WO2018086293A1 - Method and apparatus for detecting data leakage interface, device, and storage medium - Google Patents

Method and apparatus for detecting data leakage interface, device, and storage medium Download PDF

Info

Publication number
WO2018086293A1
WO2018086293A1 PCT/CN2017/077985 CN2017077985W WO2018086293A1 WO 2018086293 A1 WO2018086293 A1 WO 2018086293A1 CN 2017077985 W CN2017077985 W CN 2017077985W WO 2018086293 A1 WO2018086293 A1 WO 2018086293A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
interface
application software
privacy
collected
Prior art date
Application number
PCT/CN2017/077985
Other languages
French (fr)
Chinese (zh)
Inventor
王金锭
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2018086293A1 publication Critical patent/WO2018086293A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action

Definitions

  • the present invention relates to the field of information security technologies, and in particular, to a data leakage interface detection method, apparatus, device, and computer readable storage medium.
  • a variety of application software involves people's social, property, office, life and other aspects, bringing convenience to people's work and life, and become an indispensable part of intelligent terminals.
  • the application software can contact and collect a large amount of user data, including account passwords, chat information and other private information.
  • the current method of checking the application software privacy leakage is generally manual analysis.
  • the experience of the tester it is defined whether the data of the local storage, network transmission and log output of each interface in the application software running process involves privacy. Leak the problem.
  • the inspection method of manual analysis takes a long time, there is repetitive work, and human resources are wasted; on the other hand, depending on the experience of testers, there may be omissions or misjudgments.
  • the main purpose of the present invention is to provide a data leakage interface detection method, device, device and computer readable storage medium, which are intended to solve the technical problem of low detection efficiency of the application software privacy leakage interface.
  • the present invention provides a data leakage interface detection method, and the data leakage interface detection method includes the following steps:
  • the interface is an interface that leaks private data.
  • the collected data includes a plurality of data items
  • the step of detecting whether the collected data includes private data according to the pre-configured privacy database comprises:
  • the method further includes:
  • the hazard level of the interface is correspondingly configured.
  • the method further includes:
  • the private data is input to the application software while the application software is running.
  • the step of collecting the output of the application software interface to the outside of the terminal and/or storing the data locally to the terminal comprises:
  • the local broadcast and the log output by the interface are collected, and the data stored by the interface to the terminal is obtained.
  • the present invention further provides a data leakage interface detecting apparatus, where the data leakage interface detecting apparatus includes:
  • An acquisition module configured to collect data output by the application software interface to the outside of the terminal and/or stored locally to the terminal when the application software is running;
  • a detecting module configured to detect, according to the pre-configured privacy database, whether the collected data includes private data
  • a determining module configured to determine that the interface is an interface that leaks private data if the collected data is detected to include private data.
  • the collected data includes a plurality of data items
  • the detecting module is further configured to:
  • each data item includes private data; if it is detected that at least one data item includes private data, determining that the collected data includes private data.
  • the data leakage interface detecting device further includes:
  • the level module is configured to correspondingly configure a hazard level of the interface according to a security level of the privacy data included in the collected data.
  • the data leakage interface detecting device further includes:
  • a configuration module configured to: configure, according to preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
  • an input module configured to input the private data to the application software when the application software is running.
  • the acquisition module is further configured to:
  • the network information packet outputted by the interface is captured, and the data outputted by the interface to the outside of the terminal is obtained.
  • the local broadcast and the log output by the interface are collected based on the pre-configured instrumentation, and the data stored by the interface to the terminal is obtained. .
  • the present invention further provides a data leakage interface detecting device, where the data leakage interface detecting device includes a processor and a memory, wherein the memory stores a data leakage interface detecting program;
  • the processor is configured to execute the data leakage interface detection program to implement the following steps:
  • the application software interface is determined to be an interface for leaking private data.
  • the collected data includes a plurality of data items
  • the processor is further configured to execute the data leakage interface detection program to implement the following steps:
  • the processor is further configured to execute the data leakage interface detection program to implement the following steps:
  • the processor is further configured to execute the data leakage interface detection program to implement the following steps:
  • the private data is input to the application software while the application software is running.
  • the processor is further configured to execute the data leakage interface detection program to implement the following steps:
  • the local broadcast and the log output by the application software interface are collected based on the pre-configured instrumentation, and the data stored by the application software interface to the device is obtained.
  • the present invention also provides a computer readable storage medium storing one or more programs, the one or more programs being executable by one or more processors To achieve the following steps:
  • the interface is an interface that leaks private data.
  • the collected data includes a plurality of data items
  • the one or more programs may be executed by the one or more processors, and further implement the following steps:
  • the one or more programs are executable by the one or more processors, and the following steps are also implemented:
  • the hazard level of the interface is correspondingly configured.
  • the one or more programs are executable by the one or more processors, and the following steps are also implemented:
  • the private data is input to the application software while the application software is running.
  • the one or more programs are executable by the one or more processors, and the following steps are also implemented:
  • the local broadcast and the log output by the interface are collected, and the data stored by the interface to the terminal is obtained.
  • a data leakage interface detecting method, device, device and computer readable storage medium are provided.
  • the application software interface is collected and outputted to the external terminal and/or stored locally to the terminal.
  • the data collected during the dynamic running of the application software so that the information data outputted during the actual running process of the application software can be obtained, so that the collected data has a wider coverage, authenticity, reliability and integrity; and then, according to the pre-configuration
  • the privacy database detects whether the collected data contains private data, thereby realizing automatic detection of whether the collected data contains private data, and is based on a privacy database that records various private data. Therefore, when detecting the collected data, manual analysis avoids false negatives and false positives caused by experience.
  • the interface is an interface for leaking private data, thereby obtaining interfaces for leaking private data in the application software, and completing detection of leaking private data of the application software interface.
  • FIG. 1 is a schematic flowchart of a first embodiment of a data leakage interface detecting method according to the present invention
  • FIG. 2 is a schematic diagram of a refinement process of step S20 in FIG. 1;
  • FIG. 3 is a schematic flowchart of a second embodiment of a data leakage interface detecting method according to the present invention.
  • FIG. 4 is a schematic flowchart of a third embodiment of a data leakage interface detecting method according to the present invention.
  • FIG. 5 is a schematic flowchart of a step of collecting data outputted by the application software interface to the outside of the terminal and/or stored locally to the terminal according to an embodiment of the data leakage interface detecting method of the present invention
  • FIG. 6 is a schematic diagram of functional modules of a first embodiment of a data leakage interface detecting apparatus according to the present invention.
  • FIG. 7 is a schematic diagram of functional modules of a second embodiment of a data leakage interface detecting apparatus according to the present invention.
  • FIG. 8 is a schematic diagram of functional modules of a third embodiment of a data leakage interface detecting apparatus according to the present invention.
  • FIG. 9 is a schematic structural diagram of a device in a hardware operating environment according to an embodiment of the present invention.
  • a first embodiment of the data leakage interface detection method of the present invention provides a data leakage interface detection method, where the data leakage interface detection method includes:
  • Step S10 When the application software is running, collect the data output by the application software interface to the outside of the terminal and/or stored to the terminal.
  • the invention collects the externally outputted data during the running process of the application software, and automatically detects whether the externally outputted data contains private data offline, does not require manual manual detection, and does not rely on manual experience, and can automatically check the privacy of the application software in all aspects. Leak problems, avoid false negatives, and improve the efficiency of application privacy leak detection.
  • the application software is started, and in the process of running the application software, all the data outputted by each interface in the running process of the application software are separately collected through various forms such as instrumentation and packet capture.
  • all the data outputted by the interface during the running of the application software includes the data outputted by the interface to the outside of the terminal in the form of a network, and the data stored locally to the terminal, for example, a written log, a printed file, and sent to the terminal for deployment. Other application software data, etc.
  • the data output by each interface is separately recorded to detect whether the data output by each interface involves leakage of private data.
  • Step S20 Detect whether the collected data includes private data according to a pre-configured privacy database.
  • the privacy database includes various privacy data input to the application software and data related to user privacy generated by the application software, such as an account password, a chat record, a transaction record, and the like.
  • the data related to user privacy recorded in the privacy database corresponds to a private data entry including multiple data forms, such as a privacy data entry corresponding to the account password, including plaintext, a hash value, a character string, and the like. Account password.
  • the private data of different data forms in the same private data entry can be stored in sections, thereby improving the flexibility of private data monitoring, so as to prevent the application software from converting the private data after the output data is converted.
  • the privacy database After collecting all the data output by the application software interface, it is found in the privacy database whether there is a private data entry that matches the collected data. If a private data entry matching the collected data is found in the privacy database, it is determined that the data output by the application software interface contains private data.
  • the collected data includes a plurality of data items.
  • the step S20 includes:
  • Step S21 detecting, according to the privacy database, whether each data item includes private data
  • Step S22 If it is detected that at least one data item includes private data, it is determined that the collected data includes private data.
  • the data output by the collected application software interface includes multiple data items.
  • each message sent by the interface to the server through the network is a data item
  • one log written by the interface is one data item.
  • the private data items matching the data items are respectively searched in the privacy database. If a data item is the same as a piece of data in a private data entry, it is determined that the data item matches the private data item, and the data item contains private data. By analogy, each data item is detected separately, and the detection result of each data item is obtained.
  • the privacy database contains at least one private data item matching the collected data item, it may be determined that the currently collected data contains privacy data. Data, thereby determining that the data output by the current interface carries private data, which may involve leakage of private data.
  • the interface may output multiple data items during the running of the application software, after collecting all the data items output by the interface during the running process of the application software, respectively searching for corresponding matching private data items according to the privacy database to implement the data. Automated individual verification of items. Moreover, if there is a private data entry matching the data item in the privacy database, it may be determined that the data output by the current interface relates to the private information, thereby avoiding false positives and false negatives of the privacy leakage.
  • the data outputted by each interface of the collected application software is detected, and it is determined whether the data output by each interface of each application software contains private data.
  • Step S30 If it is detected that the collected data includes private data, determine that the interface is an interface that leaks private data.
  • the interface may be determined as an interface for leaking private data. Further, the interface may be identified, and the data type leaked by the interface may be recorded, so as to The application software is further optimized.
  • the data collected by the application software interface to the outside of the terminal and/or stored to the terminal is collected, and since the data is collected during the dynamic operation of the application software, the actual operation of the application software can be obtained.
  • the information data output in the process enables the collected data to have a wider coverage, authenticity, reliability and integrity.
  • it is detected whether the collected data contains private data, thereby It realizes the automatic detection of whether the collected data contains private data. Because it is based on the privacy database that records various private data, it avoids manual analysis to experience when collecting the collected data. Misreports and false positives caused by the basis.
  • the interface is an interface for leaking private data, thereby obtaining interfaces for leaking private data in the application software, and completing detection of leaking private data of the application software interface.
  • the second embodiment of the data leakage interface detecting method of the present invention provides a data leakage interface detecting method, which is based on the first embodiment of the data leakage interface detecting method of the present invention.
  • Step S40 Corresponding to configuring a security level of the interface according to the privacy data security level included in the collected data.
  • each data item contains private data
  • the private data item matching the data item in the privacy database is obtained, and the security level preset according to the matched private data item is obtained.
  • the security level preset according to the matched private data item is obtained.
  • the privacy data entry is an account password and the corresponding security level is higher, it is a level, and the corresponding interface has a hazard level of one level, and the account leakage problem is not needed; if the privacy data item is a chat content
  • the corresponding security level is medium, and the second level is corresponding to the current interface.
  • the hazard level of the current interface is level 2, so that the technician can know the danger of each interface that leaks privacy.
  • each data item includes private data
  • the plurality of data items include the private data
  • the default security level of the entry is the default security level of the entry.
  • the hazard level of the current interface is correspondingly configured.
  • a data item containing an account password and a data item containing the chat content a data item containing the chat content.
  • the security level corresponding to the account password is higher, which is one level
  • the security level corresponding to the chat content is medium level
  • the security level is the first level
  • the security level corresponding to the current interface is one level.
  • the security level of the privacy data included in the data output by the interface is obtained according to the collection, and the dangerous level of the interface is configured correspondingly, and the This application's privacy data disclosure assessment report enables technicians to keep abreast of the application's privacy data disclosure and the dangers of leaking private data interfaces.
  • the third embodiment of the data leakage interface detecting method of the present invention provides a data leakage interface detecting method, which is based on the first embodiment or the second embodiment of the data leakage interface detecting method of the present invention.
  • the first embodiment of the data leakage interface detecting method of the present invention is an example.
  • the method further includes:
  • Step S50 Configure, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database.
  • Step S60 When the application software is running, input the private data to the application software.
  • corresponding privacy data items are configured according to preset privacy data for testing.
  • the private data When configuring a private data entry corresponding to the private data, the private data needs to be converted into multiple data forms, and the private data of different data forms can be stored in the private data item in a section, so as to facilitate matching of subsequent data items.
  • the private data and the corresponding private data items are configured into the privacy database.
  • the private data can be verified to be leaked in various forms according to the privacy database.
  • the privacy data is stored in a plurality of data forms according to the preset privacy data, and the privacy database is obtained.
  • the preset privacy data is input to the application software, so that the collected data is detected.
  • the privacy data converted by the data form can be accurately identified, and whether the application software converts the private data into the data form and output, thereby avoiding the false negative of the privacy leakage interface.
  • a fourth embodiment of the data leakage interface detecting method of the present invention provides a data leakage interface detecting method, which is based on the first embodiment, the second embodiment, or the third embodiment of the data leakage interface detecting method of the present invention.
  • the step S10 includes:
  • Step S11 Grab the network information packet output by the interface, and obtain data output by the interface to the outside of the terminal;
  • step S12 the local broadcast and the log output by the interface are collected based on the pre-configured instrumentation, and the data stored by the interface to the terminal is obtained.
