CN115587352A - Privacy security monitoring method and device, electronic equipment and storage medium - Google Patents
Privacy security monitoring method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN115587352A CN115587352A CN202211234887.1A CN202211234887A CN115587352A CN 115587352 A CN115587352 A CN 115587352A CN 202211234887 A CN202211234887 A CN 202211234887A CN 115587352 A CN115587352 A CN 115587352A
- Authority
- CN
- China
- Prior art keywords
- privacy
- target application
- application program
- result data
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 205
- 238000000034 method Methods 0.000 title claims abstract description 142
- 230000008569 process Effects 0.000 claims abstract description 65
- 238000004088 simulation Methods 0.000 claims abstract description 42
- 238000013475 authorization Methods 0.000 claims description 51
- 230000005540 biological transmission Effects 0.000 claims description 10
- 230000003993 interaction Effects 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 8
- 238000011161 development Methods 0.000 claims description 6
- 230000002452 interceptive effect Effects 0.000 claims description 6
- 238000012806 monitoring device Methods 0.000 claims description 2
- 230000001960 triggered effect Effects 0.000 abstract description 6
- 238000010586 diagram Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 9
- 230000000694 effects Effects 0.000 description 7
- 230000009471 action Effects 0.000 description 4
- 244000035744 Hura crepitans Species 0.000 description 3
- 230000006399 behavior Effects 0.000 description 3
- 230000036961 partial effect Effects 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012015 optical character recognition Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000000670 limiting effect Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012549 training Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The application provides a privacy security monitoring method and device, electronic equipment and a storage medium, relates to the technical field of data security, privacy security and security monitoring, and is used for solving the problem that the privacy security of an application program in the operation process is difficult to monitor automatically. The method comprises the following steps: triggering the target application program to run through simulation operation, and obtaining result data obtained in the running process of the target application program; and carrying out privacy security monitoring on the result data. The target application program is triggered to run through simulation operation, the result data obtained in the running process of the target application program are obtained, privacy safety monitoring is carried out on the result data, safety monitoring of the target application program is effectively avoided being completed through a manual clicking mode, privacy safety of the application program in the running process is automatically monitored, and the automatic privacy monitoring function of the application program is achieved.
Description
Technical Field
The application relates to the technical field of data security, privacy security and security monitoring, in particular to a privacy security monitoring method and device, electronic equipment and a storage medium.
Background
Currently, monitoring a target application program mostly includes that a monitoring engineer manually clicks an application interface of the target application program to trigger the target application program to run, result data obtained by the application program in a running process is obtained through a manually written code program, and then the result data is sent to a safety engineer. After obtaining the security verification data (such as the privacy policy text of the application), the security engineer monitors and verifies the result data according to the security verification data, so as to complete the security monitoring of the target application by means of manual clicking. However, the current monitoring method is difficult to automatically monitor the privacy security of the application program in the running process.
Disclosure of Invention
An object of the embodiments of the present application is to provide a privacy security monitoring method, an apparatus, an electronic device, and a storage medium, which are used to solve the problem that it is difficult to automatically monitor the privacy security of an application in an operation process.
In a first aspect, an embodiment of the present application provides a privacy security monitoring method, including: triggering the target application program to run through simulation operation, and obtaining result data obtained in the running process of the target application program; and carrying out privacy security monitoring on the result data. In the implementation process of the scheme, the target application program is triggered to run through simulation operation, the result data obtained in the running process of the target application program is obtained, privacy safety monitoring is carried out on the result data, safety monitoring on the target application program is effectively avoided being completed through a manual clicking mode, privacy safety of the application program in the running process is automatically monitored, and the function of carrying out automatic privacy monitoring on the application program is achieved.
In an optional implementation manner of the first aspect, triggering the target application to run through a simulation operation includes: and performing simulated interactive operation on the view elements of the target application program by using a preset automatic monitoring tool so as to trigger the target application program to run. In the implementation process of the scheme, all view elements of the target application program are subjected to simulation interaction by using the automatic monitoring tool, so that the problem of missing clicking of a certain view element is avoided, and the effect of missing-free clicking of all view elements is achieved.
In an optional implementation manner of the first aspect, performing a simulated interactive operation on a view element of a target application using a preset automation monitoring tool includes: for each view element in all view elements of the target application program, judging whether the view element meets a simulation ending triggering condition, wherein the simulation ending triggering condition comprises the following steps: all the index parameters of the view element are acquired, or the acquisition duration of the index parameters of the view element reaches the preset duration; if not, simulating and clicking the view element through a preset automatic monitoring tool so that the target application program responds to the clicking of the view element, acquiring the index parameter of the view element, and adding the index parameter into the result data. In the implementation process of the scheme, under the condition that all the index parameters of the view element are not acquired and the acquisition duration of the index parameters of the view element does not exceed the preset duration, the view element is continuously clicked in a simulation mode through the automatic monitoring tool, so that the index parameters of the operation result data are acquired from all the attribute values of the view element, and the effect of clicking all the view elements without missing is achieved.
In an optional implementation manner of the first aspect, performing simulated interaction on a view element of a target application by using a preset automation monitoring tool includes: and simulating and clicking all view elements of the target application program according to a preset sequence through a preset automatic monitoring tool so as to trigger the target application program to run. In the implementation process of the scheme, all view elements of the target application program are simulated and clicked through the preset automatic monitoring tool according to the preset sequence, so that the target application program responds to the click of the view elements, and the privacy monitoring data is operated, so that the view elements are prevented from being clicked again, and the effect of clicking all the view elements without repetition and missing is achieved.
In an optional implementation manner of the first aspect, after performing simulated interaction on the view element of the target application using a preset automation monitoring tool, the method further includes: aiming at each view element in all view elements of a preset automation monitoring tool simulation point, judging whether the view element meets a first preset condition, wherein the first preset condition comprises the following steps: the view packet name of the view element is a name corresponding to an operating system operated by a target application program, the view identifier of the view element is in a preset identifier set, and the view content of the view element is in a preset content set; and if so, determining the window corresponding to the view element as an authority popup. In the implementation process of the scheme, the view packet name of the view element is the name corresponding to the operating system, the view identifier is in the preset identifier set, and the view content is in the preset content set, so that the permission popup is determined, the problem that the target application cannot be triggered to run due to the fact that the permission popup cannot be identified is solved, and the privacy security monitoring efficiency of the target application is effectively improved.
In an optional implementation manner of the first aspect, after determining that the view element is a permission popup, the method further includes: and clicking the permission option in the permission popup by a preset automatic monitoring tool so that the target application program has the permission to access the privacy data authorized by the permission popup. In the implementation process of the scheme, the preset automatic monitoring tool is used for clicking the allowed option in the permission popup, so that the problem that the target application cannot continue to operate due to the fact that the target application does not have the privacy data authorized by the permission access popup is solved, and the privacy safety monitoring efficiency of the target application is effectively improved.
In an optional implementation manner of the first aspect, after performing simulated interaction on the view element of the target application using a preset automation monitoring tool, the method further includes: aiming at each view element in all the view elements of the preset automatic monitoring tool simulation points, judging whether the view element meets a second preset condition, wherein the second preset condition comprises the following steps: the view packet name of the view element is a corresponding name of a development main body of a target application program, and the view content of the view element comprises preset keywords; and if so, determining the window corresponding to the view element as a privacy policy popup of the target application program. In the implementation process of the scheme, the view packet name of the view element is the corresponding name of the development main body of the target application program, and the view content contains the preset keyword, so that the privacy policy popup is determined, the problem that the operation of the target application program cannot be triggered due to the fact that the privacy policy popup cannot be identified is solved, and the privacy security monitoring efficiency of the target application program is effectively improved.
In an optional implementation manner of the first aspect, after determining the view element as a privacy policy popup of the target application, the method further includes: and simulating and clicking the option of agreeing to the privacy policy by using a preset automatic monitoring tool so that the target application program has the authority to access the privacy data in the popup authorization range of the privacy policy. In the implementation process of the scheme, the preset automatic monitoring tool is used for simulating and clicking the option of agreeing the privacy policy, so that the problem that the target application program cannot continue to operate due to the fact that the target application program cannot access the privacy data is solved, and the privacy safety monitoring efficiency of the target application program is effectively improved.
In an optional implementation manner of the first aspect, after determining the view element as a privacy policy popup of the target application, the method further includes: a privacy policy text is identified from the privacy policy popup. In the implementation process of the scheme, the privacy policy text is identified from the privacy policy pop-up window and used for privacy security monitoring, so that the problem of collecting and storing personal privacy data in an over-range mode is solved, and the privacy security monitoring efficiency of the target application program is effectively improved.
In an optional implementation manner of the first aspect, identifying the privacy policy text from the privacy policy pop-up window includes: and if all the attribute values of the privacy policy popup include text attribute values, determining the text content corresponding to the text attribute values as the content of the privacy policy text, and obtaining the privacy policy text. In the implementation process of the scheme, the text content corresponding to the text attribute value is determined as the content of the privacy policy text, and the privacy policy text is used for privacy security monitoring, so that the problem of collecting and storing personal privacy data in an out-of-range mode is solved, and the privacy security monitoring efficiency of the target application program is effectively improved.
In an optional implementation manner of the first aspect, the identifying the privacy policy text from the privacy policy popup includes: and if all attribute values of the privacy policy popup do not comprise text attribute values, acquiring a region image of the privacy policy popup, and performing text recognition on the region image of the privacy policy popup to obtain a privacy policy text. In the implementation process of the scheme, the text recognition is carried out on the region image of the privacy policy popup window, so that the problem that the text content corresponding to the text attribute value cannot be recognized as the content of the privacy policy text, namely the privacy policy text cannot be recognized, so that the privacy security monitoring cannot be carried out continuously is solved, and the privacy security monitoring efficiency of the target application program is effectively improved.
In an optional implementation manner of the first aspect, the result data includes a result value; and privacy security monitoring is carried out on the result data, and the method comprises the following steps: analyzing a plurality of privacy authorization field names from a privacy policy text; determining whether a field name of each result value in the result data is contained in the plurality of privacy authorization field names; and if not, determining that the result data corresponding to the corresponding result value does not pass privacy security monitoring. In the implementation process of the scheme, under the condition that the field name of each result value in the result data is not contained in the privacy authorization field names, it is determined that the result data corresponding to the corresponding result value does not pass privacy security monitoring, so that the problem that the target application program illegally acquires and uses the privacy data is avoided, and the privacy security monitoring efficiency of the target application program is effectively improved.
In an optional implementation manner of the first aspect, the privacy and security monitoring on the result data includes: and comparing the result data with the privacy data within the privacy policy authorization range to obtain a comparison result, and representing whether the privacy data beyond the privacy policy authorization range exists in the result data. In the implementation process of the scheme, the result data is compared with the privacy data in the privacy policy authorization range, and whether the privacy data exceeding the privacy policy authorization range exists in the result data is determined according to the comparison result, so that the problem that the target application program illegally acquires and uses the privacy data is solved, and the privacy security monitoring efficiency of the target application program is effectively improved.
In an optional implementation manner of the first aspect, comparing the result data with privacy data within an authorized range of the privacy policy includes: analyzing a result value from the result data, and judging whether the result value is contained in the privacy data within the privacy policy authorization range; and if not, determining that the result data corresponding to the corresponding result value is the privacy data within the exceeding privacy policy authorization range. In the implementation process of the scheme, under the condition that the result value in the result data is not contained in the privacy data within the privacy policy authorization range, the result data corresponding to the corresponding result value is directly determined to be the privacy data within the privacy policy authorization range, so that the problem that the target application program violates the privacy data acquisition and use is solved, and the privacy security monitoring efficiency of the target application program is effectively improved.
In an optional implementation manner of the first aspect, the method further includes: modifying the privacy data within the privacy policy authorization range to obtain the modified privacy data, and re-simulating the operation of the triggering target application program to obtain re-triggering result data obtained in the operation process of the target application program; analyzing a trigger result value from the retrigger result data, and judging whether the trigger result value is contained in the modified privacy data; if not, determining that the re-triggering result data corresponding to the triggering result value is the privacy data exceeding the privacy policy authorization range. In the implementation process of the scheme, under the condition that the result value in the retriggering result data is not contained in the modified privacy data, the retriggering result data corresponding to the triggering result value is directly determined to be the privacy data exceeding the privacy policy authorization range, so that the problem that the target application program illegally acquires and uses the privacy data is solved, and the privacy security monitoring efficiency of the target application program is effectively improved.
In an alternative implementation form of the first aspect, the result data comprises: the target application program monitors interface data through a system application program interface API; and privacy security monitoring is carried out on the result data, and the method comprises the following steps: and carrying out privacy security monitoring on the interface data monitored by the API. In the implementation process of the scheme, the interface data monitored by the application program interface API of the system is obtained, and privacy security monitoring is carried out on the result data, so that the problem that privacy security monitoring cannot be carried out on the interface data monitored by the API is solved, and the robustness of the privacy security monitoring is effectively improved.
In an optional implementation of the first aspect, the result data comprises: the target application program passes through protocol data acquired in the protocol transmission process; and privacy security monitoring is carried out on the result data, and the method comprises the following steps: decrypting protocol data acquired in the protocol transmission process to obtain decrypted result data; and carrying out privacy security monitoring on the decrypted result data. In the implementation process of the scheme, the protocol data acquired in the protocol transmission process is decrypted, and the decrypted result data is subjected to privacy security monitoring, so that the problem that the real operation result value of the target application program cannot be acquired is solved, and the privacy security monitoring efficiency of the target application program is effectively improved.
In an optional implementation manner of the first aspect, the method further includes: and storing the result data and the acquisition time of the result data as evidence. In the implementation process of the scheme, the result data and the acquisition time of the result data are stored as the evidence, so that the problem that operation evidences such as unauthorized access of the privacy data are difficult to grasp is solved, and the privacy safety monitoring of the target application program is effectively realized.
In a second aspect, an embodiment of the present application provides a privacy security monitoring method, which is applied to a terminal device, and includes: triggering the target application program to run through simulation operation, and obtaining result data obtained in the running process of the target application program; and sending the result data to the server so that the server can carry out privacy security monitoring on the result data. In the implementation process of the scheme, the target application program is triggered to run through simulation operation, and result data obtained in the running process of the target application program is sent to the server, so that the problem of load pressure of terminal equipment is solved, the server with higher computing capacity is used for privacy safety monitoring, and the privacy safety monitoring efficiency of the target application program is effectively improved.
In a third aspect, an embodiment of the present application provides a privacy security monitoring method, which is applied to a server, and includes: receiving result data sent by the terminal equipment, wherein the result data is obtained by triggering a target application program to run through simulation operation by the terminal equipment; and carrying out privacy security monitoring on the result data. In the implementation process of the scheme, the privacy security monitoring is carried out by using the server with stronger computing power, so that the privacy security monitoring efficiency of the target application program is effectively improved.
