TWI803836B - Mobile device monitoring system and method - Google Patents

Mobile device monitoring system and method Download PDF

Info

Publication number
TWI803836B
TWI803836B TW110107840A TW110107840A TWI803836B TW I803836 B TWI803836 B TW I803836B TW 110107840 A TW110107840 A TW 110107840A TW 110107840 A TW110107840 A TW 110107840A TW I803836 B TWI803836 B TW I803836B
Authority
TW
Taiwan
Prior art keywords
program
monitoring
mobile device
page
pages
Prior art date
Application number
TW110107840A
Other languages
Chinese (zh)
Other versions
TW202236126A (en
Inventor
沈朝玄
蕭仁宏
賴俊安
Original Assignee
玉山商業銀行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 玉山商業銀行股份有限公司 filed Critical 玉山商業銀行股份有限公司
Priority to TW110107840A priority Critical patent/TWI803836B/en
Publication of TW202236126A publication Critical patent/TW202236126A/en
Application granted granted Critical
Publication of TWI803836B publication Critical patent/TWI803836B/en

Links

Images

Landscapes

  • Debugging And Monitoring (AREA)
  • Radar Systems Or Details Thereof (AREA)

Abstract

A mobile device monitoring system and a monitoring method for mobile device are provided in the present disclosure. The mobile device monitoring system includes a controller, a display device and a storage device. The first program is initialized according to an activation request to display a page of the first program on the display device. After the first program is initialized, the first program provides a monitoring program activation request to the operating system to activate the monitoring program. The first program includes multiple sensitive pages. When one of the multiple sensitive pages of the first program is displayed on the display device, the monitoring program continuously monitors whether or not the page operation authority parameter of one of the multiple sensitive pages of the first program changes.

Description

行動裝置監測系統與方法Mobile device monitoring system and method

本發明涉及一種行動裝置監測系統與方法,特別是涉及一種避免應用程式的頁面被覆蓋的行動裝置監測系統與方法。The present invention relates to a mobile device monitoring system and method, in particular to a mobile device monitoring system and method for preventing application pages from being covered.

有些惡意程式會在一些程式開啟之後,快速覆蓋開啟程式的頁面,通過偽造程式頁面,取得使用者的個人資料、金融卡資訊或是信用卡資訊、個人帳號密碼等重要資訊。Some malicious programs will quickly overwrite the page of the program after some programs are opened, and obtain important information such as the user's personal information, financial card information or credit card information, personal account password, etc. by forging the program page.

因此,如何提供一種有效避免應用程式的頁面被覆蓋的行動裝置監測系統與方法,已成為該項事業所欲解決的重要課題之一。Therefore, how to provide a mobile device monitoring system and method that can effectively prevent application pages from being covered has become one of the important issues to be solved by this project.

本發明所要解決的技術問題在於,針對現有技術的不足提供一種行動裝置監測系統,包括:一控制器;一顯示裝置,電性連接所述控制器;以及一儲存裝置,電性連接所述控制器,所述儲存裝置至少儲存一操作系統、一第一程式以及一監測程式;其中,當所述操作系統初始化,通過所述控制器、所述儲存裝置以及所述顯示裝置進行執行以及顯示之後,所述第一程式根據一啟動要求進行初始化,以在所述顯示裝置上顯示所述第一程式的一頁面;其中,當所述第一程式完成初始化之後,所述第一程式提供一監測程式啟動要求至所述操作系統以啟動所述監測程式;其中,所述第一程式包括多個機敏頁面,當所述顯示裝置上顯示所述第一程式的所述多個機敏頁面的其中一個時,所述監測程式持續地監測所述第一程式的所述多個機敏頁面的其中一個的一頁面操作權限是否改變。The technical problem to be solved by the present invention is to provide a mobile device monitoring system for the deficiencies in the prior art, including: a controller; a display device electrically connected to the controller; and a storage device electrically connected to the controller device, the storage device at least stores an operating system, a first program, and a monitoring program; wherein, when the operating system is initialized, executed and displayed by the controller, the storage device, and the display device , the first program is initialized according to a start request, so as to display a page of the first program on the display device; wherein, when the first program is initialized, the first program provides a monitoring A program activation request is sent to the operating system to activate the monitoring program; wherein, the first program includes a plurality of alert pages, and when one of the plurality of alert pages of the first program is displayed on the display device At this time, the monitoring program continuously monitors whether a page operation authority of one of the smart pages of the first program is changed.

為了解決上述的技術問題,本發明所採用的其中一技術方案是提供一種行動裝置監測方法,包括:初始化一第一程式;提供一監測程式啟動要求以啟動一監測程式;監測所述第一程式顯示在前景的一機敏頁面的一頁面操作權限是否改變;以及至少根據所述機敏頁面的所述頁面操作權限提供一警示資訊。In order to solve the above technical problems, one of the technical solutions adopted by the present invention is to provide a mobile device monitoring method, including: initializing a first program; providing a monitoring program activation request to start a monitoring program; monitoring the first program displaying whether a page operation authority of a smart page in the foreground changes; and providing a warning message at least according to the page operation authority of the smart page.

