package privacy authority scanning device according to claim 7, wherein the obtaining and converting module specifically includes:
a suffix name modifying unit, configured to modify a suffix name of the android installation package into a format that can be recognized by preset decompression software;
the decompression operation unit is used for carrying out decompression operation on the android installation package with the modified suffix name by utilizing preset decompression software to obtain a dex file;
the first conversion unit is used for converting the dex file into the jar file by using a first preset tool;
and the second conversion unit is used for converting the jar file into the java source code by using a second preset tool.
9. A computer device comprising a memory for storing a computer program and a processor for executing the computer program to cause the computer device to perform the installation package privacy authority scanning method of any one of claims 1 to 6.
10. A computer-readable storage medium, characterized in that it stores the computer program used by the computer device of claim 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911348222.1A CN111143831A (en) | 2019-12-24 | 2019-12-24 | Installation package privacy permission scanning method and device and computer equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911348222.1A CN111143831A (en) | 2019-12-24 | 2019-12-24 | Installation package privacy permission scanning method and device and computer equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111143831A true CN111143831A (en) | 2020-05-12 |
Family
ID=70519666
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911348222.1A Pending CN111143831A (en) | 2019-12-24 | 2019-12-24 | Installation package privacy permission scanning method and device and computer equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111143831A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113886584A (en) * | 2020-11-10 | 2022-01-04 | 支付宝(杭州)信息技术有限公司 | Information detection method, device and equipment for application program |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102867143A (en) * | 2012-08-22 | 2013-01-09 | 中国科学技术大学 | Quick filtering method for malicious application programs |
| CN103067391A (en) * | 2012-12-28 | 2013-04-24 | 广东欧珀移动通信有限公司 | Method, system and device of malicious permission detection |
| CN104462970A (en) * | 2014-12-17 | 2015-03-25 | 中国科学院软件研究所 | Android application program permission abuse detecting method based on process communication |
| CN108073813A (en) * | 2017-12-06 | 2018-05-25 | 西安科技大学 | A kind of Android application programs, which are overflow, weighs Hole Detection and malicious act recognition methods |
| CN109522719A (en) * | 2018-11-29 | 2019-03-26 | 北京梆梆安全科技有限公司 | Reinforcing detection method, device and the mobile terminal of application installation package |
-
2019
- 2019-12-24 CN CN201911348222.1A patent/CN111143831A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102867143A (en) * | 2012-08-22 | 2013-01-09 | 中国科学技术大学 | Quick filtering method for malicious application programs |
| CN103067391A (en) * | 2012-12-28 | 2013-04-24 | 广东欧珀移动通信有限公司 | Method, system and device of malicious permission detection |
| CN104462970A (en) * | 2014-12-17 | 2015-03-25 | 中国科学院软件研究所 | Android application program permission abuse detecting method based on process communication |
| CN108073813A (en) * | 2017-12-06 | 2018-05-25 | 西安科技大学 | A kind of Android application programs, which are overflow, weighs Hole Detection and malicious act recognition methods |
| CN109522719A (en) * | 2018-11-29 | 2019-03-26 | 北京梆梆安全科技有限公司 | Reinforcing detection method, device and the mobile terminal of application installation package |
Non-Patent Citations (2)
| Title |
|---|
| 平淡;: "DIY安卓手机隐私防火墙", 电脑爱好者, no. 09, pages 50 - 51 * |
| 朱旭超;徐建;: "基于smali注入的敏感API拦截方法研究", 计算机与数字工程, no. 11, pages 137 - 141 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113886584A (en) * | 2020-11-10 | 2022-01-04 | 支付宝(杭州)信息技术有限公司 | Information detection method, device and equipment for application program |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9824212B2 (en) | Method and system for recognizing advertisement plug-ins | |
| Cahyani et al. | Forensic data acquisition from cloud‐of‐things devices: windows Smartphones as a case study | |
| CN108763951B (en) | Data protection method and device | |
| CN104392176A (en) | Mobile terminal and method for intercepting device manager authority thereof | |
| CN115221524B (en) | Service data protection method, device, equipment and storage medium | |
| CN110727941A (en) | Private data protection method and device, terminal equipment and storage medium | |
| CN112199720A (en) | Authority monitoring processing method, device, computer equipment and medium | |
| CN111597553A (en) | Process processing method, device, equipment and storage medium in virus searching and killing | |
| CN111143831A (en) | Installation package privacy permission scanning method and device and computer equipment | |
| KR101130088B1 (en) | Malware detecting apparatus and its method, recording medium having computer program recorded | |
| CN111460448B (en) | Malicious software family detection method and device | |
| CN110348226B (en) | Engineering file scanning method and device, electronic equipment and storage medium | |
| CN106203148B (en) | Unauthorized data access blocking method and computing device with unauthorized data access blocking function | |
| CN111222122A (en) | Application authority management method and device and embedded equipment | |
| CN111274556A (en) | Code obfuscation method, device and storage medium | |
| CN115114646B (en) | File authority processing method and device and storage medium | |
| US20190318120A1 (en) | Data loss prevention | |
| CN114116399B (en) | Monitoring method, device, equipment and medium for third party SDK in application | |
| JP5828457B2 (en) | API execution control device and program | |
| CN115098877A (en) | File encryption and decryption method and device, electronic equipment and medium | |
| Khan et al. | COMPARATIVE STUDY OF VARIOUS DIGITAL FORENSICS LOGICAL ACQUISITION TOOLS FOR ANDROID SMARTPHONE'S INTERNAL MEMORY: A CASE STUDY OF SAMSUNG GALAXY S5 AND S6. | |
| CN115310059A (en) | Data security processing method and device | |
| JP2008234539A (en) | Information processing apparatus, file processing method and program | |
| US11436331B2 (en) | Similarity hash for android executables | |
| CN109948341B (en) | File scanning method, system, device and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |