CN114143787A - Security detection method, device, terminal device, storage medium and program product - Google Patents

Security detection method, device, terminal device, storage medium and program product Download PDF

Info

Publication number
CN114143787A
CN114143787A CN202111486480.3A CN202111486480A CN114143787A CN 114143787 A CN114143787 A CN 114143787A CN 202111486480 A CN202111486480 A CN 202111486480A CN 114143787 A CN114143787 A CN 114143787A
Authority
CN
China
Prior art keywords
target
hotspot
network
terminal equipment
terminal device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111486480.3A
Other languages
Chinese (zh)
Inventor
卢昊良
秦明闯
郑玉伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing ByteDance Network Technology Co Ltd
Original Assignee
Beijing ByteDance Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing ByteDance Network Technology Co Ltd filed Critical Beijing ByteDance Network Technology Co Ltd
Priority to CN202111486480.3A priority Critical patent/CN114143787A/en
Publication of CN114143787A publication Critical patent/CN114143787A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]

Abstract

The safety detection method, the device, the terminal equipment, the storage medium and the program product can accurately detect the Wi-Fi sharing hot spot, and further avoid the problem that potential safety hazards exist in intranet resources due to the fact that the target Wi-Fi is used for sharing the hot spot. The method comprises the following steps: acquiring enabling configuration information of a hotspot function in a bottom layer frame code layer of the terminal equipment; when the enabling configuration information indicates that the terminal equipment has started the hotspot function, acquiring a network identifier of the currently accessed Wi-Fi and a preset network identifier of a target Wi-Fi; judging whether the network identification of the currently accessed Wi-Fi is matched with the network identification of the target Wi-Fi to obtain a first judgment result; when the first judgment result is yes, judging whether the network environment where the terminal equipment is located can be connected with a target network corresponding to the target Wi-Fi to obtain a second judgment result; and when the second judgment result is yes, determining that the terminal equipment shares the hotspot through the target Wi-Fi.

