CN112948816A - System authority determination method and device, storage medium and electronic equipment - Google Patents

System authority determination method and device, storage medium and electronic equipment Download PDF

Info

Publication number
CN112948816A
CN112948816A CN201911259946.9A CN201911259946A CN112948816A CN 112948816 A CN112948816 A CN 112948816A CN 201911259946 A CN201911259946 A CN 201911259946A CN 112948816 A CN112948816 A CN 112948816A
Authority
CN
China
Prior art keywords
file
authority
target
application program
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201911259946.9A
Other languages
Chinese (zh)
Inventor
贯波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Yiyi Education Information Consulting Co ltd
Original Assignee
Beijing Yiyi Education Information Consulting Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Yiyi Education Information Consulting Co ltd filed Critical Beijing Yiyi Education Information Consulting Co ltd
Priority to CN201911259946.9A priority Critical patent/CN112948816A/en
Publication of CN112948816A publication Critical patent/CN112948816A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Stored Programmes (AREA)

Abstract

The invention provides a method and a device for determining system permission, a storage medium and electronic equipment. And then determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name. And then, judging whether the interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to the target authority feature file. And training a pre-training model into a target model based on the installation package file and the target authority feature file, finally, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined. Therefore, the protected permission list is extracted from the installation package file in a machine learning mode, accuracy can be guaranteed, efficiency can be improved, and cost is reduced.