In a fourth aspect, an embodiment of the present application provides a privacy security monitoring apparatus, including: the result data acquisition module is used for triggering the target application program to run through simulation operation and acquiring result data acquired in the running process of the target application program; and the privacy security monitoring module is used for carrying out privacy security monitoring on the result data.
In a fifth aspect, an embodiment of the present application provides an electronic device, including: a processor and a memory, the memory storing processor-executable machine-readable instructions, the machine-readable instructions when executed by the processor performing the method as described above.
In a sixth aspect, embodiments of the present application provide a computer-readable storage medium having a computer program stored thereon, where the computer program is executed by a processor to perform the method as described above.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart illustrating a privacy security monitoring method provided in an embodiment of the present application;
FIG. 2 is a schematic diagram illustrating a simulation trigger of a predetermined automated monitoring tool provided by an embodiment of the present application;
FIG. 3 is a schematic diagram illustrating an embodiment of the present application providing a pop-up window with authority identification;
FIG. 4 is a schematic flow chart illustrating the implementation of the analog triggering and privacy security monitoring separately according to the embodiment of the present application;
FIG. 5 is a schematic flow chart illustrating a server simulation triggering and privacy security monitoring execution according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a privacy security monitoring apparatus provided in an embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, as presented in the figures, is not intended to limit the scope of the embodiments of the present application, as claimed, but is merely representative of selected embodiments of the present application. All other embodiments obtained by a person skilled in the art based on the embodiments of the present application without any creative effort belong to the protection scope of the embodiments of the present application.
It is to be understood that "first" and "second" in the embodiments of the present application are used to distinguish similar objects. Those skilled in the art will appreciate that the terms "first," "second," etc. do not denote any order or quantity, nor do the terms "first," "second," etc. denote any order or importance.
Before introducing the privacy security monitoring method provided in the embodiment of the present application, some concepts related to the embodiment of the present application are introduced:
a Virtual Machine (VM) refers to a special software in computer science, and the VM can create an environment between a computer platform and an end user, and the end user operates the software based on the environment created by the VM, and the VM can run a software program of a computer like a real Machine.
It should be noted that the privacy security monitoring method provided in the embodiments of the present application may be executed by an electronic device, where the electronic device refers to a terminal device or a server having a function of executing a computer program, and the terminal device is, for example, a mobile phone, a notebook computer, an electronic watch, and the like. It can be understood that the privacy security monitoring method comprises two phases: the method comprises the following steps of firstly, simulating and triggering a target application program to run (for example, operating privacy data) to obtain result data obtained in the running process of the target application program, and secondly, carrying out privacy safety monitoring on the result data; when the first stage and the second stage are executed on different electronic devices, there are three different situations:
in a first case, the first stage and the second stage are both executed on the terminal device, specifically for example: the terminal device simulates and triggers the target application program to run in the operating system, and carries out privacy safety monitoring on result data obtained in the running process of the target application program.
In the second case, the first stage is executed on the terminal device, and the second stage is executed on the server, specifically for example: the terminal device simulates and triggers the target application program to run in the operating system, and sends result data acquired in the running process of the target application program to the server. And the server receives the result data sent by the terminal equipment and carries out privacy safety monitoring on the result data.
In a third case, the first stage and the second stage are both executed on the server, specifically for example: the server can be operated with a virtual terminal operating system, after receiving a target application program sent by target equipment, the virtual terminal operating system can simulate and trigger the operation of the target application program, so that result data obtained in the operation process of the target application program can be obtained, and privacy safety monitoring can be carried out on the result data.
It is understood that the operating system may be a modified operating system on a native android operating system or a native Mac operating system, so that the modified operating system can better monitor result data obtained during the running process of the target application, where the modification is invisible to the target application, and thus the operating system is also referred to as a sandbox system or a sandbox operating environment.
It should be noted that the scheme in any embodiment of the present application can be operated in a sandbox environment, so as to effectively prevent data leakage.
Application scenarios to which the privacy security monitoring method is applicable are described below, where the application scenarios include, but are not limited to: the privacy security monitoring method may be used to perform security monitoring on a target application program to be detected, specifically, the target application program monitors operation behaviors of privacy data, specifically, for example: whether the target application program collects and stores personal privacy data beyond the range, whether behaviors for revealing the privacy data exist (such as plaintext storage and plaintext transmission of the privacy data or cross-domain uploading to a server), whether the regulations of the current effective privacy laws and regulations are met, and whether the behaviors for collecting, storing and using the privacy data are consistent with the text description content of the privacy policy of the target application program are determined. It is understood that the privacy security monitoring method may provide services for a variety of corporate organizations, including but not limited to the following:
first, a security monitoring service is provided for a terminal application developer, the privacy security monitoring method can be used to provide a privacy security detection service for the application developer of a terminal device, and the privacy security monitoring method can be used to prevent a target application from being illegally collected and unable to be published because the target application illegally collects privacy data when the target application is published and put on the shelf in an application Store (e.g., app Store). At this time, a terminal device installed with a preset automation monitoring tool may be provided to an application developer, so that the terminal application developer performs privacy security monitoring on the terminal device for the target application (i.e. the first case executed on the electronic device). Alternatively, the terminal application developer directly uses the terminal device to simulate and trigger the target application to run in the operating system, and sends the result data obtained in the running process of the target application to the server (i.e. the second case executed on the electronic device). Certainly, the terminal application developer may also directly upload the target application to the server, and after receiving the target application, the server directly monitors the privacy security of the target application (i.e., in the third case executed on the electronic device).
Second, a security monitoring service is provided for an application Store manufacturer, and the privacy security monitoring method can be used for providing a security monitoring service for a batch of application programs for the application Store (e.g., app Store) manufacturer. At this time, customized security monitoring services and training services may be provided for the application store manufacturer, for example, a terminal device and a server installed with preset automation monitoring tools are provided to the application developer, so that the application developer performs privacy security monitoring (i.e., the second case performed on the electronic device above) by itself. Of course, the application store manufacturer may directly upload the target application program to the server, and after receiving the target application program, the server may directly perform privacy security monitoring on the target application program (i.e., in the third case executed on the electronic device).
Please refer to fig. 1, which is a schematic flow chart of a privacy security monitoring method provided in an embodiment of the present application; the embodiment of the application provides a privacy security monitoring method, which comprises the following steps:
step S110: and triggering the target application program to run through simulation operation, and obtaining result data obtained in the running process of the target application program.
Step S120: and carrying out privacy security monitoring on the result data.
It is to be understood that, as mentioned above, there are three different cases when step S110 and step S120 are executed on different electronic devices: in the first case, step S110 and step S120 are both executed on the terminal device; in the second case, step S110 is performed on the terminal device, and step S120 is performed on the server; in the third case, step S110 and step S120 are both performed on the server.
In the implementation process, the target application program is triggered to run through the simulation operation, the result data obtained in the running process of the target application program is obtained, and privacy safety monitoring is carried out on the result data, so that the safety monitoring of the target application program is effectively avoided being completed in a manual clicking mode, the privacy safety of the application program in the running process is automatically monitored, and the automatic privacy monitoring function of the application program is realized.
Please refer to fig. 2, which is a schematic diagram illustrating a simulation trigger of a predetermined automatic monitoring tool according to an embodiment of the present application; in a specific practical process, a preset automatic monitoring tool can be used for simulating and triggering a target application program, and the preset automatic monitoring tool provided by the embodiment of the application can be developed and obtained based on a UiAutomator or a UiAutomator 2 and the like on an android operating system, and can also be developed and obtained based on XCUITest, apdium-Desktop, facebook-wda and the like. For ease of understanding and explanation, the preset automatic monitoring tool is described in detail by taking the example of the development of UiAutomator, uiAutomator 2, and the like.