Description

Security detection method, device, terminal device, storage medium and program product
Technical Field
The present application relates to the field of software development technologies, and in particular, to a security detection method, apparatus, terminal device, storage medium, and program product.
Background
At present, for a terminal device supporting dual-frequency concurrency (i.e., a terminal device supporting simultaneous operation in a Station (STA) mode and an Access Point (AP) mode), when the terminal device shares a hotspot function, a Wireless Local Area Network (WLAN) of the STA may not be interrupted. Therefore, the wireless-protected access (Wi-Fi) connected to the terminal device can be shared as a hotspot (softAP), so that other terminal devices can perform network connection by accessing the hotspot.
However, when the network corresponding to the Wi-Fi is a private network, once an illegal terminal device accesses the hotspot, the intranet of the private network can be directly invaded to obtain intranet resources, so that the intranet resources have a greater security risk.
Therefore, how to detect whether the terminal device shares the Wi-Fi of the private network as a hotspot, thereby reducing the security risk, is a problem that needs to be solved urgently.
Disclosure of Invention
In order to solve the technical problems described above or at least partially solve the technical problems, the present application provides a security detection method, apparatus, terminal device, storage medium, and program product.
In a first aspect of an embodiment of the present application, a security detection method is provided, where the method includes: calling a Wi-Fi related interface in a reflection mode to acquire enabling configuration information of a hotspot function in a bottom frame code layer of the terminal equipment; when the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function, acquiring a network identifier of the currently accessed Wi-Fi and acquiring a preset network identifier of a target Wi-Fi by calling a system service interface; judging whether the network identification of the currently accessed Wi-Fi is matched with the network identification of the target Wi-Fi to obtain a first judgment result; if the first judgment result is yes, judging whether the network environment where the terminal equipment is located can be connected with a target network corresponding to the target Wi-Fi through a dual-frequency concurrent mode to obtain a second judgment result; and when the second judgment result is yes, determining that the terminal equipment shares the hotspot through the target Wi-Fi.
Optionally, the determining whether the network environment where the terminal device is located can be connected to the target network corresponding to the target Wi-Fi through the dual-frequency concurrent mode to obtain a second determination result includes: and calling a network connection testing tool in the terminal equipment, and judging whether the network environment where the terminal equipment is located can be connected with the target network through a dual-frequency concurrent mode through the network connection testing tool to obtain a second judgment result.
Optionally, the determining whether the network identifier of the currently accessed Wi-Fi is matched with the network identifier of the target Wi-Fi to obtain a first determination result includes: and judging whether the SSID name of the currently accessed Wi-Fi is consistent with the SSID name of the target Wi-Fi to obtain a first judgment result.
Optionally, the method further comprises: and dynamically modifying the network identification of the target Wi-Fi through a getText method in the EditText.
Optionally, the calling a Wi-Fi related interface in a reflection manner to obtain the enabling configuration information of the hotspot function in a bottom layer frame code layer of the terminal device includes: calling an isWifiApenabled interface through reflection in a bottom framework code layer of an android operating system of the terminal equipment to acquire the state of a hotspot; and when the state of the hotspot is true, determining that the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function.
Optionally, the method further comprises: when the terminal equipment is determined to be sharing the target Wi-Fi, displaying prompt information, wherein the prompt information is used for prompting a user that potential safety hazards exist in the current hotspot sharing behavior; and/or generating alarm information and feeding back the alarm information to the platform, wherein the alarm information is used for prompting that potential safety hazards exist in the current hotspot sharing behavior generated on the terminal equipment.
Optionally, the method further comprises: when the terminal equipment is determined to be sharing the target Wi-Fi, the Wi-Fi network connection of the terminal equipment is automatically disconnected, and/or the hotspot sharing function of the terminal equipment is automatically disconnected.
In a second aspect of the embodiments of the present application, there is provided a security detection apparatus, including: the device comprises an acquisition module, a judgment module and a determination module; the acquisition module is used for calling a Wi-Fi related interface in a reflection mode to acquire the enabling configuration information of the hotspot function in a bottom layer frame code layer of the terminal equipment; when the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function, acquiring a network identifier of the currently accessed Wi-Fi by calling a system service interface, and acquiring a preset network identifier of a target Wi-Fi; the judging module is used for judging whether the network identification of the currently accessed Wi-Fi is matched with the network identification of the target Wi-Fi to obtain a first judging result; if the first judgment result is yes, judging whether the network environment where the terminal equipment is located can be connected with a target network corresponding to the target Wi-Fi through a dual-frequency concurrent mode to obtain a second judgment result; the determining module is configured to determine that the terminal device shares the hotspot through the target Wi-Fi if the second determination result is yes.
Optionally, the determining module is specifically configured to invoke a network connection testing tool in the terminal device, and determine, by the network connection testing tool, whether the network environment where the terminal device is located can be connected to the target network in a dual-frequency concurrent mode, so as to obtain a second determination result.
Optionally, the determining module is specifically configured to determine whether the SSID name of the currently accessed Wi-Fi is consistent with the SSID name of the target Wi-Fi to obtain a first determination result.
Optionally, the apparatus further comprises: and the modification module is used for dynamically modifying the network identification of the target Wi-Fi by a getText method in EditText.
Optionally, the obtaining module is specifically configured to call, in a bottom framework code layer of an android operating system of the terminal device, an iswifiapableenabled interface through reflection to obtain a state of the hotspot; and when the state of the hotspot is true, determining that the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function.
Optionally, the apparatus further comprises: the display module is used for displaying prompt information when the terminal equipment is determined to share the target Wi-Fi, wherein the prompt information is used for prompting a user that potential safety hazards exist in the current hotspot sharing behavior; and/or, the generating module is used for generating alarm information; and the feedback module is used for feeding back the alarm information to the platform, and the alarm information is used for prompting that potential safety hazards exist in the current hotspot sharing behavior generated on the terminal equipment.
Optionally, the apparatus further comprises: the terminal device comprises a disconnection module and/or a disconnection module, wherein the disconnection module is used for automatically disconnecting the Wi-Fi network connection of the terminal device when the terminal device is determined to share the target Wi-Fi, and/or the disconnection module is used for automatically disconnecting the hotspot sharing function of the terminal device.
In a third aspect of embodiments of the present application, a terminal device is provided, where the terminal device includes a processor, a memory, and a computer program stored on the memory and executable on the processor, and the computer program, when executed by the processor, implements the steps of the security detection method according to the first aspect.
In a fourth aspect of the embodiments of the present application, a computer-readable storage medium is provided, on which a computer program is stored, which when executed by a processor implements the steps of the security detection method according to the first aspect.
In a fifth aspect of embodiments of the present application, a computer program product is provided, where the computer program product includes a computer program, and when the computer program product runs on a processor, the computer program is executed by the processor, so as to implement the security detection method according to the first aspect.
In a sixth aspect of the embodiments of the present application, there is provided a chip, where the chip includes a processor and a communication interface, where the communication interface is coupled to the processor, and the processor is configured to execute program instructions to implement the security detection method according to the first aspect.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages: in the embodiment of the application, the terminal equipment calls a Wi-Fi related interface to acquire enabling configuration information of a hotspot function in a reflection mode, whether the terminal equipment is clamped with the hotspot function is determined according to the enabling configuration information of the hotspot function, whether a network identifier of the currently accessed Wi-Fi is matched with a network identifier of a target Wi-Fi is determined under the condition that the terminal equipment is determined to start the hotspot function, a first judgment result is obtained, if the first judgment result is yes, whether a network environment where the terminal equipment is located can be connected with the target network through a dual-frequency concurrent mode is judged through a network connection testing tool, a second judgment result is obtained, and if the second result is yes, the terminal equipment is determined to share the hotspot through the target Wi-Fi. On one hand, in the embodiment of the application, the Wi-Fi related interface is called in a reflection mode to obtain the enabling configuration information of the hotspot function, and whether the hotspot function is started by the terminal equipment is determined according to the enabling configuration information of the hotspot function, on the other hand, the terminal equipment can accurately determine that the terminal equipment shares the hotspot through the target Wi-Fi by double judgment that the network environment where the terminal equipment is located can be connected with the target network corresponding to the target Wi-Fi through a double-frequency concurrent mode according to the matching of the network identifier of the currently accessed Wi-Fi and the network identifier of the target Wi-Fi, so that when the terminal equipment shares the hotspot through the target Wi-Fi is determined, corresponding measures can be taken to ensure the safety of data under the target Wi-Fi.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
