CN114510291B - Data calling method, device, electronic equipment and storage medium - Google Patents
Data calling method, device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN114510291B CN114510291B CN202210100067.7A CN202210100067A CN114510291B CN 114510291 B CN114510291 B CN 114510291B CN 202210100067 A CN202210100067 A CN 202210100067A CN 114510291 B CN114510291 B CN 114510291B
- Authority
- CN
- China
- Prior art keywords
- application program
- data
- calling
- behavior data
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 230000006399 behavior Effects 0.000 claims description 118
- 238000007726 management method Methods 0.000 claims description 37
- 230000008569 process Effects 0.000 claims description 12
- 238000013475 authorization Methods 0.000 claims description 7
- 238000013500 data storage Methods 0.000 claims description 5
- 239000004973 liquid crystal related substance Substances 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 11
- 238000004590 computer program Methods 0.000 description 10
- 238000004891 communication Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 9
- 238000001514 detection method Methods 0.000 description 7
- 230000009471 action Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 5
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 206010000117 Abnormal behaviour Diseases 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 239000002699 waste material Substances 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44521—Dynamic linking or loading; Link editing at or after load time, e.g. Java class loading
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
Abstract
The disclosure provides a data calling method, a data calling device, electronic equipment and a storage medium, relates to the technical field of computers, and particularly relates to the field of application program monitoring. The specific implementation scheme is as follows: calling an application program operation management interface of an operating system according to preset calling frequency to obtain preset behavior data of each application program in the operating system; storing preset behavior data of each application program in a preset storage area; and responding to a calling request of preset behavior data of a first application program in the operating system, and calling the preset behavior data of the first application program in the preset storage area. By utilizing the embodiment of the invention, the efficiency of data calling can be improved.
Description
Technical Field
The disclosure relates to the field of computer technology, in particular to the field of application program monitoring, and specifically relates to a data calling method, a data calling device, electronic equipment and a storage medium.
Background
For the system services of the operating system, the operating system hosts the system services in a process, through which the user is provided with services. The process of using the system service by the application program to acquire the corresponding data is essentially to send a request to the system service and transfer the related parameters, and the system service invokes the corresponding interface through the process to perform the corresponding operation and returns the result. This process therefore affects to some extent the invocation of data by the system services.
Disclosure of Invention
The disclosure provides a data calling method, a data calling device, electronic equipment and a storage medium.
According to an aspect of the present disclosure, there is provided a data detection method including:
calling an application program operation management interface of an operating system according to preset calling frequency to obtain preset behavior data of each application program in the operating system;
storing preset behavior data of each application program in a preset storage area;
and responding to a calling request of preset behavior data of a first application program in the operating system, and calling the preset behavior data of the first application program in the preset storage area.
According to another aspect of the present disclosure, there is provided a data detection apparatus including:
the first interface calling module is used for calling an application program operation management interface of an operating system according to preset calling frequency to obtain preset behavior data of each application program in the operating system;
the data storage module is used for storing preset behavior data of each application program in a preset storage area;
and the data calling module is used for responding to a calling request of preset behavior data of the first application program in the operating system and calling the preset behavior data of the first application program in the preset storage area.
According to another aspect of the present disclosure, there is provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the liquid crystal display device comprises a liquid crystal display device,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of the embodiments of the present disclosure.
According to another aspect of the present disclosure, there is provided a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform the method of any of the embodiments of the present disclosure.
According to another aspect of the present disclosure, there is provided a computer program product comprising a computer program which, when executed by a processor, implements the method in any of the embodiments of the present disclosure.
According to the technology disclosed by the disclosure, the application program operation management interface in the system is called according to the set calling frequency, and the preset behavior data of each application program can be obtained and stored in a preset storage area. Therefore, when the preset behavior data of a certain application program is required to be acquired, the preset behavior data of the application program can be quickly called in a preset storage area, and the efficiency of data call is improved.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the disclosure, nor is it intended to be used to limit the scope of the disclosure. Other features of the present disclosure will become apparent from the following specification.