  • the packet sent by the interface through the network may be captured by the packet capture method, and the data in the network information packet is extracted, and the interface is obtained. Output data to the outside of the terminal.
  • the instrumentation may be pre-configured on the interface to capture the local broadcast and the written log output by the interface.
  • the log file may be other application software installed in the terminal system or the terminal. Grab and read, therefore, there is a risk of privacy data leakage, and it is necessary to collect broadcast data content for detection.
  • the data outputted by the interface to the outside of the terminal can be obtained; based on the pre-configured instrumentation, the local broadcast and the log output by the interface can be collected, and the interface is stored locally to the terminal.
  • the data thus, enables the collection of all data output by the interface.
  • the above-mentioned storage medium may be a read only memory, a magnetic disk or an optical disk or the like.
  • the first embodiment of the data leakage interface detecting device of the present invention provides a data leakage interface detecting device, where the data leakage interface detecting device includes:
  • the collecting module 10 is configured to collect data output by the application software interface to the outside of the terminal and/or stored locally to the terminal when the application software is running.
  • the invention collects the externally outputted data during the running process of the application software, and automatically detects whether the externally outputted data contains private data offline, does not require manual manual detection, and does not rely on manual experience, and can automatically check the privacy of the application software in all aspects. Leak problems, avoid false negatives, and improve the efficiency of application privacy leak detection.
  • the application software is started.
  • the collection module 10 collects all the data externally output by each interface in the running process of the application software by using various forms such as instrumentation and packet capture.
  • all data outputted by the interface during the running of the application software includes data stored in the terminal to the terminal and data outputted to the outside of the terminal in the form of a network, for example, a written log, a printed file, and sent to the terminal for deployment. Other application software data, etc.
  • the collection module 10 After collecting all the data output by each interface, the collection module 10 separately records the data output by each interface to detect whether the data output by each interface involves leakage of private data.
  • the detecting module 20 is configured to detect, according to the pre-configured privacy database, whether the collected data includes private data.
  • the detecting module 20 After collecting all the data output by the application software interface, the detecting module 20 detects, according to the pre-configured privacy database, whether the collected data contains sensitive private data.
  • the privacy database includes various privacy data input to the application software and data related to user privacy generated by the application software, such as an account password, a chat record, a transaction record, and the like.
  • the data related to user privacy recorded in the privacy database corresponds to a private data entry including multiple data forms, such as a privacy data entry corresponding to the account password, including plaintext, a hash value, a character string, and the like. Account password.
  • the private data of different data forms in the same private data entry can be stored in sections, thereby improving the flexibility of private data monitoring, so as to prevent the application software from converting the private data after the output data is converted.
  • the detecting module 20 searches the privacy database for whether there is a private data entry that matches the collected data. If a private data entry matching the collected data is found in the privacy database, it is determined that the data output by the application software interface contains private data.
  • the collected data includes a plurality of data items
  • the detecting module 20 is further configured to:
  • each data item includes private data; if it is detected that at least one data item includes private data, determining that the collected data includes private data.
  • the data output by the collected application software interface includes multiple data items.
  • each message sent by the interface to the server through the network is a data item
  • one log written by the interface is one data item.
  • the detecting module 20 searches for a private data item matching each data item in the privacy database. If a data item is the same as a piece of data in a private data entry, it is determined that the data item matches the private data item, and the data item contains private data. By analogy, the detecting module 20 detects each data item separately, and obtains the detection result of each data item.
  • the detecting module 20 may determine the currently collected data.
  • the privacy data is included, thereby determining that the data output by the current interface carries private data, which may involve leakage of private data.
  • the detecting module 20 searches for the corresponding matching private data items according to the privacy database, respectively, to implement Automated individual verification of each data item. Moreover, if there is a private data entry matching the data item in the privacy database, it may be determined that the data output by the current interface relates to the private information, thereby avoiding false positives and false negatives of the privacy leakage.
  • the detecting module 20 detects the data outputted by each interface of the collected application software, and determines whether the data output by each interface of each application software contains private data.
  • the determining module 30 is configured to determine that the interface is an interface that leaks private data if the collected data is detected to include private data.
  • the determining module 30 may determine that the interface is an interface for leaking the private data. Further, the determining module 30 may identify the interface and record the interface leakage. The data type is further optimized for the application software.
  • the collection module 10 collects the data output by the application software interface to the outside of the terminal and/or stored locally to the terminal, and is capable of acquiring the application because the data is collected during the dynamic operation of the application software.
  • the information data output during the actual operation of the software makes the collected data cover a wider range, with authenticity, reliability and integrity.
  • the detecting module 20 detects the collected data according to the pre-configured privacy database. Whether or not the private data is included, thereby realizing the automatic detection of whether the collected data contains private data, and is based on the privacy database in which the private data is recorded, therefore, when detecting the collected data, Avoid manual reporting of false negatives and false positives based on experience.
  • the determining module 30 determines that the interface is an interface for leaking the private data, thereby obtaining each interface of the application software that leaks the private data, and completing the disclosure of the private data to the application software interface. Detection.
  • the embodiment combined with dynamic data acquisition and automatic analysis of static data, any data output by the application software interface is not missed, the integrity of the data used for detection and analysis is ensured, and false alarms and leaks of the privacy data leakage interface are avoided. Reporting greatly improves the efficiency of application software privacy leak detection and reduces labor costs.
  • the second embodiment of the data leakage interface detecting apparatus of the present invention provides a data leakage interface detecting apparatus.
  • the data leakage interface detecting apparatus further includes the data leakage interface detecting apparatus according to the first embodiment of the present invention. :
  • the level module 40 is configured to correspondingly configure a hazard level of the interface according to a security level of the privacy data included in the collected data.
  • the level module 40 After detecting whether each data item contains private data, if only one data item is detected to contain private data, the level module 40 obtains a private data item in the privacy database that matches the data item, and presets according to the matched private data item.
  • the security level corresponds to the hazard level of the current interface.
  • the privacy data entry is an account password and the corresponding security level is higher, it is a level, and the level module 40 is configured to set the risk level of the current interface to one level, and the account leakage problem is not needed; if the privacy data entry is For the content of the chat, the corresponding security level is medium, and the level of the corresponding interface is two levels, so that the technician can know the danger of each interface that leaks privacy.
  • the level module 40 After detecting whether each data item includes private data, if it is detected that the plurality of data items include the private data, the level module 40 respectively obtains the private data items in the privacy database that match the plurality of data items, and obtains each matching.
  • the privacy level of the privacy data entry is preset.
  • the level module 40 correspondingly configures the hazard level of the current interface according to the security level with the highest security level among the matched private data items.
  • the security level corresponding to the account password is higher, which is one level
  • the security level corresponding to the chat content is medium level
  • the security level is the first level
  • the security level corresponding to the current interface is one level.
  • the level module 40 if it is determined that the interface of the application software is an interface for leaking private data, the level module 40 correspondingly sets the security level of the privacy data included in the data output by the interface, and correspondingly configures the danger level of the interface, further A privacy data disclosure assessment report for this application can be formed, so that technicians can keep abreast of the privacy data leakage of the application and the danger of leaking the interface of the private data.
  • a third embodiment of the data leakage interface detecting apparatus of the present invention provides a data leakage interface detecting apparatus.
  • the data leakage is based on the first embodiment or the second embodiment of the data leakage interface detecting apparatus of the present invention.
  • the interface detecting device further includes:
  • the configuration module 50 is configured to: configure, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
  • the input module 60 is configured to input the private data to the application software when the application software is running.
  • the configuration module 50 When performing privacy data leakage detection of the application software, the configuration module 50 first needs to configure a privacy database for determining whether the application software interface leaks private data.
  • the configuration module 50 configures corresponding privacy data entries according to preset privacy data for testing.
  • the configuration module 50 When configuring a private data entry corresponding to the privacy data, the configuration module 50 needs to convert the private data into multiple data forms, and the private data of different data forms may be stored in the private data item in a section, so as to facilitate subsequent data items. match.
  • the configuration module 50 configures the private data and the corresponding private data items into the privacy database.
  • the input module 60 inputs pre-configured private data to the application software, such as entering an account password, simulating a chat session to input chat content, simulating a transaction input transaction amount, and the like.
  • the detection module 20 can verify whether the input privacy data is leaked in various forms according to the privacy database.
  • the configuration module 50 configures a privacy data entry that includes multiple data forms based on the preset privacy data corresponding configuration to obtain a privacy database.
  • the input module 60 inputs preset privacy data to the application software. Therefore, when detecting the collected data, the privacy data converted by the data form can be accurately identified, and whether the application software converts the private data into the data form and output, thereby avoiding the false negative of the privacy leakage interface.
  • the fourth embodiment of the data leakage interface detecting apparatus of the present invention provides a data leakage interface detecting apparatus, which is based on the first embodiment, the second embodiment or the third embodiment of the data leakage interface detecting apparatus of the present invention.
  • Module 10 is also used,
  • the network information packet outputted by the interface is captured, and the data outputted by the interface to the outside of the terminal is obtained.
  • the local broadcast and the log output by the interface are collected based on the pre-configured instrumentation, and the data stored by the interface to the terminal is obtained. .
  • the collection module 10 needs to collect all the data output by the application software interface, including data outputted to the outside of the terminal and stored locally to the terminal.
  • the collection module 10 may capture the information packet sent by the interface through the network by capturing the packet, and extract the data in the network information packet. Get the data that this interface outputs to the outside of the terminal.
  • the collection module 10 can also collect the information packets sent by the interface through the network through the instrumentation.
  • the collection module 10 may pre-configure the instrumentation on the interface, and capture the local broadcast and the written log output by the interface.
  • the log file may be other application software installed in the terminal system or the terminal. Grab and read, therefore, there is a risk of privacy data leakage, and it is necessary to collect broadcast data content for detection.
  • the collection module 10 extracts the data content of the local broadcast and the log, and obtains the data stored by the interface to the terminal.
  • the collection module 10 can also collect other data stored locally to the terminal by means of instrumentation.
  • the collection module 10 can obtain the data outputted by the interface to the outside of the terminal by capturing the network information packet output by the interface; based on the pre-configured instrumentation, the local broadcast and the log output by the interface can be collected, and the interface is stored to the interface. The data local to the terminal, thereby realizing the collection of all data outputted by the interface.
  • the foregoing collection module 10, the detection module 20, the determination module 30, the level module 40, the configuration module 50, and the input module 60 may be embedded in hardware or independent of the data leakage interface detecting device.
  • the software may also be stored in the memory of the data leakage interface detecting device in a software form, so that the processor calls to perform the operations corresponding to the above modules.
  • the processor can be a central processing unit (CPU), a microprocessor, a microcontroller, or the like.
  • FIG. 9 is a schematic structural diagram of a device in a hardware operating environment according to an embodiment of the present invention.
  • the data leakage interface detecting device in the embodiment of the present invention may be a PC, or may be a terminal device such as a smart phone, a tablet computer, an e-book reader, or a portable computer.
  • the data leakage interface detecting device may include a processor 1001 such as a CPU, and a memory 1002. Connection communication between these components can be achieved via a communication bus.
  • the memory 1002 may be a high speed RAM memory or a stable memory (non-volatile) Memory), such as disk storage.
  • the memory 1002 can also optionally be a storage device independent of the aforementioned processor 1001.
  • the data leakage interface detecting device may further include a user interface, a network interface, a camera, and an RF (Radio) Frequency, RF) circuits, sensors, audio circuits, WiFi modules, and more.
  • the user interface may include a display, an input unit such as a keyboard, and the optional user interface may also include a standard wired interface, a wireless interface.
  • the network interface can optionally include a standard wired interface or a wireless interface (such as a WI-FI interface).
  • the data leakage interface detecting device structure shown in FIG. 9 does not constitute a limitation of the data leakage interface detecting device, and may include more or less components than those illustrated, or combine some components. Or different parts arrangement.
  • an operating system and a data leak interface detection program may be included in the memory 1002 as a computer storage medium.
  • the operating system is a program that manages and controls the data leakage interface to detect the hardware and software resources of the device, and supports the operation of the data leakage interface detection program and other programs or software.
  • the processor 1001 can be configured to execute a data leakage interface detecting program stored in the memory 1002 to implement the following steps:
  • the application software interface is determined to be an interface for leaking private data.
  • the collected data includes a plurality of data items
  • the processor 1001 may further execute a data leakage interface detection program stored in the memory 1002 to implement the following steps:
  • processor 1001 can also execute a data leakage interface detection program stored in the memory 1002 to implement the following steps:
  • processor 1001 can also execute a data leakage interface detection program stored in the memory 1002 to implement the following steps:
  • the private data is input to the application software while the application software is running.
  • processor 1001 can also execute a data leakage interface detection program stored in the memory 1002 to implement the following steps:
  • the local broadcast and the log output by the application software interface are collected based on the pre-configured instrumentation, and the data stored by the application software interface to the device is obtained.
  • the specific embodiment of the data leakage interface detecting device of the present invention is basically the same as the foregoing embodiment of the data leakage interface detecting method and device, and details are not described herein.
  • the present invention provides a computer readable storage medium storing one or more programs, the one or more programs being executable by one or more processors to implement the following steps:
  • the interface is an interface that leaks private data.
  • the collected data includes a plurality of data items
  • the one or more programs may be executed by the one or more processors, and further implement the following steps:
  • the one or more programs may be executed by the one or more processors, and the following steps are also implemented:
  • the hazard level of the interface is correspondingly configured.
  • the one or more programs may be executed by the one or more processors, and the following steps are also implemented:
  • the private data is input to the application software while the application software is running.
  • the one or more programs may be executed by the one or more processors, and the following steps are also implemented:
  • the local broadcast and the log output by the interface are collected, and the data stored by the interface to the terminal is obtained.
  • the specific embodiment of the computer readable storage medium of the present invention is substantially the same as the foregoing embodiment of the data leakage interface detecting method and apparatus, and is not described herein.
  • the technical solution of the present invention which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk,
  • a storage medium such as ROM/RAM, disk,
  • the optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods described in various embodiments of the present invention.