Fig. 1 is a schematic structural diagram of a hotspot determining system according to an embodiment of the present disclosure;
fig. 2 is a schematic flow chart of a security detection method according to an embodiment of the present application;
fig. 3 is a second schematic flowchart of a security detection method according to an embodiment of the present application;
fig. 4 is a third schematic flowchart of a security detection method according to an embodiment of the present application;
fig. 5 is a fourth schematic flowchart of a security detection method according to an embodiment of the present application;
fig. 6 is a schematic diagram of an internal implementation of a security detection method according to an embodiment of the present application;
fig. 7 is a block diagram of a security detection apparatus according to an embodiment of the present disclosure;
fig. 8 is a block diagram of a terminal device according to an embodiment of the present application.
Detailed Description
In order that the above-mentioned objects, features and advantages of the present application may be more clearly understood, the solution of the present application will be further described below. It should be noted that the embodiments and features of the embodiments of the present application may be combined with each other without conflict.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application, but the present application may be practiced in other ways than those described herein; it is to be understood that the embodiments described in this specification are only some embodiments of the present application and not all embodiments.
The terms first, second and the like in the description and in the claims of the present application are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that embodiments of the application may be practiced in sequences other than those illustrated or described herein, and that the terms "first," "second," and the like are generally used herein in a generic sense and do not limit the number of terms, e.g., the first term can be one or more than one. In addition, "and/or" in the specification and claims means at least one of connected objects, a character "/" generally means that a preceding and succeeding related objects are in an "or" relationship.
Currently, most terminal devices introduce a function that allows the device to operate in an STA mode and an AP mode simultaneously, that is, a function that can support dual-frequency concurrence is introduced. The terminal equipment supporting the dual-frequency concurrency can not interrupt the STA WLAN when the hotspot sharing function is started, so that the terminal equipment can share the currently connected Wi-Fi as a new hotspot.
The WPA-Enterprise is also called WPA-802.1X mode, and is designed for Enterprise wireless networks, and authenticates equipment of each Enterprise employee through Remote Authentication Dial In User Service (RADIUS) to determine whether to provide wireless network access authority. The terminal equipment of the enterprise staff accesses the enterprise intranet by using the mode. However, once the enterprise employees are not properly operated, the enterprise Wi-Fi is shared out as a hotspot, which causes a great security risk.
Therefore, an effective way to determine whether the employee shares the Wi-Fi of the enterprise as a hotspot is needed, which may cause a security risk to the data of the intranet.
In view of the above technical problems, an embodiment of the present application provides a security detection method, in which a terminal device calls a Wi-Fi related interface in a reflection manner to obtain enabling configuration information of a hotspot function, determines whether the terminal device is jammed with the hotspot function according to the enabling configuration information of the hotspot function, obtains a first determination result according to whether a network identifier of a currently accessed Wi-Fi is matched with a network identifier of a target Wi-Fi when it is determined that the terminal device starts the hotspot function, determines whether a network environment where the terminal device is located can be connected to the target network through a dual-frequency concurrent mode through a network connection testing tool when the first determination result is yes, obtains a second determination result, and determines that the terminal device shares a hotspot through the target Wi-Fi when the second result is yes. On one hand, in the embodiment of the application, the Wi-Fi related interface is called in a reflection mode to obtain the enabling configuration information of the hotspot function, and whether the hotspot function is started by the terminal equipment is determined according to the enabling configuration information of the hotspot function, on the other hand, the terminal equipment can accurately determine that the terminal equipment shares the hotspot through the target Wi-Fi by double judgment that the network environment where the terminal equipment is located can be connected with the target network corresponding to the target Wi-Fi through a double-frequency concurrent mode according to the matching of the network identifier of the currently accessed Wi-Fi and the network identifier of the target Wi-Fi, so that when the terminal equipment shares the hotspot through the target Wi-Fi is determined, corresponding measures can be taken to ensure the safety of data under the target Wi-Fi.
First, fig. 1 illustrates a hotspot system according to an embodiment of the present application. As shown in fig. 1, the hotspot system includes: the target AP 110, a plurality of terminal devices (one terminal device 120 is shown as an example in the figure) accessing the target AP 110, and a plurality of terminal devices 130 connecting to the hotspot shared by the terminal devices 120. Wherein the terminal device 120 supports dual frequency concurrent mode. The target AP 110 may be an enterprise AP, a campus AP, or the like, and may be determined according to actual conditions. The intranet resources under the target AP have certain security requirements.
The terminal device in the embodiment of the application may be a mobile terminal device or a non-mobile terminal device. The mobile terminal device may be a mobile phone, a tablet computer, a notebook computer, a palm computer, a vehicle-mounted terminal device, a wearable device, an ultra-mobile personal computer (UMPC), a netbook, or a Personal Digital Assistant (PDA); the non-mobile terminal device may be a Personal Computer (PC), a Television (TV), a teller machine, a self-service machine, or the like; the embodiments of the present application are not particularly limited.
An execution main body of the security detection method provided in the embodiment of the present application may be the terminal device (including a mobile terminal device and a non-mobile terminal device), or may also be a functional module and/or a functional entity capable of implementing the security detection method in the terminal device, which may be specifically determined according to actual use requirements, and the embodiment of the present application is not limited.
The security detection method provided by the embodiment of the present application is described in detail below with reference to the accompanying drawings through specific embodiments and application scenarios thereof.
As shown in fig. 2, an embodiment of the present application provides a security detection method, and an example of the security detection method provided in the embodiment of the present application is described below with an execution subject as a terminal device. The method may include steps 201 through 205 described below.
201. And calling a Wi-Fi related interface to acquire the enabling configuration information of the hotspot function in a reflection mode in a bottom layer frame code layer of the terminal equipment.
Among them, Reflection (Reflection) is one of the features of the Java program development language, which allows a running Java program to acquire its own information and can manipulate internal attributes of a class or object. By reflection, properties, methods, construction methods, etc. of Java objects can be accessed at runtime.
The enabling configuration information of the hot spot function indicates that the terminal device currently starts the hot spot function, or indicates that the terminal device does not start the hot spot function currently.
Optionally, the terminal device may obtain the enabling configuration information of the hotspot function in real time, or the terminal device may also periodically obtain the enabling configuration information of the hotspot function, which may be determined specifically according to an actual situation, and the embodiment of the present application is not limited.
It can be understood that after the terminal device starts the wireless hotspot, the terminal device cannot acquire the starting state of the hotspot of the terminal device in a normal interface calling manner, and therefore in the embodiment of the application, in the bottom layer frame code layer of the terminal device, the Wi-Fi related interface is called in a reflection manner to acquire the enabling configuration information of the hotspot function, so that whether the terminal device starts the hotspot function is determined according to the enabling configuration information of the hotspot function.
202. When the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function, a system service interface is called to acquire a network identifier of the currently accessed Wi-Fi and a preset network identifier of a target Wi-Fi.
The current accessed Wi-Fi is the Wi-Fi corresponding to the AP connected with the terminal equipment, and the target Wi-Fi is the Wi-Fi sharing hotspot using the Wi-Fi and having the risk of intranet resource leakage.
Optionally, in this embodiment of the present application, the network identifier may be an identifier that arbitrarily identifies one Wi-Fi, and this embodiment of the present application is not limited. Illustratively, the network identification of Wi-Fi can be the SSID name of Wi-Fi.
203. And judging whether the network identification of the currently accessed Wi-Fi is matched with the network identification of the target Wi-Fi to obtain a first judgment result.
It can be understood that if the network identifier of the currently accessed Wi-Fi matches the network identifier of the target Wi-Fi, the first result is yes, and if the network identifier of the currently accessed Wi-Fi does not match the network identifier of the target Wi-Fi, the first result is no.
The matching of the network identification of the currently accessed Wi-Fi and the network identification of the target Wi-Fi means that the network identification of the currently accessed Wi-Fi is the same as the network identification of the target Wi-Fi, or the network identification of the previously accessed Wi-Fi is one of the network identifications of the target Wi-Fi; the method can be determined according to actual use conditions, and the embodiment of the application is not limited.
Exemplarily, taking an example that the matching of the network identifier of the currently accessed Wi-Fi and the network identifier of the target Wi-Fi means that the network identifier of the currently accessed Wi-Fi is the same as the network identifier of the target Wi-Fi, if the network identifier of the currently accessed Wi-Fi is the same as the network identifier of the target Wi-Fi, the network identifier of the currently accessed Wi-Fi is matched with the network identifier of the target Wi-Fi; and if the network identification of the currently accessed Wi-Fi is different from the network identification of the target Wi-Fi, the network identification of the currently accessed Wi-Fi is not matched with the network identification of the target Wi-Fi.
It can be understood that under the condition that the terminal device is determined to start the hotspot function, whether the terminal device is currently sharing the hotspot through the target Wi-Fi or other Wi-Fi can be further determined according to whether the network identifier of the Wi-Fi currently accessed by the terminal device is the same as the preset network identifier of the target Wi-Fi.
204. And when the first judgment result is yes, judging whether the network environment where the terminal equipment is located can be connected with a target network corresponding to the target Wi-Fi through a dual-frequency concurrent mode to obtain a second judgment result.
It can be understood that, if the network environment where the terminal device is located can be connected to the target network corresponding to the target Wi-Fi through the dual-frequency concurrent mode, the second determination result is yes, and if the network environment where the terminal device is located cannot be connected to the target network corresponding to the target Wi-Fi through the dual-frequency concurrent mode, the second determination result is no.
If the terminal device can support the dual-frequency concurrent mode and the network environment where the terminal device is located can be connected to the target network, the second determination result is yes. If the terminal device cannot support the dual-frequency concurrent mode or the network environment where the terminal device is located cannot be connected to the target network under the condition that the terminal device currently starts the hot spot function, the second judgment result is no.
The target network is usually an intranet network with certain security requirements. For example, the target Wi-Fi is WPA-Enterprise Enterprise Wi-Fi, and the target network is an intranet; the target Wi-Fi is campus Wi-Fi, and the target network is campus intranet.
205. And when the second judgment result is yes, determining that the terminal equipment shares the hotspot through the target Wi-Fi.
It can be understood that when the terminal device starts the hotspot function, the terminal device can accurately determine that the terminal device shares the hotspot through the target Wi-Fi by combining the matching of the network identifier of the currently accessed Wi-Fi and the network identifier of the target Wi-Fi and the dual judgment that the network environment where the terminal device is located can be connected with the target network corresponding to the target Wi-Fi through the dual-frequency concurrent mode.
It should be noted that, in this embodiment of the present application, the execution step of calling a Wi-Fi related interface to obtain the enabling configuration information of the hotspot function in a reflection manner (step one), determining whether the network identifier of the currently accessed Wi-Fi is matched with the network identifier of the target Wi-Fi (step two), and determining whether the network environment where the terminal device is located can be connected to the target network corresponding to the target Wi-Fi in a dual-frequency concurrent mode (step three) may be performed, that is, any one of the above steps may be performed first, any one of the other steps may be performed, and the last step may be performed last (for example, the step two is performed first, the step three is performed, and the step one is performed last); any two of the steps may be executed first, and then the remaining one (for example, the first step, the second step, and then the third step) is executed, or the three steps may be executed simultaneously, which may be determined according to actual situations.
In the embodiment of the application, the terminal equipment calls a Wi-Fi related interface to acquire enabling configuration information of a hotspot function in a reflection mode, whether the terminal equipment is clamped with the hotspot function is determined according to the enabling configuration information of the hotspot function, whether a network identifier of the currently accessed Wi-Fi is matched with a network identifier of a target Wi-Fi is determined under the condition that the terminal equipment is determined to start the hotspot function, a first judgment result is obtained, if the first judgment result is yes, whether a network environment where the terminal equipment is located can be connected with the target network through a dual-frequency concurrent mode is judged through a network connection testing tool, a second judgment result is obtained, and if the second result is yes, the terminal equipment is determined to share the hotspot through the target Wi-Fi. On one hand, in the embodiment of the application, the Wi-Fi related interface is called in a reflection mode to obtain the enabling configuration information of the hotspot function, and whether the hotspot function is started by the terminal equipment is determined according to the enabling configuration information of the hotspot function, on the other hand, the terminal equipment can accurately determine that the terminal equipment shares the hotspot through the target Wi-Fi by double judgment that the network environment where the terminal equipment is located can be connected with the target network corresponding to the target Wi-Fi through a double-frequency concurrent mode according to the matching of the network identifier of the currently accessed Wi-Fi and the network identifier of the target Wi-Fi, so that when the terminal equipment shares the hotspot through the target Wi-Fi is determined, corresponding measures can be taken to ensure the safety of data under the target Wi-Fi.
Alternatively, the step 204 may be specifically realized by the following step 204 a.
204a, calling a network connection testing tool in the terminal device, and judging whether the network environment where the terminal device is located can be connected with the target network through the dual-frequency concurrent mode through the network connection testing tool to obtain a second judgment result.
Optionally, the network connection testing tool may be a network connection testing tool ping, tcpping, tcping, psiping, hping, paping, and the like built in the terminal device, and may be determined specifically according to an actual situation, which is not limited in this embodiment of the application.
For example, the terminal device may determine whether the current network environment can be connected to the target network through a dual-frequency concurrent mode by using a network connection testing tool ping built in the terminal device, and if it is determined that the current network environment can be connected to the target network, further indicate that the currently accessed Wi-Fi is the target Wi-Fi, that is, it may be ensured that the accuracy of determining that the Wi-Fi of the current sharing hotspot is the target Wi-Fi. And if the Wi-Fi cannot be communicated with the target network, the currently accessed Wi-Fi is not the target Wi-Fi, and the Wi-Fi of the currently shared hotspot is determined not to be the target Wi-Fi.
In the embodiment of the application, a plurality of network connection testing tools are provided, and a proper network connection testing tool can be determined according to actual conditions so as to better judge whether the network environment where the terminal equipment is located can be connected with the target network through a dual-frequency concurrent mode.
Alternatively, the step 203 may be specifically realized by the following step 203 a.
203a, judging whether the SSID of the currently accessed Wi-Fi is consistent with the SSID of the target Wi-Fi to obtain a first judgment result.
It is understood that the Wi-Fi identification can be the name of a Service Set Identification (SSID) for Wi-Fi. The method comprises the steps that the SSID name of a target Wi-Fi is preset by a terminal device, the SSID name of the currently accessed Wi-Fi is obtained through a get System service (getSystemservice) interface of a Wi-Fi management (Wi-Fimanager) module in an Android Open Source code Project (AOSP), the SSID name of the target Wi-Fi is compared with the SSID name of the currently accessed Wi-Fi, and if the SSID names of the target Wi-Fi and the SSID name of the currently accessed Wi-Fi are the same, it is indicated that the Wi-Fi currently accessed by the terminal device is the target Wi-Fi through second information.
In the embodiment of the application, the network identifier of the Wi-Fi is set to be the SSID name of the Wi-Fi, so that the current network identifier of the Wi-Fi is easy to obtain, and different Wi-Fi are easy to distinguish because the SSID names of different Wi-Fi are usually different.
Alternatively, the step 201 may be specifically realized by the following steps 201a to 201 b.
201a, calling an isWifiApenabled interface through reflection in a bottom framework code layer of an android operating system of the terminal device to acquire the state of the hotspot.
201b, when the state of the hotspot is true, determining that the enabling configuration information of the hotspot function indicates that the terminal equipment opens the hotspot function.
It can be understood that, taking an android operating system as an example, when a Wi-Fi related interface of a terminal device is an iswifiapabled interface, and a state of a hotspot acquired according to the iswifiapabled interface is TRUE (TRUE), determining that enabling configuration information of the hotspot function indicates that the terminal device has started the hotspot function; and if the state of the hotspot acquired according to the isWifiApEnabled interface is true (FALSE), determining that the enabling configuration information of the hotspot function indicates that the terminal equipment does not start the hotspot function.
It can be understood that, in the case that the operating system of the terminal device is another operating system, the Wi-Fi related interface of the terminal device may be another interface, and the embodiment of the present application is not limited thereto.
Among them, classes and methods (i.e., hidden Application Programming Interfaces (APIs), called hidden APIs) marked as @ hide attribute in the Android operating system cannot be accessed through Software Development Kit (SDK). That is, when developing using the Android SDK, the application references Android. The Hidden nature of the Hidden API is intended to prevent developers from using the incomplete or unstable parts of the SDK.