本發明的其中一有益效果在於,本發明所提供的行動裝置監測系統與方法,可以有效監測其他程式,例如:惡意程式的頁面覆蓋,並有效避免機敏資料的外洩。One of the beneficial effects of the present invention is that the mobile device monitoring system and method provided by the present invention can effectively monitor other programs, such as the page coverage of malicious programs, and effectively prevent leakage of sensitive data.

為使能更進一步瞭解本發明的特徵及技術內容,請參閱以下有關本發明的詳細說明與圖式,然而所提供的圖式僅用於提供參考與說明,並非用來對本發明加以限制。In order to further understand the features and technical content of the present invention, please refer to the following detailed description and drawings related to the present invention. However, the provided drawings are only for reference and description, and are not intended to limit the present invention.

以下是通過特定的具體實施例來說明本發明所公開有關“行動裝置監測系統與方法”的實施方式,本領域技術人員可由本說明書所公開的內容瞭解本發明的優點與效果。本發明可通過其他不同的具體實施例加以施行或應用,本說明書中的各項細節也可基於不同觀點與應用,在不背離本發明的構思下進行各種修改與變更。另外,本發明的附圖僅為簡單示意說明,並非依實際尺寸的描繪,事先聲明。以下的實施方式將進一步詳細說明本發明的相關技術內容,但所公開的內容並非用以限制本發明的保護範圍。另外,本文中所使用的術語“或”,應視實際情況可能包括相關聯所列出項目中的任一個或者多個的組合。The implementation of the "mobile device monitoring system and method" disclosed in the present invention is described below through specific specific examples. Those skilled in the art can understand the advantages and effects of the present invention from the content disclosed in this specification. The present invention can be implemented or applied through other different specific embodiments, and various modifications and changes can be made to the details in this specification based on different viewpoints and applications without departing from the concept of the present invention. In addition, the drawings of the present invention are only for simple illustration, and are not drawn according to the actual size, which is stated in advance. The following embodiments will further describe the relevant technical content of the present invention in detail, but the disclosed content is not intended to limit the protection scope of the present invention. In addition, the term "or" used herein may include any one or a combination of more of the associated listed items depending on the actual situation.

[第一實施例][first embodiment]

請參閱圖1以及圖2,圖1是本發明第一實施例的行動裝置監測系統的示意圖。圖2是行動裝置監測系統中操作系統、第一程式以及監測程式的訊息互動圖。Please refer to FIG. 1 and FIG. 2 . FIG. 1 is a schematic diagram of a mobile device monitoring system according to a first embodiment of the present invention. FIG. 2 is a message interaction diagram of the operating system, the first program and the monitoring program in the mobile device monitoring system.

由於現今行動裝置相當普遍,行動金融也越加繁榮,個人資料、金融相關資料,如信用卡、金融卡等資料,也都成為惡意程式想要盜取的內容。由於惡意程式日漸猖狂,甚至會模仿金融機構的程式頁面或假造個人資訊輸入頁面,通過覆蓋在程式頁面的前方,取得使用者個人資訊等機敏資訊。為了防止此一問題,本發明提供一種行動裝置監測系統1。由於並不是所有的覆蓋頁面皆是模仿原本的程式畫面,可能是攻擊者自己加入的假畫面。例如BlackRock在google play、Netflix等程式前,則會假造信用卡資訊輸入頁面,但本身這個頁面風格與樣式與原程式不相符。Since mobile devices are quite common nowadays, and mobile finance is becoming more and more prosperous, personal information and financial-related information, such as credit card and debit card information, have also become content that malicious programs want to steal. As malicious programs become more and more rampant, they even imitate the program pages of financial institutions or fake personal information input pages, and obtain sensitive information such as user personal information by covering the front of the program pages. In order to prevent this problem, the present invention provides a mobile device monitoring system 1 . Since not all overlay pages imitate the original program screen, it may be a fake screen added by the attacker himself. For example, BlackRock will fake the credit card information input page in front of google play, Netflix and other programs, but the style and style of the page itself does not match the original program.

行動裝置監測系統1包括一控制器11、一顯示裝置12、一儲存裝置13以及一通訊裝置14。控制器11電性連接顯示裝置12、儲存裝置13以及通訊裝置14。在本實施例中,行動裝置監測系統1是適用在一行動裝置MD。行動裝置MD可以是一智能手機、一平板電腦或是一穿戴式電子裝置。The mobile device monitoring system 1 includes a controller 11 , a display device 12 , a storage device 13 and a communication device 14 . The controller 11 is electrically connected to the display device 12 , the storage device 13 and the communication device 14 . In this embodiment, the mobile device monitoring system 1 is applicable to a mobile device MD. The mobile device MD can be a smart phone, a tablet computer or a wearable electronic device.

在本實施例中,儲存裝置13至少儲存一操作系統OS、一第一程式APP1以及一監測程式MP。In this embodiment, the storage device 13 at least stores an operating system OS, a first program APP1 and a monitoring program MP.

第一程式APP1包括多個機敏頁面CP以及非機敏頁面NCP。使用者可以通過初始化第一程式APP1以瀏覽或是登錄第一程式APP1的多個機敏頁面CP以及非機敏頁面NCP。在本實施例中,第一程式APP1是一移動裝置應用程式,例如:銀行交易程式、股票證券交易程式或是社交軟體程式、手機遊戲程式或是直播娛樂應用程式。The first program APP1 includes a plurality of smart pages CP and non-smart pages NCP. The user can browse or log in a plurality of smart pages CP and non-smart pages NCP of the first program APP1 by initializing the first program APP1. In this embodiment, the first program APP1 is a mobile device application program, such as a bank transaction program, a stock and securities transaction program or a social software program, a mobile game program or a live entertainment application program.

機敏頁面CP則是需要輸入使用者的個人資料、金融卡資料、信用卡資料、帳號密碼輸入或是第三方認證資料等機密資料的頁面。非機敏頁面NCP則是不包括使用者的個人資料、金融卡資料、信用卡資料、帳號密碼輸入或是第三方認證資料等機密資料的頁面。Smart page CP is a page that needs to input confidential information such as user's personal information, bank card information, credit card information, account password input or third-party authentication information. A non-sensitive page NCP is a page that does not contain confidential information such as user personal information, bank card information, credit card information, account password input, or third-party authentication information.

首先,行動裝置MD在啟動開機之後,操作系統OS會進行初始化。操作系統OS以及第一程式APP1則是需要通過控制器11、顯示裝置12以及儲存裝置13進行執行、顯示之後方能完成初始化。Firstly, after the mobile device MD starts up, the operating system OS will be initialized. The operating system OS and the first program APP1 need to be executed and displayed by the controller 11 , the display device 12 and the storage device 13 before the initialization can be completed.

第一程式APP1則是可以根據一啟動要求進行初始化,以在顯示裝置12上顯示第一程式APP1的一頁面。在本實施例中,啟動要求是一觸控介面的點擊訊號。其中,當第一程式APP1完成初始化之後,第一程式APP1提供一監測程式啟動要求至操作系統OS以啟動監測程式MP。監測程式MP可以設置在第一程式APP1中,同時初始化。在其他實施例中,監測程式MP可以在第一程式APP1初始化之後才啟動。The first program APP1 can be initialized according to an activation request, so as to display a page of the first program APP1 on the display device 12 . In this embodiment, the activation request is a click signal of a touch interface. Wherein, after the first program APP1 completes the initialization, the first program APP1 provides a monitor program start request to the operating system OS to start the monitor program MP. The monitoring program MP can be set in the first program APP1 and initialized at the same time. In other embodiments, the monitoring program MP can be started after the first program APP1 is initialized.

再者,第一程式APP1包括多個機敏頁面CP以及多個非機敏頁面NCP。當顯示裝置12上顯示第一程式APP1的多個機敏頁面CP以及多個非機敏頁面NCP的其中一個時,監測程式MP就會持續地監測第一程式APP1的多個機敏頁面CP以及多個非機敏頁面NCP的多個頁面操作權限是否改變。在本實施例中,監測程式MP是設置在第一程式APP1中。監測程式MP是用於偵測第一程式APP1的多個頁面的頁面操作權限是否改變。在其他實施例中,監測程式MP可以用於偵測第一程式APP1的多個頁面或是其他程式的多個頁面,在本發明中不做限制。Moreover, the first program APP1 includes a plurality of smart pages CP and a plurality of non-smart pages NCP. When one of the multiple smart pages CP and the multiple non-smart pages NCP of the first program APP1 is displayed on the display device 12, the monitoring program MP will continuously monitor the multiple smart pages CP and the multiple non-smart pages of the first program APP1. Whether the operation authority of multiple pages of smart page NCP has changed. In this embodiment, the monitoring program MP is set in the first program APP1. The monitoring program MP is used to detect whether the page operation authority of multiple pages of the first program APP1 is changed. In other embodiments, the monitoring program MP can be used to detect multiple pages of the first program APP1 or multiple pages of other programs, which is not limited in the present invention.

當顯示裝置12顯示的第一程式APP1的多個頁面的其中一個頁面操作權限被改變時,操作系統OS則提供一權限改變通知資訊給第一程式APP1,第一程式APP1則會通知監測程式MP目前顯示的頁面的頁面操作權限已經被改變。在此處,頁面的頁面操作權限的原因有可能是因為本身程式的廣告彈窗,或是被其他程式搶走前景,或是被惡意程式覆蓋頁面。也就是,在本實施例中,監測程式MP可以偵測機敏頁面CP以及非機敏頁面NCP的頁面操作權限是否被更改。在其他實施例中,監測程式MP可以只偵測機敏頁面CP的頁面操作權限是否被更改。When the operation authority of one of the multiple pages of the first program APP1 displayed on the display device 12 is changed, the operating system OS provides a permission change notification information to the first program APP1, and the first program APP1 will notify the monitoring program MP The page operation authority of the currently displayed page has been changed. Here, the reason for the page operation authority of the page may be because of the advertisement pop-up window of the own program, or the foreground is taken away by other programs, or the page is covered by malicious programs. That is, in this embodiment, the monitoring program MP can detect whether the page operation authority of the smart page CP and the non-smart page NCP is changed. In other embodiments, the monitoring program MP can only detect whether the page operation authority of the smart page CP is changed.