Abstract

A method for detecting a data leakage interface, comprising: acquiring, when application software runs, data which is output to the outside of a terminal and/or is stored in the terminal locally by an application software interface (S10); detecting whether the acquired data comprise privacy data according to a preconfigured privacy database (S20); and if it is detected that the acquired data comprise privacy data, determining the interface as an interface for leakage of the privacy data (S30). Also disclosed are an apparatus for detecting a data leakage interface, a device, and a computer-readable storage medium. In combination with dynamic data acquisition and automatic static data analysis, the present invention ensures the integrity of data for detection and analysis, avoids false reporting and missing reporting of a privacy data leakage interface, and greatly improves the detection efficiency of the privacy leakage interface of application software and reduces labor costs.

Description

数据泄露接口检测方法、装置、设备及存储介质  Data leakage interface detection method, device, device and storage medium
技术领域Technical field
本发明涉及信息安全技术领域,尤其涉及一种数据泄露接口检测方法、装置、设备及计算机可读存储介质。The present invention relates to the field of information security technologies, and in particular, to a data leakage interface detection method, apparatus, device, and computer readable storage medium.
背景技术Background technique
多种多样的应用软件涉及到人们的社交、财产、办公、生活等方方面面,给人们的工作、生活带来便利,成为了智能终端必不可少的一部分。在应用过程中,应用软件能够接触、搜集大量的用户数据,包括账户密码、聊天信息等隐私信息。A variety of application software involves people's social, property, office, life and other aspects, bringing convenience to people's work and life, and become an indispensable part of intelligent terminals. In the application process, the application software can contact and collect a large amount of user data, including account passwords, chat information and other private information.
为了保障用户的信息安全,目前检查应用软件隐私泄露的方法一般是人工分析,借助测试人员的经验去界定应用软件运行过程中各接口在本地存储、网络传输及日志输出等方面的数据是否涉及隐私泄露问题。一方面,人工分析的检查方式耗时较长,存在重复性的工作,浪费人力资源;另一方面,依赖测试人员的经验,可能存在遗漏或误判情况。In order to protect the user's information security, the current method of checking the application software privacy leakage is generally manual analysis. With the experience of the tester, it is defined whether the data of the local storage, network transmission and log output of each interface in the application software running process involves privacy. Leak the problem. On the one hand, the inspection method of manual analysis takes a long time, there is repetitive work, and human resources are wasted; on the other hand, depending on the experience of testers, there may be omissions or misjudgments.
可见,目前的人工分析方法导致应用软件隐私泄露接口的检测效率低下。It can be seen that the current manual analysis method leads to inefficient detection of the application software privacy leak interface.
发明内容Summary of the invention
本发明的主要目的在于提供一种数据泄露接口检测方法、装置、设备及计算机可读存储介质,旨在解决应用软件隐私泄露接口的检测效率低下的技术问题。The main purpose of the present invention is to provide a data leakage interface detection method, device, device and computer readable storage medium, which are intended to solve the technical problem of low detection efficiency of the application software privacy leakage interface.
为实现上述目的,本发明提供一种数据泄露接口检测方法,所述数据泄露接口检测方法包括以下步骤:To achieve the above objective, the present invention provides a data leakage interface detection method, and the data leakage interface detection method includes the following steps:
在应用软件运行时,采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据;Collecting, by the application software interface, data outputted to the outside of the terminal and/or stored locally to the terminal when the application software is running;
根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;Detecting whether the collected data includes private data according to a pre-configured privacy database;
若检测到所述采集得到的数据中包含隐私数据,则确定所述接口为泄露隐私数据的接口。If it is detected that the collected data includes private data, it is determined that the interface is an interface that leaks private data.
优选地,所述采集得到的数据中包括多个数据项,所述根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据的步骤包括:Preferably, the collected data includes a plurality of data items, and the step of detecting whether the collected data includes private data according to the pre-configured privacy database comprises:
根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;Determining, according to the privacy database, whether each data item includes private data;
若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。If it is detected that at least one data item contains private data, it is determined that the collected data includes private data.
优选地,所述确定所述接口为泄露隐私数据的接口的步骤之后,还包括:Preferably, after the step of determining that the interface is an interface for leaking private data, the method further includes:
根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述接口的危险等级。According to the security level of the privacy data included in the collected data, the hazard level of the interface is correspondingly configured.
优选地,所述采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据的步骤之前,还包括:Preferably, before the step of collecting the output of the application software interface to the outside of the terminal and/or storing the data locally to the terminal, the method further includes:
基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;And configuring, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
在所述应用软件运行时,向所述应用软件输入所述隐私数据。The private data is input to the application software while the application software is running.
优选地,所述采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据的步骤包括:Preferably, the step of collecting the output of the application software interface to the outside of the terminal and/or storing the data locally to the terminal comprises:
抓取所述接口输出的网络信息包,得到所述接口输出到终端外部的数据;Grab the network information packet output by the interface, and obtain the data output by the interface to the outside of the terminal;
基于预先配置的插桩,采集所述接口输出的本地广播和日志,得到所述接口存储到终端本地的数据。Based on the pre-configured instrumentation, the local broadcast and the log output by the interface are collected, and the data stored by the interface to the terminal is obtained.
此外,为实现上述目的,本发明还提供一种数据泄露接口检测装置,所述数据泄露接口检测装置包括:In addition, in order to achieve the above object, the present invention further provides a data leakage interface detecting apparatus, where the data leakage interface detecting apparatus includes:
采集模块,用于在应用软件运行时,采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据;An acquisition module, configured to collect data output by the application software interface to the outside of the terminal and/or stored locally to the terminal when the application software is running;
检测模块,用于根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;a detecting module, configured to detect, according to the pre-configured privacy database, whether the collected data includes private data;
确定模块,用于若检测到所述采集得到的数据中包含隐私数据,则确定所述接口为泄露隐私数据的接口。And a determining module, configured to determine that the interface is an interface that leaks private data if the collected data is detected to include private data.
优选地,所述采集得到的数据中包括多个数据项,所述检测模块还用于,Preferably, the collected data includes a plurality of data items, and the detecting module is further configured to:
根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。And determining, according to the privacy database, whether each data item includes private data; if it is detected that at least one data item includes private data, determining that the collected data includes private data.
优选地,所述数据泄露接口检测装置还包括:Preferably, the data leakage interface detecting device further includes:
等级模块,用于根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述接口的危险等级。The level module is configured to correspondingly configure a hazard level of the interface according to a security level of the privacy data included in the collected data.
优选地,所述数据泄露接口检测装置还包括:Preferably, the data leakage interface detecting device further includes:
配置模块,用于基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;a configuration module, configured to: configure, according to preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
输入模块,用于在所述应用软件运行时,向所述应用软件输入所述隐私数据。And an input module, configured to input the private data to the application software when the application software is running.
优选地,所述采集模块还用于,Preferably, the acquisition module is further configured to:
抓取所述接口输出的网络信息包,得到所述接口输出到终端外部的数据;基于预先配置的插桩,采集所述接口输出的本地广播和日志,得到所述接口存储到终端本地的数据。The network information packet outputted by the interface is captured, and the data outputted by the interface to the outside of the terminal is obtained. The local broadcast and the log output by the interface are collected based on the pre-configured instrumentation, and the data stored by the interface to the terminal is obtained. .
此外,为实现上述目的,本发明还提供一种数据泄露接口检测设备,所述数据泄露接口检测设备包括处理器及存储器,所述存储器中存储有数据泄露接口检测程序;In addition, in order to achieve the above object, the present invention further provides a data leakage interface detecting device, where the data leakage interface detecting device includes a processor and a memory, wherein the memory stores a data leakage interface detecting program;
所述处理器用于执行所述数据泄露接口检测程序,以实现以下步骤:The processor is configured to execute the data leakage interface detection program to implement the following steps:
在应用软件运行时,采集所述应用软件接口输出到设备外部和/或存储到设备本地的数据;Collecting, when the application software is running, outputting the application software interface to the outside of the device and/or storing the data locally to the device;
根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;Detecting whether the collected data includes private data according to a pre-configured privacy database;
若检测到所述采集得到的数据中包含隐私数据,则确定所述应用软件接口为泄露隐私数据的接口。If it is detected that the collected data includes private data, the application software interface is determined to be an interface for leaking private data.
优选地,所述采集得到的数据中包括多个数据项,所述处理器还用于执行所述数据泄露接口检测程序,以实现以下步骤:Preferably, the collected data includes a plurality of data items, and the processor is further configured to execute the data leakage interface detection program to implement the following steps:
根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;Determining, according to the privacy database, whether each data item includes private data;
若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。If it is detected that at least one data item contains private data, it is determined that the collected data includes private data.
优选地,所述处理器还用于执行所述数据泄露接口检测程序,以实现以下步骤:Preferably, the processor is further configured to execute the data leakage interface detection program to implement the following steps:
根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述应用软件接口的危险等级。And determining a hazard level of the application software interface according to a security level of the privacy data included in the collected data.
优选地,所述处理器还用于执行所述数据泄露接口检测程序,以实现以下步骤:Preferably, the processor is further configured to execute the data leakage interface detection program to implement the following steps:
基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;And configuring, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
在所述应用软件运行时,向所述应用软件输入所述隐私数据。The private data is input to the application software while the application software is running.
优选地,所述处理器还用于执行所述数据泄露接口检测程序,以实现以下步骤:Preferably, the processor is further configured to execute the data leakage interface detection program to implement the following steps:
抓取所述应用软件接口输出的网络信息包,得到所述应用软件接口输出到设备外部的数据;Grab the network information packet output by the application software interface, and obtain data output by the application software interface to the outside of the device;
基于预先配置的插桩,采集所述应用软件接口输出的本地广播和日志,得到所述应用软件接口存储到设备本地的数据。The local broadcast and the log output by the application software interface are collected based on the pre-configured instrumentation, and the data stored by the application software interface to the device is obtained.
此外,为实现上述目的,本发明还提供一种计算机可读存储介质,所述计算机可读存储介质存储有一个或者多个程序,所述一个或者多个程序可被一个或者多个处理器执行,以实现以下步骤:Moreover, in order to achieve the above object, the present invention also provides a computer readable storage medium storing one or more programs, the one or more programs being executable by one or more processors To achieve the following steps:
在应用软件运行时,采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据;Collecting, by the application software interface, data outputted to the outside of the terminal and/or stored locally to the terminal when the application software is running;
根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;Detecting whether the collected data includes private data according to a pre-configured privacy database;
若检测到所述采集得到的数据中包含隐私数据,则确定所述接口为泄露隐私数据的接口。If it is detected that the collected data includes private data, it is determined that the interface is an interface that leaks private data.
优选地,所述采集得到的数据中包括多个数据项,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:Preferably, the collected data includes a plurality of data items, and the one or more programs may be executed by the one or more processors, and further implement the following steps:
根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;Determining, according to the privacy database, whether each data item includes private data;
若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。If it is detected that at least one data item contains private data, it is determined that the collected data includes private data.
优选地,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:Preferably, the one or more programs are executable by the one or more processors, and the following steps are also implemented:
根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述接口的危险等级。According to the security level of the privacy data included in the collected data, the hazard level of the interface is correspondingly configured.
优选地,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:Preferably, the one or more programs are executable by the one or more processors, and the following steps are also implemented:
基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;And configuring, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
在所述应用软件运行时,向所述应用软件输入所述隐私数据。The private data is input to the application software while the application software is running.
优选地,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:Preferably, the one or more programs are executable by the one or more processors, and the following steps are also implemented:
抓取所述接口输出的网络信息包,得到所述接口输出到终端外部的数据;Grab the network information packet output by the interface, and obtain the data output by the interface to the outside of the terminal;
基于预先配置的插桩,采集所述接口输出的本地广播和日志,得到所述接口存储到终端本地的数据。Based on the pre-configured instrumentation, the local broadcast and the log output by the interface are collected, and the data stored by the interface to the terminal is obtained.
本发明实施例提出的一种数据泄露接口检测方法、装置、设备及计算机可读存储介质,在应用软件运行时,采集应用软件接口输出到终端外部和/或存储到终端本地的数据,由于是在应用软件动态运行过程中采集的数据,因此能够获取应用软件实际运行过程中输出的各项信息数据,使得采集的数据覆盖面更广,具有真实性、可靠性和完整性;然后,根据预先配置的隐私数据库,检测采集得到的各项数据中是否包含隐私数据,从而实现了对采集的数据中是否包含有隐私数据的自动化检测,由于是以记载了各项隐私数据的隐私数据库为依据的,因此,在对采集得到的数据进行检测时,避免了人工分析以经验为依据而导致的漏报、误报。若检测到采集得到的数据中包含隐私数据,则确定此接口为泄露隐私数据的接口,由此,可以获取应用软件中泄露隐私数据的各接口,完成对应用软件接口泄露隐私数据的检测。通过发明,结合动态数据采集和静态数据自动分析,不会遗漏应用软件接口输出的任何数据,保障了用于检测分析的数据的完整性,并且,避免隐私数据泄露接口的误报、漏报,大大提高了应用软件隐私泄露接口检测的效率,降低了人工成本。A data leakage interface detecting method, device, device and computer readable storage medium are provided. When the application software is running, the application software interface is collected and outputted to the external terminal and/or stored locally to the terminal. The data collected during the dynamic running of the application software, so that the information data outputted during the actual running process of the application software can be obtained, so that the collected data has a wider coverage, authenticity, reliability and integrity; and then, according to the pre-configuration The privacy database detects whether the collected data contains private data, thereby realizing automatic detection of whether the collected data contains private data, and is based on a privacy database that records various private data. Therefore, when detecting the collected data, manual analysis avoids false negatives and false positives caused by experience. If it is detected that the collected data includes private data, it is determined that the interface is an interface for leaking private data, thereby obtaining interfaces for leaking private data in the application software, and completing detection of leaking private data of the application software interface. Through the invention, combined with dynamic data acquisition and automatic analysis of static data, it does not miss any data output by the application software interface, guarantees the integrity of the data used for detection and analysis, and avoids false positives and false negatives of the privacy data leakage interface. It greatly improves the efficiency of application software privacy leak detection and reduces labor costs.
附图说明DRAWINGS
图1为本发明数据泄露接口检测方法第一实施例的流程示意图;1 is a schematic flowchart of a first embodiment of a data leakage interface detecting method according to the present invention;
图2为图1中步骤S20的细化流程示意图;2 is a schematic diagram of a refinement process of step S20 in FIG. 1;
图3为本发明数据泄露接口检测方法第二实施例的流程示意图;3 is a schematic flowchart of a second embodiment of a data leakage interface detecting method according to the present invention;
图4为本发明数据泄露接口检测方法第三实施例的流程示意图;4 is a schematic flowchart of a third embodiment of a data leakage interface detecting method according to the present invention;
图5为本发明数据泄露接口检测方法一实施例中采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据的步骤的细化流程示意图;FIG. 5 is a schematic flowchart of a step of collecting data outputted by the application software interface to the outside of the terminal and/or stored locally to the terminal according to an embodiment of the data leakage interface detecting method of the present invention;
图6为本发明数据泄露接口检测装置第一实施例的功能模块示意图;6 is a schematic diagram of functional modules of a first embodiment of a data leakage interface detecting apparatus according to the present invention;
图7为本发明数据泄露接口检测装置第二实施例的功能模块示意图;7 is a schematic diagram of functional modules of a second embodiment of a data leakage interface detecting apparatus according to the present invention;
图8为本发明数据泄露接口检测装置第三实施例的功能模块示意图;8 is a schematic diagram of functional modules of a third embodiment of a data leakage interface detecting apparatus according to the present invention;
图9是本发明实施例方案涉及的硬件运行环境的设备结构示意图。FIG. 9 is a schematic structural diagram of a device in a hardware operating environment according to an embodiment of the present invention.
本发明目的的实现、功能特点及优点将结合实施例,参照附图做进一步说明。The implementation, functional features, and advantages of the present invention will be further described in conjunction with the embodiments.
具体实施方式detailed description
应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
参照图1,本发明数据泄露接口检测方法第一实施例提供一种数据泄露接口检测方法,所述数据泄露接口检测方法包括:Referring to FIG. 1 , a first embodiment of the data leakage interface detection method of the present invention provides a data leakage interface detection method, where the data leakage interface detection method includes:
步骤S10、在应用软件运行时,采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据。Step S10: When the application software is running, collect the data output by the application software interface to the outside of the terminal and/or stored to the terminal.
本发明通过采集应用软件运行过程中对外输出的数据,离线自动检测对外输出的数据中是否包含有隐私数据,无需人工手动检测,不依赖于人工的经验,可以全方位地自动排查应用软件的隐私泄露问题,避免漏报,提高应用软件的隐私泄露检测效率。The invention collects the externally outputted data during the running process of the application software, and automatically detects whether the externally outputted data contains private data offline, does not require manual manual detection, and does not rely on manual experience, and can automatically check the privacy of the application software in all aspects. Leak problems, avoid false negatives, and improve the efficiency of application privacy leak detection.
具体的,作为一种实施方式,启动应用软件,在应用软件运行的过程中,通过插桩、抓包等多种形式,分别采集应用软件运行过程中各接口对外输出的全部数据。Specifically, as an implementation manner, the application software is started, and in the process of running the application software, all the data outputted by each interface in the running process of the application software are separately collected through various forms such as instrumentation and packet capture.
需要说明的是,应用软件运行过程中接口对外输出的全部数据包括接口以网络形式输出到终端外部的数据、存储到终端本地的数据,例如:写的日志、打印的文件、发送给终端上部署的其他应用软件的数据等。It should be noted that all the data outputted by the interface during the running of the application software includes the data outputted by the interface to the outside of the terminal in the form of a network, and the data stored locally to the terminal, for example, a written log, a printed file, and sent to the terminal for deployment. Other application software data, etc.
在采集各接口输出的全部数据后,分别独立记录各接口输出的数据,以分别检测各接口输出的数据是否涉及到隐私数据的泄露。After collecting all the data outputted by each interface, the data output by each interface is separately recorded to detect whether the data output by each interface involves leakage of private data.
步骤S20、根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据。Step S20: Detect whether the collected data includes private data according to a pre-configured privacy database.
在采集得到应用软件接口输出的全部数据后,根据预先配置的隐私数据库,检测采集得到的数据中是否包含有敏感的隐私数据。After collecting all the data output by the application software interface, according to the pre-configured privacy database, it is detected whether the collected data contains sensitive private data.
其中,隐私数据库包括输入到应用软件的各项隐私数据以及应用软件生成的涉及用户隐私的数据,例如账户密码、聊天记录、交易记录等等。The privacy database includes various privacy data input to the application software and data related to user privacy generated by the application software, such as an account password, a chat record, a transaction record, and the like.
并且,隐私数据库中记载的各项涉及用户隐私的数据,均对应有包括多种数据形式的隐私数据条目,例如账户密码对应的隐私数据条目,包括明文、哈希值、字符串等多种形式的账户密码。同一隐私数据条目中不同数据形式的隐私数据可以分节存储,从而提高了隐私数据监测的灵活性,以避免应用软件转换隐私数据的形式进行输出时,无法检测出变换数据形式后的隐私数据。Moreover, the data related to user privacy recorded in the privacy database corresponds to a private data entry including multiple data forms, such as a privacy data entry corresponding to the account password, including plaintext, a hash value, a character string, and the like. Account password. The private data of different data forms in the same private data entry can be stored in sections, thereby improving the flexibility of private data monitoring, so as to prevent the application software from converting the private data after the output data is converted.
由此,在采集得到应用软件接口输出的全部数据后,在隐私数据库中查找是否有与采集的数据匹配的隐私数据条目。若在隐私数据库中找到与采集的数据匹配的隐私数据条目,则确定应用软件接口输出的数据中包含有隐私数据。Therefore, after collecting all the data output by the application software interface, it is found in the privacy database whether there is a private data entry that matches the collected data. If a private data entry matching the collected data is found in the privacy database, it is determined that the data output by the application software interface contains private data.
进一步地,作为一种实施方式,所述采集得到的数据中包括多个数据项,参照图2,所述步骤S20包括:Further, as an implementation manner, the collected data includes a plurality of data items. Referring to FIG. 2, the step S20 includes:
步骤S21、根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;Step S21: detecting, according to the privacy database, whether each data item includes private data;
步骤S22、若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。Step S22: If it is detected that at least one data item includes private data, it is determined that the collected data includes private data.
需要说明的是,采集得到的应用软件接口输出的数据中包含多个数据项,例如接口通过网络向服务器发送的每一条报文为一个数据项,接口每写出的一条日志为一个数据项。It should be noted that the data output by the collected application software interface includes multiple data items. For example, each message sent by the interface to the server through the network is a data item, and one log written by the interface is one data item.
则在采集得到各数据项后,在隐私数据库中分别查找与各数据项匹配的隐私数据条目。若一数据项与一隐私数据条目中的一节数据相同,则判断此数据项与此隐私数据条目匹配,此数据项包含有隐私数据。以此类推,分别检测各数据项,得到各数据项的检测结果。After collecting the data items, the private data items matching the data items are respectively searched in the privacy database. If a data item is the same as a piece of data in a private data entry, it is determined that the data item matches the private data item, and the data item contains private data. By analogy, each data item is detected separately, and the detection result of each data item is obtained.
在得到各数据项的检测结果后,若至少有一个数据项包含隐私数据,也即隐私数据库中至少包含一条与采集的数据项匹配的隐私数据条目,则可以判定当前采集得到的数据中包含隐私数据,由此可以确定当前接口输出的数据中携带有隐私数据,可能涉及隐私数据的泄露。After obtaining the detection result of each data item, if at least one data item contains private data, that is, the privacy database contains at least one private data item matching the collected data item, it may be determined that the currently collected data contains privacy data. Data, thereby determining that the data output by the current interface carries private data, which may involve leakage of private data.
由于在应用软件运行的过程中接口可能输出多个数据项,则在采集得到应用软件运行过程中接口输出的全部数据项后,分别根据隐私数据库查找对应匹配的隐私数据条目,以实现对各数据项的自动化单独校验。并且,若隐私数据库中有与数据项匹配的隐私数据条目,则可以确定当前接口输出的数据涉及到隐私信息,避免了隐私泄露的误报、漏报。Since the interface may output multiple data items during the running of the application software, after collecting all the data items output by the interface during the running process of the application software, respectively searching for corresponding matching private data items according to the privacy database to implement the data. Automated individual verification of items. Moreover, if there is a private data entry matching the data item in the privacy database, it may be determined that the data output by the current interface relates to the private information, thereby avoiding false positives and false negatives of the privacy leakage.
同上,分别对采集得到的应用软件各接口输出的数据进行检测,判断各应用软件各接口输出的数据中是否包含有隐私数据。Same as above, the data outputted by each interface of the collected application software is detected, and it is determined whether the data output by each interface of each application software contains private data.
步骤S30、若检测到所述采集得到的数据中包含隐私数据,则确定所述接口为泄露隐私数据的接口。Step S30: If it is detected that the collected data includes private data, determine that the interface is an interface that leaks private data.
若检测到应用软件的一接口输出的数据中包含有隐私数据,则可以确定此接口为泄露隐私数据的接口,进一步地,可以对此接口进行标识,并记录此接口泄露的数据类型,以便对应用软件进行进一步地优化。If the data outputted by an interface of the application software is detected to contain private data, the interface may be determined as an interface for leaking private data. Further, the interface may be identified, and the data type leaked by the interface may be recorded, so as to The application software is further optimized.
在本实施例中,在应用软件运行时,采集应用软件接口输出到终端外部和/或存储到终端本地的数据,由于是在应用软件动态运行过程中采集的数据,因此能够获取应用软件实际运行过程中输出的各项信息数据,使得采集的数据覆盖面更广,具有真实性、可靠性和完整性;然后,根据预先配置的隐私数据库,检测采集得到的各项数据中是否包含隐私数据,从而实现了对采集的数据中是否包含有隐私数据的自动化检测,由于是以记载了各项隐私数据的隐私数据库为依据的,因此,在对采集得到的数据进行检测时,避免了人工分析以经验为依据而导致的漏报、误报。若检测到采集得到的数据中包含隐私数据,则确定此接口为泄露隐私数据的接口,由此,可以获取应用软件中泄露隐私数据的各接口,完成对应用软件接口泄露隐私数据的检测。通过本实施例,结合动态数据采集和静态数据自动分析,不会遗漏应用软件接口输出的任何数据,保障了用于检测分析的数据的完整性,并且,避免隐私数据泄露接口的误报、漏报,大大提高了应用软件隐私泄露接口检测的效率,降低了人工成本。In this embodiment, when the application software is running, the data collected by the application software interface to the outside of the terminal and/or stored to the terminal is collected, and since the data is collected during the dynamic operation of the application software, the actual operation of the application software can be obtained. The information data output in the process enables the collected data to have a wider coverage, authenticity, reliability and integrity. Then, according to the pre-configured privacy database, it is detected whether the collected data contains private data, thereby It realizes the automatic detection of whether the collected data contains private data. Because it is based on the privacy database that records various private data, it avoids manual analysis to experience when collecting the collected data. Misreports and false positives caused by the basis. If it is detected that the collected data includes private data, it is determined that the interface is an interface for leaking private data, thereby obtaining interfaces for leaking private data in the application software, and completing detection of leaking private data of the application software interface. Through the embodiment, combined with dynamic data acquisition and automatic analysis of static data, any data output by the application software interface is not missed, the integrity of the data used for detection and analysis is ensured, and false alarms and leaks of the privacy data leakage interface are avoided. Reporting greatly improves the efficiency of application software privacy leak detection and reduces labor costs.
进一步地,参照图3,本发明数据泄露接口检测方法第二实施例提供一种数据泄露接口检测方法,基于上述本发明数据泄露接口检测方法第一实施例,所述步骤S30之后,还包括:Further, referring to FIG. 3, the second embodiment of the data leakage interface detecting method of the present invention provides a data leakage interface detecting method, which is based on the first embodiment of the data leakage interface detecting method of the present invention.
步骤S40、根据所述采集得到的数据中所包含的隐私数据安全等级,对应配置所述接口的危险等级。Step S40: Corresponding to configuring a security level of the interface according to the privacy data security level included in the collected data.
在分别检测各数据项是否包含隐私数据后,若仅检测到一个数据项包含隐私数据,则获取隐私数据库中与此数据项匹配的隐私数据条目,根据此匹配的隐私数据条目预设的安全等级,对应配置当前接口的危险等级。After detecting whether each data item contains private data, if only one data item is detected to contain private data, the private data item matching the data item in the privacy database is obtained, and the security level preset according to the matched private data item is obtained. Corresponds to the hazard level of the current interface.
例如,若此隐私数据条目为账户密码,对应的安全等级较高,为一级,则对应配置当前接口的危险等级为一级,亟需解决此账户泄露问题;若此隐私数据条目为聊天内容,对应的安全等级中等,为二级,则对应配置当前接口的危险等级为二级,从而使技术人员及时了解各泄露隐私的接口的危险性。For example, if the privacy data entry is an account password and the corresponding security level is higher, it is a level, and the corresponding interface has a hazard level of one level, and the account leakage problem is not needed; if the privacy data item is a chat content The corresponding security level is medium, and the second level is corresponding to the current interface. The hazard level of the current interface is level 2, so that the technician can know the danger of each interface that leaks privacy.
进一步地,在分别检测各数据项是否包含隐私数据后,若检测到多个数据项包含隐私数据,则分别获取隐私数据库中与此多个数据项匹配的隐私数据条目,获取各匹配的隐私数据条目预设的安全等级。Further, after detecting whether each data item includes private data, if it is detected that the plurality of data items include the private data, respectively acquiring the private data items in the privacy database that match the plurality of data items, and acquiring the matched private data. The default security level of the entry.
然后,根据各匹配的隐私数据条目中安全性级别最高的安全等级,对应配置当前接口的危险等级。例如,在当前采集得到数据中供检测到两个包含隐私数据的数据项:包含账户密码的数据项和包含聊天内容的数据项。其中,账户密码对应的安全等级较高,为一级,聊天内容对应的安全等级中等,为二级,则安全性级别最高的安全等级为一级,对应配置当前接口的危险等级为一级。Then, according to the security level with the highest security level in each matching private data entry, the hazard level of the current interface is correspondingly configured. For example, in the currently acquired data for detecting two data items containing private data: a data item containing an account password and a data item containing the chat content. The security level corresponding to the account password is higher, which is one level, and the security level corresponding to the chat content is medium level, and the security level is the first level, and the security level corresponding to the current interface is one level.
由此,实现了应用软件泄露隐私数据的接口的危险等级配置。Thereby, the hazard level configuration of the interface for the application software to leak private data is realized.
在本实施例中,若确定应用软件一接口为泄露隐私数据的接口,则根据采集得到此接口输出的数据中所包含的隐私数据的安全等级,对应配置此接口的危险等级,进一步可以形成针对此应用软件的隐私数据泄露评估报告,从而使技术人员及时了解应用软件的隐私数据泄露情况,以及泄露隐私数据的接口的危险性。In this embodiment, if it is determined that the interface of the application software is an interface for leaking private data, the security level of the privacy data included in the data output by the interface is obtained according to the collection, and the dangerous level of the interface is configured correspondingly, and the This application's privacy data disclosure assessment report enables technicians to keep abreast of the application's privacy data disclosure and the dangers of leaking private data interfaces.
进一步地,参照图4,本发明数据泄露接口检测方法第三实施例提供一种数据泄露接口检测方法,基于上述本发明数据泄露接口检测方法第一实施例或第二实施例(本实施例以上述本发明数据泄露接口检测方法第一实施例为例),所述步骤S10之前还包括:Further, referring to FIG. 4, the third embodiment of the data leakage interface detecting method of the present invention provides a data leakage interface detecting method, which is based on the first embodiment or the second embodiment of the data leakage interface detecting method of the present invention. The first embodiment of the data leakage interface detecting method of the present invention is an example. Before the step S10, the method further includes:
步骤S50、基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;Step S50: Configure, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database.
步骤S60、在所述应用软件运行时,向所述应用软件输入所述隐私数据。Step S60: When the application software is running, input the private data to the application software.
在进行应用软件的隐私数据泄露检测时,首先需要配置用于判断应用软件接口是否泄露隐私数据的隐私数据库。When performing the privacy data leakage detection of the application software, it is first necessary to configure a privacy database for determining whether the application software interface leaks private data.
具体的,作为一种实施方式,根据预设的用于测试的各项隐私数据,配置对应的隐私数据条目。Specifically, as an implementation manner, corresponding privacy data items are configured according to preset privacy data for testing.
在配置一项隐私数据对应的隐私数据条目时,需要将此项隐私数据转换为多种数据形式,不同数据形式的隐私数据可以在隐私数据条目中分节存储,便于后续数据项的匹配。When configuring a private data entry corresponding to the private data, the private data needs to be converted into multiple data forms, and the private data of different data forms can be stored in the private data item in a section, so as to facilitate matching of subsequent data items.
需要说明的是,在转换隐私数据的数据形式时,可以转换为明文、字符串、哈希值等多种形式,可根据实际需要灵活配置。转换的数据形式越多,更加能够减少隐私数据泄露的漏报。It should be noted that when converting the data format of the private data, it can be converted into plain text, a string, a hash value, and the like, and can be flexibly configured according to actual needs. The more data forms that are converted, the more likely it is to reduce the false negatives of private data breaches.
在得到各项隐私数据对应的隐私数据条目后,将各隐私数据及对应的隐私数据条目配置到隐私数据库中。After obtaining the privacy data items corresponding to the various privacy data, the private data and the corresponding private data items are configured into the privacy database.
在应用软件运行时,向应用软件输入预先配置的隐私数据,例如输入账户密码,模拟聊天会话输入聊天内容,模拟交易输入交易金额等等。When the application is running, input pre-configured private data to the application, such as entering an account password, simulating a chat session to input chat content, simulating a transaction input transaction amount, and the like.
由此,在采集应用软件各接口输出到终端外部和/或存储到终端本地的全部数据后,可以根据隐私数据库,校验输入的隐私数据是否以各种形式被泄露。Therefore, after collecting all the interfaces of the application software to the outside of the terminal and/or all the data stored in the terminal, the private data can be verified to be leaked in various forms according to the privacy database.
在本实施例中,基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到隐私数据库;在应用软件运行时,向应用软件输入预设的隐私数据,从而在检测采集的数据时,可以准确地识别出经过数据形式转换的隐私数据,确定应用软件是否将隐私数据转换数据形式后输出,避免了隐私泄露接口的漏报。In this embodiment, the privacy data is stored in a plurality of data forms according to the preset privacy data, and the privacy database is obtained. When the application software is running, the preset privacy data is input to the application software, so that the collected data is detected. At the same time, the privacy data converted by the data form can be accurately identified, and whether the application software converts the private data into the data form and output, thereby avoiding the false negative of the privacy leakage interface.
进一步地,参照图5,本发明数据泄露接口检测方法第四实施例提供一种数据泄露接口检测方法,基于上述本发明数据泄露接口检测方法第一实施例、第二实施例或第三实施例,所述步骤S10包括:Further, referring to FIG. 5, a fourth embodiment of the data leakage interface detecting method of the present invention provides a data leakage interface detecting method, which is based on the first embodiment, the second embodiment, or the third embodiment of the data leakage interface detecting method of the present invention. The step S10 includes:
步骤S11、抓取所述接口输出的网络信息包,得到所述接口输出到终端外部的数据;Step S11: Grab the network information packet output by the interface, and obtain data output by the interface to the outside of the terminal;