In the embodiment of the application, when the Android terminal device enables hotspot sharing (starts a hotspot function), the Android terminal device will get to a system service (system _ server) process through an Android Interface Definition Language (AIDL) mechanism binder, and start a daemon process (Host Access Point daemon, hostapd) process for the AP and the authentication server through state initialization, driver loading, and a user state, and then complete starting of the softAP, that is, the hotspot function. Therefore, the hidden API can be called in a Java reflection mode to acquire the enabling configuration information of the Wi-Fi related interface; the enabling configuration information of the Wi-Fi related interface can be obtained in a mode of extracting from the equipment, namely, frame.jar (which is equal to android.jar but does not remove hidden API.) is extracted from the equipment, and complete android.jar is finally obtained through a series of conversion, so that the enabling configuration information of the Wi-Fi related interface can be extracted from the complete android.jar; the enabling configuration information of the Wi-Fi related interface may also be obtained by other manners, which is not limited herein.
In the embodiment of the application, in an android operating system, the enabling configuration information of a Wi-Fi related interface (isWifiApenabled interface) can be accurately and quickly acquired by calling the hidden API in a reflection mode, and the android device with most versions is supported by calling the hidden API in a reflection mode, so that the universality is higher.
Optionally, with reference to fig. 2, as shown in fig. 3, the security detection method provided in the embodiment of the present application may further include the following step 206.
206. And dynamically modifying the network identification of the target Wi-Fi through a getText method in the EditText.
It can be understood that in the embodiment of the present application, dynamic modification (update) of the preset network identifier of the target Wi-Fi according to the location relationship of the terminal device is supported.
Illustratively, the step 206 may be specifically realized by the step 206a described below.
206a, under the condition that the position of the terminal equipment moves from the first area to the second area, the terminal equipment updates the network identification of the target Wi-Fi from the first identification to the second identification.
The first identifier is a network identifier of the target Wi-Fi corresponding to the first area, and the second identifier is a network identifier of the target Wi-Fi corresponding to the second area.
The terminal device may obtain a current location of the terminal device through a Global Positioning System (GPS), a base station, a Wireless local area network (Wi-Fi), an Internet Protocol (IP), a Radio Frequency Identification (RFID)/two-dimensional code, a bluetooth location, and other location manners, and then determine an area corresponding to the current location. For a specific positioning technology for implementing the above positioning method, reference may be made to the existing related technologies, and details of embodiments of the present invention are not repeated.
It can be understood that when the terminal device is in different areas, the corresponding target Wi-Fi may be different, and therefore, the network identifier of the target Wi-Fi corresponding to the current area may be dynamically updated according to the change of the area where the terminal device is located.
Illustratively, taking enterprise Wi-Fi as an example, in different work areas of an enterprise, the connected enterprise Wi-Fi is different, for example, when an employee is in a first work area, the corresponding target Wi-Fi (i.e., the Wi-Fi to which the terminal device of the employee is connected) is the first Wi-Fi, and when the employee is in a second work area, the corresponding target Wi-Fi is the second Wi-Fi, so that when it is detected that the terminal device (carried by the employee) moves from the first work area to the second work area, the terminal device updates the preset network identifier of the target Wi-Fi from the network identifier of the first Wi-Fi to the network identifier of the second Wi-Fi. If the terminal device detects that the terminal device is located in the first work area currently, the preset network identification of the target Wi-Fi is the network identification of the first Wi-Fi, and then if the terminal device detects that the network identification of the currently accessed Wi-Fi is the network identification of the first Wi-Fi, the Wi-Fi currently accessed by the terminal device is indicated as the target Wi-Fi; and if the terminal equipment detects that the terminal equipment is located in a second work area currently, the preset network identification of the target Wi-Fi is the network identification of the second Wi-Fi, and then if the terminal equipment detects that the network identification of the Wi-Fi accessed currently is the network identification of the second Wi-Fi, the Wi-Fi accessed currently by the terminal equipment is indicated as the target Wi-Fi.
It is understood that, in the embodiment of the present application, the execution sequence between the step 206 and the steps 201 to 205 is not limited, and may be determined according to an actual use situation.
For example, if the step 206 is executed after the step 205, after the step 206, the security detection method provided in the embodiment of the present application may further include re-executing the steps 201 to 205 to re-determine whether the terminal device passes through the target Wi-Fi sharing hotspot.
For example, if the step 206 is executed after the step 202 and before the step 203, after the step 202, the security detection method provided in this embodiment of the present application may further include re-executing the step 202, obtaining the network identifier of the currently accessed Wi-Fi and a preset network identifier of the target Wi-Fi, so that the network identifier of the target Wi-Fi is the updated network identifier of the target Wi-Fi, and the network identifier of the currently accessed Wi-Fi is the updated network identifier of the accessed Wi-Fi, thereby ensuring accuracy of subsequent determination.
In the embodiment of the application, the preset network identification of the target Wi-Fi corresponding to the area is updated according to the area where the actual position of the terminal device is located, so that the judgment accuracy can be ensured, the reduction of user experience caused by misjudgment of using the target Wi-Fi sharing hotspot (actually not using the target Wi-Fi sharing hotspot) is avoided while the safety of intranet resources is protected, and the leakage risk of the intranet resources caused by misjudgment of not using the target Wi-Fi sharing hotspot (actually using the target Wi-Fi sharing hotspot) is avoided.
Optionally, with reference to fig. 2, as shown in fig. 4, after step 205, the security detection method provided in the embodiment of the present application may further include steps 207 to 208 described below.
207. And when the terminal equipment is determined to be sharing the target Wi-Fi, displaying prompt information.
The prompt information is used for prompting that potential safety hazards exist in the current hotspot sharing behavior of the user.
The prompt information is used for prompting the user of the terminal equipment to prompt that the user is sharing the hot spot through the target Wi-Fi, so that potential safety hazards exist; further, the user can be prompted to disconnect the Wi-Fi connection to ensure the safety of the intranet resources corresponding to the target Wi-Fi, and/or the hotspot sharing function is closed to ensure the safety of the intranet resources corresponding to the target Wi-Fi; further, the user may be prompted that the Wi-Fi connection has been automatically disconnected in order to ensure the security of the intranet resource corresponding to the target Wi-Fi, and/or that the hotspot sharing function has been automatically closed in order to ensure the security of the intranet resource corresponding to the target Wi-Fi.
The prompt information may also include other content, which is not limited in the embodiment of the present application. The specific content of the prompt message can be set according to actual requirements, and the embodiment of the application is not limited.
Optionally, the prompt information may be displayed on a screen of the terminal device in a text form, and the prompt information may also be played through the terminal device in a voice form; the embodiments of the present application are not limited.
In the embodiment of the application, after the terminal device is determined to share the hotspot through the target Wi-Fi, the user is well prompted to share the hotspot through the target Wi-Fi through the prompt message, so that the user can timely know that the hotspot is shared through the target Wi-Fi currently, and timely perform corresponding operation for protecting intranet resources of a target network, and accordingly the safety of the intranet resources corresponding to the target Wi-Fi can be guaranteed.
208. And when the terminal equipment is determined to share the target Wi-Fi, generating alarm information and feeding back the alarm information to the platform.
The warning information is used for prompting that potential safety hazards exist in the current hotspot sharing behavior generated on the terminal equipment.
It can be understood that the alarm information is used for notifying a server (platform) corresponding to the target Wi-Fi to prompt that the server terminal device shares the hotspot through the target Wi-Fi; further, the server can be prompted to control the terminal device to disconnect the Wi-Fi connection to ensure the safety of the intranet resources corresponding to the target Wi-Fi, and/or the server can be prompted to control the terminal device to close the hot spot sharing function to ensure the safety of the intranet resources corresponding to the target Wi-Fi; further, the server may be prompted to automatically disconnect the Wi-Fi connection in order to ensure the security of the intranet resource corresponding to the target Wi-Fi, and/or automatically close the hotspot sharing function in order to ensure the security of the intranet resource corresponding to the target Wi-Fi.
Optionally, the server may further perform other control management on the terminal device according to the alarm information, so as to ensure the security of the intranet resource corresponding to the target Wi-Fi.
In the embodiment of the application, the server can conveniently acquire that the terminal equipment shares the hotspot through the target Wi-Fi in time through the alarm information, the intranet resources have potential safety hazards, and the server can conveniently further manage and control the terminal equipment.
It should be noted that, in the embodiment of the present application, at least one of the step 207 and the step 208 may be included, and when the step 207 and the step 208 are included, the embodiment of the present application does not limit the execution sequence of the step 207 and the step 208, that is, the step 207 may be executed first, and then the step 208 may be executed; step 208 may be performed first, and then step 207 may be performed, or step 207 and step 208 may be performed simultaneously.
Optionally, with reference to fig. 2, as shown in fig. 5, after step 205, the security detection method provided in the embodiment of the present application may further include steps 209 to 210 described below.
209. And when the terminal equipment is determined to share the target Wi-Fi, automatically disconnecting the Wi-Fi network connection of the terminal equipment.
