CN113949514A - Application override detection method, device and storage medium - Google Patents
Application override detection method, device and storage medium Download PDFInfo
- Publication number
- CN113949514A CN113949514A CN202010687817.6A CN202010687817A CN113949514A CN 113949514 A CN113949514 A CN 113949514A CN 202010687817 A CN202010687817 A CN 202010687817A CN 113949514 A CN113949514 A CN 113949514A
- Authority
- CN
- China
- Prior art keywords
- application
- authority
- frequent
- detected
- permission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 27
- 238000003860 storage Methods 0.000 title claims abstract description 15
- 238000000034 method Methods 0.000 claims abstract description 21
- 238000004590 computer program Methods 0.000 claims description 11
- 238000012163 sequencing technique Methods 0.000 claims description 6
- 238000005065 mining Methods 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 17
- 230000006870 function Effects 0.000 description 6
- 101150053844 APP1 gene Proteins 0.000 description 5
- 101100055496 Arabidopsis thaliana APP2 gene Proteins 0.000 description 5
- 101100189105 Homo sapiens PABPC4 gene Proteins 0.000 description 5
- 102100039424 Polyadenylate-binding protein 4 Human genes 0.000 description 5
- 101100016250 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) GYL1 gene Proteins 0.000 description 5
- 238000010276 construction Methods 0.000 description 4
- 102100038359 Xaa-Pro aminopeptidase 3 Human genes 0.000 description 3
- 101710081949 Xaa-Pro aminopeptidase 3 Proteins 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000005520 cutting process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The disclosure provides an application unauthorized detection method, an application unauthorized detection device and a storage medium, and relates to the field of security. The method comprises the following steps: determining the application category of the application to be detected; acquiring the permission of the application to be detected; and judging whether the application to be detected is unauthorized or not by comparing the authority of the application to be detected with the minimum authority set of the application category of the application to be detected. Therefore, accuracy and reasonability of the unauthorized detection are improved.
Description
Technical Field
The present disclosure relates to the field of security, and in particular, to an application unauthorized detection method, apparatus, and storage medium.
Background
The open source of the Android system makes it a popular platform for third-party applications. The problem of application security in the Android system is of great interest. A significant portion of the reason for the security problem is due to the abuse of application privileges. Many applications apply for authorities unrelated to functions of the applications, and can collect a large amount of personal privacy data of users, so that the privacy disclosure problem is caused.
The inventors have appreciated that in some related art, all applications employ a uniform standard for override detection.
The inventor realizes that the detection result is inaccurate and even has misrationality in the unauthorized detection mode of 'one-time cutting'. For example, in map navigation applications, positioning authority is required, otherwise navigation cannot be achieved, and in american applications, positioning authority is not required, so that if the positioning authority is used to detect whether each application is unauthorized, the detection result is not accurate, and even the map navigation applications are not reasonable.
Disclosure of Invention
The application type of the application to be detected is determined, the permission of the application to be detected is compared with the minimum permission set of the application type of the application to be detected, whether the application to be detected is unauthorized or not is judged, and accuracy and reasonability of unauthorized detection are improved.
Some embodiments of the present disclosure provide an application override detection method, including:
determining the application category of the application to be detected;
acquiring the permission of the application to be detected;
and judging whether the application to be detected is unauthorized or not by comparing the authority of the application to be detected with the minimum authority set of the application category of the application to be detected.
In some embodiments, the determining the application category of the application to be detected includes:
and determining the application type of the application to be detected by matching the permission of the application to be detected with the frequent permission set of each application type.
In some embodiments, further comprising:
mining a frequent authority set;
and determining the frequent permission set of each application category by matching the frequent permission set with the permission sets of each application category.
In some embodiments, the mining of the frequent right set comprises:
arranging all obtained authorities in a descending order according to the frequency number of the authorities to obtain a first authority sequence;
sequencing the authority of each application according to the first authority sequence to obtain a second authority sequence of each application;
constructing a frequent authority tree according to the second authority sequence of each application;
and determining a frequent authority set according to the frequent authority tree.
In some embodiments, the building the frequent rights tree includes:
and each application forms a branch of the frequent authority tree, each authority of each application forms a node on the branch of the application, and each node on the branch of the application is sequenced according to the second authority sequence of each application.
In some embodiments, the determining a frequent permission set comprises:
and determining a frequent authority set according to the corresponding authorities of the nodes of the coincident branches in the frequent authority tree.
In some embodiments, further comprising:
if the application to be detected is unauthorized, outputting the unauthorized authority of the application to be detected, wherein the unauthorized authority of the application to be detected comprises the following steps: and the permission of the application to be detected exceeds the permission of the minimum permission set of the application category of the application to be detected.
In some embodiments, determining the application category of the application to be detected comprises:
and determining the application category corresponding to the frequent authority set with the most frequent authority matched with the authority of the application to be detected as the application category of the application to be detected.
Some embodiments of the present disclosure provide an application override detection apparatus, including:
a memory; and
a processor coupled to the memory, the processor configured to perform the application override detection method of any of the embodiments based on instructions stored in the memory.
Some embodiments of the present disclosure provide an application override detection apparatus, including:
an application category determination module configured to determine an application category of an application to be detected;
the permission acquisition module is configured to acquire the permission of the application to be detected;
and the override judging module is configured to judge whether the application to be detected is overridden by comparing the authority of the application to be detected with the minimum authority set of the application category of the application to be detected.
In some embodiments, further comprising:
a frequent permission set determination module of the application category, configured to mine a frequent permission set; determining a frequent permission set of each application category by matching the frequent permission set with permission sets of each application category;
the application category determining module is configured to determine the application category of the application to be detected by matching the permission of the application to be detected with the frequent permission set of each application category.
In some embodiments, further comprising: a frequent permission set determination module configured to:
arranging all obtained authorities in a descending order according to the frequency number of the authorities to obtain a first authority sequence;
sequencing the authority of each application according to the first authority sequence to obtain a second authority sequence of each application;
constructing a frequent authority tree according to the second authority sequence of each application;
and determining a frequent authority set according to the frequent authority tree.
Some embodiments of the present disclosure propose a non-transitory computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of applying the override detection method described in any of the embodiments.
Drawings
The drawings that will be used in the description of the embodiments or the related art will be briefly described below. The present disclosure can be understood more clearly from the following detailed description, which proceeds with reference to the accompanying drawings.
It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without undue inventive faculty.
Fig. 1 illustrates a flow diagram of an application override detection method according to some embodiments of the present disclosure.
Fig. 2 illustrates a flow diagram of a method of determining a frequent permission set for various application categories according to some embodiments of the present disclosure.
Fig. 3 illustrates a schematic diagram of a construction process and a construction result of a frequent rights tree according to some embodiments of the present disclosure.
Fig. 4 and 5 are schematic structural diagrams of an apparatus for detecting unauthorized use according to some embodiments of the present disclosure.
Fig. 6 is a schematic structural diagram of an apparatus for detecting unauthorized use according to another embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure.
Unless otherwise specified, "first", "second", and the like in the present disclosure are described to distinguish different objects, and are not intended to mean size, timing, or the like.
Fig. 1 illustrates a flow diagram of an application override detection method according to some embodiments of the present disclosure. The method may be performed, for example, by an application override detection apparatus.
As shown in fig. 1, the method of this embodiment includes: step 110, step 130, may optionally further comprise step 140.
In step 110, the application class of the application to be detected is determined.
In some embodiments, the application category of the application to be detected may be determined according to the function of the application to be detected. Application categories include, for example, but are not limited to: map navigation, network car booking, instant messaging, blog forum, network payment, news information, online shopping and the like. For example, the application categories to which WeChat, QQ, etc. belong are instant messaging.
In other embodiments, the application category of the application to be detected may be determined by matching the permission of the application to be detected with the frequent permission set of each application category. For example, the application category corresponding to the frequent permission set with the most frequent permissions matched with the permissions of the application to be detected is determined as the application category of the application to be detected. Therefore, the application type of the application to be detected is automatically and accurately determined according to the actual permission of the application and the frequent permission set of the application type.