Drawings
The drawings are for a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
FIG. 1 is a flow chart of a data call method of one embodiment of the present disclosure;
FIG. 2 is a schematic diagram of an operating system framework implementing a data call method of an embodiment of the present disclosure;
FIG. 3 is a schematic diagram of a user operation flow of one embodiment of the present disclosure;
FIG. 4 is a block diagram of a data calling device of one embodiment of the present disclosure;
FIG. 5 is a block diagram of a data calling device according to another embodiment of the present disclosure;
fig. 6 is a block diagram of an electronic device implementing a data detection method of an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and should be considered as merely exemplary. Accordingly, one of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
In an operating system, sensitive behavior of an application refers to behavior of the application using sensitive data, such as reading GPS (Global Positioning System ) data to obtain location information of a user, obtaining photos in a photo album, reading content in a clipboard, and so on. Because these sensitive behaviors may pose a potential security threat to the user, the use of sensitive data requires the application to be authorized by the user. If the user is not authorized to use, the method is illegal.
However, even if the application uses the sensitive information with the authorization of the user, the sensitive behavior of the application may still have a certain influence on the privacy security of the user. Therefore, the supervision of sensitive behavior of applications in an operating system is a very important issue concerning user information security.
In an Android (Android) operating system, a monitoring scheme for sensitive behavior of an application program mainly comprises the following steps:
first, the code of each application program in the operating system is modified in advance, that is, the monitor code is inserted.
And secondly, modifying the source code of the operating system to enable the operating system to have the function of monitoring the sensitive behavior of the application program.
Thirdly, the hook (hook) technology is utilized to replace the existing system function so as to monitor the sensitive behavior of the application program.
However, the above solutions have different problems, specifically as follows:
for the first scheme, the scheme can only be applied to modify an unencrypted application program, but cannot be applied to an encrypted application program, and the application range is narrow. Moreover, the application program needs to be recompiled, packed and installed after the code of the application program is modified, the process is complex, the time consumption is too long, and the feasibility is poor. At the same time, this also breaks the integrity and usability of the application, potentially resulting in an application that cannot be installed or run properly.
With the second solution, since the source code of the operating system is modified, this also requires reinstalling the operating system on the electronic device, which is also time-consuming and poorly implementable.
With respect to the third solution described above, although the operating system does not need to be reinstalled, it is essentially modified with respect to the source code corresponding to the system layer of the operating system.
Therefore, the Android operating system adopts an interface mode of managing the operation (authority) of the built-in application program (App Ops) for managing the sensitive behavior of each application program. App Ops may manage all operations in the operating system that may involve user privacy and security including, but not limited to, operations or actions to acquire GPS data, record or photograph, modify or delete stored content of the device, read content of the clipboard, and the like. By using the App Ops, the sensitive behavior data of the application program in the operating system can be obtained, and the sensitive behavior of the application program can be monitored and blocked. In this way, modifications to the source code of the operating system or to the monitored application may be avoided.
However, the App Ops interface is hidden in the Android operating system, prohibiting applications from using the App Ops interface to manage sensitive behavior of other applications. Moreover, the interface that invokes App Ops can only acquire a record of the most recently used sensitive data of the application, which may be referred to as sensitive behavior data, but cannot acquire sensitive behavior data of the application in any time period of history. This does not facilitate the invocation of sensitive behavior data to monitor sensitive behavior of the application.
It should be noted that, in the embodiment of the present disclosure, all actions that invoke the sensitive behavior data are authorized by the user.
In order to solve the above-mentioned existing problems, the embodiments of the present disclosure provide a data calling scheme, which can improve the calling efficiency of data.
FIG. 1 is a flow chart of a data call method of one embodiment of the present disclosure.
As shown in fig. 1, the data call method may include the steps of:
s110, calling an application program operation management interface of an operating system according to a preset calling frequency to obtain preset behavior data of each application program in the operating system;
s120, storing preset behavior data of each application program in a preset storage area;
s130, calling the preset behavior data of the first application program in a preset storage area in response to a calling request of the preset behavior data of the first application program in the operating system.
The calling frequency can be preset, can be updated based on a user request, and can be automatically updated according to the acquired preset behavior data. The call frequency may be 30 seconds, 1 minute, 2 minutes, 10 minutes, etc.
The operating system may include, for example, android, linux, windows, etc. The program operation management interface is used for acquiring record data (also called preset behavior data) of preset behaviors of the application program so as to manage the permission of the application program to use the preset data. The preset actions may include actions of the application using user information such as GPS data in the system, recordings or photos, content of the clipboard, and other documents stored in the system. This action should be performed with the user's authorization obtained. If performed without obtaining user authorization, the act is an illegal act that is prohibited. In the embodiment of the disclosure, if the application program is monitored to use the user information without obtaining the user authorization, the application program is forbidden to use the user information through the application program operation management interface.