因此,當監測程式MP得到第一程式APP1的通知,第一程式APP1的多個頁面的其中一個頁面操作權限被改變時,監測程式MP還會偵測第一程式APP的頁面是否是顯示在前景,而不是被退到背景,以及覆蓋在第一程式APP1上的程式是否屬於第一程式APP1本身的彈出視窗,以判斷是否提供一警示資訊。Therefore, when the monitoring program MP is notified by the first program APP1 that one of the multiple pages of the first program APP1 has a page operation authority changed, the monitoring program MP will also detect whether the page of the first program APP is displayed in the foreground , instead of being retreated to the background, and whether the program covering the first program APP1 belongs to the pop-up window of the first program APP1 itself, to determine whether to provide a warning message.

在其他實施例中,當監測程式MP得到第一程式APP1的通知,第一程式APP1的多個頁面的其中一個頁面操作權限被改變時,監測程式MP就可以提供警示資訊,以通知使用者目前顯示的頁面有一定風險。In other embodiments, when the monitoring program MP is notified by the first program APP1 that the operation authority of one of the multiple pages of the first program APP1 is changed, the monitoring program MP can provide warning information to notify the user of the current situation. The displayed pages are risky.

在本實施例中,則是,當監測程式MP偵測到第一程式APP1的頁面的頁面操作權限被改變、第一程式APP1的頁面是在前景、覆蓋在第一程式APP1的頁面上的程式並不是屬於第一程式APP1本身的視窗或是頁面,監測程式MP則會提供一警示資訊。In this embodiment, then, when the monitoring program MP detects that the page operation authority of the page of the first program APP1 is changed, the page of the first program APP1 is in the foreground, the program covered on the page of the first program APP1 For windows or pages that do not belong to the first program APP1 itself, the monitoring program MP will provide a warning message.

如圖2所示,操作系統OS、第一程式APP1之間的互動,就如先前所述,第一程式APP1初始化之後,會要求操作系統OS啟動監測程式MP。接著,當惡意程式覆蓋第一程式APP的頁面時,監測程式MP就會提供警示資訊。As shown in FIG. 2 , the interaction between the operating system OS and the first program APP1 is as mentioned above. After the first program APP1 is initialized, the operating system OS is required to start the monitoring program MP. Then, when the malicious program covers the page of the first program APP, the monitoring program MP will provide warning information.

控制器11是一中央處理器(CPU)、特殊應用積體電路(ASIC)、一圖型處理器(GPU)或是一微處理器(MCU)。顯示裝置12是一液晶顯示裝置或是一或是有機發光二極體顯示裝置。儲存裝置13是一快閃記憶體、一唯讀記憶體、一可規化唯讀記憶體、一電可改寫唯讀記憶體、一可擦可規化唯讀記憶體或是一電可擦可規化唯讀記憶體。通訊裝置14包括一有線通訊單元(圖未示)以及一無線通訊單元(圖未示)。當通訊裝置14是一無線通訊單元時,通訊裝置14可以是一Wi-Fi通訊單元、一藍牙通訊單元、一紫蜂通訊單元(Zigbee)、一LoRa通訊單元、一Sigfox通訊單元或是一NB-IoT通訊單元。操作系統OS可以是Android系統、iOS系統、iPadOS系統等。The controller 11 is a central processing unit (CPU), an application specific integrated circuit (ASIC), a graphics processing unit (GPU) or a microprocessor (MCU). The display device 12 is a liquid crystal display device or an organic light emitting diode display device. The storage device 13 is a flash memory, a read-only memory, a programmable read-only memory, an electrically rewritable read-only memory, an erasable programmable read-only memory or an electrically erasable Scalable read-only memory. The communication device 14 includes a wired communication unit (not shown) and a wireless communication unit (not shown). When the communication device 14 is a wireless communication unit, the communication device 14 can be a Wi-Fi communication unit, a Bluetooth communication unit, a Zigbee communication unit (Zigbee), a LoRa communication unit, a Sigfox communication unit or a NB -IoT communication unit. The operating system OS may be an Android system, an iOS system, an iPadOS system, and the like.

[第二實施例][Second embodiment]

請參閱圖3以及圖4,圖3是第二實施例的行動裝置監測方法的流程圖。圖4是第二實施例的行動裝置監測方法的另一流程圖。Please refer to FIG. 3 and FIG. 4 , FIG. 3 is a flowchart of a mobile device monitoring method according to a second embodiment. FIG. 4 is another flow chart of the mobile device monitoring method of the second embodiment.

本實施例中的行動裝置監測方法,適用於第一實施例中的行動裝置監測系統1,行動裝置監測系統1的功能與結構在此不做贅述。The mobile device monitoring method in this embodiment is applicable to the mobile device monitoring system 1 in the first embodiment, and the function and structure of the mobile device monitoring system 1 will not be repeated here.

行動裝置監測方法包括下列步驟:The mobile device monitoring method includes the following steps:

初始化一第一程式以及一監測程式(步驟S110);Initialize a first program and a monitoring program (step S110);

監測所述第一程式顯示在前景的一頁面的一頁面操作權限是否改變(步驟S120);Monitoring whether a page operation authority of a page displayed in the foreground by the first program is changed (step S120);

至少根據頁面的頁面操作權限提供一警示資訊(步驟S130)。At least provide a warning message according to the page operation authority of the page (step S130 ).

在步驟S110中,行動裝置監測系統1包括一控制器11、一顯示裝置12、一儲存裝置13以及一通訊裝置14。控制器11電性連接顯示裝置12、儲存裝置13以及通訊裝置14。在本實施例中,行動裝置監測系統1是適用在一行動裝置MD。行動裝置MD可以是一智能手機、一平板電腦或是一穿戴式電子裝置。In step S110 , the mobile device monitoring system 1 includes a controller 11 , a display device 12 , a storage device 13 and a communication device 14 . The controller 11 is electrically connected to the display device 12 , the storage device 13 and the communication device 14 . In this embodiment, the mobile device monitoring system 1 is applicable to a mobile device MD. The mobile device MD can be a smart phone, a tablet computer or a wearable electronic device.

在本實施例中,儲存裝置13至少儲存一操作系統OS、一第一程式APP1以及一監測程式MP。In this embodiment, the storage device 13 at least stores an operating system OS, a first program APP1 and a monitoring program MP.

第一程式APP1包括多個機敏頁面CP以及非機敏頁面NCP。使用者可以通過初始化第一程式APP1以瀏覽或是登錄第一程式APP1的多個機敏頁面CP以及非機敏頁面NCP。在本實施例中,第一程式APP1是一移動裝置應用程式,例如:銀行交易程式、股票證券交易程式或是社交軟體程式、手機遊戲程式或是直播娛樂應用程式。The first program APP1 includes a plurality of smart pages CP and non-smart pages NCP. The user can browse or log in a plurality of smart pages CP and non-smart pages NCP of the first program APP1 by initializing the first program APP1. In this embodiment, the first program APP1 is a mobile device application program, such as a bank transaction program, a stock and securities transaction program or a social software program, a mobile game program or a live entertainment application program.

機敏頁面CP則是需要輸入使用者的個人資料、金融卡資料、信用卡資料、帳號密碼輸入或是第三方認證資料等機密資料的頁面。非機敏頁面NCP則是不包括使用者的個人資料、金融卡資料、信用卡資料、帳號密碼輸入或是第三方認證資料等機密資料的頁面。Smart page CP is a page that needs to input confidential information such as user's personal information, bank card information, credit card information, account password input or third-party authentication information. A non-sensitive page NCP is a page that does not contain confidential information such as user personal information, bank card information, credit card information, account password input, or third-party authentication information.

首先,行動裝置MD在啟動開機之後,操作系統OS會進行初始化。操作系統OS以及第一程式APP1則是需要通過控制器11、顯示裝置12以及儲存裝置13進行執行、顯示之後方能完成初始化。Firstly, after the mobile device MD starts up, the operating system OS will be initialized. The operating system OS and the first program APP1 need to be executed and displayed by the controller 11 , the display device 12 and the storage device 13 before the initialization can be completed.

第一程式APP1則是可以根據一啟動要求進行初始化,以在顯示裝置12上顯示第一程式APP1的一頁面。在本實施例中,啟動要求是一觸控介面的點擊訊號。其中,當第一程式APP1完成初始化之後,第一程式APP1提供一監測程式啟動要求至操作系統OS以啟動監測程式MP。監測程式MP可以設置在第一程式APP1中,同時初始化。在其他實施例中,監測程式MP可以在第一程式APP1初始化之後才啟動。The first program APP1 can be initialized according to an activation request, so as to display a page of the first program APP1 on the display device 12 . In this embodiment, the activation request is a click signal of a touch interface. Wherein, after the first program APP1 completes the initialization, the first program APP1 provides a monitor program start request to the operating system OS to start the monitor program MP. The monitoring program MP can be set in the first program APP1 and initialized at the same time. In other embodiments, the monitoring program MP can be started after the first program APP1 is initialized.

在步驟S130中,第一程式APP1包括多個機敏頁面CP以及多個非機敏頁面NCP。當顯示裝置12上顯示第一程式APP1的多個機敏頁面CP以及多個非機敏頁面NCP的其中一個時,監測程式MP會持續地監測第一程式APP1的多個機敏頁面CP以及多個非機敏頁面NCP的其中一個頁面操作權限是否改變。在本實施例中,監測程式MP是設置在第一程式APP1中。監測程式MP是用於偵測第一程式APP1的多個頁面的頁面操作權限是否改變。在其他實施例中,監測程式MP可以用於偵測第一程式APP1的多個頁面或是其他程式的多個頁面,在本發明中不做限制。In step S130, the first program APP1 includes a plurality of smart pages CP and a plurality of non-smart pages NCP. When one of the smart pages CP and the non-smart pages NCP of the first program APP1 is displayed on the display device 12, the monitoring program MP will continuously monitor the smart pages CP and the non-smart pages of the first program APP1. Whether one of the page operation permissions of the page NCP has changed. In this embodiment, the monitoring program MP is set in the first program APP1. The monitoring program MP is used to detect whether the page operation authority of multiple pages of the first program APP1 is changed. In other embodiments, the monitoring program MP can be used to detect multiple pages of the first program APP1 or multiple pages of other programs, which is not limited in the present invention.

當顯示裝置12顯示的第一程式APP1的多個頁面的其中一個頁面操作權限被改變時,操作系統OS則提供一權限改變通知資訊給第一程式APP1,第一程式APP1則會通知監測程式MP目前顯示的頁面的頁面操作權限已經被改變。也就是,在本實施例中,監測程式MP可以偵測機敏頁面CP以及非機敏頁面NCP的頁面操作權限是否被更改。在其他實施例中,監測程式MP可以只偵測機敏頁面CP的頁面操作權限是否被更改。When the operation authority of one of the multiple pages of the first program APP1 displayed on the display device 12 is changed, the operating system OS provides a permission change notification information to the first program APP1, and the first program APP1 will notify the monitoring program MP The page operation authority of the currently displayed page has been changed. That is, in this embodiment, the monitoring program MP can detect whether the page operation authority of the smart page CP and the non-smart page NCP is changed. In other embodiments, the monitoring program MP can only detect whether the page operation authority of the smart page CP is changed.

在步驟S140中,當監測程式MP得到第一程式APP1的通知,第一程式APP1的多個頁面的其中一個頁面的頁面操作權限被改變時,監測程式MP就可以提供警示資訊,以通知使用者目前顯示的頁面有一定風險。In step S140, when the monitoring program MP is notified by the first program APP1 that the page operation authority of one of the multiple pages of the first program APP1 is changed, the monitoring program MP can provide warning information to notify the user The page currently displayed is risky.

此外, 如圖4所示,當監測程式MP得到第一程式APP1的通知,第一程式APP1的多個頁面的其中一個頁面操作權限被改變時,監測程式MP還會偵測第一程式APP的頁面是否是顯示在前景,而不是被退到背景,以及覆蓋在第一程式APP1上的程式是否屬於第一程式APP1本身的彈出視窗,以判斷是否提供一警示資訊。In addition, as shown in Figure 4, when the monitoring program MP is notified by the first program APP1 that one of the page operation permissions of the multiple pages of the first program APP1 is changed, the monitoring program MP will also detect the first program APP. Whether the page is displayed in the foreground instead of being retreated to the background, and whether the program covering the first program APP1 is a pop-up window of the first program APP1 itself is used to determine whether to provide a warning message.

也就是,當監測程式MP偵測到第一程式APP1的頁面的頁面操作權限被改變、第一程式APP1的頁面是在前景、覆蓋在第一程式APP1的頁面上的程式並不是屬於第一程式APP1本身的視窗或是頁面,監測程式MP則會提供一警示資訊。That is, when the monitoring program MP detects that the page operation authority of the page of the first program APP1 is changed, the page of the first program APP1 is in the foreground, and the program covering the page of the first program APP1 does not belong to the first program For the window or page of APP1 itself, the monitoring program MP will provide a warning message.

[實施例的有益效果][Advantageous Effects of Embodiment]

本發明的其中一有益效果在於,本發明所提供的行動裝置監測系統與方法,可以有效監測其他程式,例如:惡意程式的頁面覆蓋,並有效避免機敏資料的外洩。One of the beneficial effects of the present invention is that the mobile device monitoring system and method provided by the present invention can effectively monitor other programs, such as the page coverage of malicious programs, and effectively prevent leakage of sensitive data.

以上所公開的內容僅為本發明的優選可行實施例,並非因此侷限本發明的申請專利範圍,所以凡是運用本發明說明書及圖式內容所做的等效技術變化,均包含於本發明的申請專利範圍內。The content disclosed above is only a preferred feasible embodiment of the present invention, and does not therefore limit the scope of the patent application of the present invention. Therefore, all equivalent technical changes made by using the description and drawings of the present invention are included in the application of the present invention. within the scope of the patent.

1:行動裝置監測系統 11:控制器 12:顯示裝置 13:儲存裝置 14:通訊裝置 MD:行動裝置 OS:操作系統 CP:機敏頁面 NCP:非機敏頁面 S110-S130, S140:步驟 APP1:第一程式 1: Mobile device monitoring system 11: Controller 12: Display device 13: storage device 14: Communication device MD: mobile device OS: operating system CP: smart page NCP: Non-Smart Page S110-S130, S140: Steps APP1: The first program

圖1是本發明第一實施例的行動裝置監測系統的示意圖。FIG. 1 is a schematic diagram of a mobile device monitoring system according to a first embodiment of the present invention.

圖2是行動裝置監測系統中操作系統、第一程式以及監測程式的訊息互動圖。FIG. 2 is a message interaction diagram of the operating system, the first program and the monitoring program in the mobile device monitoring system.

圖3是第二實施例的行動裝置監測方法的流程圖。FIG. 3 is a flow chart of the mobile device monitoring method of the second embodiment.