The frequent permission set of the application category is a set of permissions frequently used by all applications of a certain category. The frequent permission sets of the respective application categories may be determined, for example, by using the method of the embodiment shown in fig. 2, which will be described in detail later.
In step 120, the permissions of the application to be detected are obtained.
For example, an authority list of an application to be detected is extracted from an APK (Android application package) file, where the authority of the application to be detected is recorded; the authority actually used by the Application to be detected can also be determined by calling through an Application Programming Interface (API).
In step 130, it is determined whether the application to be detected is unauthorized by comparing the permission of the application to be detected with the minimum permission set of the application class of the application to be detected.
And if the authority of the application to be detected exceeds the minimum authority set of the application category of the application to be detected, judging that the application to be detected is unauthorized.
Wherein the minimum set of permissions for each application category may be pre-set according to the relevant criteria. For example, the minimum permission set of each application category is set according to the permissions of each type of application specified in the national standard "information security technology mobile internet application (App) collection personal information basic specification". For example, table 1 shows a minimum set of permissions for a map navigation class application.
Table 1: minimum set of permissions for map navigation class applications
In step 140, if the application to be detected is unauthorized, an unauthorized prompt may be issued and the unauthorized authority of the application to be detected may be output.
The unauthorized authority of the application to be detected includes, for example: and the permission of the application to be detected exceeds the permission of the minimum permission set of the application category of the application to be detected.
Taking map navigation applications shown in table 1 as an example, if a certain navigation application has account password permission in addition to log and positioning permission, the account password permission belongs to the override permission.
By determining the application category of the application to be detected and comparing the permission of the application to be detected with the minimum permission set of the application category of the application to be detected, whether the application to be detected is unauthorized or not is judged, and the accuracy and the rationality of unauthorized detection are improved.
Fig. 2 illustrates a flow diagram of a method of determining a frequent permission set for various application categories according to some embodiments of the present disclosure.
As shown in fig. 2, the method of this embodiment includes:
in step 210, a frequent permission set is mined for all applications and their permissions. The frequent permission set refers to a set of permissions frequently used by each application.
Mining the frequent right set of step 210 includes: step 211-214.
In step 211, all the permissions of all the applications are obtained by scanning the database, and all the obtained permissions are arranged in a descending order according to the frequency of the permissions to obtain a first permission order.
Crawler technology can be used to obtain applications with higher download from the application market. The database only needs to be scanned once, and occupied memory is small. Before sorting, the authority with the frequency less than the preset value can be deleted. For convenient storage, the permissions can be numbered according to permissions in the android developer specification.
An exemplary first privilege order is shown in table 2.
Table 2: example of the first privilege order
| Authority | Frequency of occurrence |
| Authority 1 | 1000000 |
| Authority 2 | 898948 |
| Authority 3 | 780980 |
| Authority 4 | 760600 |
| Authority 5 | 750300 |
| …… | …… |
In step 212, the permissions of each application are ordered according to the first permission order to obtain a second permission order for each application.
An exemplary second privilege order for the respective applications is shown in table 3.
Table 3: examples of second order of permissions for respective applications
| Application (APP) | Authority |
| APP1 | Authority 1, Authority 2, Authority 3, Authority 4 |
| APP2 | Authority 1, Authority 2, Authority 5 |
| APP3 | Authority 3, Authority 4, Authority 5 |
| …… | …… |
In step 213, a frequent rights tree is constructed according to the second rights order of the respective applications.
The frequent authority tree, also called a two-dimensional frequent authority tree, is set as a 2DFR tree.
Constructing the frequent authority tree comprises the following steps: and each application forms a branch of the frequent authority tree, each authority of each application forms a node on the branch of the application, and each node on the branch of the application is sequenced according to the second authority sequence of each application.