步骤S12、基于预先配置的插桩,采集所述接口输出的本地广播和日志,得到所述接口存储到终端本地的数据。In step S12, the local broadcast and the log output by the interface are collected based on the pre-configured instrumentation, and the data stored by the interface to the terminal is obtained.
在应用软件运行时,需采集应用软件接口输出的全部数据,包括输出到终端外部和存储到终端本地的数据。When the application software runs, all the data output by the application software interface needs to be collected, including data outputted to the outside of the terminal and stored locally to the terminal.
具体的,作为一种实施方式,若需要采集输出到终端外部的数据,则可以通过抓包的方式,抓取此接口通过网络发送的信息包,提取网路信息包中的数据,得到此接口输出到终端外部的数据。Specifically, as an implementation manner, if data that is output to the outside of the terminal needs to be collected, the packet sent by the interface through the network may be captured by the packet capture method, and the data in the network information packet is extracted, and the interface is obtained. Output data to the outside of the terminal.
当然,也可以通过插桩采集此接口通过网络发送的信息包。Of course, it is also possible to collect packets sent by the interface through the network by instrumentation.
作为另一种实施方式,若需要采集存储到终端本地的数据,则可以在接口上预先配置插桩,抓取接口输出的本地广播和写出的日志。As another implementation manner, if it is required to collect data stored locally in the terminal, the instrumentation may be pre-configured on the interface to capture the local broadcast and the written log output by the interface.
其中,由于本地广播可以被终端系统或终端中安装的其他应用软件收听,因此,存在隐私数据泄露风险,需要采集广播的数据内容进行检测;日志文件可能被终端系统或终端中安装的其他应用软件抓取、读取,因此,存在隐私数据泄露风险,需要采集广播的数据内容进行检测。Wherein, since the local broadcast can be listened to by the terminal system or other application software installed in the terminal, there is a risk of leakage of the privacy data, and the data content of the broadcast needs to be collected for detection; the log file may be other application software installed in the terminal system or the terminal. Grab and read, therefore, there is a risk of privacy data leakage, and it is necessary to collect broadcast data content for detection.
然后,提取本地广播和日志的数据内容,得到此接口存储到终端本地的数据。Then, the data content of the local broadcast and the log is extracted, and the data stored by the interface to the terminal is obtained.
当然,还可以通过插桩的方式,采集其他存储到终端本地的数据。Of course, it is also possible to collect other data stored locally to the terminal by means of instrumentation.
在本实施例中,通过抓取接口输出的网络信息包,可以得到接口输出到终端外部的数据;基于预先配置的插桩,可以采集接口输出的本地广播和日志,得到接口存储到终端本地的数据,由此,实现了对接口输出的全部数据的采集。In this embodiment, by extracting the network information packet outputted by the interface, the data outputted by the interface to the outside of the terminal can be obtained; based on the pre-configured instrumentation, the local broadcast and the log output by the interface can be collected, and the interface is stored locally to the terminal. The data, thus, enables the collection of all data output by the interface.
需要说明的是,本领域普通技术人员可以理解实现上述实施例的全部或部分步骤可以通过硬件来完成,也可以通过程序来指令相关的硬件完成,所述的程序可以存储于一种计算机可读存储介质中,上述提到的存储介质可以是只读存储器,磁盘或光盘等。It should be noted that those skilled in the art can understand that all or part of the steps of implementing the above embodiments may be completed by hardware, or may be instructed by a program to execute related hardware, and the program may be stored in a computer readable state. In the storage medium, the above-mentioned storage medium may be a read only memory, a magnetic disk or an optical disk or the like.
进一步地,参照图6,本发明数据泄露接口检测装置第一实施例提供一种数据泄露接口检测装置,所述数据泄露接口检测装置包括:Further, referring to FIG. 6, the first embodiment of the data leakage interface detecting device of the present invention provides a data leakage interface detecting device, where the data leakage interface detecting device includes:
采集模块10,用于在应用软件运行时,采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据。The collecting module 10 is configured to collect data output by the application software interface to the outside of the terminal and/or stored locally to the terminal when the application software is running.
本发明通过采集应用软件运行过程中对外输出的数据,离线自动检测对外输出的数据中是否包含有隐私数据,无需人工手动检测,不依赖于人工的经验,可以全方位地自动排查应用软件的隐私泄露问题,避免漏报,提高应用软件的隐私泄露检测效率。The invention collects the externally outputted data during the running process of the application software, and automatically detects whether the externally outputted data contains private data offline, does not require manual manual detection, and does not rely on manual experience, and can automatically check the privacy of the application software in all aspects. Leak problems, avoid false negatives, and improve the efficiency of application privacy leak detection.
具体的,作为一种实施方式,启动应用软件,在应用软件运行的过程中,采集模块10通过插桩、抓包等多种形式,分别采集应用软件运行过程中各接口对外输出的全部数据。Specifically, as an implementation manner, the application software is started. During the running of the application software, the collection module 10 collects all the data externally output by each interface in the running process of the application software by using various forms such as instrumentation and packet capture.
需要说明的是,应用软件运行过程中接口对外输出的全部数据包括接口存储到终端本地的数据、以网络形式输出到终端外部的数据,例如:写的日志、打印的文件、发送给终端上部署的其他应用软件的数据等。It should be noted that all data outputted by the interface during the running of the application software includes data stored in the terminal to the terminal and data outputted to the outside of the terminal in the form of a network, for example, a written log, a printed file, and sent to the terminal for deployment. Other application software data, etc.
采集模块10在采集各接口输出的全部数据后,分别独立记录各接口输出的数据,以分别检测各接口输出的数据是否涉及到隐私数据的泄露。After collecting all the data output by each interface, the collection module 10 separately records the data output by each interface to detect whether the data output by each interface involves leakage of private data.
检测模块20,用于根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据。The detecting module 20 is configured to detect, according to the pre-configured privacy database, whether the collected data includes private data.
在采集得到应用软件接口输出的全部数据后,检测模块20根据预先配置的隐私数据库,检测采集得到的数据中是否包含有敏感的隐私数据。After collecting all the data output by the application software interface, the detecting module 20 detects, according to the pre-configured privacy database, whether the collected data contains sensitive private data.
其中,隐私数据库包括输入到应用软件的各项隐私数据以及应用软件生成的涉及用户隐私的数据,例如账户密码、聊天记录、交易记录等等。The privacy database includes various privacy data input to the application software and data related to user privacy generated by the application software, such as an account password, a chat record, a transaction record, and the like.
并且,隐私数据库中记载的各项涉及用户隐私的数据,均对应有包括多种数据形式的隐私数据条目,例如账户密码对应的隐私数据条目,包括明文、哈希值、字符串等多种形式的账户密码。同一隐私数据条目中不同数据形式的隐私数据可以分节存储,从而提高了隐私数据监测的灵活性,以避免应用软件转换隐私数据的形式进行输出时,无法检测出变换数据形式后的隐私数据。Moreover, the data related to user privacy recorded in the privacy database corresponds to a private data entry including multiple data forms, such as a privacy data entry corresponding to the account password, including plaintext, a hash value, a character string, and the like. Account password. The private data of different data forms in the same private data entry can be stored in sections, thereby improving the flexibility of private data monitoring, so as to prevent the application software from converting the private data after the output data is converted.
由此,在采集得到应用软件接口输出的全部数据后,检测模块20在隐私数据库中查找是否有与采集的数据匹配的隐私数据条目。若在隐私数据库中找到与采集的数据匹配的隐私数据条目,则确定应用软件接口输出的数据中包含有隐私数据。Therefore, after collecting all the data output by the application software interface, the detecting module 20 searches the privacy database for whether there is a private data entry that matches the collected data. If a private data entry matching the collected data is found in the privacy database, it is determined that the data output by the application software interface contains private data.
进一步地,作为一种实施方式,所述采集得到的数据中包括多个数据项,所述检测模块20还用于,Further, as an implementation manner, the collected data includes a plurality of data items, and the detecting module 20 is further configured to:
根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。And determining, according to the privacy database, whether each data item includes private data; if it is detected that at least one data item includes private data, determining that the collected data includes private data.
需要说明的是,采集得到的应用软件接口输出的数据中包含多个数据项,例如接口通过网络向服务器发送的每一条报文为一个数据项,接口每写出的一条日志为一个数据项。It should be noted that the data output by the collected application software interface includes multiple data items. For example, each message sent by the interface to the server through the network is a data item, and one log written by the interface is one data item.
则在采集得到各数据项后,检测模块20在隐私数据库中分别查找与各数据项匹配的隐私数据条目。若一数据项与一隐私数据条目中的一节数据相同,则判断此数据项与此隐私数据条目匹配,此数据项包含有隐私数据。以此类推,检测模块20分别检测各数据项,得到各数据项的检测结果。Then, after collecting each data item, the detecting module 20 searches for a private data item matching each data item in the privacy database. If a data item is the same as a piece of data in a private data entry, it is determined that the data item matches the private data item, and the data item contains private data. By analogy, the detecting module 20 detects each data item separately, and obtains the detection result of each data item.
在得到各数据项的检测结果后,若至少有一个数据项包含隐私数据,也即隐私数据库中至少包含一条与采集的数据项匹配的隐私数据条目,则检测模块20可以判定当前采集得到的数据中包含隐私数据,由此可以确定当前接口输出的数据中携带有隐私数据,可能涉及隐私数据的泄露。After obtaining the detection result of each data item, if at least one data item includes private data, that is, the privacy database includes at least one private data item matching the collected data item, the detecting module 20 may determine the currently collected data. The privacy data is included, thereby determining that the data output by the current interface carries private data, which may involve leakage of private data.
由于在应用软件运行的过程中接口可能输出多个数据项,则在采集得到应用软件运行过程中接口输出的全部数据项后,检测模块20分别根据隐私数据库查找对应匹配的隐私数据条目,以实现对各数据项的自动化单独校验。并且,若隐私数据库中有与数据项匹配的隐私数据条目,则可以确定当前接口输出的数据涉及到隐私信息,避免了隐私泄露的误报、漏报。Since the interface may output multiple data items during the running of the application software, after collecting all the data items output by the interface during the running of the application software, the detecting module 20 searches for the corresponding matching private data items according to the privacy database, respectively, to implement Automated individual verification of each data item. Moreover, if there is a private data entry matching the data item in the privacy database, it may be determined that the data output by the current interface relates to the private information, thereby avoiding false positives and false negatives of the privacy leakage.
同上,检测模块20分别对采集得到的应用软件各接口输出的数据进行检测,判断各应用软件各接口输出的数据中是否包含有隐私数据。In the same manner, the detecting module 20 detects the data outputted by each interface of the collected application software, and determines whether the data output by each interface of each application software contains private data.
确定模块30,用于若检测到所述采集得到的数据中包含隐私数据,则确定所述接口为泄露隐私数据的接口。The determining module 30 is configured to determine that the interface is an interface that leaks private data if the collected data is detected to include private data.
若检测到应用软件的一接口输出的数据中包含有隐私数据,则确定模块30可以确定此接口为泄露隐私数据的接口,进一步地,确定模块30可以对此接口进行标识,并记录此接口泄露的数据类型,以便对应用软件进行进一步地优化。If the data outputted by an interface of the application software is detected to contain the private data, the determining module 30 may determine that the interface is an interface for leaking the private data. Further, the determining module 30 may identify the interface and record the interface leakage. The data type is further optimized for the application software.
在本实施例中,在应用软件运行时,采集模块10采集应用软件接口输出到终端外部和/或存储到终端本地的数据,由于是在应用软件动态运行过程中采集的数据,因此能够获取应用软件实际运行过程中输出的各项信息数据,使得采集的数据覆盖面更广,具有真实性、可靠性和完整性;然后,检测模块20根据预先配置的隐私数据库,检测采集得到的各项数据中是否包含隐私数据,从而实现了对采集的数据中是否包含有隐私数据的自动化检测,由于是以记载了各项隐私数据的隐私数据库为依据的,因此,在对采集得到的数据进行检测时,避免了人工分析以经验为依据而导致的漏报、误报。若检测到采集得到的数据中包含隐私数据,则确定模块30确定此接口为泄露隐私数据的接口,由此,可以获取应用软件中泄露隐私数据的各接口,完成对应用软件接口泄露隐私数据的检测。通过本实施例,结合动态数据采集和静态数据自动分析,不会遗漏应用软件接口输出的任何数据,保障了用于检测分析的数据的完整性,并且,避免隐私数据泄露接口的误报、漏报,大大提高了应用软件隐私泄露接口检测的效率,降低了人工成本。In this embodiment, when the application software is running, the collection module 10 collects the data output by the application software interface to the outside of the terminal and/or stored locally to the terminal, and is capable of acquiring the application because the data is collected during the dynamic operation of the application software. The information data output during the actual operation of the software makes the collected data cover a wider range, with authenticity, reliability and integrity. Then, the detecting module 20 detects the collected data according to the pre-configured privacy database. Whether or not the private data is included, thereby realizing the automatic detection of whether the collected data contains private data, and is based on the privacy database in which the private data is recorded, therefore, when detecting the collected data, Avoid manual reporting of false negatives and false positives based on experience. If it is detected that the collected data includes the private data, the determining module 30 determines that the interface is an interface for leaking the private data, thereby obtaining each interface of the application software that leaks the private data, and completing the disclosure of the private data to the application software interface. Detection. Through the embodiment, combined with dynamic data acquisition and automatic analysis of static data, any data output by the application software interface is not missed, the integrity of the data used for detection and analysis is ensured, and false alarms and leaks of the privacy data leakage interface are avoided. Reporting greatly improves the efficiency of application software privacy leak detection and reduces labor costs.
进一步地,参照图7,本发明数据泄露接口检测装置第二实施例提供一种数据泄露接口检测装置,基于上述本发明数据泄露接口检测装置第一实施例,所述数据泄露接口检测装置还包括:Further, referring to FIG. 7, the second embodiment of the data leakage interface detecting apparatus of the present invention provides a data leakage interface detecting apparatus. The data leakage interface detecting apparatus further includes the data leakage interface detecting apparatus according to the first embodiment of the present invention. :
等级模块40,用于根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述接口的危险等级。The level module 40 is configured to correspondingly configure a hazard level of the interface according to a security level of the privacy data included in the collected data.
在分别检测各数据项是否包含隐私数据后,若仅检测到一个数据项包含隐私数据,则等级模块40获取隐私数据库中与此数据项匹配的隐私数据条目,根据此匹配的隐私数据条目预设的安全等级,对应配置当前接口的危险等级。After detecting whether each data item contains private data, if only one data item is detected to contain private data, the level module 40 obtains a private data item in the privacy database that matches the data item, and presets according to the matched private data item. The security level corresponds to the hazard level of the current interface.
例如,若此隐私数据条目为账户密码,对应的安全等级较高,为一级,则等级模块40对应配置当前接口的危险等级为一级,亟需解决此账户泄露问题;若此隐私数据条目为聊天内容,对应的安全等级中等,为二级,则对应配置当前接口的危险等级为二级,从而使技术人员及时了解各泄露隐私的接口的危险性。For example, if the privacy data entry is an account password and the corresponding security level is higher, it is a level, and the level module 40 is configured to set the risk level of the current interface to one level, and the account leakage problem is not needed; if the privacy data entry is For the content of the chat, the corresponding security level is medium, and the level of the corresponding interface is two levels, so that the technician can know the danger of each interface that leaks privacy.
进一步地,在分别检测各数据项是否包含隐私数据后,若检测到多个数据项包含隐私数据,则等级模块40分别获取隐私数据库中与此多个数据项匹配的隐私数据条目,获取各匹配的隐私数据条目预设的安全等级。Further, after detecting whether each data item includes private data, if it is detected that the plurality of data items include the private data, the level module 40 respectively obtains the private data items in the privacy database that match the plurality of data items, and obtains each matching. The privacy level of the privacy data entry is preset.
然后,等级模块40根据各匹配的隐私数据条目中安全性级别最高的安全等级,对应配置当前接口的危险等级。例如,在当前采集得到数据中供检测到两个包含隐私数据的数据项:包含账户密码的数据项和包含聊天内容的数据项。其中,账户密码对应的安全等级较高,为一级,聊天内容对应的安全等级中等,为二级,则安全性级别最高的安全等级为一级,对应配置当前接口的危险等级为一级。Then, the level module 40 correspondingly configures the hazard level of the current interface according to the security level with the highest security level among the matched private data items. For example, in the currently acquired data for detecting two data items containing private data: a data item containing an account password and a data item containing the chat content. The security level corresponding to the account password is higher, which is one level, and the security level corresponding to the chat content is medium level, and the security level is the first level, and the security level corresponding to the current interface is one level.
由此,实现了应用软件泄露隐私数据的接口的危险等级配置。Thereby, the hazard level configuration of the interface for the application software to leak private data is realized.
在本实施例中,若确定应用软件一接口为泄露隐私数据的接口,则等级模块40根据采集得到此接口输出的数据中所包含的隐私数据的安全等级,对应配置此接口的危险等级,进一步可以形成针对此应用软件的隐私数据泄露评估报告,从而使技术人员及时了解应用软件的隐私数据泄露情况,以及泄露隐私数据的接口的危险性。In this embodiment, if it is determined that the interface of the application software is an interface for leaking private data, the level module 40 correspondingly sets the security level of the privacy data included in the data output by the interface, and correspondingly configures the danger level of the interface, further A privacy data disclosure assessment report for this application can be formed, so that technicians can keep abreast of the privacy data leakage of the application and the danger of leaking the interface of the private data.
进一步地,参照图8,本发明数据泄露接口检测装置第三实施例提供一种数据泄露接口检测装置,基于上述本发明数据泄露接口检测装置第一实施例或第二实施例,所述数据泄露接口检测装置还包括:Further, referring to FIG. 8 , a third embodiment of the data leakage interface detecting apparatus of the present invention provides a data leakage interface detecting apparatus. The data leakage is based on the first embodiment or the second embodiment of the data leakage interface detecting apparatus of the present invention. The interface detecting device further includes:
配置模块50,用于基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;The configuration module 50 is configured to: configure, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
输入模块60,用于在所述应用软件运行时,向所述应用软件输入所述隐私数据。The input module 60 is configured to input the private data to the application software when the application software is running.
在进行应用软件的隐私数据泄露检测时,配置模块50首先需要配置用于判断应用软件接口是否泄露隐私数据的隐私数据库。When performing privacy data leakage detection of the application software, the configuration module 50 first needs to configure a privacy database for determining whether the application software interface leaks private data.
具体的,作为一种实施方式,配置模块50根据预设的用于测试的各项隐私数据,配置对应的隐私数据条目。Specifically, as an implementation manner, the configuration module 50 configures corresponding privacy data entries according to preset privacy data for testing.
在配置一项隐私数据对应的隐私数据条目时,配置模块50需要将此项隐私数据转换为多种数据形式,不同数据形式的隐私数据可以在隐私数据条目中分节存储,便于后续数据项的匹配。When configuring a private data entry corresponding to the privacy data, the configuration module 50 needs to convert the private data into multiple data forms, and the private data of different data forms may be stored in the private data item in a section, so as to facilitate subsequent data items. match.
需要说明的是,在转换隐私数据的数据形式时,可以转换为明文、字符串、哈希值等多种形式,可根据实际需要灵活配置。转换的数据形式越多,更加能够减少隐私数据泄露的漏报。It should be noted that when converting the data format of the private data, it can be converted into plain text, a string, a hash value, and the like, and can be flexibly configured according to actual needs. The more data forms that are converted, the more likely it is to reduce the false negatives of private data breaches.
配置模块50在得到各项隐私数据对应的隐私数据条目后,将各隐私数据及对应的隐私数据条目配置到隐私数据库中。After obtaining the privacy data items corresponding to the privacy data, the configuration module 50 configures the private data and the corresponding private data items into the privacy database.
在应用软件运行时,输入模块60向应用软件输入预先配置的隐私数据,例如输入账户密码,模拟聊天会话输入聊天内容,模拟交易输入交易金额等等。When the application software is running, the input module 60 inputs pre-configured private data to the application software, such as entering an account password, simulating a chat session to input chat content, simulating a transaction input transaction amount, and the like.
由此,在采集应用软件各接口输出到终端外部和/或存储到终端本地的全部数据后,检测模块20可以根据隐私数据库,校验输入的隐私数据是否以各种形式被泄露。Thus, after the collection interface of the application software outputs all data external to the terminal and/or stored locally to the terminal, the detection module 20 can verify whether the input privacy data is leaked in various forms according to the privacy database.
在本实施例中,配置模块50基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到隐私数据库;在应用软件运行时,输入模块60向应用软件输入预设的隐私数据,从而在检测采集的数据时,可以准确地识别出经过数据形式转换的隐私数据,确定应用软件是否将隐私数据转换数据形式后输出,避免了隐私泄露接口的漏报。In this embodiment, the configuration module 50 configures a privacy data entry that includes multiple data forms based on the preset privacy data corresponding configuration to obtain a privacy database. When the application software is running, the input module 60 inputs preset privacy data to the application software. Therefore, when detecting the collected data, the privacy data converted by the data form can be accurately identified, and whether the application software converts the private data into the data form and output, thereby avoiding the false negative of the privacy leakage interface.
进一步地,本发明数据泄露接口检测装置第四实施例提供一种数据泄露接口检测装置,基于上述本发明数据泄露接口检测装置第一实施例、第二实施例或第三实施例,所述采集模块10还用于,Further, the fourth embodiment of the data leakage interface detecting apparatus of the present invention provides a data leakage interface detecting apparatus, which is based on the first embodiment, the second embodiment or the third embodiment of the data leakage interface detecting apparatus of the present invention. Module 10 is also used,
抓取所述接口输出的网络信息包,得到所述接口输出到终端外部的数据;基于预先配置的插桩,采集所述接口输出的本地广播和日志,得到所述接口存储到终端本地的数据。The network information packet outputted by the interface is captured, and the data outputted by the interface to the outside of the terminal is obtained. The local broadcast and the log output by the interface are collected based on the pre-configured instrumentation, and the data stored by the interface to the terminal is obtained. .
在应用软件运行时,采集模块10需采集应用软件接口输出的全部数据,包括输出到终端外部和存储到终端本地的数据。When the application software is running, the collection module 10 needs to collect all the data output by the application software interface, including data outputted to the outside of the terminal and stored locally to the terminal.
具体的,作为一种实施方式,若需要采集输出到终端外部的数据,则采集模块10可以通过抓包的方式,抓取此接口通过网络发送的信息包,提取网路信息包中的数据,得到此接口输出到终端外部的数据。Specifically, as an implementation manner, if it is required to collect data outputted to the outside of the terminal, the collection module 10 may capture the information packet sent by the interface through the network by capturing the packet, and extract the data in the network information packet. Get the data that this interface outputs to the outside of the terminal.
当然,采集模块10也可以通过插桩采集此接口通过网络发送的信息包。Of course, the collection module 10 can also collect the information packets sent by the interface through the network through the instrumentation.
作为另一种实施方式,若需要采集存储到终端本地的数据,则采集模块10可以在接口上预先配置插桩,抓取接口输出的本地广播和写出的日志。As another implementation manner, if it is required to collect data stored locally in the terminal, the collection module 10 may pre-configure the instrumentation on the interface, and capture the local broadcast and the written log output by the interface.
其中,由于本地广播可以被终端系统或终端中安装的其他应用软件收听,因此,存在隐私数据泄露风险,需要采集广播的数据内容进行检测;日志文件可能被终端系统或终端中安装的其他应用软件抓取、读取,因此,存在隐私数据泄露风险,需要采集广播的数据内容进行检测。Wherein, since the local broadcast can be listened to by the terminal system or other application software installed in the terminal, there is a risk of leakage of the privacy data, and the data content of the broadcast needs to be collected for detection; the log file may be other application software installed in the terminal system or the terminal. Grab and read, therefore, there is a risk of privacy data leakage, and it is necessary to collect broadcast data content for detection.
然后,采集模块10提取本地广播和日志的数据内容,得到此接口存储到终端本地的数据。Then, the collection module 10 extracts the data content of the local broadcast and the log, and obtains the data stored by the interface to the terminal.
当然,采集模块10还可以通过插桩的方式,采集其他存储到终端本地的数据。Of course, the collection module 10 can also collect other data stored locally to the terminal by means of instrumentation.
在本实施例中,采集模块10通过抓取接口输出的网络信息包,可以得到接口输出到终端外部的数据;基于预先配置的插桩,可以采集接口输出的本地广播和日志,得到接口存储到终端本地的数据,由此,实现了对接口输出的全部数据的采集。In this embodiment, the collection module 10 can obtain the data outputted by the interface to the outside of the terminal by capturing the network information packet output by the interface; based on the pre-configured instrumentation, the local broadcast and the log output by the interface can be collected, and the interface is stored to the interface. The data local to the terminal, thereby realizing the collection of all data outputted by the interface.
需要说明的是,在硬件实现上,以上采集模块10、检测模块20、确定模块30、等级模块40、配置模块50以及输入模块60等可以以硬件形式内嵌于或独立于数据泄露接口检测装置中,也可以以软件形式存储于数据泄露接口检测装置的存储器中,以便于处理器调用执行以上各个模块对应的操作。该处理器可以为中央处理单元(CPU)、微处理器、单片机等。It should be noted that, in hardware implementation, the foregoing collection module 10, the detection module 20, the determination module 30, the level module 40, the configuration module 50, and the input module 60 may be embedded in hardware or independent of the data leakage interface detecting device. The software may also be stored in the memory of the data leakage interface detecting device in a software form, so that the processor calls to perform the operations corresponding to the above modules. The processor can be a central processing unit (CPU), a microprocessor, a microcontroller, or the like.
如图9所示,图9是本发明实施例方案涉及的硬件运行环境的设备结构示意图。As shown in FIG. 9, FIG. 9 is a schematic structural diagram of a device in a hardware operating environment according to an embodiment of the present invention.
本发明实施例数据泄露接口检测设备可以是PC,也可以是智能手机、平板电脑、电子书阅读器、便携计算机等终端设备。The data leakage interface detecting device in the embodiment of the present invention may be a PC, or may be a terminal device such as a smart phone, a tablet computer, an e-book reader, or a portable computer.
如图9所示,数据泄露接口检测设备可以包括:处理器1001,例如CPU,以及存储器1002。这些组件之间的连接通信可以通过通信总线实现。存储器1002可以是高速RAM存储器,也可以是稳定的存储器(non-volatile memory),例如磁盘存储器。存储器1002可选的还可以是独立于前述处理器1001的存储装置。As shown in FIG. 9, the data leakage interface detecting device may include a processor 1001 such as a CPU, and a memory 1002. Connection communication between these components can be achieved via a communication bus. The memory 1002 may be a high speed RAM memory or a stable memory (non-volatile) Memory), such as disk storage. The memory 1002 can also optionally be a storage device independent of the aforementioned processor 1001.
可选地,数据泄露接口检测设备还可以包括用户接口、网络接口、摄像头、RF(Radio Frequency,射频)电路,传感器、音频电路、WiFi模块等等。用户接口可以包括显示屏(Display)、输入单元比如键盘(Keyboard),可选用户接口还可以包括标准的有线接口、无线接口。网络接口可选的可以包括标准的有线接口、无线接口(如WI-FI接口)。Optionally, the data leakage interface detecting device may further include a user interface, a network interface, a camera, and an RF (Radio) Frequency, RF) circuits, sensors, audio circuits, WiFi modules, and more. The user interface may include a display, an input unit such as a keyboard, and the optional user interface may also include a standard wired interface, a wireless interface. The network interface can optionally include a standard wired interface or a wireless interface (such as a WI-FI interface).
本领域技术人员可以理解,图9中示出的数据泄露接口检测设备结构并不构成对数据泄露接口检测设备的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。It will be understood by those skilled in the art that the data leakage interface detecting device structure shown in FIG. 9 does not constitute a limitation of the data leakage interface detecting device, and may include more or less components than those illustrated, or combine some components. Or different parts arrangement.
如图9所示,作为一种计算机存储介质的存储器1002中可以包括操作系统以及数据泄露接口检测程序。其中,操作系统是管理和控制数据泄露接口检测设备硬件与软件资源的程序,支持数据泄露接口检测程序以及其他程序或软件的运行。As shown in FIG. 9, an operating system and a data leak interface detection program may be included in the memory 1002 as a computer storage medium. Among them, the operating system is a program that manages and controls the data leakage interface to detect the hardware and software resources of the device, and supports the operation of the data leakage interface detection program and other programs or software.
在图9所示的数据泄露接口检测设备中,处理器1001可以用于执行存储器1002中存储的数据泄露接口检测程序,以实现以下步骤:In the data leakage interface detecting device shown in FIG. 9, the processor 1001 can be configured to execute a data leakage interface detecting program stored in the memory 1002 to implement the following steps:
在应用软件运行时,采集所述应用软件接口输出到设备外部和/或存储到设备本地的数据;Collecting, when the application software is running, outputting the application software interface to the outside of the device and/or storing the data locally to the device;
根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;Detecting whether the collected data includes private data according to a pre-configured privacy database;
若检测到所述采集得到的数据中包含隐私数据,则确定所述应用软件接口为泄露隐私数据的接口。If it is detected that the collected data includes private data, the application software interface is determined to be an interface for leaking private data.
进一步地,所述采集得到的数据中包括多个数据项,处理器1001还可以执行存储器1002中存储的数据泄露接口检测程序,以实现以下步骤:Further, the collected data includes a plurality of data items, and the processor 1001 may further execute a data leakage interface detection program stored in the memory 1002 to implement the following steps:
根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;Determining, according to the privacy database, whether each data item includes private data;
若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。If it is detected that at least one data item contains private data, it is determined that the collected data includes private data.
进一步地,处理器1001还可以执行存储器1002中存储的数据泄露接口检测程序,以实现以下步骤:Further, the processor 1001 can also execute a data leakage interface detection program stored in the memory 1002 to implement the following steps:
根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述应用软件接口的危险等级。And determining a hazard level of the application software interface according to a security level of the privacy data included in the collected data.
进一步地,处理器1001还可以执行存储器1002中存储的数据泄露接口检测程序,以实现以下步骤:Further, the processor 1001 can also execute a data leakage interface detection program stored in the memory 1002 to implement the following steps:
基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;And configuring, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
在所述应用软件运行时,向所述应用软件输入所述隐私数据。The private data is input to the application software while the application software is running.
进一步地,处理器1001还可以执行存储器1002中存储的数据泄露接口检测程序,以实现以下步骤:Further, the processor 1001 can also execute a data leakage interface detection program stored in the memory 1002 to implement the following steps:
抓取所述应用软件接口输出的网络信息包,得到所述应用软件接口输出到设备外部的数据;Grab the network information packet output by the application software interface, and obtain data output by the application software interface to the outside of the device;
基于预先配置的插桩,采集所述应用软件接口输出的本地广播和日志,得到所述应用软件接口存储到设备本地的数据。The local broadcast and the log output by the application software interface are collected based on the pre-configured instrumentation, and the data stored by the application software interface to the device is obtained.
本发明数据泄露接口检测设备的具体实施例与上述数据泄露接口检测方法和装置各实施例基本相同,在此不作赘述。The specific embodiment of the data leakage interface detecting device of the present invention is basically the same as the foregoing embodiment of the data leakage interface detecting method and device, and details are not described herein.
本发明提供了一种计算机可读存储介质,所述计算机可读存储介质存储有一个或者多个程序,所述一个或者多个程序可被一个或者多个处理器执行,以实现以下步骤:The present invention provides a computer readable storage medium storing one or more programs, the one or more programs being executable by one or more processors to implement the following steps:
在应用软件运行时,采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据;Collecting, by the application software interface, data outputted to the outside of the terminal and/or stored locally to the terminal when the application software is running;
根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;Detecting whether the collected data includes private data according to a pre-configured privacy database;
若检测到所述采集得到的数据中包含隐私数据,则确定所述接口为泄露隐私数据的接口。If it is detected that the collected data includes private data, it is determined that the interface is an interface that leaks private data.
进一步地,所述采集得到的数据中包括多个数据项,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:Further, the collected data includes a plurality of data items, and the one or more programs may be executed by the one or more processors, and further implement the following steps:
根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;Determining, according to the privacy database, whether each data item includes private data;
若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。If it is detected that at least one data item contains private data, it is determined that the collected data includes private data.
进一步地,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:Further, the one or more programs may be executed by the one or more processors, and the following steps are also implemented:
根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述接口的危险等级。According to the security level of the privacy data included in the collected data, the hazard level of the interface is correspondingly configured.
进一步地,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:Further, the one or more programs may be executed by the one or more processors, and the following steps are also implemented:
基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;And configuring, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
在所述应用软件运行时,向所述应用软件输入所述隐私数据。The private data is input to the application software while the application software is running.
进一步地,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:Further, the one or more programs may be executed by the one or more processors, and the following steps are also implemented:
抓取所述接口输出的网络信息包,得到所述接口输出到终端外部的数据;Grab the network information packet output by the interface, and obtain the data output by the interface to the outside of the terminal;
基于预先配置的插桩,采集所述接口输出的本地广播和日志,得到所述接口存储到终端本地的数据。Based on the pre-configured instrumentation, the local broadcast and the log output by the interface are collected, and the data stored by the interface to the terminal is obtained.
本发明计算机可读存储介质的具体实施例与上述数据泄露接口检测方法和装置各实施例基本相同,在此不作赘述。The specific embodiment of the computer readable storage medium of the present invention is substantially the same as the foregoing embodiment of the data leakage interface detecting method and apparatus, and is not described herein.
还需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。It is also to be understood that the term "comprises", "comprising", or any other variants thereof is intended to encompass a non-exclusive inclusion, such that a process, method, article, or device that comprises a And includes other elements not explicitly listed, or elements that are inherent to such a process, method, article, or device. An element that is defined by the phrase "comprising a ..." does not exclude the presence of additional equivalent elements in the process, method, item, or device that comprises the element.
上述本发明实施例序号仅仅为了描述,不代表实施例的优劣。通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,或者网络设备等)执行本发明各个实施例所述的方法。The serial numbers of the embodiments of the present invention are merely for the description, and do not represent the advantages and disadvantages of the embodiments. Through the description of the above embodiments, those skilled in the art can clearly understand that the foregoing embodiment method can be implemented by means of software plus a necessary general hardware platform, and of course, can also be through hardware, but in many cases, the former is better. Implementation. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, The optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods described in various embodiments of the present invention.
以上仅为本发明的可选实施例,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本发明的专利保护范围内。The above is only an alternative embodiment of the present invention, and thus does not limit the scope of the invention, and the equivalent structure or equivalent process transformation made by using the specification and the drawings of the present invention, or directly or indirectly applied to other related technologies. The fields are all included in the scope of patent protection of the present invention.

Claims (20)

  1. 一种数据泄露接口检测方法,其特征在于,所述数据泄露接口检测方法包括以下步骤: A data leakage interface detecting method, characterized in that the data leakage interface detecting method comprises the following steps:
    在应用软件运行时,采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据;Collecting, by the application software interface, data outputted to the outside of the terminal and/or stored locally to the terminal when the application software is running;
    根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;Detecting whether the collected data includes private data according to a pre-configured privacy database;
    若检测到所述采集得到的数据中包含隐私数据,则确定所述接口为泄露隐私数据的接口。If it is detected that the collected data includes private data, it is determined that the interface is an interface that leaks private data.
  2. 如权利要求1所述的数据泄露接口检测方法,其特征在于,所述采集得到的数据中包括多个数据项,所述根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据的步骤包括:The data leakage interface detecting method according to claim 1, wherein the collected data includes a plurality of data items, and the detecting the collected data includes privacy according to a pre-configured privacy database. The steps of the data include:
    根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;Determining, according to the privacy database, whether each data item includes private data;
    若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。If it is detected that at least one data item contains private data, it is determined that the collected data includes private data.
  3. 如权利要求1所述的数据泄露接口检测方法,其特征在于,所述确定所述接口为泄露隐私数据的接口的步骤之后,还包括:The method for detecting a data leakage interface according to claim 1, wherein after the step of determining that the interface is an interface for leaking private data, the method further includes:
    根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述接口的危险等级。According to the security level of the privacy data included in the collected data, the hazard level of the interface is correspondingly configured.
  4. 如权利要求1所述的数据泄露接口检测方法,其特征在于,所述采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据的步骤之前,还包括:The data leakage interface detecting method according to claim 1, wherein the step of collecting the application software interface outputted to the external terminal and/or storing the data local to the terminal further comprises:
    基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;And configuring, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
    在所述应用软件运行时,向所述应用软件输入所述隐私数据。The private data is input to the application software while the application software is running.
  5. 如权利要求1所述的数据泄露接口检测方法,其特征在于,所述采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据的步骤包括:The data leakage interface detecting method according to claim 1, wherein the step of collecting the data output by the application software interface to the outside of the terminal and/or stored locally to the terminal comprises:
    抓取所述接口输出的网络信息包,得到所述接口输出到终端外部的数据;Grab the network information packet output by the interface, and obtain the data output by the interface to the outside of the terminal;
    基于预先配置的插桩,采集所述接口输出的本地广播和日志,得到所述接口存储到终端本地的数据。Based on the pre-configured instrumentation, the local broadcast and the log output by the interface are collected, and the data stored by the interface to the terminal is obtained.
  6. 一种数据泄露接口检测装置,其特征在于,所述数据泄露接口检测装置包括:A data leakage interface detecting device, wherein the data leakage interface detecting device comprises:
    采集模块,用于在应用软件运行时,采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据;An acquisition module, configured to collect data output by the application software interface to the outside of the terminal and/or stored locally to the terminal when the application software is running;
    检测模块,用于根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;a detecting module, configured to detect, according to the pre-configured privacy database, whether the collected data includes private data;
    确定模块,用于若检测到所述采集得到的数据中包含隐私数据,则确定所述接口为泄露隐私数据的接口。And a determining module, configured to determine that the interface is an interface that leaks private data if the collected data is detected to include private data.
  7. 如权利要求6所述的数据泄露接口检测装置,其特征在于,所述采集得到的数据中包括多个数据项,所述检测模块还用于,The data leakage interface detecting apparatus according to claim 6, wherein the collected data includes a plurality of data items, and the detecting module is further configured to:
    根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。And determining, according to the privacy database, whether each data item includes private data; if it is detected that at least one data item includes private data, determining that the collected data includes private data.
  8. 如权利要求6所述的数据泄露接口检测装置,其特征在于,所述数据泄露接口检测装置还包括:The data leakage interface detecting device according to claim 6, wherein the data leakage interface detecting device further comprises:
    等级模块,用于根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述接口的危险等级。The level module is configured to correspondingly configure a hazard level of the interface according to a security level of the privacy data included in the collected data.
  9. 如权利要求6所述的数据泄露接口检测装置,其特征在于,所述数据泄露接口检测装置还包括:The data leakage interface detecting device according to claim 6, wherein the data leakage interface detecting device further comprises:
    配置模块,用于基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;a configuration module, configured to: configure, according to preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
    输入模块,用于在所述应用软件运行时,向所述应用软件输入所述隐私数据。And an input module, configured to input the private data to the application software when the application software is running.
  10. 如权利要求6所述的数据泄露接口检测装置,其特征在于,所述采集模块还用于,The data leakage interface detecting device according to claim 6, wherein the collecting module is further configured to:
    抓取所述接口输出的网络信息包,得到所述接口输出到终端外部的数据;基于预先配置的插桩,采集所述接口输出的本地广播和日志,得到所述接口存储到终端本地的数据。The network information packet outputted by the interface is captured, and the data outputted by the interface to the outside of the terminal is obtained. The local broadcast and the log output by the interface are collected based on the pre-configured instrumentation, and the data stored by the interface to the terminal is obtained. .
  11. 一种数据泄露接口检测设备,其特征在于,所述数据泄露接口检测设备包括处理器及存储器,所述存储器存储有数据泄露接口检测程序;A data leakage interface detecting device, comprising: a processor and a memory, wherein the memory stores a data leakage interface detecting program;
    所述处理器用于执行所述数据泄露接口检测程序,以实现以下步骤:The processor is configured to execute the data leakage interface detection program to implement the following steps:
    在应用软件运行时,采集所述应用软件接口输出到设备外部和/或存储到设备本地的数据;Collecting, when the application software is running, outputting the application software interface to the outside of the device and/or storing the data locally to the device;
    根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;Detecting whether the collected data includes private data according to a pre-configured privacy database;
    若检测到所述采集得到的数据中包含隐私数据,则确定所述应用软件接口为泄露隐私数据的接口。If it is detected that the collected data includes private data, the application software interface is determined to be an interface for leaking private data.
  12. 如权利要求11所述的数据泄露接口检测设备,其特征在于,所述采集得到的数据中包括多个数据项,所述处理器还用于执行所述数据泄露接口检测程序,以实现以下步骤:The data leakage interface detecting device according to claim 11, wherein the collected data includes a plurality of data items, and the processor is further configured to execute the data leakage interface detecting program to implement the following steps. :
    根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;Determining, according to the privacy database, whether each data item includes private data;
    若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。If it is detected that at least one data item contains private data, it is determined that the collected data includes private data.
  13. 如权利要求11所述的数据泄露接口检测设备,其特征在于,所述处理器还用于执行所述数据泄露接口检测程序,以实现以下步骤:The data leakage interface detecting device according to claim 11, wherein the processor is further configured to execute the data leakage interface detecting program to implement the following steps:
    根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述应用软件接口的危险等级。And determining a hazard level of the application software interface according to a security level of the privacy data included in the collected data.
  14. 如权利要求11所述的数据泄露接口检测设备,其特征在于,所述处理器还用于执行所述数据泄露接口检测程序,以实现以下步骤:The data leakage interface detecting device according to claim 11, wherein the processor is further configured to execute the data leakage interface detecting program to implement the following steps:
    基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;And configuring, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
    在所述应用软件运行时,向所述应用软件输入所述隐私数据。The private data is input to the application software while the application software is running.
  15. 如权利要求11所述的数据泄露接口检测设备,其特征在于,所述处理器还用于执行所述数据泄露接口检测程序,以实现以下步骤:The data leakage interface detecting device according to claim 11, wherein the processor is further configured to execute the data leakage interface detecting program to implement the following steps:
    抓取所述应用软件接口输出的网络信息包,得到所述应用软件接口输出到设备外部的数据;Grab the network information packet output by the application software interface, and obtain data output by the application software interface to the outside of the device;
    基于预先配置的插桩,采集所述应用软件接口输出的本地广播和日志,得到所述应用软件接口存储到设备本地的数据。The local broadcast and the log output by the application software interface are collected based on the pre-configured instrumentation, and the data stored by the application software interface to the device is obtained.
  16. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有一个或者多个程序,所述一个或者多个程序可被一个或者多个处理器执行,以实现以下步骤:A computer readable storage medium, characterized in that the computer readable storage medium stores one or more programs, the one or more programs being executable by one or more processors to implement the following steps:
    在应用软件运行时,采集所述应用软件接口输出到终端外部和/或存储到终端本地的数据;Collecting, by the application software interface, data outputted to the outside of the terminal and/or stored locally to the terminal when the application software is running;
    根据预先配置的隐私数据库,检测所述采集得到的数据中是否包含隐私数据;Detecting whether the collected data includes private data according to a pre-configured privacy database;
    若检测到所述采集得到的数据中包含隐私数据,则确定所述接口为泄露隐私数据的接口。If it is detected that the collected data includes private data, it is determined that the interface is an interface that leaks private data.
  17. 如权利要求16所述的计算机可读存储介质,其特征在于,所述采集得到的数据中包括多个数据项,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:The computer readable storage medium of claim 16 wherein said collected data comprises a plurality of data items, said one or more programs being executable by said one or more processors, Implement the following steps:
    根据所述隐私数据库,分别检测所述各数据项是否包含隐私数据;Determining, according to the privacy database, whether each data item includes private data;
    若检测得到至少有一个数据项包含隐私数据,则判定所述采集得到的数据中包含隐私数据。If it is detected that at least one data item contains private data, it is determined that the collected data includes private data.
  18. 如权利要求16所述的计算机可读存储介质,其特征在于,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:The computer readable storage medium of claim 16 wherein said one or more programs are executable by said one or more processors, further implementing the steps of:
    根据所述采集得到的数据中所包含的隐私数据的安全等级,对应配置所述接口的危险等级。According to the security level of the privacy data included in the collected data, the hazard level of the interface is correspondingly configured.
  19. 如权利要求16所述的计算机可读存储介质,其特征在于,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:The computer readable storage medium of claim 16 wherein said one or more programs are executable by said one or more processors, further implementing the steps of:
    基于预设的隐私数据对应配置包含多种数据形式的隐私数据条目,得到所述隐私数据库;And configuring, according to the preset privacy data, a privacy data entry that includes multiple data forms to obtain the privacy database;
    在所述应用软件运行时,向所述应用软件输入所述隐私数据。The private data is input to the application software while the application software is running.
  20. 如权利要求16所述的计算机可读存储介质,其特征在于,所述一个或者多个程序可被所述一个或者多个处理器执行,还实现以下步骤:The computer readable storage medium of claim 16 wherein said one or more programs are executable by said one or more processors, further implementing the steps of:
    抓取所述接口输出的网络信息包,得到所述接口输出到终端外部的数据;Grab the network information packet output by the interface, and obtain the data output by the interface to the outside of the terminal;
    基于预先配置的插桩,采集所述接口输出的本地广播和日志,得到所述接口存储到终端本地的数据。Based on the pre-configured instrumentation, the local broadcast and the log output by the interface are collected, and the data stored by the interface to the terminal is obtained.
PCT/CN2017/077985 2016-11-14 2017-03-24 Method and apparatus for detecting data leakage interface, device, and storage medium WO2018086293A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611036380.XA CN107038372A (en) 2016-11-14 2016-11-14 Leaking data interface detection method and device
CN201611036380.X 2016-11-14

Publications (1)

Publication Number Publication Date
WO2018086293A1 true WO2018086293A1 (en) 2018-05-17

Family

ID=59530548

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/077985 WO2018086293A1 (en) 2016-11-14 2017-03-24 Method and apparatus for detecting data leakage interface, device, and storage medium

Country Status (2)

Country Link
CN (1) CN107038372A (en)
WO (1) WO2018086293A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020210989A1 (en) * 2019-04-16 2020-10-22 深圳市欢太科技有限公司 Privacy compliance testing method and related product
CN112100623A (en) * 2020-08-21 2020-12-18 百度在线网络技术(北京)有限公司 Risk assessment method, device and equipment of machine learning model and storage medium
CN112653674A (en) * 2020-12-10 2021-04-13 网神信息技术(北京)股份有限公司 Interface security detection method and device, electronic equipment and storage medium

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111314308A (en) * 2020-01-16 2020-06-19 国网浙江省电力有限公司温州供电公司 System security check method and device based on port analysis
CN112231617A (en) * 2020-10-12 2021-01-15 深圳市欢太科技有限公司 Service call checking method and device, storage medium and electronic equipment
CN112861141B (en) * 2021-02-04 2022-07-26 湖北宸威玺链信息技术有限公司 Data export security detection method and detection system
CN113724072A (en) * 2021-09-08 2021-11-30 中国农业银行股份有限公司 Interface risk prevention and control method and device
CN114006776B (en) * 2021-12-31 2022-03-18 北京微步在线科技有限公司 Sensitive information leakage detection method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103309808A (en) * 2013-06-13 2013-09-18 中国科学院信息工程研究所 Label-based black box detection method and system for privacy disclosure of Android user
CN103327183A (en) * 2013-06-13 2013-09-25 中国科学院信息工程研究所 Black box protecting method and system for private data of Android user based on tag
CN103729595A (en) * 2014-01-02 2014-04-16 东南大学 Method for offline detecting private data leakage of Android application program
CN103984900A (en) * 2014-05-19 2014-08-13 南京赛宁信息技术有限公司 Android application vulnerability detection method and Android application vulnerability detection system
US20150227746A1 (en) * 2014-02-07 2015-08-13 Northwestern University System and Method for Privacy Leakage Detection and Prevention System without Operating System Modification

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8271642B1 (en) * 2007-08-29 2012-09-18 Mcafee, Inc. System, method, and computer program product for isolating a device associated with at least potential data leakage activity, based on user input
CN105939359A (en) * 2016-06-20 2016-09-14 国家计算机网络与信息安全管理中心 Method and device for detecting privacy leakage of mobile terminal

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103309808A (en) * 2013-06-13 2013-09-18 中国科学院信息工程研究所 Label-based black box detection method and system for privacy disclosure of Android user
CN103327183A (en) * 2013-06-13 2013-09-25 中国科学院信息工程研究所 Black box protecting method and system for private data of Android user based on tag
CN103729595A (en) * 2014-01-02 2014-04-16 东南大学 Method for offline detecting private data leakage of Android application program
US20150227746A1 (en) * 2014-02-07 2015-08-13 Northwestern University System and Method for Privacy Leakage Detection and Prevention System without Operating System Modification
CN103984900A (en) * 2014-05-19 2014-08-13 南京赛宁信息技术有限公司 Android application vulnerability detection method and Android application vulnerability detection system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020210989A1 (en) * 2019-04-16 2020-10-22 深圳市欢太科技有限公司 Privacy compliance testing method and related product
CN112100623A (en) * 2020-08-21 2020-12-18 百度在线网络技术(北京)有限公司 Risk assessment method, device and equipment of machine learning model and storage medium
CN112100623B (en) * 2020-08-21 2023-12-22 百度在线网络技术(北京)有限公司 Risk assessment method, apparatus, device and storage medium for machine learning model
CN112653674A (en) * 2020-12-10 2021-04-13 网神信息技术(北京)股份有限公司 Interface security detection method and device, electronic equipment and storage medium
CN112653674B (en) * 2020-12-10 2023-01-10 奇安信网神信息技术(北京)股份有限公司 Interface security detection method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN107038372A (en) 2017-08-11

Similar Documents

Publication Publication Date Title
WO2018086293A1 (en) Method and apparatus for detecting data leakage interface, device, and storage medium
WO2019056752A1 (en) Household appliance network configuration method, device and system, and computer readable storage medium
WO2019019340A1 (en) Application program page opening method and apparatus, terminal and readable storage medium
WO2018086292A1 (en) Method and system for detecting security hole of application software, device, and storage medium
WO2019051908A1 (en) Terminal control method and device, and computer readable storage medium
WO2015158133A1 (en) Error correction method and system for voice control instruction
WO2018023981A1 (en) Public opinion analysis method, device, apparatus and computer readable storage medium
WO2019051890A1 (en) Terminal control method and device, and computer-readable storage medium
WO2015108283A1 (en) Application error detection method for cloud streaming service, and apparatus and system therefor
WO2019056462A1 (en) Name list distribution method, apparatus and device, and computer readable storage medium
WO2015127859A1 (en) Sensitive text detecting method and apparatus
WO2019051895A1 (en) Terminal control method and device, and storage medium
WO2019107977A1 (en) Method and electronic device for providing communication service
WO2019051934A1 (en) Business personnel appraisal method, appraisal platform and computer-readable storage medium
WO2015124073A1 (en) Process monitoring method, apparatus, and system
WO2021002696A1 (en) Method for transferring subscription and electronic device for supporting the same
WO2018176864A1 (en) Database permission management method and system, device, computer-readable storage medium
WO2018233367A1 (en) Case registration method and apparatus, terminal, and computer readable storage medium
WO2020027578A1 (en) Home appliance and online system that performs pairing of the same
WO2015158132A1 (en) Voice control method and system
WO2019019351A1 (en) User behaviour data processing method and apparatus, and computer readable storage medium
WO2015196720A1 (en) Voice recognition method and system
WO2019062194A1 (en) Home appliance and method and system for controling home applicance and computer readable storage medium
WO2018166236A1 (en) Claim settlement bill recognition method, apparatus and device, and computer-readable storage medium
WO2018120459A1 (en) Method, apparatus and device for verifying authenticity of image, and storage medium and service end

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17869365

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 A DATED 11/09/2019)

122 Ep: pct application non-entry in european phase

Ref document number: 17869365

Country of ref document: EP

Kind code of ref document: A1