It can be understood that after the terminal device is determined to pass through the target Wi-Fi sharing hotspot, the terminal device can be controlled to disconnect the Wi-Fi connection to stop the terminal device from passing through the target Wi-Fi sharing hotspot, so that the safety of the intranet resource corresponding to the target Wi-Fi is ensured.
210. And when the terminal equipment is determined to be sharing the target Wi-Fi, automatically disconnecting the hotspot sharing function of the terminal equipment.
It can be understood that the terminal device controls the terminal device to close the hotspot sharing function. After the terminal device is confirmed to share the hotspot through the target Wi-Fi, the terminal device can be controlled to close the hotspot sharing function to stop (block) the terminal device from sharing the hotspot through the target Wi-Fi, so that the safety of the intranet resource corresponding to the target Wi-Fi is ensured.
Illustratively, the terminal device is controlled to close the hotspot sharing function, specifically, the enabling configuration information of the Wi-Fi hotspot can be modified from the on state to the off state by modifying the enabling configuration information, so as to close the hotspot sharing function, and the hotspot sharing function can also be closed by other ways, which is not limited in the embodiment of the present application.
Optionally, in the embodiment of the application, the enabling configuration information may be forcibly modified from the on state to the off state, and the terminal device is not allowed to modify the enabling configuration information from the off state to the on state under the condition that the allowing information of the server is not received, so that the user can be prevented from controlling the terminal device to start the hotspot sharing function again through input, and the security of the intranet resource corresponding to the target Wi-Fi can be better ensured.
It should be noted that, in this embodiment of the present application, at least one of the step 209 and the step 210 may be included, and when the step 209 and the step 210 are included, the embodiment of the present application does not limit the execution sequence of the step 209 and the step 210, that is, the step 209 may be executed first, and then the step 209 may be executed; step 210 may be performed first, and then step 209 may be performed, or step 209 and step 210 may be performed simultaneously.
In the embodiment of the application, the terminal equipment can be controlled to disconnect the Wi-Fi connection and close the hotspot sharing function, so that the terminal equipment is stopped from sharing the hotspot through the target Wi-Fi, and the safety of the intranet resource corresponding to the target Wi-Fi is dually ensured.
It should be noted that, after step 205, the embodiment of the present application may implement a response made when it is determined that the terminal device shares the hotspot through the target Wi-Fi by performing at least one of step 207 to step 210.
It should be noted that, in this embodiment of the application, the terminal device may implement the security detection method through a third-party application installed in the terminal device, and the third-party application may be any application installed in the terminal device, and the purpose of implementing the security detection method through the third-party application may be achieved by adding a function corresponding to the security detection method to the third-party application.
For example, the third-party application may be a communication application, a shopping application, a payment application, and the like, and the embodiment of the present application is not limited thereto. For example, the target Wi-Fi is enterprise Wi-Fi, and the third party application may be an enterprise intercom application.
In the embodiment of the present application, a function corresponding to the security detection method may be built in a third-party application program in a scenario (an enterprise, a school, or the like) that requires the security detection method, or a function corresponding to the security detection method may be built in a scenario that does not require the security detection method and is not built in a third-party application program, which is specifically determined according to an actual usage scenario, and the embodiment of the present application is not limited.
In the embodiment of the application, the method for determining the hot spot is integrated into third-party software, so that whether a behavior of sharing out a target Wi-Fi (e.g., a WPA-Enterprise Wi-Fi) as the hot spot exists in the terminal device is detected through the third-party software without invading the mobile phone terminal. If the terminal equipment has the action of sharing the target Wi-Fi, the terminal equipment can be controlled to stop sharing the hot spot through the target Wi-Fi, a prompt is sent to a user using the terminal equipment, and an alarm is sent to a server (an enterprise server) corresponding to the target Wi-Fi.
Exemplarily, as shown in fig. 6, taking a target Wi-Fi as an enterprise Wi-Fi as an example for explanation, the terminal device performs wireless connection with the enterprise AP, and may obtain the enterprise intranet resource through the enterprise Wi-Fi corresponding to the enterprise AP. And the third-party application program in the terminal equipment determines whether the terminal equipment shares the hotspot through the enterprise Wi-Fi by monitoring a bottom Framework layer (Framework) of the terminal equipment. The android operating system of the terminal device may further include an Application layer (Application) and a Kernel layer (Kernel).
Fig. 7 is a block diagram of a safety detection device according to an embodiment of the present application, and as shown in fig. 7, the safety detection device includes: an obtaining module 701, a judging module 702 and a determining module 703; the obtaining module 701 is configured to call, in a bottom layer frame code layer of the terminal device, a Wi-Fi related interface in a reflection manner to obtain enabling configuration information of a hotspot function; when the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function, acquiring a network identifier of the currently accessed Wi-Fi by calling a system service interface, and acquiring a preset network identifier of a target Wi-Fi; the determining module 702 is configured to determine whether the network identifier of the currently accessed Wi-Fi is matched with the network identifier of the target Wi-Fi to obtain a first determining result; if the first judgment result is yes, judging whether the network environment where the terminal equipment is located can be connected with a target network corresponding to the target Wi-Fi through a dual-frequency concurrent mode to obtain a second judgment result; the determining module 703 is configured to determine that the terminal device shares the hotspot through the target Wi-Fi if the second determination result is yes.
Optionally, the determining module 702 is specifically configured to invoke a network connection testing tool in the terminal device, and determine, by using the network connection testing tool, whether the network environment where the terminal device is located can be connected to the target network through the dual-frequency concurrent mode, so as to obtain a second determination result.
Optionally, the determining module 702 is specifically configured to determine whether the SSID name of the currently accessed Wi-Fi is consistent with the SSID name of the target Wi-Fi to obtain a first determination result.
Optionally, the apparatus further comprises: and the modification module is used for dynamically modifying the network identification of the target Wi-Fi by a getText method in EditText.
Optionally, the obtaining module 701 is specifically configured to call, in a bottom framework code layer of an android operating system of the terminal device, an iswifiapaenabled interface through reflection to obtain a state of a hotspot; and when the state of the hotspot is true, determining that the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function.
Optionally, the apparatus further comprises: the display module is used for displaying prompt information when the terminal equipment is determined to share the target Wi-Fi, wherein the prompt information is used for prompting a user that potential safety hazards exist in the current hotspot sharing behavior; and/or, the generating module is used for generating alarm information; and the feedback module is used for feeding back the alarm information to the platform, and the alarm information is used for prompting that potential safety hazards exist in the current hotspot sharing behavior generated on the terminal equipment.
Optionally, the apparatus further comprises: the terminal device comprises a disconnection module and/or a disconnection module, wherein the disconnection module is used for automatically disconnecting the Wi-Fi network connection of the terminal device when the terminal device is determined to share the target Wi-Fi, and/or the disconnection module is used for automatically disconnecting the hotspot sharing function of the terminal device.
In the embodiment of the present application, each module may implement the security detection method provided in the foregoing method embodiment, and may achieve the same technical effect, and for avoiding repetition, the details are not repeated here.
An embodiment of the present application further provides a terminal device, as shown in fig. 8, where the terminal device may include: the processor 801, the memory 802, and a computer program stored in the memory 802 and capable of running on the processor 801, where the computer program, when executed by the processor 801, may implement each process of the security detection method provided in the foregoing method embodiments, and may achieve the same technical effect, and in order to avoid repetition, details are not repeated here.
Embodiments of the present application provide a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when executed by a processor, the computer program implements each process of the security detection method provided in the foregoing method embodiments, and can achieve the same technical effect, and in order to avoid repetition, details are not repeated here.
An embodiment of the present application further provides a computer program product, where the computer program product includes a computer program, and when the computer program product runs on a processor, the processor is enabled to execute the computer program, so as to implement each process of the security detection method provided in the foregoing method embodiment, and achieve the same technical effect, and in order to avoid repetition, details are not described here again.
The embodiment of the present application further provides a chip, where the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is configured to run a program or an instruction to implement each process of the above-mentioned safety detection method embodiment, and can achieve the same technical effect, and for avoiding repetition, the details are not repeated here.
It should be understood that the chips mentioned in the embodiments of the present application may also be referred to as system-on-chip, system-on-chip or system-on-chip, etc.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus, server and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims (11)