Taking the three applications in table 3 as an example, the construction process and the construction result of the frequent permission tree are shown in fig. 3. The left part of fig. 3 shows a branch corresponding to APP1, where the branch has 4 authority nodes and is arranged on the branch according to the descending order of frequency; the middle part of fig. 3 shows two branches corresponding to APP1 and APP2, the branch corresponding to APP2 has 3 permission nodes, and is arranged on the branch according to the order of frequency from large to small, wherein the permission nodes where APP1 and APP2 repeat are permission 1 and permission 2, and are not required to be drawn repeatedly; the right part of fig. 3 shows three branches corresponding to APP1, APP2 and APP3, and the branch corresponding to APP3 has 3 permission nodes and is arranged on the branch according to the descending order of frequency.
At step 214, a set of frequent permissions is determined from the frequent permissions tree.
Determining a frequent permission set includes, for example: and determining a frequent authority set according to the corresponding authorities of the nodes of the coincident branches in the frequent authority tree.
Taking fig. 3 as an example, the authority 1 and authority 2 corresponding to the node of the repeated branch may be determined as a frequent authority set.
Because the authority nodes in the frequent authority tree are arranged according to the frequency, the frequency of the authority and the occurrence frequency of the authority in each application are comprehensively considered according to the frequent authority set determined by the nodes of the coincident branches in the frequent authority tree. For example, privilege 5, although appearing the same number of times as privilege 1 and privilege 2 in each application, is less frequent and does not appear in the overlapping branches of the frequent privilege tree, and thus privilege 5 does not appear as a frequent privilege.
In step 220, the frequent permission set for each application category is determined by matching the frequent permission set with the permission sets for each application category.
Specifically, the intersection of the permission set and the frequent permission set of an application category is determined as the frequent permission set of the application category.
The frequent permission sets of the various application categories can be recorded by adopting a two-dimensional vector method.
The above embodiment mines the frequent permission set for all applications and their permissions. By matching the frequent permission set with the permission sets of the application categories, the frequent permission set of the application categories can be accurately determined.
Fig. 4 and 5 are schematic structural diagrams of an apparatus for detecting unauthorized use according to some embodiments of the present disclosure.
As shown in fig. 4, the apparatus 400 of this embodiment includes:
an application category determination module 410 configured to determine an application category of the application to be detected.
The permission obtaining module 420 is configured to obtain the permission of the application to be detected.
The override determination module 430 is configured to determine whether the application to be detected is overridden by comparing the permission of the application to be detected with the minimum permission set of the application category of the application to be detected.
As shown in fig. 5, the apparatus 400 of this embodiment further includes: a frequent permission set determination module 440 configured to: arranging all obtained authorities in a descending order according to the frequency number of the authorities to obtain a first authority sequence; sequencing the authority of each application according to the first authority sequence to obtain a second authority sequence of each application; constructing a frequent authority tree according to the second authority sequence of each application; and determining a frequent authority set according to the frequent authority tree.
As shown in fig. 5, the apparatus 400 of this embodiment further includes: a frequent permission set determination module 450 for the application category, configured to mine the frequent permission set (see the foregoing for a specific method); and determining the frequent permission set of each application category by matching the frequent permission set with the permission sets of each application category. The application category determining module 410 is configured to determine the application category of the application to be detected by matching the permission of the application to be detected with the frequent permission set of each application category.
Fig. 6 is a schematic structural diagram of an apparatus for detecting unauthorized use according to another embodiment of the present disclosure.
As shown in fig. 6, the apparatus 600 of this embodiment includes: a memory 610 and a processor 620 coupled to the memory 610, the processor 620 configured to perform the application override detection method in any of the foregoing embodiments based on instructions stored in the memory 610.
For example, determining an application class of an application to be detected; acquiring the authority of the application to be detected; and judging whether the application to be detected is unauthorized or not by comparing the authority of the application to be detected with the minimum authority set of the application category of the application to be detected.
For another example, all obtained authorities are arranged in descending order according to the frequency number of the authorities to obtain a first authority order; sequencing the authority of each application according to the first authority sequence to obtain a second authority sequence of each application; constructing a frequent authority tree according to the second authority sequence of each application; and determining a frequent authority set according to the frequent authority tree. And determining the frequent permission set of each application category by matching the frequent permission set with the permission sets of each application category.