圖4是第二實施例的行動裝置監測方法的另一流程圖。FIG. 4 is another flow chart of the mobile device monitoring method of the second embodiment.

1:行動裝置監測系統 1: Mobile device monitoring system

11:控制器 11: Controller

12:顯示裝置 12: Display device

13:儲存裝置 13: storage device

14:通訊裝置 14: Communication device

MD:行動裝置 MD: mobile device

APP1:第一程式 APP1: The first program

CP:機敏頁面 CP: smart page

NCP:非機敏頁面 NCP: Non-Smart Page

Claims (12)

一種行動裝置監測系統,包括:一控制器;一顯示裝置,電性連接所述控制器;以及一儲存裝置,電性連接所述控制器,所述儲存裝置至少儲存一操作系統、一第一程式以及一監測程式;其中,當所述操作系統初始化,通過所述控制器、所述儲存裝置以及所述顯示裝置進行執行以及顯示之後,所述第一程式根據一啟動要求進行初始化,以在所述顯示裝置上顯示所述第一程式的一頁面;其中,當所述第一程式完成初始化之後,所述監測程式則會進行偵測所述第一程式的多個頁面;其中,當所述顯示裝置上顯示所述第一程式的所述多個頁面的其中一個時,所述監測程式持續地監測使用中的所述第一程式的所述多個頁面的其中一個頁面操作權限是否改變,以作為提供一警示資訊的根據。 A mobile device monitoring system, comprising: a controller; a display device electrically connected to the controller; and a storage device electrically connected to the controller, the storage device at least stores an operating system, a first program and a monitoring program; wherein, when the operating system is initialized, executed and displayed by the controller, the storage device, and the display device, the first program is initialized according to a startup request, so as to A page of the first program is displayed on the display device; wherein, after the initialization of the first program is completed, the monitoring program will detect multiple pages of the first program; wherein, when the When one of the plurality of pages of the first program is displayed on the display device, the monitoring program continuously monitors whether the operation authority of one of the plurality of pages of the first program in use changes , as a basis for providing an alert message. 如請求項1所述的行動裝置監測系統,其中,當所述顯示裝置顯示的所述第一程式的所述多個頁面的其中一個所述頁面操作權限被改變時,所述操作系統則提供一權限改變通知資訊給所述第一程式,所述第一程式通知所述監測程式目前顯示的所述頁面的所述頁面操作權限已被改變。 The mobile device monitoring system according to claim 1, wherein when one of the page operation permissions of the plurality of pages of the first program displayed on the display device is changed, the operating system provides A permission change notification message is sent to the first program, and the first program notifies the monitoring program that the page operation permission of the page currently displayed has been changed. 如請求項2所述的行動裝置監測系統,其中,當所述監測程式偵測到所述第一程式的所述多個頁面的其中一個所述頁面操作權限被改變時,所述監測程式還會偵測所述第一程式頁面是否是顯示在前景,而不是被退到背景、覆蓋在所述第一程式上的程式是否屬於所述第一程式本身的彈出視窗,以判斷是否提供一警示資訊。 The mobile device monitoring system as described in claim 2, wherein, when the monitoring program detects that one of the page operation permissions of the plurality of pages of the first program is changed, the monitoring program also It will detect whether the first program page is displayed in the foreground instead of being retreated to the background, and whether the program covering the first program belongs to the pop-up window of the first program itself, so as to determine whether to provide a warning Information. 如請求項3所述的行動裝置監測系統,其中,當所述監測程式偵測到所述第一程式的所述頁面操作權限被改變、所述第一程式是在前景以及覆蓋在所述第一程式上的程式並不是屬於所述第一程式本身的視窗,所述監測程式則會提供一警示資訊。 The mobile device monitoring system as described in claim 3, wherein, when the monitoring program detects that the page operation authority of the first program is changed, the first program is in the foreground and covers the second program A program on a program is not a window belonging to the first program itself, and the monitoring program will provide a warning message. 如請求項4所述的行動裝置監測系統,其中,所述第一程式是一移動裝置應用程式。 The mobile device monitoring system as claimed in claim 4, wherein the first program is a mobile device application program. 如請求項5所述的行動裝置監測系統,其中,所述第一程式包括多個機敏頁面以及多個非機敏頁面,所述非機敏頁面則不包括一使用者的一個人資訊、一信用卡資訊、帳號密碼輸入或是一金融卡資訊,所述機敏頁面包括一使用者的一個人資訊、一信用卡資訊、帳號密碼輸入或是一金融卡資訊。 The mobile device monitoring system as described in claim 5, wherein the first program includes a plurality of smart pages and a plurality of non-smart pages, and the non-smart pages do not include a user's personal information, a credit card information, Account password input or a financial card information, the smart page includes a user's personal information, a credit card information, account password input or a financial card information. 如請求項1所述的行動裝置監測系統,其中,所述監測程式設置在第一程式中。 The mobile device monitoring system according to claim 1, wherein the monitoring program is set in the first program. 一種行動裝置監測方法,適用於一行動裝置監測系統,所述行動裝置監測方法,包括:行動裝置監測系統初始化一第一程式以及一監測程式;所述監測程式監測使用中的所述第一程式顯示在前景的一頁面的一頁面操作權限是否改變;以及所述監測程式至少根據所述頁面的所述頁面操作權限提供一警示資訊。 A mobile device monitoring method, suitable for a mobile device monitoring system, the mobile device monitoring method includes: the mobile device monitoring system initializes a first program and a monitoring program; the monitoring program monitors the first program in use Whether a page operation authority of a page in the foreground is changed; and the monitoring program at least provides a warning information according to the page operation authority of the page. 如請求項8所述的行動裝置監測方法,其中,在所述至少根據所述機敏頁面的所述頁面操作權限提供一警示資訊的步驟中,還包括:所述監測程式根據所述頁面的所述頁面操作權限被改變、所述第一程式在前景、以及覆蓋在所述第一程式上的程式並不是屬於所述第一程式本身的視窗,提供所述警示資訊。 The mobile device monitoring method according to claim 8, wherein, in the step of providing a warning message at least according to the page operation authority of the smart page, it further includes: the monitoring program according to the page operation authority The warning information is provided if the page operation authority is changed, the first program is in the foreground, and the program covering the first program is not a window belonging to the first program itself. 如請求項9所述的行動裝置監測方法,其中,所述第一程式 是一移動裝置應用程式。 The mobile device monitoring method as described in claim 9, wherein the first program is a mobile application. 如請求項10所述的行動裝置監測方法,其中,所述第一程式包括多個機敏頁面以及多個非機敏頁面,所述非機敏頁面則不包括一使用者的一個人資訊、一信用卡資訊或是一金融卡資訊,所述機敏頁面包括一使用者的一個人資訊、一信用卡資訊或是一金融卡資訊。 The mobile device monitoring method as described in claim item 10, wherein the first program includes a plurality of smart pages and a plurality of non-smart pages, and the non-smart pages do not include a user's personal information, a credit card information or It is financial card information, and the sensitive page includes a user's personal information, credit card information or financial card information. 如請求項8所述的行動裝置監測方法,其中,所述監測程式設置在第一程式中。 The mobile device monitoring method according to claim 8, wherein the monitoring program is set in a first program.
TW110107840A 2021-03-05 2021-03-05 Mobile device monitoring system and method TWI803836B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW110107840A TWI803836B (en) 2021-03-05 2021-03-05 Mobile device monitoring system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW110107840A TWI803836B (en) 2021-03-05 2021-03-05 Mobile device monitoring system and method

Publications (2)

Publication Number Publication Date
TW202236126A TW202236126A (en) 2022-09-16
TWI803836B true TWI803836B (en) 2023-06-01

Family

ID=84957365

Family Applications (1)

Application Number Title Priority Date Filing Date
TW110107840A TWI803836B (en) 2021-03-05 2021-03-05 Mobile device monitoring system and method

Country Status (1)

Country Link
TW (1) TWI803836B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110289965A (en) * 2019-06-11 2019-09-27 深圳前海微众银行股份有限公司 A kind of management method and device of application program service
TWM615864U (en) * 2021-03-05 2021-08-21 玉山商業銀行股份有限公司 Mobile device monitoring system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110289965A (en) * 2019-06-11 2019-09-27 深圳前海微众银行股份有限公司 A kind of management method and device of application program service
TWM615864U (en) * 2021-03-05 2021-08-21 玉山商業銀行股份有限公司 Mobile device monitoring system

Also Published As

Publication number Publication date
TW202236126A (en) 2022-09-16

Similar Documents

Publication Publication Date Title
US10846696B2 (en) Apparatus and method for trusted execution environment based secure payment transactions
WO2019095563A1 (en) Screen watermark display method and apparatus, computer device, and storage medium
US10073985B2 (en) Apparatus and method for trusted execution environment file protection
CN101529366B (en) Identification and visualization of trusted user interface objects
US10572694B2 (en) Event-based display information protection system
EP3461016A1 (en) System on chip and processing device
US20210133334A1 (en) Display method, apparatus, and storage medium
US9565169B2 (en) Device theft protection associating a device identifier and a user identifier
CN108171025B (en) Method for realizing multi-user login mode, terminal and computer readable storage medium
US20130145475A1 (en) Method and apparatus for securing touch input
CN110753928A (en) Method and electronic device for controlling permission of application program
KR102347827B1 (en) Apparatus and method for secure message transmission
WO2017088135A1 (en) Method and device for configuring security indication information
KR20150128202A (en) Content sharing method and apparatus
US9773240B1 (en) Fake sensor input for passcode entry security
US11630907B2 (en) Live data viewing security
WO2018000843A1 (en) Mobile payment method, system on chip and terminal
KR102510846B1 (en) Electronic apparatus and controlling method thereof
CN112231617A (en) Service call checking method and device, storage medium and electronic equipment
US8880792B2 (en) Memory watch
US11003798B1 (en) Systems and methods for enforcing age-based application constraints
CN106778124A (en) The application method and device of a kind of hiden application
TWM615864U (en) Mobile device monitoring system
CN113344764B (en) Secure graphics processor, processor chip, display card, apparatus, method, and storage medium
TWI803836B (en) Mobile device monitoring system and method