1. A security detection method, the method comprising:
calling a Wi-Fi related interface in a reflection mode to acquire enabling configuration information of a hotspot function in a bottom frame code layer of the terminal equipment;
when the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function, acquiring a network identifier of the currently accessed Wi-Fi by calling a system service interface, and acquiring a preset network identifier of a target Wi-Fi;
judging whether the network identification of the currently accessed Wi-Fi is matched with the network identification of the target Wi-Fi to obtain a first judgment result; when the first judgment result is yes, judging whether the network environment where the terminal equipment is located can be connected with a target network corresponding to the target Wi-Fi through a dual-frequency concurrent mode to obtain a second judgment result;
and when the second judgment result is yes, determining that the terminal equipment shares the hotspot through the target Wi-Fi.
2. The method according to claim 1, wherein the determining whether the network environment where the terminal device is located is capable of connecting to the target network corresponding to the target Wi-Fi through a dual-frequency concurrent mode to obtain the second determination result includes:
and calling a network connection testing tool in the terminal equipment, and judging whether the network environment where the terminal equipment is located can be connected with the target network through a dual-frequency concurrent mode through the network connection testing tool to obtain a second judgment result.
3. The method of claim 1, wherein the determining whether the network identifier of the currently accessed Wi-Fi matches the network identifier of the target Wi-Fi obtains a first determination result, and comprises:
and judging whether the SSID name of the currently accessed Wi-Fi is consistent with the SSID name of the target Wi-Fi to obtain a first judgment result.
4. The method of claim 1, further comprising:
and dynamically modifying the network identification of the target Wi-Fi through a getText method in the EditText.
5. The method according to claim 1, wherein in a bottom layer framework code layer of a terminal device, invoking a Wi-Fi related interface in a reflection manner to obtain the enabling configuration information of the hotspot function comprises:
calling an isWifiApenabled interface through reflection in a bottom framework code layer of an android operating system of the terminal equipment to acquire the state of a hotspot;
and when the state of the hotspot is true, determining that the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function.
6. The method of claim 1, further comprising:
when the terminal equipment is determined to be sharing the target Wi-Fi, displaying prompt information, wherein the prompt information is used for prompting a user that potential safety hazards exist in the current hotspot sharing behavior; and/or the presence of a gas in the gas,
and generating alarm information and feeding back the alarm information to a platform, wherein the alarm information is used for prompting that potential safety hazards exist in the current hotspot sharing behavior generated on the terminal equipment.
7. The method of claim 1, further comprising:
when the terminal equipment is determined to be sharing the target Wi-Fi, automatically disconnecting the Wi-Fi network connection of the terminal equipment, and/or automatically disconnecting the hotspot sharing function of the terminal equipment.
8. A security detection apparatus, the apparatus comprising: the device comprises an acquisition module, a judgment module and a determination module;
the acquisition module is used for calling a Wi-Fi related interface in a reflection mode to acquire the enabling configuration information of the hotspot function in a bottom layer frame code layer of the terminal equipment; when the enabling configuration information of the hotspot function indicates that the terminal equipment has started the hotspot function, acquiring a network identifier of the currently accessed Wi-Fi by calling a system service interface, and acquiring a preset network identifier of a target Wi-Fi;
the judgment module is used for judging whether the network identification of the currently accessed Wi-Fi is matched with the network identification of the target Wi-Fi to obtain a first judgment result; when the first judgment result is yes, judging whether the network environment where the terminal equipment is located can be connected with a target network corresponding to the target Wi-Fi through a dual-frequency concurrent mode to obtain a second judgment result;
the determining module is configured to determine that the terminal device shares the hotspot through the target Wi-Fi if the second determination result is yes.
9. A terminal device, comprising: a memory for storing a computer program and a processor; a processor is adapted to perform the security detection method of any of claims 1-7 when the computer program is invoked.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the security detection method of any one of claims 1 to 7.
11. A computer program product, characterized in that a computer program is stored on a computer-readable storage medium, which computer program, when being executed by a processor, carries out the security detection method of any one of claims 1 to 7.
CN202111486480.3A 2021-12-07 2021-12-07 Security detection method, device, terminal device, storage medium and program product Pending CN114143787A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111486480.3A CN114143787A (en) 2021-12-07 2021-12-07 Security detection method, device, terminal device, storage medium and program product