The apparatus 600 may also include an input-output interface 630, a network interface 640, a storage interface 650, and the like. These interfaces 630, 640, 650 and the connections between the memory 610 and the processor 620 may be, for example, via a bus 660. The input/output interface 630 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, and a touch screen. The network interface 640 provides a connection interface for various networking devices. The storage interface 650 provides a connection interface for external storage devices such as an SD card and a usb disk.
Some embodiments of the disclosure also propose a non-transitory computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the application override detection method of any of the embodiments.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more non-transitory computer-readable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only exemplary of the present disclosure and is not intended to limit the present disclosure, so that any modification, equivalent replacement, or improvement made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.
Claims (13)
1. An application override detection method, comprising:
determining the application category of the application to be detected;
acquiring the permission of the application to be detected;
and judging whether the application to be detected is unauthorized or not by comparing the authority of the application to be detected with the minimum authority set of the application category of the application to be detected.
2. The method of claim 1, wherein determining the application class of the application to be detected comprises:
and determining the application type of the application to be detected by matching the permission of the application to be detected with the frequent permission set of each application type.
3. The method of claim 2, further comprising:
mining a frequent authority set;
and determining the frequent permission set of each application category by matching the frequent permission set with the permission sets of each application category.
4. The method of claim 3, wherein mining the set of frequent permissions comprises:
arranging all obtained authorities in a descending order according to the frequency number of the authorities to obtain a first authority sequence;
sequencing the authority of each application according to the first authority sequence to obtain a second authority sequence of each application;
constructing a frequent authority tree according to the second authority sequence of each application;
and determining a frequent authority set according to the frequent authority tree.
5. The method of claim 4, wherein constructing the frequent rights tree comprises:
and each application forms a branch of the frequent authority tree, each authority of each application forms a node on the branch of the application, and each node on the branch of the application is sequenced according to the second authority sequence of each application.
6. The method of claim 4, wherein determining the frequent permission set comprises:
and determining a frequent authority set according to the corresponding authorities of the nodes of the coincident branches in the frequent authority tree.
7. The method of claim 1, further comprising:
if the application to be detected is unauthorized, outputting the unauthorized authority of the application to be detected, wherein the unauthorized authority of the application to be detected comprises the following steps: and the permission of the application to be detected exceeds the permission of the minimum permission set of the application category of the application to be detected.
8. The method of claim 2, wherein determining the application class of the application to be detected comprises:
and determining the application category corresponding to the frequent authority set with the most frequent authority matched with the authority of the application to be detected as the application category of the application to be detected.
9. An application override detection apparatus comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform the application override detection method of any one of claims 1-8 based on instructions stored in the memory.
10. An application override detection apparatus comprising:
an application category determination module configured to determine an application category of an application to be detected;
the permission acquisition module is configured to acquire the permission of the application to be detected;
and the override judging module is configured to judge whether the application to be detected is overridden by comparing the authority of the application to be detected with the minimum authority set of the application category of the application to be detected.
11. The apparatus of claim 10, further comprising:
a frequent permission set determination module of the application category, configured to mine a frequent permission set; determining a frequent permission set of each application category by matching the frequent permission set with permission sets of each application category;
the application category determining module is configured to determine the application category of the application to be detected by matching the permission of the application to be detected with the frequent permission set of each application category.
12. The apparatus of claim 11, further comprising:
a frequent permission set determination module configured to:
arranging all obtained authorities in a descending order according to the frequency number of the authorities to obtain a first authority sequence;
sequencing the authority of each application according to the first authority sequence to obtain a second authority sequence of each application;
constructing a frequent authority tree according to the second authority sequence of each application;
and determining a frequent authority set according to the frequent authority tree.