The preset behavior data is, for example, recorded data of the preset behavior of the application program.
The call request may be a request initiated by a user or may be a request initiated by an application program.
Illustratively, the first application is one of the applications in the operating system.
In the embodiment of the disclosure, the preset behavior data of at least one application program can be obtained every time the application program management interface is called. If the application management interface is limited by the system to only acquire the record data of the preset behavior of the application program in the last time or only acquire the record data of the preset behavior of the application program in the preset time period, the record data can be stored by overlapping the timed calling interface by adopting the embodiment of the disclosure, so that the record data of any time period of the history can be conveniently and subsequently called, and the speed of calling the data is faster than that of calling the record data by adopting the interface.
In some embodiments, the call frequency may be adjusted according to the actual situation, for example, the call frequency is updated according to the obtained preset behavior data of the application program.
Illustratively, the call frequency is updated based on preset behavior data of each application.
In the example, the calling frequency can be updated according to the data actually called, so that the calling frequency is more in line with the actual situation, the calling efficiency is improved, and the resource waste is avoided.
In some embodiments, the call frequency may be updated according to the difference information between the preset behavior data.
For example, the updating the call frequency based on the preset behavior data of each application program may include:
determining first preset behavior data and second preset behavior data of each application program, which are obtained by calling an application program operation management interface twice adjacently, in the preset behavior data of each application program;
and updating the calling frequency based on the difference information between the first preset behavior data and the second preset behavior data.
In the example, the calling frequency is updated by utilizing the difference information between the preset behavior data of the two adjacent calls, so that the calling frequency is more in line with the actual situation, the calling efficiency is improved, and the resource waste is avoided.
For example, if the difference between the preset behavior data of two adjacent calls is smaller than the preset first difference threshold value, it is indicated that the call frequency is too frequent, and the call frequency needs to be reduced. For example, the call is originally made once in 1 minute, and the call is adjusted to be made once in 2 minutes. If the difference between the preset behavior data of two adjacent calls is larger than a preset second difference threshold value, the calling frequency is too low, and the calling frequency needs to be improved. For example, the call is originally made once in 1 minute, and the call is adjusted to be made once in 30 seconds.
For example, in order to improve accuracy of updating the call frequency, a difference between preset behavior data of any two adjacent calls of each application program may be counted, a first count value of which the difference of each application program is smaller than a preset first difference threshold value is counted, a second count value of which the difference of each application program is larger than a preset second difference threshold value is counted, then, whether to update the call frequency is determined based on the first count value and the second count value of each application program, and a call frequency direction is adjusted when determining to update the call frequency.
For example, if the distribution condition of the first count value of each application program satisfies the set distribution condition, the update call frequency is determined, and the direction of adjusting the call frequency is determined to decrease the call frequency. And if the distribution condition of the second count value of each application program meets the set distribution condition, determining to update the calling frequency, and determining to adjust the direction of the calling frequency to increase the calling frequency.
In some embodiments, the application operation management interface is a hidden interface in the operating system, and the interface cannot be called in a direct call mode, and needs to be called in other modes. For example, the manner in which the call is reflected.
Illustratively, in the above step S110, calling the application program operation management interface of the operating system according to the preset calling frequency to obtain the preset behavior data of each application program in the operating system may include:
and calling an application program operation management interface of the operating system in a reflection calling mode according to the preset calling frequency to obtain preset behavior data of each application program in the operating system.
In this example, the management interface is operated for an application program hidden in the operating system, and may be called by way of a reflection call.
In practice, reflection is a feature of the java language that allows the program to self-check at run-time (note not at compile time) and operate on internal members. The reflection is a reflection mechanism called java language, wherein in the running state, all the attributes and methods of a class can be known for any class, and any method and attribute of the class can be called for any object, and the functions of dynamically acquiring information and dynamically calling the object method are called as java language. In other words, the reflection is what the class to operate on is known to be at runtime, and the complete construct of the class can be obtained at runtime and the corresponding method invoked.
If the operating system limits the reflection calling mode, the system signature can be acquired, the system signature is utilized, and the application program operation management interface of the operating system is called in the reflection calling mode, so that the limitation of the operating system on the reflection calling is avoided in the process of acquiring the data.