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111486480.3A CN114143787A (en) 2021-12-07 2021-12-07 Security detection method, device, terminal device, storage medium and program product

Publications (1)

Publication Number Publication Date
CN114143787A true CN114143787A (en) 2022-03-04

Family

ID=80384912

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111486480.3A Pending CN114143787A (en) 2021-12-07 2021-12-07 Security detection method, device, terminal device, storage medium and program product

Country Status (1)

Country Link
CN (1) CN114143787A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104105218A (en) * 2014-07-25 2014-10-15 Tcl通讯(宁波)有限公司 Method and system for achieving Android system mobile phone hotspot WPS connection
CN105592424A (en) * 2014-10-24 2016-05-18 东莞宇龙通信科技有限公司 Network sharing method, network sharing device, and terminal
CN108810949A (en) * 2018-07-11 2018-11-13 北京奇安信科技有限公司 A kind of processing method and terminal of management and control wifi hotspot
CN108809753A (en) * 2018-05-04 2018-11-13 北京奇安信科技有限公司 A kind of processing method and processing device of shared wifi
CN109548040A (en) * 2017-08-14 2019-03-29 中兴通讯股份有限公司 Method for connecting network and device
CN111065126A (en) * 2019-12-26 2020-04-24 Oppo广东移动通信有限公司 Hotspot sharing method and device, storage medium and electronic equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104105218A (en) * 2014-07-25 2014-10-15 Tcl通讯(宁波)有限公司 Method and system for achieving Android system mobile phone hotspot WPS connection
CN105592424A (en) * 2014-10-24 2016-05-18 东莞宇龙通信科技有限公司 Network sharing method, network sharing device, and terminal
CN109548040A (en) * 2017-08-14 2019-03-29 中兴通讯股份有限公司 Method for connecting network and device
CN108809753A (en) * 2018-05-04 2018-11-13 北京奇安信科技有限公司 A kind of processing method and processing device of shared wifi
CN108810949A (en) * 2018-07-11 2018-11-13 北京奇安信科技有限公司 A kind of processing method and terminal of management and control wifi hotspot
CN111065126A (en) * 2019-12-26 2020-04-24 Oppo广东移动通信有限公司 Hotspot sharing method and device, storage medium and electronic equipment

Similar Documents

Publication Publication Date Title
CN110637449B (en) Method and device for accessing equipment identifier
KR101256295B1 (en) Collaborative malware detection and prevention on mobile devices
EP2562673B1 (en) Apparatus and method for securing mobile terminal
CN106921799A (en) A kind of mobile terminal safety means of defence and mobile terminal
US20120084864A1 (en) System and method for a mobile cross-platform software system
US9280665B2 (en) Fast and accurate identification of message-based API calls in application binaries
CN103136472A (en) Method and mobile device of stopping application program to steal privacy
US20200169629A1 (en) Verification Code Input Method and Apparatus
US10754717B2 (en) Fast and accurate identification of message-based API calls in application binaries
CN107729759B (en) APP operation authority control method, storage device and mobile terminal
CN110149599B (en) Short message protection method and terminal equipment
JP2020509622A (en) Wireless network type detection method and apparatus and electronic device
CN108235767A (en) A kind of partition method, device and terminal for paying application
CN105493098B (en) Terminal device, method for protecting terminal device, and terminal management server
KR20130066901A (en) Apparatus and method for analyzing malware in data analysis system
CN106714181B (en) Method and device for connecting WiFi hotspot
CN112270015A (en) Data protection method and device, electronic equipment and readable storage medium
US11010174B2 (en) Information processing apparatus, information processing system, and information processing method
CN114640974B (en) Data migration method, device and storage medium
CN114143787A (en) Security detection method, device, terminal device, storage medium and program product
CN105451233B (en) A kind of anti-method monitored, system and mobile terminal
CN110891265B (en) Wireless connection control method and device, mobile terminal and storage medium
CN113852962A (en) Network connection control method, device, storage medium and software program product
KR101306658B1 (en) Firewall apparatus, applications and method for blocking using network
WO2019134638A1 (en) Information processing method and device, terminal, and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing.

Applicant after: Douyin Vision Co.,Ltd.

Address before: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing.

Applicant before: Tiktok vision (Beijing) Co.,Ltd.

Address after: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing.

Applicant after: Tiktok vision (Beijing) Co.,Ltd.

Address before: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing.

Applicant before: BEIJING BYTEDANCE NETWORK TECHNOLOGY Co.,Ltd.

CB02 Change of applicant information