Description

System authority determination method and device, storage medium and electronic equipment
Technical Field
The invention relates to the technical field of permission detection, in particular to a method and a device for determining system permission, a storage medium and electronic equipment.
Background
With the rapid development of the intelligent device, personal information generated by a user on the intelligent device is more and more, and whether the personal information can be acquired depends on whether the intelligent device starts a corresponding system authority, wherein the system authority may include reading a call record, reading an address book, reading a short message, acquiring location information, and the like.
However, some APPs currently have the unauthorized problems of mandatory authorization, excessive claimed rights, and over-range collection of personal information. Therefore, how to determine a method for determining system permissions can accurately obtain system permissions of APPs so as to further determine whether the APPs override or not is a major technical problem to be solved urgently by those skilled in the art.
Disclosure of Invention
In view of this, the embodiment of the present invention provides a method for determining a system permission, which can accurately obtain the system permission of an APP, so as to further determine whether the APP is unauthorized.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
a method for determining system authority comprises the following steps:
acquiring an installation package file of an application program of which the system authority is to be determined;
determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
training a pre-training model into a target model based on the installation package file and the target authority feature file;
and inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined.
Optionally, the determining, based on the installation package file, an interface called by the application program includes:
determining the format of the installation package file into a file with a preset compression format;
converting the file in the preset compression format into a target file based on a dex2jar tool;
acquiring a virtual machine instruction corresponding to a preset interface call in the target file;
and acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
Optionally, training a pre-training model into a target model based on the installation package file and the target authority feature file includes:
and inputting the target file and the target authority feature file into the pre-training model, and performing transfer learning to generate the target model.
Optionally, the inputting the installation package file of the application program with the system permission to be determined into the target model, and outputting the protected permission list of the application program with the system permission to be determined includes:
and inputting the target file of the application program with the system authority to be determined into the target model, and outputting the protected authority list by the target model.
An apparatus for determining system permissions, comprising:
the acquisition module is used for acquiring an installation package file of an application program of which the system authority is to be determined;
the determining module is used for determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
the judging module is used for judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
the training module is used for training a pre-training model into a target model based on the installation package file and the target authority feature file;
and the output module is used for inputting the installation package file of the application program with the system authority to be determined into the target model and outputting the protected authority list of the application program with the system authority to be determined.
Optionally, the determining module includes:
the determining unit is used for determining the format of the installation package file into a file in a preset compression format;
the conversion unit is used for converting the file with the preset compression format into a target file based on a dex2jar tool;
the first obtaining unit is used for obtaining a virtual machine instruction corresponding to a preset interface call in the target file;
and the second acquisition unit is used for acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
Optionally, the training module includes:
and the generating unit is used for inputting the target file and the target authority feature file into the pre-training model, performing transfer learning and generating the target model.
Optionally, the output module includes:
and the output unit is used for inputting the target file of the application program with the system authority to be determined into the target model and outputting the protected authority list by the target model.
A storage medium, characterized in that the storage medium comprises a stored program, wherein when the program runs, a device on which the storage medium is located is controlled to execute any one of the above-mentioned method for determining system authority.
An electronic device comprising at least one processor, and at least one memory, bus connected to the processor; the processor and the memory complete mutual communication through the bus; the processor is configured to call program instructions in the memory to perform any one of the above-described method for determining system permissions.
Based on the technical scheme, the embodiment of the invention provides a method, a device, a storage medium and electronic equipment for determining system permission. Then, based on the installation package file, determining an interface called by the application program, wherein the interface at least comprises an interface class name and a method name. And then, judging whether the interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file. And training a pre-training model to form a target model based on the installation package file and the target authority feature file, finally, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined. Therefore, the protected permission list is extracted from the installation package file in a machine learning mode, accuracy can be guaranteed, efficiency can be improved, and cost is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic flowchart of a method for determining system permissions according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a method for determining system permissions according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a method for determining system permissions according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of a method for determining system permissions according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an apparatus for determining system permissions according to an embodiment of the present invention;
fig. 6 is a hardware architecture diagram of a system for determining system permissions according to an embodiment of the present invention.
Detailed Description
Referring to fig. 1, fig. 1 is a schematic flowchart illustrating a method for determining system permissions according to an embodiment of the present invention, where the method for determining system permissions includes:
s11, acquiring an installation package file of the application program with the system authority to be determined;
in this step, the file with the file format of the apk is searched from all files or files with preset paths of the electronic device, and the installation package file is determined.
And S12, determining the interface called by the application program based on the installation package file.
Wherein the interface includes at least an interface class name and a method name. Specifically, in this embodiment, as shown in fig. 2, an embodiment of the present invention further provides a specific implementation step of determining an interface called by the application program based on the installation package file, where the specific implementation step includes:
s21, determining the format of the installation package file into a file with a preset compression format;
s22, converting the file in the preset compression format into a target file based on a dex2jar tool;
s23, acquiring a virtual machine instruction corresponding to a preset interface call in the target file;
and S24, acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
As mentioned above, the file format of the installation package file of the application program is the.apk, and in the embodiment, the.apk format is firstly modified into a preset compression format, for example, into the.zip format. The file in the preset compression format is decompressed to generate a dex format, where this embodiment does not limit the type of software for decompression, for example, 7z software may be used to decompress the compressed file, and for example, zip compression software may be used to decompress the compressed file.
After decompression processing, a dex2jar tool is used to convert the decompressed file into a target file, such as a smili-formatted file.
And traversing the Smali file to find the Dalvik instruction related to the API call, wherein the Dalvik instruction related to the API call is shown in the following table 1, and acquiring the API called by the application program according to the parameters subsequent to the Dalvik instruction, wherein the API comprises the name of the API class and the name of the method.
TABLE 1
Figure BDA0002311342940000051
Figure BDA0002311342940000061
S13, judging whether the interface called by the application program is an interface protected by the authority based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
combining the above steps, after obtaining the API called by the application program, performing string matching on the API, and if the API is an API protected by the authority, storing the protected authority in the authority feature file corresponding to the application program. Therefore, each smali file corresponds to one authority feature file, and all the protected authorities called by the smali files are stored in the authority feature files.
Illustratively, in this embodiment, a list of API protected by rights is preset, and it is assumed that the list includes rights 1, rights 2, rights 3, and rights 4. In this embodiment, the API called by the application program whose system permission is to be determined is permission 1, and since permission 1 belongs to the list of APIs protected by permission, permission 1 is stored in the permission feature file. Similarly, assuming that the API called by the application program whose system permission is to be determined in this embodiment is permission 6, since permission 6 does not belong to the list of APIs protected by permission, permission 6 cannot be stored in the permission feature file, and no processing may be performed.
S14, training a pre-training model into a target model based on the installation package file and the target authority feature file;
s15, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting the protected authority list of the application program with the system authority to be determined.
Specifically, as shown in fig. 3, an embodiment of the present invention provides a specific implementation manner for training a pre-training model into a target model based on the installation package file and the target authority feature file, including the steps of:
and S31, inputting the target file and the target authority feature file into the pre-training model, and performing transfer learning to generate the target model.
Inputting the file in the smali format and the target authority feature file obtained in the step S13 into a pre-training model, for example, inputting the file into a BERT pre-training model, and performing transfer learning to obtain a trained target model.
Correspondingly, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting the protected authority list of the application program with the system authority to be determined, which can also be realized in a manner as shown in fig. 4, includes the steps of:
s41, inputting the target file of the application program with the system authority to be determined into the target model, and outputting the protected authority list by the target model.
Inputting a trained target model into a smali file which is not subjected to authority detection to obtain a protected authority list corresponding to the smali file. The protected rights list may be as follows:
(<analysis.ClassAnalysis Lio/agora/rtc/internal/RtcEngineImpl;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x00000000470FF240>)
(<analysis.ClassAnalysis Lcom/umeng/commonsdk/internal/utils/k;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x00000000452E62E8>)
(<analysis.ClassAnalysis Lcom/shensz/common/permission/request/DefaultBelowMRequest;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x000000001C1AC320>)
(<analysis.ClassAnalysis Lcom/loc/m;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x000000001B0D15F8>)
(<analysis.ClassAnalysis Lcom/shensz/common/permission/SPermissionHelper;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x000000001B541EB8>)
(<analysis.ClassAnalysis Landroid/support/v7/app/TwilightManager;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x0000000019829320>)
(<analysis.ClassAnalysis Lorg/chromium/components/location/LocationUtils;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x0000000066C98A20>)
(<analysis.ClassAnalysis Lcom/loc/ct;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x000000001B091748>)
(<analysis.ClassAnalysis Lcom/umeng/commonsdk/proguard/d;>,<androguard.core.bytecodes.dvm.EncodedMethod object at 0x0000000045302278>)
therefore, the protected permission list is extracted from the installation package file in a machine learning mode, accuracy can be guaranteed, efficiency can be improved, and cost is reduced.
On the basis of the foregoing embodiment, as shown in fig. 5, an embodiment of the present invention further provides a device for determining system permissions, including:
an obtaining module 51, configured to obtain an installation package file of an application program whose system permission is to be determined;
a determining module 52, configured to determine, based on the installation package file, an interface called by the application program, where the interface includes at least an interface class name and a method name;
a judging module 53, configured to judge whether an interface called by the application is an interface protected by a right based on the interface class name and the method name, and if so, store the right in a target right feature file;
a training module 54, configured to train a pre-training model into a target model based on the installation package file and the target authority feature file;
and the output module 55 is configured to input the installation package file of the application program with the system permission to be determined into the target model, and output a protected permission list of the application program with the system permission to be determined.
Wherein the determining module comprises:
the determining unit is used for determining the format of the installation package file into a file in a preset compression format;
the conversion unit is used for converting the file with the preset compression format into a target file based on a dex2jar tool;
the first obtaining unit is used for obtaining a virtual machine instruction corresponding to a preset interface call in the target file;
and the second acquisition unit is used for acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
On the basis of the above embodiment, the training module in this embodiment may include:
and the generating unit is used for inputting the target file and the target authority feature file into the pre-training model, performing transfer learning and generating the target model.
In addition, the output module may include:
and the output unit is used for inputting the target file of the application program with the system authority to be determined into the target model and outputting the protected authority list by the target model.
The device for determining the system authority comprises a processor and a memory, wherein the acquisition module, the determination module, the judgment module, the training module, the output module and the like are stored in the memory as program units, and the processor executes the program units stored in the memory to realize corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more than one, and the protected permission list is extracted from the installation package file by adjusting kernel parameters, so that the accuracy can be ensured, the efficiency can be improved, and the cost can be reduced.
An embodiment of the present invention provides a storage medium on which a program is stored, where the program, when executed by a processor, implements the method for determining system permissions.
The embodiment of the invention provides a processor, which is used for running a program, wherein the program executes the method for determining the system authority when running.
An embodiment of the present invention provides an apparatus, as shown in fig. 6, the apparatus includes at least one processor 61, and at least one memory 62 and a bus 63 connected to the processor; the processor and the memory complete mutual communication through a bus; the processor is used for calling the program instructions in the memory so as to execute the screen display device method. The device herein may be a server, a PC, a PAD, a mobile phone, etc.
The present application further provides a computer program product adapted to perform a program for initializing the following method steps when executed on a data processing device:
acquiring an installation package file of an application program of which the system authority is to be determined;
determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
training a pre-training model into a target model based on the installation package file and the target authority feature file;
and inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined.
Optionally, the determining, based on the installation package file, an interface called by the application program includes:
determining the format of the installation package file into a file with a preset compression format;
converting the file in the preset compression format into a target file based on a dex2jar tool;
acquiring a virtual machine instruction corresponding to a preset interface call in the target file;
and acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
Optionally, training a pre-training model into a target model based on the installation package file and the target authority feature file includes:
and inputting the target file and the target authority feature file into the pre-training model, and performing transfer learning to generate the target model.
Optionally, the inputting the installation package file of the application program with the system permission to be determined into the target model, and outputting the protected permission list of the application program with the system permission to be determined includes:
and inputting the target file of the application program with the system authority to be determined into the target model, and outputting the protected authority list by the target model.
To sum up, the embodiment of the invention provides a method, an apparatus, a storage medium and an electronic device for determining system permissions. Then, based on the installation package file, determining an interface called by the application program, wherein the interface at least comprises an interface class name and a method name. And then, judging whether the interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file. And training a pre-training model to form a target model based on the installation package file and the target authority feature file, finally, inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined. Therefore, the protected permission list is extracted from the installation package file in a machine learning mode, accuracy can be guaranteed, efficiency can be improved, and cost is reduced.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a device includes one or more processors (CPUs), memory, and a bus. The device may also include input/output interfaces, network interfaces, and the like.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip. The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (10)

1. A method for determining system permissions, comprising:
acquiring an installation package file of an application program of which the system authority is to be determined;
determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
training a pre-training model into a target model based on the installation package file and the target authority feature file;
and inputting the installation package file of the application program with the system authority to be determined into the target model, and outputting a protected authority list of the application program with the system authority to be determined.
2. The method for determining system permissions according to claim 1, wherein the determining the interface called by the application based on the installation package file comprises:
determining the format of the installation package file into a file with a preset compression format;
converting the file in the preset compression format into a target file based on a dex2jar tool;
acquiring a virtual machine instruction corresponding to a preset interface call in the target file;
and acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
3. The method for determining system permissions according to claim 2, wherein training a pre-training model into a target model based on the installation package file and the target permission profile comprises:
and inputting the target file and the target authority feature file into the pre-training model, and performing transfer learning to generate the target model.
4. The method for determining system permissions according to claim 3, wherein the inputting the installation package file of the application program whose system permissions are to be determined into the target model and outputting the protected permission list of the application program whose system permissions are to be determined comprises:
and inputting the target file of the application program with the system authority to be determined into the target model, and outputting the protected authority list by the target model.
5. An apparatus for determining system permissions, comprising:
the acquisition module is used for acquiring an installation package file of an application program of which the system authority is to be determined;
the determining module is used for determining an interface called by the application program based on the installation package file, wherein the interface at least comprises an interface class name and a method name;
the judging module is used for judging whether an interface called by the application program is an interface protected by the authority or not based on the interface class name and the method name, and if so, storing the authority to a target authority feature file;
the training module is used for training a pre-training model into a target model based on the installation package file and the target authority feature file;
and the output module is used for inputting the installation package file of the application program with the system authority to be determined into the target model and outputting the protected authority list of the application program with the system authority to be determined.
6. The apparatus for determining system permissions according to claim 5, wherein the determining module comprises:
the determining unit is used for determining the format of the installation package file into a file in a preset compression format;
the conversion unit is used for converting the file with the preset compression format into a target file based on a dex2jar tool;
the first obtaining unit is used for obtaining a virtual machine instruction corresponding to a preset interface call in the target file;
and the second acquisition unit is used for acquiring the interface class name and the method name of the interface called by the application program based on the parameters of the virtual machine instruction.
7. The apparatus for determining system permissions of claim 6 wherein the training module comprises:
and the generating unit is used for inputting the target file and the target authority feature file into the pre-training model, performing transfer learning and generating the target model.
8. The apparatus for determining system permissions according to claim 7, wherein the output module comprises:
and the output unit is used for inputting the target file of the application program with the system authority to be determined into the target model and outputting the protected authority list by the target model.
9. A storage medium, characterized in that the storage medium comprises a stored program, wherein when the program runs, a device in which the storage medium is located is controlled to execute the method for determining system authority according to any one of claims 1 to 4.
10. An electronic device comprising at least one processor, and at least one memory, bus connected to the processor; the processor and the memory complete mutual communication through the bus; the processor is configured to call program instructions in the memory to perform the method of determining system permissions according to any of claims 1-4.
CN201911259946.9A 2019-12-10 2019-12-10 System authority determination method and device, storage medium and electronic equipment Withdrawn CN112948816A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911259946.9A CN112948816A (en) 2019-12-10 2019-12-10 System authority determination method and device, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911259946.9A CN112948816A (en) 2019-12-10 2019-12-10 System authority determination method and device, storage medium and electronic equipment