In some embodiments, if the application operation management interface is a hidden interface in the operating system, in a case where the data usage rights of the application managed by the interface need to be set, the data usage rights of the application cannot be set in a direct call manner, and thus, the embodiments of the present disclosure may set the data usage rights of the application in a reflection call manner.
By way of example, the process of setting the data usage rights of the application may include:
responding to a setting request of data use authority for a first application program in an operating system, and calling an application program operation management interface of the operating system in a reflection calling mode;
and setting the data use authority of the first application program based on the authority setting instruction in the setting request through the application program operation management interface.
In this example, for an application program operation management interface hidden in an operating system, the operation management interface may be called by way of a reflection call, and the data usage right of a specified application program may be set through the operation management interface.
Likewise, if the operating system has a limitation on the manner of the reflection call, a system signature may be acquired, the system signature may be utilized, an application operation management interface of the operating system may be called by the manner of the reflection call, and then the data use authority may be set through the interface.
In practical applications, a user interface may be provided, through which the above-mentioned call request and the setting request are received.
FIG. 2 is a schematic diagram of an operating system framework implementing a data call method of an embodiment of the present disclosure.
In order to solve the problem that the interface of App Ops is hidden by the operating system and cannot be called by an application program, the following scheme is proposed:
and installing and running an application program in the Android operating system. The application is an application that resides in a background service of the operating system. The application program calls the interface of the App Ops in a reflection calling mode, and the behavior that each application program in the operating system uses sensitive data can be obtained. The application is provided with a system signature. The application program with the system signature can access the data of the system, and can be not limited by the usage rules of the Android operating system of certain versions on the reflection call.
In order to solve the following problems: the interface of App Ops is called once in some version of Android operating system, and only the behavior record of the application program using the sensitive data last time can be obtained, but the behavior record of the application program using the sensitive data in any time period cannot be obtained, and the following scheme is provided:
a timer is set, the interface of the App Ops is called regularly (for example, the interface is called once every minute), the sensitive behavior data of each application program is obtained, and the sensitive behavior data is stored in a designated storage area.
It should be noted that, in the embodiment of the present disclosure, the acquiring of the sensitive behavior data of any application program is acquired under the condition of acquiring the user authorization, and the sensitive behavior data is not acquired under the condition of not authorizing the user, and even the above-mentioned timing call is an operation that is executed under the condition of authorizing the user.
As shown in fig. 2, the functions provided by the application program provided by the present example to solve the above two problems will be described in detail below:
the operating system framework comprises a display layer, a service layer, a data layer, a local storage mode and an operating environment. In fig. 2, android 4.3 is taken as an example, and a corresponding running environment is provided. The embodiments of the present disclosure may also be applicable to other versions of Android systems, which are not illustrated herein. The local storage mode is exemplified by SQLite and File.
The application program runs in the operating system framework and is divided into two modules according to functions, namely: UI module and background service module.
The UI module includes a UI interface corresponding to the presentation layer shown in fig. 2. The UI module responds to the sensitive behavior data calling request of the user and displays the sensitive behavior data to the user; and providing a switch to prohibit or allow the designation of the authority of the application program to use the sensitive data in response to the authority setting request of the user.
The background service module is a background resident process, needs system signature, is used for regularly collecting and storing the behavior of using sensitive data by all application programs in the system, namely sensitive behavior data, and provides an interface for the UI module to call. The data call may correspond to the communication between the business layer and the data layer of fig. 2.
FIG. 3 is a schematic diagram of a user operation flow of one embodiment of the present disclosure.
As shown in fig. 3, a user may open an application provided by an embodiment of the present disclosure (fig. 3 distinguished from other applications by APP) to view sensitive behavior data of all applications in the operating system. The user can judge whether the application programs have abnormal behaviors using the sensitive data according to the checked sensitive behavior data. If yes, the user can prohibit the application program corresponding to the abnormal behavior of using the sensitive data from using the authority of the sensitive data; if not, the application program continues to monitor.
The embodiment of the disclosure can obviously improve the safety of the operating system, and a user can monitor the sensitive behaviors of all applications in the system and can autonomously block the occurrence of the sensitive behaviors. Meanwhile, the whole process can monitor the sensitive behavior of the application in the application layer without modifying the source code of the system, so that the development efficiency is greatly improved, and the labor cost is saved.
Fig. 4 is a block diagram of a data calling device according to an embodiment of the present disclosure.
As shown in fig. 4, the data calling device may include:
a first interface calling module 410, configured to call an application program operation management interface of an operating system according to a preset calling frequency, so as to obtain preset behavior data of each application program in the operating system;
a data storage module 420, configured to store preset behavior data of each application program in a preset storage area;
the data retrieving module 430 is configured to retrieve preset behavior data of the first application program in the preset storage area in response to a call request for the preset behavior data of the first application program in the operating system.
Fig. 5 is a block diagram of a data calling device according to another embodiment of the present disclosure. As shown in fig. 5, the data calling device includes a first interface calling module 510, a data storage module 520, and a data calling module 530, which are the same as the first interface calling module 410, the data storage module 420, and the data calling module 430 in the above embodiments, and are not described in detail herein.
As illustrated in fig. 5, the data calling device may further include:
the calling frequency updating module 540 is configured to update the calling frequency based on the preset behavior data of each application program.
Illustratively, the call frequency update module 540 includes:
a data determining unit 541, configured to determine, among the preset behavior data of each application, first preset behavior data and second preset behavior data of each application, where the first preset behavior data and the second preset behavior data are obtained by calling the application operation management interface twice;
a frequency updating unit 542, configured to update the calling frequency based on the difference information between the first preset behavior data and the second preset behavior data.
Illustratively, the application operation management interface is a hidden interface in the operating system, as shown in fig. 5, and the first interface calling module 510 is configured to:
and calling an application program operation management interface of the operating system in a reflection calling mode according to preset calling frequency to obtain preset behavior data of each application program in the operating system.
Illustratively, the application operation management interface is a hidden interface in the operating system, as shown in fig. 5, the apparatus may further include:
a second interface calling module 550, configured to call an application operation management interface of the operating system by means of reflection calling in response to a setting request for data usage rights of a first application in the operating system;
and the permission setting module 560 is configured to set, through the application operation management interface, a data usage permission of the first application based on a permission setting instruction in the setting request.
The functions of each unit, module or sub-module in each apparatus of the embodiments of the present disclosure may be referred to the corresponding descriptions in the above method embodiments, which are not repeated herein.
According to embodiments of the present disclosure, the present disclosure also provides an electronic device, a readable storage medium and a computer program product.
Fig. 6 illustrates a schematic block diagram of an example electronic device 600 that may be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 6, the electronic device 600 includes a computing unit 601 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 602 or a computer program loaded from a storage unit 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data required for the operation of the electronic device 600 can also be stored. The computing unit 601, ROM 602, and RAM 603 are connected to each other by a bus 604. An input output (I/O) interface 605 is also connected to bus 604.
A number of components in the electronic device 600 are connected to the I/O interface 605, including: an input unit 606 such as a keyboard, mouse, etc.; an output unit 607 such as various types of displays, speakers, and the like; a storage unit 608, such as a magnetic disk, optical disk, or the like; and a communication unit 609 such as a network card, modem, wireless communication transceiver, etc. The communication unit 609 allows the electronic device 600 to exchange information/data with other devices through a computer network, such as the internet, and/or various telecommunication networks.
The computing unit 601 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of computing unit 601 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, etc. The computing unit 601 performs the respective methods and processes described above, such as a data detection method. For example, in some embodiments, the data detection method may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as storage unit 608. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 600 via the ROM 102 and/or the communication unit 609. When a computer program is loaded into the RAM 603 and executed by the computing unit 601, one or more steps of the data detection method described above may be performed. Alternatively, in other embodiments, the computing unit 601 may be configured to perform the data detection method by any other suitable means (e.g. by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), complex Programmable Logic Devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for carrying out methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable lane change control apparatus, such that the program code, when executed by the processor or controller, causes the functions/operations specified in the flowchart and/or block diagram to be implemented. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the internet.
The computer system may include a client and a server. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server may be a cloud server, a server of a distributed system, or a server incorporating a blockchain.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps recited in the present disclosure may be performed in parallel, sequentially, or in a different order, provided that the desired results of the disclosed aspects are achieved, and are not limited herein.
The above detailed description should not be taken as limiting the scope of the present disclosure. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present disclosure are intended to be included within the scope of the present disclosure.
Claims (8)
1. A data calling method, the method being performed by an application program residing in a background service of an operating system and having a system signature; the application program comprises a UI module and a background service module; the UI module is used for responding to a call request of a user for sensitive behavior data, displaying the sensitive behavior data to the user, and responding to a setting request of the user for data use permission, and providing a switch to prohibit or allow a specified application program to use the sensitive data; the background service module is a background resident process and is used for executing the data calling method, and the data calling method comprises the following steps:
under the condition of obtaining user authorization, calling an application program operation management interface of an operating system in a reflection calling mode according to preset calling frequency to obtain preset behavior data of each application program in the operating system; the application operation management interface is a hidden interface in the operating system, and comprises an App Ops interface; the preset behavior data of each application program comprises sensitive behavior data, wherein the sensitive behavior data is a behavior record of the application program using the sensitive data;
storing preset behavior data of each application program in a preset storage area;
responding to a calling request of preset behavior data of a first application program in the operating system, and calling the preset behavior data of the first application program in the preset storage area;
responding to a setting request of data use permission of a first application program in the operating system, and calling the application program operation management interface in a reflection calling mode; wherein the data use rights include rights to use sensitive data;
and setting the data use authority of the first application program based on the authority setting instruction in the setting request through the application program operation management interface.
2. The method of claim 1, further comprising:
and updating the calling frequency based on the preset behavior data of each application program.
3. The method of claim 2, wherein the updating the call frequency based on the preset behavior data of each application program comprises:
determining first preset behavior data and second preset behavior data of each application program, which are obtained by calling the application program operation management interface twice in adjacent times, in the preset behavior data of each application program;
and updating the calling frequency based on the difference information between the first preset behavior data and the second preset behavior data.
4. A data calling device is provided with an application program which is resident in a background service of an operating system and provided with a system signature; the application program comprises a UI module and a background service module; the UI module is used for responding to a call request of a user for sensitive behavior data, displaying the sensitive behavior data to the user, and responding to a setting request of the user for data use permission, and providing a switch to prohibit or allow a specified application program to use the sensitive data; the background service module is a background resident process, and comprises:
the first interface calling module is used for calling an application program operation management interface of the operating system in a reflection calling mode according to preset calling frequency under the condition that user authorization is obtained, so that preset behavior data of each application program in the operating system are obtained; the application operation management interface is a hidden interface in the operating system, and comprises an App Ops interface; the preset behavior data of each application program comprises sensitive behavior data, wherein the sensitive behavior data is a behavior record of the application program using the sensitive data;
the data storage module is used for storing preset behavior data of each application program in a preset storage area;
the data calling module is used for responding to a calling request of preset behavior data of a first application program in the operating system and calling the preset behavior data of the first application program in the preset storage area;
the second interface calling module is used for responding to a setting request of the data use permission of the first application program in the operating system and calling the application program operation management interface in a reflection calling mode; wherein the data use rights include rights to use sensitive data;
and the permission setting module is used for setting the data use permission of the first application program based on the permission setting instruction in the setting request through the application program operation management interface.
5. The apparatus of claim 4, further comprising:
and the calling frequency updating module is used for updating the calling frequency based on the preset behavior data of each application program.
6. The apparatus of claim 5, wherein the call frequency update module comprises:
the data determining unit is used for determining first preset behavior data and second preset behavior data of each application program, wherein the first preset behavior data and the second preset behavior data are obtained by calling the application program operation management interface twice in the adjacent mode;
and the frequency updating unit is used for updating the calling frequency based on the difference information between the first preset behavior data and the second preset behavior data.
7. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the liquid crystal display device comprises a liquid crystal display device,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-3.
8. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method of any one of claims 1-3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210100067.7A CN114510291B (en) | 2022-01-27 | 2022-01-27 | Data calling method, device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210100067.7A CN114510291B (en) | 2022-01-27 | 2022-01-27 | Data calling method, device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114510291A CN114510291A (en) | 2022-05-17 |
| CN114510291B true CN114510291B (en) | 2023-10-24 |
Family
ID=81549328
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210100067.7A Active CN114510291B (en) | 2022-01-27 | 2022-01-27 | Data calling method, device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114510291B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7380235B1 (en) * | 2003-06-27 | 2008-05-27 | Microsoft Corporation | Application program interface call replay tool |
| CN109543405A (en) * | 2018-12-07 | 2019-03-29 | 百度在线网络技术(北京)有限公司 | A kind of privacy calls Activity recognition method and electronic equipment |
| CN110851258A (en) * | 2019-11-08 | 2020-02-28 | 深圳前海环融联易信息科技服务有限公司 | API calling method and device, computer equipment and storage medium |
| CN111209574A (en) * | 2018-11-22 | 2020-05-29 | 阿里巴巴集团控股有限公司 | Access control and access behavior recognition method, system, device and storage medium |
| CN111224811A (en) * | 2019-10-31 | 2020-06-02 | 北京浪潮数据技术有限公司 | SNMP request monitoring system, method, device and computer readable storage medium |
| CN111352793A (en) * | 2018-12-24 | 2020-06-30 | 中移(杭州)信息技术有限公司 | Method and device for monitoring application use data |
| CN112559271A (en) * | 2020-12-24 | 2021-03-26 | 北京百度网讯科技有限公司 | Method, device, equipment and storage medium for monitoring interface performance of distributed application |
| CN113407228A (en) * | 2021-07-20 | 2021-09-17 | 珠海市魅族科技有限公司 | Application program management method, device, equipment and storage medium |
-
2022
- 2022-01-27 CN CN202210100067.7A patent/CN114510291B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7380235B1 (en) * | 2003-06-27 | 2008-05-27 | Microsoft Corporation | Application program interface call replay tool |
| CN111209574A (en) * | 2018-11-22 | 2020-05-29 | 阿里巴巴集团控股有限公司 | Access control and access behavior recognition method, system, device and storage medium |
| CN109543405A (en) * | 2018-12-07 | 2019-03-29 | 百度在线网络技术(北京)有限公司 | A kind of privacy calls Activity recognition method and electronic equipment |
| CN111352793A (en) * | 2018-12-24 | 2020-06-30 | 中移(杭州)信息技术有限公司 | Method and device for monitoring application use data |
| CN111224811A (en) * | 2019-10-31 | 2020-06-02 | 北京浪潮数据技术有限公司 | SNMP request monitoring system, method, device and computer readable storage medium |
| CN110851258A (en) * | 2019-11-08 | 2020-02-28 | 深圳前海环融联易信息科技服务有限公司 | API calling method and device, computer equipment and storage medium |
| CN112559271A (en) * | 2020-12-24 | 2021-03-26 | 北京百度网讯科技有限公司 | Method, device, equipment and storage medium for monitoring interface performance of distributed application |
| CN113407228A (en) * | 2021-07-20 | 2021-09-17 | 珠海市魅族科技有限公司 | Application program management method, device, equipment and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 基于API调用分析的Android应用行为意图推测;沈科;叶晓俊;刘孝男;李斌;;清华大学学报(自然科学版)(第11期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114510291A (en) | 2022-05-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8893222B2 (en) | Security system and method for the android operating system | |
| US10924347B1 (en) | Networking device configuration value persistence | |
| CN107690645B (en) | Behavioral malware detection using interpreter virtual machines | |
| CN109416651B (en) | Update coordination in a multi-tenant cloud computing environment | |
| CN107636666B (en) | Method and system for controlling permission requests for applications on a computing device | |
| US20220005027A1 (en) | Smart contract regulation | |
| US20150332043A1 (en) | Application analysis system for electronic devices | |
| EP2831796B1 (en) | Persistent and resilient worker processes | |
| US11403196B2 (en) | Widget provisioning of user experience analytics and user interface / application management | |
| US11263033B2 (en) | Usage checks for code running within a secure sub-environment of a virtual machine | |
| CN105426751A (en) | Method and device for preventing system time from being tampered | |
| KR20200038583A (en) | Electronic apparatus and controlling method thereof | |
| CN112835639B (en) | Hook realization method, device, equipment, medium and product | |
| US10761863B2 (en) | Mobile application management by run-time insertion of a replacement instrumentation object into a mobile application process | |
| CN114510291B (en) | Data calling method, device, electronic equipment and storage medium | |
| KR101283884B1 (en) | Apparatus, method and computer readable recording medium for safeguard | |
| KR20210001057A (en) | Method for detecting and blocking ransomware | |
| US10831883B1 (en) | Preventing application installation using system-level messages | |
| CN109783156B (en) | Application starting control method and device | |
| US8925077B2 (en) | Mobile devices with inhibited application debugging and methods of operation | |
| KR102630816B1 (en) | Security setting device, method of set per-process security policy, and computer program for the method | |
| CN111159703B (en) | Virtual machine data leakage detection method and device | |
| US11086985B2 (en) | Binary authorization based on both file and package attributes | |
| US11809580B2 (en) | Update device and update method | |
| CN116821893B (en) | Code execution method, device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |