CN111246457A - Application program checking method and device and client - Google Patents
Application program checking method and device and client Download PDFInfo
- Publication number
- CN111246457A CN111246457A CN201911396165.4A CN201911396165A CN111246457A CN 111246457 A CN111246457 A CN 111246457A CN 201911396165 A CN201911396165 A CN 201911396165A CN 111246457 A CN111246457 A CN 111246457A
- Authority
- CN
- China
- Prior art keywords
- network request
- network
- request object
- application program
- checking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/30—Security of mobile devices; Security of mobile applications
- H04W12/37—Managing security policies for mobile devices or for controlling mobile applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/128—Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Debugging And Monitoring (AREA)
Abstract
The application relates to an application program checking method, an application program checking device, electronic equipment and a storage medium, wherein the method comprises the following steps: checking a first network request object in a third party library of applications; when the first network request object is determined to belong to a preset class, acquiring a first network request corresponding to the first network request object; disabling the first network request. The technical scheme is that whether an illegal network request object exists in the application program third-party library is checked, and if the illegal network request object exists, the network request corresponding to the object is forbidden subsequently. In this way, for the application program with abnormal traffic, the application program is not directly closed, but only the unallowed network request is forbidden, and the use of the normal function service related to the application program network is ensured while the network traffic consumption is reduced.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to an application program checking method, an application program checking device, and a client.
Background
With the rapid increase of the network speed of the 4G/5G mobile terminal and the rapid development of the intelligent terminal equipment technology, the mobile phone has rapidly entered our lives. Many applications (applications) on the intelligent terminal device are developed by using libraries which are integrated and packaged by a third party, and the interfaces and functions of the applications are directly called on the terminal of the intelligent terminal device. The third-party library is developed and realized by an external team, so that a plurality of security risks, such as Trojan horse virus carrying or illegal use of network traffic, are inevitable in the use process. If the third-party library illegally uses the network flow, the flow consumption of the intelligent terminal equipment is caused under the condition that the user is unknown, and the user loss is caused.
In the face of this problem, general antivirus software or independent traffic monitoring software can only detect which application uses the network in a general manner, and then forcibly turn off the service or process corresponding to the application, so that some purposes of saving traffic are achieved, but accurate positioning cannot be achieved. Since the legitimate network requests of the application are also disabled, it may cause the normal functions and services associated with the application network to be unavailable.
Disclosure of Invention
In order to solve the technical problem that the application program is directly forbidden to use the network, and the normal functions and services related to the application program network cannot be used, the embodiment of the application provides an application program checking method, an application program checking device and a client.
In a first aspect, an embodiment of the present application provides an application program checking method, including:
checking a first network request object in a third party library of applications;
when the first network request object is determined to belong to a preset class, acquiring a first network request corresponding to the first network request object;
disabling the first network request.
The checking a first network request object in a third party library of applications, comprising:
determining a third-party library corresponding to the application program;
retrieving the first network request object from the third party repository;
or the like, or, alternatively,
the checking a first network request object in a third party library of applications, comprising:
retrieving a network request object in the application;
and when the network request object belongs to the third-party library, determining that the network request object is the first network request object.
Optionally, when it is determined that the first network request object does not belong to the preset class, the method further includes:
acquiring a first network limiting condition;
processing the first network request according to the first network restriction condition.
Optionally, the method further includes:
checking a second network request object in a code area of the application;
and when a second network request corresponding to the second network request object exists, processing the second network request according to a second network limiting condition.
Optionally, before the checking the first network request object in the third-party library of the application program, the method further includes:
judging whether a preset checking condition is triggered or not, wherein the preset checking condition comprises at least one of the following items: the third party library is used and network traffic is abnormal;
when the preset checking condition is triggered, executing the step of checking the first network request object in the third-party library of the application program.
Optionally, the disabling the first network request includes:
invoking a method to stop using the first network request in a background of the application and/or a lifecycle of the application.
In a second aspect, an embodiment of the present application provides an application program inspection apparatus, including:
the checking module is used for checking a first network request object in a third-party library of the application program;
the acquisition module is used for acquiring a first network request corresponding to the first network request object when the first network request object is determined to belong to a preset class;
a disabling module to disable the first network request.
In a third aspect, an embodiment of the present application provides a client, including the application program inspection device in the foregoing embodiment.
In a fourth aspect, an embodiment of the present application provides an electronic device, including: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;
the memory is used for storing a computer program;
the processor is configured to implement the above method steps when executing the computer program.
In a fifth aspect, embodiments of the present application provide a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the above-mentioned method steps.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages:
and checking whether an illegal network request object exists in the application program third-party library, and if so, subsequently forbidding a network request corresponding to the object. In this way, for the application program with abnormal traffic, the application program is not directly closed, but only the unallowed network request is forbidden, and the use of the normal function service related to the application program network is ensured while the network traffic consumption is reduced.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.
Fig. 1 is a flowchart of an application program checking method according to an embodiment of the present application;
FIG. 2 is a flowchart of an application program inspection method according to another embodiment of the present application;
FIG. 3 is a flowchart of an application program inspection method according to another embodiment of the present application;
fig. 4 is a block diagram of an application program inspection apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In this embodiment, the inspection of the application is based on the code level inspection, and more accurate control of the application can be achieved.
The embodiment of the application searches the network request object in the third-party library in the application program, and once an illegal network request object is found, the network request corresponding to the network request is forbidden. Therefore, the reasonable monitoring of the network flow of the application program is realized, and the influence on the use of the normal functions and services related to the application program network is avoided.
First, an application program checking method provided by an embodiment of the present invention is described below.
Fig. 1 is a flowchart of an application program checking method according to an embodiment of the present application. As shown in fig. 1, the method comprises the steps of:
step S11, the first network request object in the third party library of applications is checked.
Optionally, the third-party library may include a class library that needs to be installed to be called, except for the local class library and the system class library; all unauthorized class libraries with security risks can also be used as third-party libraries; or the class library included in the third-party library may be preset by the developer.
The network request object in this embodiment refers to an instance related to a network request, and stores member variables, constants, and the like for the network request.
Step S12, when it is determined that the first network request object belongs to the preset class, obtain a first network request corresponding to the first network request object.
The preset class may include variables and constants related to the network request, such as okhttpparent, Retrofit, http connection, and other related instance data. If the first network request object belongs to the preset class, the third party stores illegal and unauthorized network connection condition.
Step S13, the first network request is disabled.
Optionally, disabling the first network request may include invoking a method to stop using the first network request in the background of the application and/or during a lifecycle of the application.
In this embodiment, whether an illegal network request object exists in the third-party library of the application program is checked, and if the illegal network request object exists, the network request corresponding to the object is subsequently disabled. In this way, for the application program with abnormal traffic, the application program is not directly closed, but only the unallowed network request is forbidden, and the use of the normal function service related to the application program network is ensured while the network traffic consumption is reduced.
In addition, in this embodiment, the object related to the network request in the third-party library of the application program is checked based on the code, and the corresponding network request is disabled based on the object requested by the network, so that the network control on the application program is more accurate and effective.
Fig. 2 is a flowchart of an application checking method according to another embodiment of the present application, and as shown in fig. 2, when it is determined that the first network request object does not belong to the preset class, that is, the network request object is legal, the method further includes:
step S21, acquiring a first network restriction condition;
step S22, the first network request is processed according to the first network restriction condition.
Wherein the first network restriction condition may include: a limit on the number of network requests and/or a limit on the amount of data uploaded for transmission.
For example, the limit on the number of network requests may be an upper limit of the number of requests allowed per unit time, and if the upper limit of the number of requests is exceeded, the network requests are queued for processing.
In this embodiment, for legal and allowed network requests in the third-party library, it is also limited, and the number of network requests, the amount of transmitted data, and the like are controlled. In this way, the third-party library is further controlled to use the network, and the consumption of network traffic is reduced.
For the checked network request object in the third-party library, whether the network request object is processed can be determined according to whether the network request object is legal or not, and the network requests in all the third-party libraries can be directly forbidden.
Optionally, the step S11 may have the following two implementation manners:
(1) the network request object is retrieved directly from the third party repository.
The step S11 includes: determining a third-party library corresponding to the application program; the first network request object is retrieved from a third party repository.
(2) And retrieving all network request objects of the application program, and selecting the network request object corresponding to the third-party library.
The step S11 includes: retrieving a network request object in an application; and when the network request object belongs to the third-party library, determining the network request object as the first network request object.
In another embodiment, in addition to the third party library, there are network requests in the code region for the application, which correspond to the normal network-related functions and services of the application, and therefore, these network requests should be processed normally.
The method further comprises the following steps: checking a second network request object in a code area of the application; and when a second network request corresponding to the second network request object exists, processing the second network request according to the second network limiting condition.
The content of the second network restriction condition is similar to the first network display condition, and may be set to be the same or different, or specific parameters of the two restriction conditions may be set to be different according to requirements.
In this embodiment, the normal and legal network requests are also limited, and the number of network requests, the amount of data transmitted, and the like are controlled. In this way, the application program is further controlled to reduce the consumption of network traffic for using the network.
The embodiment can be applied to the development stage of the application program and also can be applied to the actual use stage of the application program. The conditions for triggering the check differ at different stages using the method of the present embodiment.
Before the step S11, the method further includes: judging whether a preset checking condition is triggered or not, wherein the preset checking condition comprises at least one of the following items: third party libraries are used and network traffic is abnormal; when the preset check condition is triggered, step S11 is executed.
In the development stage of the application program, the preset check condition is that the third-party library is used, namely when it is monitored that a developer calls the third-party library in the code, the check of the application program is triggered. In the actual use stage of the application program, the preset check condition may be a network traffic exception, and the network traffic exception may include, but is not limited to, any of the following cases:
the network traffic of the application exceeds a threshold;
monitoring the network flow used by a background interface corresponding to the third-party library;
the total network flow of the intelligent terminal equipment exceeds a threshold value.
In the whole life cycle of the application program, the method of the embodiment can control the use condition of the application program to the network, disable illegal network requests of the third-party library of the application program, and limit the legal and normal network requests of the application program. Therefore, the consumption of the network flow by the application program is effectively controlled.
In addition to the trigger based on the preset check condition, the application program may be checked periodically, that is, the application program may be checked at certain intervals. Or, after the application program is checked based on the preset checking condition, if an illegal network request object in the third-party library is found, the illegal network request object is forbidden, and then the whole application program is checked again to prevent missing check until the illegal network request object is not found finally.
The following describes the flow of the application program inspection method in detail.
Fig. 3 is a flowchart of an application program checking method according to another embodiment of the present application. As shown in fig. 3, the method further comprises the steps of:
step S31, monitoring the use condition of the third-party library and the network flow condition;
step S32, judging whether the preset check condition is triggered, if yes, executing step S33, if no, returning to step S31;
step S33, searching the network request object in the application program;
step S34, judging whether the network request object belongs to the third party library; if yes, go to step S35, if no, go to step S37;
step S35, judging whether the network request object belongs to the preset class; if yes, go to step S36, if no, go to step S37;
step S36, forbidding the network request corresponding to the network request object;
step S37, the network request corresponding to the network request object is processed according to the network restriction condition.
In the above example, when an illegal network request object is detected or there is no network connection requirement, the network request is not initialized and executed, and only the corresponding network request is initialized and processed for the legal network request object.
Therefore, whether the network requests in the application program are allowed to access the network or not is judged respectively for each network request in the application program, the illegal network requests in the third-party library are forbidden, the application program is not closed and forbidden as a whole, and therefore the consumption of network flow is reduced, and meanwhile the use of normal function services related to the application program network is guaranteed.
The following are embodiments of the apparatus of the present application that may be used to perform embodiments of the method of the present application.
Fig. 4 is a block diagram of an application program checking apparatus provided in an embodiment of the present application, which may be implemented as part of or all of an electronic device through software, hardware, or a combination of the two. As shown in fig. 4, the application program inspection apparatus includes:
a checking module 41 for checking the first network request object in the third party library of the application;
an obtaining module 42, configured to obtain a first network request corresponding to the first network request object when it is determined that the first network request object belongs to a preset class;
a disabling module 43 for disabling the first network request.
Optionally, the apparatus embodiment further includes a plurality of modules for implementing the method embodiment.
The embodiment further provides a client, which includes the above application program checking device, and is used for implementing the above method embodiment. The client can be located on the intelligent terminal device.
An embodiment of the present application further provides an electronic device, as shown in fig. 5, the electronic device may include: the system comprises a processor 1501, a communication interface 1502, a memory 1503 and a communication bus 1504, wherein the processor 1501, the communication interface 1502 and the memory 1503 complete communication with each other through the communication bus 1504.
A memory 1503 for storing a computer program;
the processor 1501, when executing the computer program stored in the memory 1503, implements the steps of the method embodiments described below.
The communication bus mentioned in the electronic device may be a peripheral component interconnect (pci) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the electronic equipment and other equipment.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
The present application also provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method embodiments described below.
It should be noted that, for the above-mentioned apparatus, electronic device and computer-readable storage medium embodiments, since they are basically similar to the method embodiments, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiments.
It is further noted that, herein, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The foregoing are merely exemplary embodiments of the present invention, which enable those skilled in the art to understand or practice the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. An application program inspection method, comprising:
checking a first network request object in a third party library of applications;
when the first network request object is determined to belong to a preset class, acquiring a first network request corresponding to the first network request object;
disabling the first network request.
2. The method of claim 1, wherein inspecting the first web request object in the third party library of applications comprises:
determining a third-party library corresponding to the application program;
retrieving the first network request object from the third party repository;
or the like, or, alternatively,
the checking a first network request object in a third party library of applications, comprising:
retrieving a network request object in the application;
and when the network request object belongs to the third-party library, determining that the network request object is the first network request object.
3. The method of claim 1, wherein when it is determined that the first network request object does not belong to the preset class, the method further comprises:
acquiring a first network limiting condition;
processing the first network request according to the first network restriction condition.
4. The method of claim 1, further comprising:
checking a second network request object in a code area of the application;
and when a second network request corresponding to the second network request object exists, processing the second network request according to a second network limiting condition.
5. The method of claim 1, wherein prior to said inspecting the first network request object in the third party library of applications, the method further comprises:
judging whether a preset checking condition is triggered or not, wherein the preset checking condition comprises at least one of the following items: the third party library is used and network traffic is abnormal;
when the preset checking condition is triggered, executing the step of checking the first network request object in the third-party library of the application program.
6. The method of claim 1, wherein the disabling the first network request comprises:
invoking a method to stop using the first network request in a background of the application and/or a lifecycle of the application.
7. An application program inspection apparatus, comprising:
the checking module is used for checking a first network request object in a third-party library of the application program;
the acquisition module is used for acquiring a first network request corresponding to the first network request object when the first network request object is determined to belong to a preset class;
a disabling module to disable the first network request.
8. A client, characterized in that it comprises the apparatus of claim 7.
9. An electronic device, comprising: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;
the memory is used for storing a computer program;
the processor, when executing the computer program, implementing the method steps of any of claims 1-6.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method steps of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911396165.4A CN111246457A (en) | 2019-12-30 | 2019-12-30 | Application program checking method and device and client |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911396165.4A CN111246457A (en) | 2019-12-30 | 2019-12-30 | Application program checking method and device and client |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111246457A true CN111246457A (en) | 2020-06-05 |
Family
ID=70865837
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911396165.4A Pending CN111246457A (en) | 2019-12-30 | 2019-12-30 | Application program checking method and device and client |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111246457A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103905641A (en) * | 2014-03-19 | 2014-07-02 | 奉化波导软件有限公司 | Method for preventing loss of cell phone traffic |
| CN106446672A (en) * | 2016-07-25 | 2017-02-22 | 中国科学院大学 | Privilege isolation method and device of Android third-party class library |
| CN108667802A (en) * | 2018-03-30 | 2018-10-16 | 全球能源互联网研究院有限公司 | A kind of monitoring method and system of electric power application network safety |
| US10291538B2 (en) * | 2016-03-21 | 2019-05-14 | Alibaba Group Holding Limited | Flow control in connection with an access request |
-
2019
- 2019-12-30 CN CN201911396165.4A patent/CN111246457A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103905641A (en) * | 2014-03-19 | 2014-07-02 | 奉化波导软件有限公司 | Method for preventing loss of cell phone traffic |
| US10291538B2 (en) * | 2016-03-21 | 2019-05-14 | Alibaba Group Holding Limited | Flow control in connection with an access request |
| CN106446672A (en) * | 2016-07-25 | 2017-02-22 | 中国科学院大学 | Privilege isolation method and device of Android third-party class library |
| CN108667802A (en) * | 2018-03-30 | 2018-10-16 | 全球能源互联网研究院有限公司 | A kind of monitoring method and system of electric power application network safety |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10893068B1 (en) | Ransomware file modification prevention technique | |
| CN108664793B (en) | Method and device for detecting vulnerability | |
| US20140013429A1 (en) | Method for processing an operating application program and device for the same | |
| CN110417778B (en) | Access request processing method and device | |
| CN111782416B (en) | Data reporting method, device, system, terminal and computer readable storage medium | |
| CN113489713B (en) | Network attack detection method, device, equipment and storage medium | |
| KR20140098025A (en) | System and Method For A SEcurity Assessment of an Application Uploaded to an AppStore | |
| CN112181541A (en) | Data processing method and device, electronic equipment and storage medium | |
| CN112291258B (en) | Gateway risk control method and device | |
| CN115348086B (en) | Attack protection method and device, storage medium and electronic equipment | |
| CN107103243B (en) | Vulnerability detection method and device | |
| KR100916324B1 (en) | The method, apparatus and system for managing malicious code spreading site using fire wall | |
| CN113987468A (en) | Security check method and security check device | |
| CN111949421B (en) | SDK calling method, device, electronic equipment and computer readable storage medium | |
| CN111783087A (en) | Method and device for detecting malicious execution of executable file, terminal and storage medium | |
| CN111131166B (en) | User behavior prejudging method and related equipment | |
| CN112231699A (en) | Interception method and device for reading function, electronic equipment and computer readable medium | |
| CN111246457A (en) | Application program checking method and device and client | |
| CN111639341B (en) | Malicious program detection method and device, electronic equipment and storage medium | |
| CN107818260B (en) | Method and device for guaranteeing system safety | |
| CN106709331B (en) | Message hook injection prevention method and device and client | |
| CN113836529A (en) | Process detection method, device, storage medium and computer equipment | |
| CN111259392B (en) | Kernel module-based malicious software interception method and device | |
| CN113518055A (en) | Data security protection processing method and device, storage medium and terminal | |
| CN111783091A (en) | Malicious process detection method, device, terminal and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200605 |