Publications (1)

Publication Number Publication Date
CN112948816A true CN112948816A (en) 2021-06-11

Family

ID=76225650

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911259946.9A Withdrawn CN112948816A (en) 2019-12-10 2019-12-10 System authority determination method and device, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN112948816A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103473506A (en) * 2013-08-30 2013-12-25 北京奇虎科技有限公司 Method and device of recognizing malicious APK files
CN107958154A (en) * 2016-10-17 2018-04-24 中国科学院深圳先进技术研究院 A kind of malware detection device and method
CN108734012A (en) * 2018-05-21 2018-11-02 上海戎磐网络科技有限公司 Malware recognition methods, device and electronic equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103473506A (en) * 2013-08-30 2013-12-25 北京奇虎科技有限公司 Method and device of recognizing malicious APK files
CN107958154A (en) * 2016-10-17 2018-04-24 中国科学院深圳先进技术研究院 A kind of malware detection device and method
CN108734012A (en) * 2018-05-21 2018-11-02 上海戎磐网络科技有限公司 Malware recognition methods, device and electronic equipment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
贾蕴哲;黄征;林祥;: "基于静态特征的Android恶意代码检测", 通信技术, no. 09 *

Similar Documents

Publication Publication Date Title
CN107229559B (en) Detection method and device for testing integrity of service system
CN106990960B (en) Code deployment method and device
CN113254408B (en) Invisible mark adding method, device, medium and electronic equipment
CN111414369A (en) Data processing method, device and equipment
CN110798490A (en) Method and device for accessing third-party system based on data center and data center
CN114510930B (en) Method, device, electronic equipment and medium for auditing operation document
KR20130116408A (en) Method and apparatus for detecting leak of information resources data
CN110083581A (en) A kind of method, apparatus, storage medium and the computer equipment of log retrospect
CN114091099A (en) Authority hierarchical control method, equipment and storage medium for business system
CN115544304A (en) File analysis method and device, readable storage medium and file analysis equipment
CN109062906A (en) The interpretation method and device of program language resource
CN114638005A (en) Data processing method, device and system based on block chain and storage medium
CN112579623A (en) Method, device, storage medium and equipment for storing data
US20220269820A1 (en) Artificial intelligence based data redaction of documents
CN110969547A (en) Text generation method and device
CN111460448B (en) Malicious software family detection method and device
CN112948816A (en) System authority determination method and device, storage medium and electronic equipment
CN107766385B (en) Method and equipment for converting file format of virtual disk
CN109035040B (en) Policy generation method and device and electronic equipment
CN112632941A (en) Method, device, equipment and storage medium for generating PDF format public security document
CN111737672A (en) Block chain-based remote office method, equipment and medium
CN113051231A (en) File analysis method and device, computer equipment and storage medium
TWM578913U (en) System and computing device for exporting and importing certificates through multimedia files
CN112596929B (en) Micro-service registration and calling method based on command event conversion and related device
CN116501976B (en) Data recommendation, model training, similar user analysis methods, apparatus and media

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20210611

WW01 Invention patent application withdrawn after publication