As an alternative to step S110, it has been mentioned above that step S110 may be performed on the terminal device (in this case, the preset automation monitoring tool may be directly run on the terminal device), or may be performed on the server. If the step S110 is executed on the server, a virtual terminal operating system may be run in the server, and a preset automation monitoring tool may be run in the operating system to simulate and trigger the target application to run, where the embodiment may include:
step S111: and performing simulated interactive operation on the view elements of the target application program by using a preset automatic monitoring tool so as to trigger the target application program to run.
As a first optional implementation manner of the step S111, performing the simulated interactive operation on each view element until the end, where the implementation manner may include:
step S111a: for each view element in all view elements of the target application program, judging whether the view element meets a simulation ending triggering condition, wherein the simulation ending triggering condition comprises the following steps: all the index parameters of the view element are acquired, or the acquisition duration of the index parameters of the view element reaches a preset duration.
The embodiment of step S111a described above is, for example: when the preset automation monitoring tool is used to obtain the result data obtained during the running process of the target application, the data source of the result data may be all the index parameters corresponding to the view elements, such as the activity and the activity in fig. 2, or the textValue and the textValue (i.e., the privacy policy text).
Step S111b: and if the view element does not meet the end simulation triggering condition, simulating and clicking the view element through a preset automatic monitoring tool so that the target application program responds to the click of the view element, acquiring the index parameter of the view element, and adding the index parameter into the result data.
One optional implementation of step S111b is as follows: if all the index parameters corresponding to the view element are not acquired and the acquisition duration of the index parameters of the view element does not exceed the preset duration, continuing to simulate and click the view element through a preset automatic monitoring tool, so as to acquire the index parameters of the view element in all the attribute values of the view element, where the preset duration may be set according to specific situations, for example, set to 1 second, 2 seconds, 6 seconds, or the like.
As a second optional implementation manner of the step S111, the simulation interaction may also be performed according to a preset sequence, and the implementation manner may include:
step S111c: and simulating and clicking all view elements of the target application program according to a preset sequence through a preset automatic monitoring tool so as to trigger the target application program to run.
The embodiment of step S111c described above is, for example: the preset sequence set by the view elements is obtained in the preset automatic monitoring tool, where the preset sequence may be an arrangement sequence of the view elements of the default uiautomation, so that the target application continues to run (for example, operate on the private data) after clicking the view elements. When the view element of the target application program is clicked, the clicked view element can be stored and recorded (for example, recorded in a database or a file), and the view element is prevented from being clicked again, so that the effect of clicking all the view elements without repetition and missing is achieved.
Please refer to fig. 3, which is a schematic diagram illustrating a popup window for recognizing a right according to an embodiment of the present application; some target application programs can be normally used only after the permission popup window of the target application program needs to allow the target application program to acquire the permission of private data (such as the geographic position of a mobile phone, an album, a camera and the like); if the click does not allow the target application to obtain the rights to the private data, the target application may be restricted from use (e.g., not used properly, etc.). Therefore, the permission popup can be recognized first, and then the permission option in the permission popup is clicked to allow the target application to acquire the private data.
As an optional implementation of the foregoing step S110, during the process of simulating the interaction, the permission popup may be further identified, and this implementation may include:
step S112: aiming at each view element in all the view elements of a preset automatic monitoring tool simulation click target application program, judging whether the view element meets a first preset condition, wherein the first preset condition comprises the following steps: the view packet name of the view element is a name corresponding to an operating system operated by a target application program, the view identifier of the view element is in a preset identifier set, and the view content of the view element is in a preset content set.
Step S113: and if the view element meets the first preset condition, determining the window corresponding to the view element as an authority popup window.
The embodiments of the above steps S112 to S113 are, for example: since the permission popup can only be popped up by the operating system, and the contents displayed by the permission popup are usually pre-stored in the system (e.g., whether to allow access and collect a geographic location in fig. 3, etc.), the permission popup can be determined by the name of the view packet and the contents of the view. Com, if the view packet name of the view element is ended in android, the view identifier of the view element is in a preset identifier set, and the view content of the view element is in a preset content set, where the preset content set may be a set formed by regular expressions, for example: starting with "allow or not" and ending with "collect your geographic location", it is clear that the view element correspondence window in FIG. 3 is the rights popup. Similarly, if the view element does not satisfy the first preset condition (that is, the name of the view packet of the view element is the name corresponding to the operating system run by the target application, the view identifier of the view element is in the preset identifier set, and the view content of the view element is in the preset content set), it may be determined that the window corresponding to the view element is not the permission popup window.
As an optional implementation of the foregoing step S110, after the permission popup is identified, a permission access (e.g., a permission option) may be clicked in the popup to allow the target application to access the private data, and the implementation may include:
step S114: and clicking the permission option in the permission popup by a preset automatic monitoring tool so that the target application program has the permission to access the privacy data authorized by the permission popup.
The embodiment of step S114 described above is, for example: as shown in fig. 3, after the permission popup is identified by the preset automatic monitoring tool, the permission option in the permission popup can be directly clicked by the preset automatic monitoring tool, so that the target application has permission to access the private data authorized by the permission popup (for example, the target application has permission to access the geographic location in fig. 3).
As an optional implementation of the foregoing step S110, during the process of simulating the interaction, a privacy policy popup may also be identified, and this implementation may include:
step S115: aiming at each view element in all the view elements of the preset automatic monitoring tool simulation points, judging whether the view element meets a second preset condition, wherein the second preset condition comprises the following steps: the view packet name of the view element is a name corresponding to a development subject of the target application program, and the view content of the view element contains preset keywords.
Step S116: and if the view element meets the second preset condition, determining the window corresponding to the view element as the privacy policy popup of the target application program.
The embodiments of the above steps S115 to S116 are, for example: since the privacy policy popup is a popup popped up by the target application, the developing subject of the target application is usually developed by using a fixed view packet name when developing, and the privacy policy is usually fixed and includes preset keywords (such as "privacy policy" or "privacy data", etc.), the privacy policy popup of the target application can be determined by the view packet name and the view content. Com, and the view content of the view element includes keywords such as "privacy policy" or "privacy data", it is obvious that the view element corresponding window in fig. 2 is determined to be a privacy policy popup. Similarly, if the view element does not satisfy the second predetermined condition (i.e. the name of the view packet of the view element is the corresponding name of the development subject of the target application, and the view content of the view element includes a predetermined keyword), it may be determined that the window corresponding to the view element is not a privacy policy popup.
As an optional implementation of the foregoing step S110, after the privacy policy popup is identified, the consent option may be clicked to authorize the target application to access the privacy data, and the implementation may include:
step S117: and simulating and clicking the option of agreeing the privacy policy by using a preset automatic monitoring tool so that the target application program has the right to access the privacy data within the popup authorization range of the privacy policy.
It will be appreciated that the aforementioned options for agreeing to the privacy policy may include: an "agree" button and a "submit" button. Specifically, the option may be an option in which the "agree" button and the "submit" button are integrated, or an option in which the "agree" button and the "submit" button are separately provided, for example: the "agree" button is provided in a first view element of the application and the "submit" button is provided in a second view element of the application. Of course, in the specific implementation process, the specific name and form of the button may also be one of an "agreement" button or a "submission" button, and the function of the button is to submit the content of the agreement privacy policy.
The embodiment of step S117 described above is, for example: some target applications may not be able to use the privacy policy normally after they are requested to agree with the privacy policy, otherwise (if the privacy policy is not agreed upon by clicking) the target applications may be restricted in use, for example, information cannot be synchronized. Therefore, in the process of clicking all view elements of the target application program according to the preset sequence by using the automatic monitoring tool, it may be determined whether a preset keyword (for example, a privacy policy and/or an application name of the target application program) and a submit button (for example, an "ok" button) are simultaneously present in all attribute values of each view element, and if the preset keyword and the submit button are simultaneously present in the attribute values of the view element (for example, the value a.b.c of activity in fig. 2 is the package name of abc corporation, and some text attribute values include the privacy policy and/or the application name text of the target application program), it may be determined that the current view element corresponding interface is a privacy popup (as in fig. 2), thereby completing the simulation of clicking the privacy policy popup of the target application program. If the preset keyword and the submit button do not exist in the attribute value of the view element at the same time, clicking on the next view element can be continued.
As an optional implementation manner of the foregoing step S110, after the privacy policy pop is identified, a privacy policy text may also be identified from the privacy policy pop, and this implementation manner may include:
step S118: a privacy policy text is identified from the privacy policy popup.
As a first optional implementation manner of the step S118, specifically, the privacy policy text may be identified by text attribute values, that is, may be directly obtained from all attribute values of the privacy policy popup, and the implementation manner may include:
step S118a: and judging whether all attribute values of the privacy policy popup include text attribute values.
Step S118b: and if all the attribute values of the privacy policy popup include text attribute values, determining the text content corresponding to the text attribute values as the content of the privacy policy text, and obtaining the privacy policy text.
The embodiments of the above steps S118a to S118b are, for example: for the view element of the privacy policy popup, it is determined whether all attribute values of the view element include a text attribute value (e.g., a textValue field in fig. 2), and if all attribute values of the view element include the textValue field, the privacy policy text may be directly obtained from the text attribute value, that is, the text attribute value is determined to be the privacy policy text.
As a second optional implementation manner of the step S118, specifically, the privacy policy text may be recognized by an image recognition method, that is, in the process of recognizing the privacy policy text, if the privacy policy text cannot be directly obtained from the attribute value, the method may further recognize an area image of a privacy policy popup window, and the implementation manner may include:
step S118c: and if all attribute values of the privacy policy popup do not comprise text attribute values, acquiring the region image of the privacy policy popup, and performing text recognition on the region image of the privacy policy popup to obtain a privacy policy text.
The embodiment of step S118c described above is, for example: if the attribute values of the view element do not include the text attribute value (for example, the view element itself is an image, that is, the privacy policy is directly presented using image materials), the region image of the popup window of the privacy policy may be obtained, and text Recognition may be performed on the region image of the popup window of the privacy policy in an Optical Character Recognition (OCR) manner, so as to obtain the privacy policy text.
It is understood that, in addition to grabbing the privacy policy text and simulating clicking the check box and submit button for agreeing to the privacy policy, it is also possible to simulate clicking the check box for rejecting the privacy policy (for example, disapproval check box in fig. 2), and after simulating clicking the privacy policy for rejecting, collecting the result data obtained after the target application program runs, which includes various situations: in the first case, the target application may run normally (there may be a case of illegal acquisition of private data), in the second case, the target application exits directly, in the third case, the target application jumps to a setting page (an authorization prompt page may occur), and so on. Of course, registering the login interface and turning off the push function, etc. may also be identified according to similar principles as above.
As an alternative to the above step S120, the result data includes a result value; it has been mentioned above that this step S120 may be performed on the terminal device or on the server. In the privacy security monitoring process, the result data may be privacy security monitored according to a field name in a policy text, and the embodiment may include:
step S121: a plurality of privacy authorization field names are parsed from the privacy policy text.
The embodiment of step S121 described above is, for example: the plurality of privacy authorization field names parsed from the privacy policy text of fig. 2 includes: avatar, nickname, phone number, location information, (action) log, email, and bank card number.
Step S122: it is determined whether a field name of each result value in the result data is contained in the plurality of privacy authorization field names.
Step S123: and if the field name of each result value in the result data is not contained in the plurality of privacy authorization field names, determining that the result data corresponding to the corresponding result value does not pass privacy security monitoring.
The embodiments of the above steps S122 to S123 are, for example: assume that the result values parsed from the result data are, for example: a nickname abc, an identity number 12345678 and the like, so that for the nickname abc, the nickname (abc) is included in a plurality of privacy authorization field names analyzed in the privacy policy text, and therefore, the result value of the nickname (abc) is monitored through privacy security, and in practice, whether the nickname is monitored through privacy security can be determined in combination with other conditions (such as leakage or cross-domain uploading). However, for the identification number 12345678, the identification number (12345678) is not included in the privacy authorization field names, and therefore, the identification number (12345678) is collected out of range (i.e., collected in violation), i.e., the result value of the identification number is not monitored by privacy security.
The privacy monitoring data includes: the privacy data within the privacy policy authority range, that is, the privacy data within the privacy policy authority range set in the operating system by the monitoring person for the convenience of monitoring, is assumed to be a nickname abc and a telephone number 12345.
As an optional implementation manner of the step S120, in the process of privacy security monitoring, privacy security monitoring may be performed on the result data according to privacy data within a privacy policy authorization range, where the method includes:
step S124: and comparing the result data with the privacy data within the privacy policy authorization range to obtain a comparison result, wherein the comparison result represents whether the privacy data beyond the privacy policy authorization range exists in the result data.
As a first optional implementation manner of step S124, in the private data comparison process, the result data may be compared according to the private data within the authorized range of the privacy policy, and this implementation manner may include:
step S124a: and analyzing a result value from the result data, and judging whether the result value is contained in the privacy data within the privacy policy authorization range.
Step S124b: and if the result value is not contained in the privacy data within the privacy policy authorization range, determining that the result data corresponding to the corresponding result value is the privacy data beyond the privacy policy authorization range.
The embodiments of the above steps S124a to S124b are, for example: assume that the result value parsed from the result data obtained during the running of the target application is, for example: nickname abc, telephone number 12345, identification number 12345678, and the like, so that for nickname abc, nickname (abc) is included in the privacy data within the privacy policy authorization scope, and therefore, the resulting value corresponding to nickname (abc) is not the privacy data within the privacy policy authorization scope, and similarly, telephone number 12345 is not the privacy data within the privacy policy authorization scope, and during practice, it can be determined whether the nickname and telephone number are the privacy data within the privacy policy authorization scope in combination with other conditions (e.g., whether to be leaked or uploaded across domains). For the identification number 12345678, the identification number (12345678) is not included in the privacy data within the privacy policy authorization scope, and therefore, the result value corresponding to the nickname (abc) is the privacy data beyond the privacy policy authorization scope.
As a second optional implementation manner of step S124, the privacy data within the authorization range of the privacy policy may be modified, and the result data may be compared by using the modified privacy data, where the implementation manner may include:
step S124c: and modifying the privacy data within the privacy policy authorization range to obtain the modified privacy data, and re-simulating the operation of the triggering target application program to obtain re-triggering result data obtained in the operation process of the target application program.
The embodiment of step S124c described above is, for example: assuming that the nickname abc in the privacy data within the privacy policy authorization range is modified into cba, and the telephone number 12345 is modified into 54321, cba and 54321 here are modified privacy data, and then re-simulation triggers the target application to run, where the target application may operate on the modified privacy data (such as cba and 54321 here) during running to obtain re-trigger result data obtained during running of the target application.