13. A non-transitory computer readable storage medium, having stored thereon a computer program which, when executed by a processor, carries out the steps of the application override detection method of any one of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010687817.6A CN113949514B (en) | 2020-07-16 | 2020-07-16 | Application override detection method, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010687817.6A CN113949514B (en) | 2020-07-16 | 2020-07-16 | Application override detection method, device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113949514A true CN113949514A (en) | 2022-01-18 |
| CN113949514B CN113949514B (en) | 2024-01-26 |
Family
ID=79326401
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010687817.6A Active CN113949514B (en) | 2020-07-16 | 2020-07-16 | Application override detection method, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113949514B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070244887A1 (en) * | 2006-04-18 | 2007-10-18 | Benq Corporation | Systems and methods for discovering frequently accessed subtrees |
| CN107169350A (en) * | 2017-05-10 | 2017-09-15 | 国网江苏省电力公司电力科学研究院 | A kind of detection and blocking-up method for Mobile solution using abnormal authority |
| CN108427886A (en) * | 2018-01-25 | 2018-08-21 | 上海掌门科技有限公司 | A kind of application program access rights setting method, system, equipment and readable medium |
| CN108830106A (en) * | 2018-06-19 | 2018-11-16 | 中国电子信息产业集团有限公司第六研究所 | A kind of private data providing method and device |
| CN109753800A (en) * | 2019-01-02 | 2019-05-14 | 重庆邮电大学 | Merge the Android malicious application detection method and system of frequent item set and random forests algorithm |
-
2020
- 2020-07-16 CN CN202010687817.6A patent/CN113949514B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070244887A1 (en) * | 2006-04-18 | 2007-10-18 | Benq Corporation | Systems and methods for discovering frequently accessed subtrees |
| CN107169350A (en) * | 2017-05-10 | 2017-09-15 | 国网江苏省电力公司电力科学研究院 | A kind of detection and blocking-up method for Mobile solution using abnormal authority |
| CN108427886A (en) * | 2018-01-25 | 2018-08-21 | 上海掌门科技有限公司 | A kind of application program access rights setting method, system, equipment and readable medium |
| CN108830106A (en) * | 2018-06-19 | 2018-11-16 | 中国电子信息产业集团有限公司第六研究所 | A kind of private data providing method and device |
| CN109753800A (en) * | 2019-01-02 | 2019-05-14 | 重庆邮电大学 | Merge the Android malicious application detection method and system of frequent item set and random forests algorithm |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113949514B (en) | 2024-01-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104123493A (en) | Method and device for detecting safety performance of application program | |
| Barabanov et al. | Statistics of software vulnerability detection in certification testing | |
| Arnatovich et al. | A comparison of android reverse engineering tools via program behaviors validation based on intermediate languages transformation | |
| CN106933645A (en) | A kind of Apk security risks automatic Static auditing system and method | |
| CN110298171B (en) | Intelligent detection and safety protection method for mobile internet big data application | |
| CN115033894B (en) | Software component supply chain safety detection method and device based on knowledge graph | |
| CN110708335A (en) | Access authentication method and device and terminal equipment | |
| CN105550627A (en) | Fingerprint verification method and apparatus | |
| CN112464214A (en) | Authority detection method and device, electronic equipment and readable storage medium | |
| CN107679937B (en) | Method, system, storage medium and device for customizing service function | |
| Li et al. | Large-scale third-party library detection in android markets | |
| CN111327570B (en) | Authentication method, apparatus and computer-readable storage medium | |
| CN111723087A (en) | Mining method and device of data blood relationship, storage medium and electronic equipment | |
| CN113949514B (en) | Application override detection method, device and storage medium | |
| CN109344050B (en) | Interface parameter analysis method and device based on structure tree | |
| CN111274275B (en) | Data processing method, apparatus and computer readable storage medium | |
| CN112884258A (en) | Method and device for detecting application risk | |
| CN107633174B (en) | User input management method and device and terminal | |
| US11481517B2 (en) | System and method for determining permission profiles for computer executable functions | |
| CN115033892A (en) | Component vulnerability analysis method and device, electronic equipment and storage medium | |
| CN112307449B (en) | Authority hierarchical management method, device, electronic equipment and readable storage medium | |
| CN114417282A (en) | User permission determining method and device, electronic equipment and storage medium | |
| CN112699372A (en) | Vulnerability processing method and device and computer readable storage medium | |
| CN114547590A (en) | Code detection method, device and non-transitory computer readable storage medium | |
| CN112380530B (en) | Homologous APK detection method, terminal device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |