CN112948816A - System authority determination method and device, storage medium and electronic equipment - Google Patents
System authority determination method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN112948816A CN112948816A CN201911259946.9A CN201911259946A CN112948816A CN 112948816 A CN112948816 A CN 112948816A CN 201911259946 A CN201911259946 A CN 201911259946A CN 112948816 A CN112948816 A CN 112948816A
- Authority
- CN
- China
- Prior art keywords
- file
- authority
- target
- application program
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000000034 method Methods 0.000 title claims abstract description 64
- 238000009434 installation Methods 0.000 claims abstract description 63
- 238000012549 training Methods 0.000 claims abstract description 43
- 230000006835 compression Effects 0.000 claims description 17
- 238000007906 compression Methods 0.000 claims description 16
- 238000013526 transfer learning Methods 0.000 claims description 8
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 claims description 3
- 238000010801 machine learning Methods 0.000 abstract description 4
- 239000008186 active pharmaceutical agent Substances 0.000 description 14
- 238000010586 diagram Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 6
- 238000012545 processing Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 3
- 230000006837 decompression Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- VYZAMTAEIAYCRO-UHFFFAOYSA-N Chromium Chemical compound [Cr] VYZAMTAEIAYCRO-UHFFFAOYSA-N 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 229910052804 chromium Inorganic materials 0.000 description 1
- 239000011651 chromium Substances 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides a method and a device for determining system permission, a storage medium and electronic equipment. And then determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name. And then, judging whether the interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to the target authority feature file. And training a pre-training model into a target model based on the installation package file and the target authority feature file, finally, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined. Therefore, the protected permission list is extracted from the installation package file in a machine learning mode, accuracy can be guaranteed, efficiency can be improved, and cost is reduced.
Description
Technical Field
The invention relates to the technical field of permission detection, in particular to a method and a device for determining system permission, a storage medium and electronic equipment.
Background
With the rapid development of the intelligent device, personal information generated by a user on the intelligent device is more and more, and whether the personal information can be acquired depends on whether the intelligent device starts a corresponding system authority, wherein the system authority may include reading a call record, reading an address book, reading a short message, acquiring location information, and the like.
However, some APPs currently have the unauthorized problems of mandatory authorization, excessive claimed rights, and over-range collection of personal information. Therefore, how to determine a method for determining system permissions can accurately obtain system permissions of APPs so as to further determine whether the APPs override or not is a major technical problem to be solved urgently by those skilled in the art.
Disclosure of Invention
In view of this, the embodiment of the present invention provides a method for determining a system permission, which can accurately obtain the system permission of an APP, so as to further determine whether the APP is unauthorized.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
a method for determining system authority comprises the following steps:
acquiring an installation package file of an application program of which the system authority is to be determined;
determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
training a pre-training model into a target model based on the installation package file and the target authority feature file;
and inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined.
Optionally, the determining, based on the installation package file, an interface called by the application program includes:
determining the format of the installation package file into a file with a preset compression format;
converting the file in the preset compression format into a target file based on a dex2jar tool;
acquiring a virtual machine instruction corresponding to a preset interface call in the target file;
and acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
Optionally, training a pre-training model into a target model based on the installation package file and the target authority feature file includes:
and inputting the target file and the target authority feature file into the pre-training model, and performing transfer learning to generate the target model.
Optionally, the inputting the installation package file of the application program with the system permission to be determined into the target model, and outputting the protected permission list of the application program with the system permission to be determined includes:
and inputting the target file of the application program with the system authority to be determined into the target model, and outputting the protected authority list by the target model.
An apparatus for determining system permissions, comprising:
the acquisition module is used for acquiring an installation package file of an application program of which the system authority is to be determined;
the determining module is used for determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
the judging module is used for judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
the training module is used for training a pre-training model into a target model based on the installation package file and the target authority feature file;
and the output module is used for inputting the installation package file of the application program with the system authority to be determined into the target model and outputting the protected authority list of the application program with the system authority to be determined.
Optionally, the determining module includes:
the determining unit is used for determining the format of the installation package file into a file in a preset compression format;
the conversion unit is used for converting the file with the preset compression format into a target file based on a dex2jar tool;
the first obtaining unit is used for obtaining a virtual machine instruction corresponding to a preset interface call in the target file;
and the second acquisition unit is used for acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
Optionally, the training module includes:
and the generating unit is used for inputting the target file and the target authority feature file into the pre-training model, performing transfer learning and generating the target model.
Optionally, the output module includes:
and the output unit is used for inputting the target file of the application program with the system authority to be determined into the target model and outputting the protected authority list by the target model.
A storage medium, characterized in that the storage medium comprises a stored program, wherein when the program runs, a device on which the storage medium is located is controlled to execute any one of the above-mentioned method for determining system authority.
An electronic device comprising at least one processor, and at least one memory, bus connected to the processor; the processor and the memory complete mutual communication through the bus; the processor is configured to call program instructions in the memory to perform any one of the above-described method for determining system permissions.
Based on the technical scheme, the embodiment of the invention provides a method, a device, a storage medium and electronic equipment for determining system permission. Then, based on the installation package file, determining an interface called by the application program, wherein the interface at least comprises an interface class name and a method name. And then, judging whether the interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file. And training a pre-training model to form a target model based on the installation package file and the target authority feature file, finally, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined. Therefore, the protected permission list is extracted from the installation package file in a machine learning mode, accuracy can be guaranteed, efficiency can be improved, and cost is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic flowchart of a method for determining system permissions according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a method for determining system permissions according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a method for determining system permissions according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of a method for determining system permissions according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an apparatus for determining system permissions according to an embodiment of the present invention;
fig. 6 is a hardware architecture diagram of a system for determining system permissions according to an embodiment of the present invention.
Detailed Description
Referring to fig. 1, fig. 1 is a schematic flowchart illustrating a method for determining system permissions according to an embodiment of the present invention, where the method for determining system permissions includes:
s11, acquiring an installation package file of the application program with the system authority to be determined;
in this step, the file with the file format of the apk is searched from all files or files with preset paths of the electronic device, and the installation package file is determined.
And S12, determining the interface called by the application program based on the installation package file.
Wherein the interface includes at least an interface class name and a method name. Specifically, in this embodiment, as shown in fig. 2, an embodiment of the present invention further provides a specific implementation step of determining an interface called by the application program based on the installation package file, where the specific implementation step includes:
s21, determining the format of the installation package file into a file with a preset compression format;
s22, converting the file in the preset compression format into a target file based on a dex2jar tool;
s23, acquiring a virtual machine instruction corresponding to a preset interface call in the target file;
and S24, acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
As mentioned above, the file format of the installation package file of the application program is the.apk, and in the embodiment, the.apk format is firstly modified into a preset compression format, for example, into the.zip format. The file in the preset compression format is decompressed to generate a dex format, where this embodiment does not limit the type of software for decompression, for example, 7z software may be used to decompress the compressed file, and for example, zip compression software may be used to decompress the compressed file.
After decompression processing, a dex2jar tool is used to convert the decompressed file into a target file, such as a smili-formatted file.
And traversing the Smali file to find the Dalvik instruction related to the API call, wherein the Dalvik instruction related to the API call is shown in the following table 1, and acquiring the API called by the application program according to the parameters subsequent to the Dalvik instruction, wherein the API comprises the name of the API class and the name of the method.
TABLE 1
S13, judging whether the interface called by the application program is an interface protected by the authority based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
combining the above steps, after obtaining the API called by the application program, performing string matching on the API, and if the API is an API protected by the authority, storing the protected authority in the authority feature file corresponding to the application program. Therefore, each smali file corresponds to one authority feature file, and all the protected authorities called by the smali files are stored in the authority feature files.
Illustratively, in this embodiment, a list of API protected by rights is preset, and it is assumed that the list includes rights 1, rights 2, rights 3, and rights 4. In this embodiment, the API called by the application program whose system permission is to be determined is permission 1, and since permission 1 belongs to the list of APIs protected by permission, permission 1 is stored in the permission feature file. Similarly, assuming that the API called by the application program whose system permission is to be determined in this embodiment is permission 6, since permission 6 does not belong to the list of APIs protected by permission, permission 6 cannot be stored in the permission feature file, and no processing may be performed.
S14, training a pre-training model into a target model based on the installation package file and the target authority feature file;
s15, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting the protected authority list of the application program with the system authority to be determined.
Specifically, as shown in fig. 3, an embodiment of the present invention provides a specific implementation manner for training a pre-training model into a target model based on the installation package file and the target authority feature file, including the steps of:
and S31, inputting the target file and the target authority feature file into the pre-training model, and performing transfer learning to generate the target model.
Inputting the file in the smali format and the target authority feature file obtained in the step S13 into a pre-training model, for example, inputting the file into a BERT pre-training model, and performing transfer learning to obtain a trained target model.
Correspondingly, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting the protected authority list of the application program with the system authority to be determined, which can also be realized in a manner as shown in fig. 4, includes the steps of:
s41, inputting the target file of the application program with the system authority to be determined into the target model, and outputting the protected authority list by the target model.
Inputting a trained target model into a smali file which is not subjected to authority detection to obtain a protected authority list corresponding to the smali file. The protected rights list may be as follows:
(<analysis.ClassAnalysis Lio/agora/rtc/internal/RtcEngineImpl;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x00000000470FF240>)
(<analysis.ClassAnalysis Lcom/umeng/commonsdk/internal/utils/k;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x00000000452E62E8>)
(<analysis.ClassAnalysis Lcom/shensz/common/permission/request/DefaultBelowMRequest;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x000000001C1AC320>)
(<analysis.ClassAnalysis Lcom/loc/m;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x000000001B0D15F8>)
(<analysis.ClassAnalysis Lcom/shensz/common/permission/SPermissionHelper;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x000000001B541EB8>)
(<analysis.ClassAnalysis Landroid/support/v7/app/TwilightManager;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x0000000019829320>)
(<analysis.ClassAnalysis Lorg/chromium/components/location/LocationUtils;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x0000000066C98A20>)
(<analysis.ClassAnalysis Lcom/loc/ct;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x000000001B091748>)
(<analysis.ClassAnalysis Lcom/umeng/commonsdk/proguard/d;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x0000000045302278>)
therefore, the protected permission list is extracted from the installation package file in a machine learning mode, accuracy can be guaranteed, efficiency can be improved, and cost is reduced.
On the basis of the foregoing embodiment, as shown in fig. 5, an embodiment of the present invention further provides a device for determining system permissions, including:
an obtaining module 51, configured to obtain an installation package file of an application program whose system permission is to be determined;
a determining module 52, configured to determine, based on the installation package file, an interface called by the application program, where the interface includes at least an interface class name and a method name;
a judging module 53, configured to judge whether an interface called by the application is an interface protected by a right based on the interface class name and the method name, and if so, store the right in a target right feature file;
a training module 54, configured to train a pre-training model into a target model based on the installation package file and the target authority feature file;
and the output module 55 is configured to input the installation package file of the application program with the system permission to be determined into the target model, and output a protected permission list of the application program with the system permission to be determined.
Wherein the determining module comprises:
the determining unit is used for determining the format of the installation package file into a file in a preset compression format;
the conversion unit is used for converting the file with the preset compression format into a target file based on a dex2jar tool;
the first obtaining unit is used for obtaining a virtual machine instruction corresponding to a preset interface call in the target file;
and the second acquisition unit is used for acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
On the basis of the above embodiment, the training module in this embodiment may include:
and the generating unit is used for inputting the target file and the target authority feature file into the pre-training model, performing transfer learning and generating the target model.
In addition, the output module may include:
and the output unit is used for inputting the target file of the application program with the system authority to be determined into the target model and outputting the protected authority list by the target model.
The device for determining the system authority comprises a processor and a memory, wherein the acquisition module, the determination module, the judgment module, the training module, the output module and the like are stored in the memory as program units, and the processor executes the program units stored in the memory to realize corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more than one, and the protected permission list is extracted from the installation package file by adjusting kernel parameters, so that the accuracy can be ensured, the efficiency can be improved, and the cost can be reduced.
An embodiment of the present invention provides a storage medium on which a program is stored, where the program, when executed by a processor, implements the method for determining system permissions.
The embodiment of the invention provides a processor, which is used for running a program, wherein the program executes the method for determining the system authority when running.
An embodiment of the present invention provides an apparatus, as shown in fig. 6, the apparatus includes at least one processor 61, and at least one memory 62 and a bus 63 connected to the processor; the processor and the memory complete mutual communication through a bus; the processor is used for calling the program instructions in the memory so as to execute the screen display device method. The device herein may be a server, a PC, a PAD, a mobile phone, etc.
The present application further provides a computer program product adapted to perform a program for initializing the following method steps when executed on a data processing device:
acquiring an installation package file of an application program of which the system authority is to be determined;
determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
training a pre-training model into a target model based on the installation package file and the target authority feature file;
and inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined.
Optionally, the determining, based on the installation package file, an interface called by the application program includes:
determining the format of the installation package file into a file with a preset compression format;
converting the file in the preset compression format into a target file based on a dex2jar tool;
acquiring a virtual machine instruction corresponding to a preset interface call in the target file;
and acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
Optionally, training a pre-training model into a target model based on the installation package file and the target authority feature file includes:
and inputting the target file and the target authority feature file into the pre-training model, and performing transfer learning to generate the target model.
Optionally, the inputting the installation package file of the application program with the system permission to be determined into the target model, and outputting the protected permission list of the application program with the system permission to be determined includes:
and inputting the target file of the application program with the system authority to be determined into the target model, and outputting the protected authority list by the target model.
To sum up, the embodiment of the invention provides a method, an apparatus, a storage medium and an electronic device for determining system permissions. Then, based on the installation package file, determining an interface called by the application program, wherein the interface at least comprises an interface class name and a method name. And then, judging whether the interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file. And training a pre-training model to form a target model based on the installation package file and the target authority feature file, finally, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined. Therefore, the protected permission list is extracted from the installation package file in a machine learning mode, accuracy can be guaranteed, efficiency can be improved, and cost is reduced.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a device includes one or more processors (CPUs), memory, and a bus. The device may also include input/output interfaces, network interfaces, and the like.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip. The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A method for determining system permissions, comprising:
acquiring an installation package file of an application program of which the system authority is to be determined;
determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
training a pre-training model into a target model based on the installation package file and the target authority feature file;
and inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined.
2. The method for determining system permissions according to claim 1, wherein the determining the interface called by the application based on the installation package file comprises:
determining the format of the installation package file into a file with a preset compression format;
converting the file in the preset compression format into a target file based on a dex2jar tool;
acquiring a virtual machine instruction corresponding to a preset interface call in the target file;
and acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
3. The method for determining system permissions according to claim 2, wherein training a pre-training model into a target model based on the installation package file and the target permission profile comprises:
and inputting the target file and the target authority feature file into the pre-training model, and performing transfer learning to generate the target model.
4. The method for determining system permissions according to claim 3, wherein the inputting the installation package file of the application program whose system permissions are to be determined into the target model and outputting the protected permission list of the application program whose system permissions are to be determined comprises:
and inputting the target file of the application program with the system authority to be determined into the target model, and outputting the protected authority list by the target model.
5. An apparatus for determining system permissions, comprising:
the acquisition module is used for acquiring an installation package file of an application program of which the system authority is to be determined;
the determining module is used for determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
the judging module is used for judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
the training module is used for training a pre-training model into a target model based on the installation package file and the target authority feature file;
and the output module is used for inputting the installation package file of the application program with the system authority to be determined into the target model and outputting the protected authority list of the application program with the system authority to be determined.
6. The apparatus for determining system permissions according to claim 5, wherein the determining module comprises:
the determining unit is used for determining the format of the installation package file into a file in a preset compression format;
the conversion unit is used for converting the file with the preset compression format into a target file based on a dex2jar tool;
the first obtaining unit is used for obtaining a virtual machine instruction corresponding to a preset interface call in the target file;
and the second acquisition unit is used for acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
7. The apparatus for determining system permissions of claim 6 wherein the training module comprises:
and the generating unit is used for inputting the target file and the target authority feature file into the pre-training model, performing transfer learning and generating the target model.
8. The apparatus for determining system permissions according to claim 7, wherein the output module comprises:
and the output unit is used for inputting the target file of the application program with the system authority to be determined into the target model and outputting the protected authority list by the target model.
9. A storage medium, characterized in that the storage medium comprises a stored program, wherein when the program runs, a device in which the storage medium is located is controlled to execute the method for determining system authority according to any one of claims 1 to 4.
10. An electronic device comprising at least one processor, and at least one memory, bus connected to the processor; the processor and the memory complete mutual communication through the bus; the processor is configured to call program instructions in the memory to perform the method of determining system permissions according to any of claims 1-4.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911259946.9A CN112948816A (en) | 2019-12-10 | 2019-12-10 | System authority determination method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911259946.9A CN112948816A (en) | 2019-12-10 | 2019-12-10 | System authority determination method and device, storage medium and electronic equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112948816A true CN112948816A (en) | 2021-06-11 |
Family
ID=76225650
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911259946.9A Withdrawn CN112948816A (en) | 2019-12-10 | 2019-12-10 | System authority determination method and device, storage medium and electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112948816A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103473506A (en) * | 2013-08-30 | 2013-12-25 | 北京奇虎科技有限公司 | Method and device of recognizing malicious APK files |
CN107958154A (en) * | 2016-10-17 | 2018-04-24 | 中国科学院深圳先进技术研究院 | A kind of malware detection device and method |
CN108734012A (en) * | 2018-05-21 | 2018-11-02 | 上海戎磐网络科技有限公司 | Malware recognition methods, device and electronic equipment |
-
2019
- 2019-12-10 CN CN201911259946.9A patent/CN112948816A/en not_active Withdrawn
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103473506A (en) * | 2013-08-30 | 2013-12-25 | 北京奇虎科技有限公司 | Method and device of recognizing malicious APK files |
CN107958154A (en) * | 2016-10-17 | 2018-04-24 | 中国科学院深圳先进技术研究院 | A kind of malware detection device and method |
CN108734012A (en) * | 2018-05-21 | 2018-11-02 | 上海戎磐网络科技有限公司 | Malware recognition methods, device and electronic equipment |
Non-Patent Citations (1)
Title |
---|
贾蕴哲;黄征;林祥;: "基于静态特征的Android恶意代码检测", 通信技术, no. 09 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106990960B (en) | Code deployment method and device | |
CN107229559B (en) | Detection method and device for testing integrity of service system | |
CN111414369A (en) | Data processing method, device and equipment | |
CN110798490A (en) | Method and device for accessing third-party system based on data center and data center | |
CN114510930B (en) | Method, device, electronic equipment and medium for auditing operation document | |
KR20130116408A (en) | Method and apparatus for detecting leak of information resources data | |
CN110083581A (en) | A kind of method, apparatus, storage medium and the computer equipment of log retrospect | |
CN114091099A (en) | Authority hierarchical control method, equipment and storage medium for business system | |
CN115544304A (en) | File analysis method and device, readable storage medium and file analysis equipment | |
CN109062906A (en) | The interpretation method and device of program language resource | |
CN112579623A (en) | Method, device, storage medium and equipment for storing data | |
CN110969547A (en) | Text generation method and device | |
CN111460448B (en) | Malicious software family detection method and device | |
CN112948816A (en) | System authority determination method and device, storage medium and electronic equipment | |
CN113051231A (en) | File analysis method and device, computer equipment and storage medium | |
CN107766385B (en) | Method and equipment for converting file format of virtual disk | |
US9626371B2 (en) | Attribute selectable file operation | |
CN115168575A (en) | Subject supplement method applied to audit field and related equipment | |
CN109035040B (en) | Policy generation method and device and electronic equipment | |
CN112632941A (en) | Method, device, equipment and storage medium for generating PDF format public security document | |
CN111737672A (en) | Block chain-based remote office method, equipment and medium | |
CN112417390A (en) | File processing method, device, equipment and storage medium | |
CN105574425A (en) | Method and device for accessing stored data | |
TWM578913U (en) | System and computing device for exporting and importing certificates through multimedia files | |
CN112596929B (en) | Micro-service registration and calling method based on command event conversion and related device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20210611 |
|
WW01 | Invention patent application withdrawn after publication |