Step S124d: a trigger result value is parsed from the re-trigger result data and it is determined whether the trigger result value is included in the modified privacy data.
Step S124e: and if the trigger result value is not contained in the modified privacy data, determining that the re-trigger result data corresponding to the trigger result value is the privacy data exceeding the privacy policy authorization range.
The embodiments of the above steps S124d to S124e are, for example: assume that the re-trigger data resolves the trigger value, for example: nickname cba, telephone number 54321, and identification number 54321678, etc., then for the nickname cba, the nickname (cba) is included in the modified privacy data, and thus the nickname (cba) is privacy data that does not override the privacy policy authorization scope, and similarly, the telephone number 54321 is privacy data that does override the privacy policy authorization scope, and in practice, may be combined with other conditions (e.g., whether to reveal or upload across domains) to determine whether the nickname and telephone number override the privacy policy authorization scope. For the identification number 54321678, the identification number (54321678) is not included in the modified privacy data, and therefore, the nickname (cba) is privacy data that exceeds the privacy policy authority.
As an alternative embodiment of the above step S120, the result data includes: interface data monitored by a target Application program through an Application Programming Interface (API); interface data intercepted by the API can also be monitored, and the implementation mode can include:
step S125: and carrying out privacy security monitoring on the interface data monitored by the API.
The embodiment of step S125 described above is, for example: the operating system run by the target application program may be an operating system modified on a native android operating system or a native Mac operating system, and the modification manner includes many ways, including but not limited to: the method for modifying the plug-in code is characterized in that the method directly modifies the source code of the (android or Mac) operating system, so that the monitoring of an Application Program Interface (API) on the operating system is realized, and the privacy security monitoring of the interface data monitored by the API is realized, specifically for example: interface data that is heard from Application Program Interfaces (APIs) on the operating system includes, but is not limited to: the monitored API parameters, the returned results, the intermediate calculation data (including the privacy data) and the call stack information, and the like, and then the privacy security monitoring is carried out on the interface data monitored by the API. In the implementation process of the scheme, the operating system operated by the target application program is modified, so that the modified operating system can better perform privacy and safety monitoring on the interface data monitored by the API, and the variety and diversity of the monitoring data are increased.
As an alternative embodiment of the above step S120, the result data includes: the target application program passes through the protocol data acquired in the protocol transmission process; the decryption may be performed before monitoring the decrypted result data, and the embodiment may include:
step S126: and decrypting the protocol data acquired in the protocol transmission process to acquire decrypted result data.
The embodiment of step S126 described above is, for example: the encryption type of the protocol data is determined, including but not limited to: if the protocol data is an encryption type of Transport Layer Security (TLS), the protocol data can be decrypted by using an encryption/decryption class Cipher and a captured TLS symmetric key; if the Protocol data is an encryption type of a hypertext Transfer Protocol Secure (HTTPS) Protocol in a proxy mode, the Protocol data may be decrypted using a snooping http connection class. And after the protocol data is decrypted, the decrypted result data is subjected to privacy security monitoring.
Step S127: and carrying out privacy security monitoring on the decrypted result data.
The implementation principle and implementation manner of step S127 are similar to those of step S125, and therefore, the implementation principle and implementation manner will not be described here, and if it is not clear, reference may be made to the description of step S125.
As an optional implementation of the privacy security monitoring method, the data may be stored as evidence during the monitoring process, and the implementation may include:
step S130: and storing the result data and the acquisition time of the result data as evidence.
The embodiment of the step S130 is, for example: and storing the interface data monitored by the API and the acquisition time of the interface data as evidence, or storing the protocol data acquired and decrypted in the protocol transmission process and the acquisition time of the protocol data as evidence and the like.
Please refer to fig. 4, which is a schematic flow chart illustrating the implementation of the analog triggering and the privacy security monitoring separately according to the embodiment of the present application; as mentioned above, the privacy security monitoring method may be partially applied to the terminal device, that is, the analog trigger is executed on the terminal device, and then the partial steps executed by the terminal device may include:
step S210: the terminal equipment triggers the target application program to run through simulation operation, and result data obtained in the running process of the target application program are obtained.
The above-mentioned embodiment of step S210 is similar to the embodiment of step S110, and the embodiment of the sub-step of step S210 is also similar to the embodiment of the sub-step of step S110, so that the detailed description thereof is omitted here. If the operating system of the terminal device is an android system or a Mac system, the preset automatic monitoring tool may be used to simulate and trigger the target application program to run (for example, to operate the private data), so as to obtain result data obtained in the running process of the target application program.
Step S220: and the terminal equipment sends the result data to the server so that the server carries out privacy safety monitoring on the result data.
The embodiment of step S220 described above is, for example: the terminal device sends the result data to the server through a Transmission Control Protocol (TCP) or a User Datagram Protocol (UDP), so that the server performs privacy security monitoring on the result data.
The embodiment of the application provides a privacy security monitoring method which is applied to a server; it has been mentioned above that the privacy security monitoring method may be partially applied to the server, that is, the server performs privacy security monitoring, and then the server performs partial steps including:
step S230: and the server receives result data sent by the terminal equipment, wherein the result data is obtained by triggering the target application program to run through simulation operation by the terminal equipment.
The embodiment of the step S230 is, for example: and the server receives result data sent by the terminal equipment through a TCP protocol or a UDP protocol, wherein the result data is obtained by triggering the target application program to run through simulation operation by the terminal equipment.
Step S240: and the server carries out privacy safety monitoring on the result data to obtain a privacy safety monitoring result.
The implementation principle and implementation manner of step S240 are similar to those of step S120, and therefore, the implementation principle and implementation manner will not be described here, and if it is not clear, reference may be made to the description of step S120.
Please refer to fig. 5, which is a schematic flow chart of simulating triggering and performing privacy security monitoring by a server according to an embodiment of the present application; it is to be understood that, as already mentioned above, the privacy security monitoring method may be applied to the server in its entirety, i.e. the server may perform all steps of the privacy security monitoring method, and this embodiment may include:
step S310: and the server receives the target application program sent by the target device.
The target device refers to a device of the last target application, such as the terminal device or the server, and the terminal device specifically includes: personal computers, cell phones, notebook computers, electronic watches, and the like.
The embodiment of step S310 described above is, for example: the server receives a target application program sent by a target device through a hypertext Transfer Protocol (HTTP) or a hypertext Transfer security Protocol (HTTPs).
Step S320: and the server simulates and triggers the target application program to run on the virtual terminal operating system, and obtains result data obtained in the running process of the target application program.
The Virtual terminal operating system refers to an operating system that simulates a terminal device to run on a server by using a Virtual Machine (VM) or a Virtual device, where the Virtual Machine or the Virtual device may employ a Docker or the like.
The implementation principle and implementation manner of step S320 are similar to those of step S110, and therefore, the implementation principle and implementation manner will not be described here, and if it is not clear, reference may be made to the description of step S110. If the virtual terminal operating system on the server is an android system or a Mac system, the preset automatic monitoring tool can be used to simulate and trigger the running of the target application program (for example, to operate private data), so as to obtain result data obtained in the running process of the target application program.
Step S330: and the server carries out privacy safety monitoring on the result data to obtain a privacy safety monitoring result.
The implementation principle and implementation manner of step S330 are similar to those of step S120, and therefore, the implementation principle and implementation manner will not be described here, and if it is not clear, reference may be made to the description of step S120.
Optionally, after the server obtains the privacy security monitoring result, a privacy security monitoring report may be generated according to the privacy security monitoring result. Meanwhile, the server may also provide query services of the monitoring result or the monitoring report for other target devices, specifically, for example: the target equipment generates and sends a result report acquisition request to the server, and after receiving the result report acquisition request sent by the target equipment, the server acquires a privacy security monitoring result or a privacy security monitoring report and sends the privacy security monitoring result or the privacy security monitoring report to the target equipment.
Please refer to fig. 6, which is a schematic structural diagram of a privacy security monitoring apparatus provided in an embodiment of the present application; the embodiment of the present application provides a privacy security monitoring device 400, including:
and the result data obtaining module 410 is configured to trigger the target application program to run through the simulation operation, and obtain result data obtained in a running process of the target application program.
And the privacy security monitoring module 420 is used for performing privacy security monitoring on the result data.
It should be understood that the device corresponds to the above-mentioned embodiment of the privacy security monitoring method, and is capable of executing the steps related to the above-mentioned embodiment of the method, and the specific functions of the device may be referred to the above description, and the detailed description is appropriately omitted here to avoid repetition. The device includes at least one software function that can be stored in memory in the form of software or firmware (firmware) or solidified in the Operating System (OS) of the device.
Please refer to fig. 7 for a schematic structural diagram of an electronic device according to an embodiment of the present application. An electronic device 500 provided in an embodiment of the present application includes: a processor 510 and a memory 520, the memory 520 storing machine readable instructions executable by the processor 510, the machine readable instructions when executed by the processor 510 performing the method as above.
Embodiments of the present application also provide a computer-readable storage medium 530, where the computer-readable storage medium 530 stores thereon a computer program, and when the computer program is executed by the processor 510, the computer program performs the method as described above.
The computer readable storage medium 530 may be implemented by any type of volatile or nonvolatile storage device or combination thereof, such as a Static Random Access Memory (SRAM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), an Erasable Programmable Read-Only Memory (EPROM), a Programmable Read-Only Memory (PROM), a Read-Only Memory (ROM), a magnetic Memory, a flash Memory, a magnetic disk or an optical disk.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
In addition, functional modules of the embodiments in the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part. Furthermore, in the description herein, reference to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the embodiments of the present application. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.
In this document, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.
The above description is only an alternative embodiment of the embodiments of the present application, but the scope of the embodiments of the present application is not limited thereto, and any person skilled in the art can easily conceive of changes or substitutions within the technical scope of the embodiments of the present application, and all the changes or substitutions should be covered by the scope of the embodiments of the present application.
Claims (24)
1. A privacy security monitoring method, comprising:
triggering a target application program to run through simulation operation, and obtaining result data obtained in the running process of the target application program;
and carrying out privacy security monitoring on the result data.
2. The method of claim 1, wherein triggering the target application to run through the simulation operation comprises:
and performing simulated interactive operation on the view elements of the target application program by using a preset automatic monitoring tool so as to trigger the target application program to run.
3. The method of claim 2, wherein the performing simulated interactive operations on the view elements of the target application using the preset automated monitoring tool comprises:
for each view element in all view elements of the target application program, judging whether the view element meets a finishing simulation trigger condition, wherein the finishing simulation trigger condition comprises the following steps: all the index parameters of the view element are acquired, or the acquisition duration of the index parameters of the view element reaches the preset duration;
if not, the view element is clicked through the simulation of the preset automatic monitoring tool, so that the target application program responds to the click of the view element, index parameters of the view element are obtained, and the index parameters are added into the result data.
4. The method of claim 2, wherein the simulated interaction of the view element of the target application using the preset automated monitoring tool comprises:
and simulating and clicking all view elements of the target application program according to a preset sequence through the preset automatic monitoring tool so as to trigger the target application program to run.
5. The method of claim 2, further comprising, after the simulated interaction of the view element of the target application using the preset automation monitoring tool:
for each view element in all view elements of the target application program which is shot by a preset automation monitoring tool simulation point, judging whether the view element meets a first preset condition, wherein the first preset condition comprises that: the view packet name of the view element is a name corresponding to an operating system operated by the target application program, the view identifier of the view element is in a preset identifier set, and the view content of the view element is in a preset content set;
and if so, determining the window corresponding to the view element as an authority popup.
6. The method of claim 5, further comprising, after determining the view element as a permission popup:
and clicking the allowed option in the permission popup through the preset automatic monitoring tool so that the target application program has permission to access the privacy data authorized by the permission popup.
7. The method of claim 2, further comprising, after the simulated interaction of the view element of the target application using the preset automation monitoring tool:
and for each view element in all the view elements of the target application program, which is clicked out by aiming at a preset automatic monitoring tool simulation point, judging whether the view element meets a second preset condition, wherein the second preset condition comprises that: the view packet name of the view element is the corresponding name of the development main body of the target application program, and the view content of the view element contains preset keywords;
and if so, determining the window corresponding to the view element as a privacy policy popup of the target application program.
8. The method of claim 7, further comprising, after the determining the view element as a privacy policy popup of the target application:
and simulating and clicking an option of agreeing to the privacy policy by using the preset automatic monitoring tool so that the target application program has the permission to access the privacy data within the privacy policy popup authorization range.
9. The method of claim 7, further comprising, after the determining the view element as a privacy policy popup for the target application:
a privacy policy text is identified from the privacy policy popup.
10. The method of claim 9, wherein the identifying privacy policy text from the privacy policy popup comprises:
and if all attribute values of the privacy policy popup include text attribute values, determining text contents corresponding to the text attribute values as the contents of the privacy policy text, and obtaining the privacy policy text.
11. The method of claim 9, wherein the identifying privacy policy text from the privacy policy popup comprises:
if all attribute values of the privacy policy popup do not include text attribute values, acquiring a region image of the privacy policy popup, and performing text recognition on the region image of the privacy policy popup to acquire the privacy policy text.
12. The method of claim 9, wherein the result data includes a result value; the privacy security monitoring of the result data comprises:
analyzing a plurality of privacy authorization field names from the privacy policy text;
determining whether a field name of each result value in the result data is contained in the plurality of privacy authorization field names;
and if not, determining that the result data corresponding to the corresponding result value does not pass privacy security monitoring.
13. The method of claim 1, wherein the privacy security monitoring of the result data comprises:
and comparing the result data with the privacy data within the privacy policy authorization range to obtain a comparison result, wherein the comparison result represents whether the privacy data exceeding the privacy policy authorization range exists in the result data.
14. The method of claim 13, wherein comparing the result data with privacy data within a privacy policy authority comprises:
analyzing a result value from the result data, and judging whether the result value is contained in the privacy data within the privacy policy authorization range;
and if not, determining that the result data corresponding to the corresponding result value is the privacy data exceeding the privacy policy authorization range.
15. The method of claim 13, further comprising:
modifying the privacy data in the privacy policy authorization range to obtain the modified privacy data, and re-simulating and triggering the target application program to operate to obtain re-triggering result data obtained in the operation process of the target application program;
analyzing a trigger result value from the re-trigger result data, and judging whether the trigger result value is contained in the modified privacy data;
if not, determining that the re-triggering result data corresponding to the triggering result value is the privacy data exceeding the privacy policy authorization range.
16. The method of claim 1, wherein the result data comprises: the target application program monitors interface data through a system Application Program Interface (API); the privacy security monitoring of the result data comprises:
and carrying out privacy security monitoring on the interface data monitored by the API.
17. The method of claim 1, wherein the result data comprises: the target application program passes through protocol data acquired in a protocol transmission process; the privacy security monitoring of the result data comprises:
decrypting the protocol data acquired in the protocol transmission process to obtain decrypted result data;
and carrying out privacy security monitoring on the decrypted result data.
18. The method of any one of claims 1-17, further comprising:
and storing the result data and the acquisition time of the result data as evidence.
19. A privacy security monitoring method is applied to terminal equipment and comprises the following steps:
triggering a target application program to run through simulation operation, and obtaining result data obtained in the running process of the target application program;
and sending the result data to a server so that the server carries out privacy security monitoring on the result data.
20. A privacy security monitoring method is applied to a server and comprises the following steps:
receiving result data sent by terminal equipment, wherein the result data is obtained by triggering a target application program to run through simulation operation by the terminal equipment;
and carrying out privacy safety monitoring on the result data.
21. A privacy security monitoring method is applied to a server and comprises the following steps:
receiving a target application program sent by target equipment;
simulating and triggering the target application program to run on a virtual terminal operating system, and acquiring result data acquired in the running process of the target application program;
and carrying out privacy safety monitoring on the result data to obtain a privacy safety monitoring result.
22. A privacy security monitoring device, comprising:
the result data acquisition module is used for triggering the target application program to run through simulation operation and acquiring result data acquired in the running process of the target application program;
and the privacy safety monitoring module is used for carrying out privacy safety monitoring on the result data.
23. An electronic device, comprising: a processor and a memory, the memory storing machine-readable instructions executable by the processor, the machine-readable instructions, when executed by the processor, performing the method of any of claims 1 to 21.
24. A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, performs the method of any one of claims 1 to 21.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211234887.1A CN115587352A (en) | 2022-10-10 | 2022-10-10 | Privacy security monitoring method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211234887.1A CN115587352A (en) | 2022-10-10 | 2022-10-10 | Privacy security monitoring method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115587352A true CN115587352A (en) | 2023-01-10 |
Family
ID=84779337
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211234887.1A Pending CN115587352A (en) | 2022-10-10 | 2022-10-10 | Privacy security monitoring method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115587352A (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106815134A (en) * | 2015-11-27 | 2017-06-09 | 北京奇虎科技有限公司 | A kind of APP method of testings and device |
| CN107133519A (en) * | 2017-05-15 | 2017-09-05 | 华中科技大学 | Privacy compromise detection method and system in a kind of Android application network communication |
| CN111753701A (en) * | 2020-06-18 | 2020-10-09 | 百度在线网络技术(北京)有限公司 | Violation detection method, device and equipment of application program and readable storage medium |
| CN111767203A (en) * | 2019-04-01 | 2020-10-13 | 北京奇虎科技有限公司 | Application test-based bullet frame processing method and system |
| CN112905451A (en) * | 2021-02-02 | 2021-06-04 | 北京罗克维尔斯科技有限公司 | Automatic testing method and device for application program |
| CN113051613A (en) * | 2021-03-15 | 2021-06-29 | Oppo广东移动通信有限公司 | Privacy policy detection method and device, electronic equipment and readable storage medium |
| CN114036501A (en) * | 2021-11-16 | 2022-02-11 | 北京百度网讯科技有限公司 | APP detection method, system, device, equipment and storage medium |
| CN114611132A (en) * | 2020-12-08 | 2022-06-10 | 奇安信科技集团股份有限公司 | Privacy compliance detection method and privacy compliance detection device for mobile application software |
| CN114625381A (en) * | 2022-01-19 | 2022-06-14 | 深圳智游网安科技有限公司 | Privacy policy text acquisition method, system and terminal |
| CN115098116A (en) * | 2022-06-20 | 2022-09-23 | 康键信息技术(深圳)有限公司 | Simulation operation method and device of application program, terminal and storage medium |
-
2022
- 2022-10-10 CN CN202211234887.1A patent/CN115587352A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106815134A (en) * | 2015-11-27 | 2017-06-09 | 北京奇虎科技有限公司 | A kind of APP method of testings and device |
| CN107133519A (en) * | 2017-05-15 | 2017-09-05 | 华中科技大学 | Privacy compromise detection method and system in a kind of Android application network communication |
| CN111767203A (en) * | 2019-04-01 | 2020-10-13 | 北京奇虎科技有限公司 | Application test-based bullet frame processing method and system |
| CN111753701A (en) * | 2020-06-18 | 2020-10-09 | 百度在线网络技术(北京)有限公司 | Violation detection method, device and equipment of application program and readable storage medium |
| CN114611132A (en) * | 2020-12-08 | 2022-06-10 | 奇安信科技集团股份有限公司 | Privacy compliance detection method and privacy compliance detection device for mobile application software |
| CN112905451A (en) * | 2021-02-02 | 2021-06-04 | 北京罗克维尔斯科技有限公司 | Automatic testing method and device for application program |
| CN113051613A (en) * | 2021-03-15 | 2021-06-29 | Oppo广东移动通信有限公司 | Privacy policy detection method and device, electronic equipment and readable storage medium |
| CN114036501A (en) * | 2021-11-16 | 2022-02-11 | 北京百度网讯科技有限公司 | APP detection method, system, device, equipment and storage medium |
| CN114625381A (en) * | 2022-01-19 | 2022-06-14 | 深圳智游网安科技有限公司 | Privacy policy text acquisition method, system and terminal |
| CN115098116A (en) * | 2022-06-20 | 2022-09-23 | 康键信息技术(深圳)有限公司 | Simulation operation method and device of application program, terminal and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101558715B1 (en) | System and Method for Server-Coupled Malware Prevention | |
| CN111400722B (en) | Method, apparatus, computer device and storage medium for scanning small program | |
| Luoshi et al. | A3: automatic analysis of android malware | |
| CN110958239B (en) | Method and device for verifying access request, storage medium and electronic device | |
| CN112749088B (en) | Application program detection method and device, electronic equipment and storage medium | |
| Bhatia et al. | Tipped Off by Your Memory Allocator: Device-Wide User Activity Sequencing from Android Memory Images. | |
| CN109120626A (en) | Security threat processing method, system, safety perception server and storage medium | |
| EP2973192B1 (en) | Online privacy management | |
| CN109818972B (en) | Information security management method and device for industrial control system and electronic equipment | |
| US10827349B2 (en) | SEALANT: security for end-users of android via light-weight analysis techniques | |
| Kadhirvelan et al. | Threat modelling and risk assessment within vehicular systems | |
| US20170149777A1 (en) | Systems and method for cross-channel device binding | |
| Heartfield et al. | Protection against semantic social engineering attacks | |
| CN114979109B (en) | Behavior track detection method, behavior track detection device, computer equipment and storage medium | |
| JP5851311B2 (en) | Application inspection device | |
| KR101382549B1 (en) | Method for pre-qualificating social network service contents in mobile environment | |
| CN115587352A (en) | Privacy security monitoring method and device, electronic equipment and storage medium | |
| CN109714371B (en) | Industrial control network safety detection system | |
| Ham et al. | DroidVulMon--Android Based Mobile Device Vulnerability Analysis and Monitoring System | |
| CN109933990B (en) | Multi-mode matching-based security vulnerability discovery method and device and electronic equipment | |
| Selsøyvold et al. | A security assessment of an embedded iot device | |
| KR102718173B1 (en) | Check content and interactions within the webview | |
| Medina et al. | Identifying Android malware instructions | |
| Doan et al. | HAL‐Based Resource Manipulation Monitoring on AOSP | |
| Campbell | Security and Privacy Analysis of Employee Monitoring Applications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20230110 |