WO2019091016A1 - 数据采集工具包定制方法、装置、终端和存储介质 - Google Patents
数据采集工具包定制方法、装置、终端和存储介质 Download PDFInfo
- Publication number
- WO2019091016A1 WO2019091016A1 PCT/CN2018/076961 CN2018076961W WO2019091016A1 WO 2019091016 A1 WO2019091016 A1 WO 2019091016A1 CN 2018076961 W CN2018076961 W CN 2018076961W WO 2019091016 A1 WO2019091016 A1 WO 2019091016A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data collection
- function
- script
- custom
- collection script
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000013515 script Methods 0.000 claims abstract description 279
- 238000013480 data collection Methods 0.000 claims description 439
- 230000006870 function Effects 0.000 claims description 235
- 150000003839 salts Chemical class 0.000 claims description 46
- 238000006243 chemical reaction Methods 0.000 claims description 21
- 238000003491 array Methods 0.000 claims description 4
- 238000011161 development Methods 0.000 description 11
- 230000008859 change Effects 0.000 description 6
- 230000006399 behavior Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 239000000284 extract Substances 0.000 description 5
- 238000005336 cracking Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000003780 insertion Methods 0.000 description 2
- 230000037431 insertion Effects 0.000 description 2
- 230000002427 irreversible effect Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003252 repetitive effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
Definitions
- the present application relates to the field of computer technology, and in particular, to a data acquisition toolkit customization method, apparatus, terminal, and storage medium.
- the APP developer needs to collect the user behavior data in the APP and analyze the collected data.
- the user behavior data collection method is mainly for the APP development corresponding data acquisition SDK toolkit (Software Development Kit, software development kit), and the user who has installed the data collection SDK toolkit is released to the user.
- APP development corresponding data acquisition SDK toolkit Software Development Kit, software development kit
- APP developers need to manually develop corresponding data collection SDK toolkit for each APP, which has high development cost and maintenance cost, and low development efficiency.
- a data collection toolkit customization method, apparatus, terminal, and storage medium are provided.
- a data collection toolkit customization method including:
- the data collection script has a corresponding plurality of data collection items
- the compiled data collection script is confusingly encrypted, and the encrypted data collection script is encapsulated to obtain a customized data collection toolkit.
- a data collection toolkit customization device comprising:
- a page display module configured to acquire a plurality of data collection scripts; the data collection script has a plurality of corresponding data collection items; and the data collection items are displayed through a data collection configuration page;
- a parameter configuration module configured to acquire a selected operation on the data collection item, and obtain the selected data collection item and the configuration parameter corresponding to the selected data collection item according to the selected operation;
- a script update module configured to extract a corresponding data collection script according to the selected data collection item, update the extracted data collection script by using the configuration parameter, and compile the updated data collection script
- the obfuscated encryption module is used to confuse and compile the compiled data collection script, and encapsulate the encrypted data collection script to obtain a customized data collection toolkit.
- a terminal comprising a memory and a processor, the memory storing computer readable instructions, the computer readable instructions being executed by the processor such that the processor performs the following steps:
- the data collection script has a corresponding plurality of data collection items
- the compiled data collection script is confusingly encrypted, and the encrypted data collection script is encapsulated to obtain a customized data collection toolkit.
- One or more non-transitory readable storage mediums storing computer readable instructions, when executed by one or more processors, cause one or more processors to perform the steps of:
- the data collection script has a corresponding plurality of data collection items
- the compiled data collection script is confusingly encrypted, and the encrypted data collection script is encapsulated to obtain a customized data collection toolkit.
- 1 is an application environment diagram of a data acquisition toolkit customization method in an embodiment
- FIG. 2 is a flow chart of a method for customizing a data collection toolkit in an embodiment
- FIG. 3 is a structural diagram of a data acquisition toolkit customization apparatus in an embodiment
- FIG. 4 is a block diagram of a terminal in one embodiment.
- first may be referred to as a second client
- second client may be referred to as a first client, without departing from the scope of the present application.
- Both the first client and the second client are clients, but they are not the same client.
- the present application provides a data collection toolkit customization method, which can be applied to an application environment as shown in FIG.
- the customized terminal 102 is connected to the user terminal 104 through a network.
- the user terminal 104 may be at least one of a smart phone, a tablet computer, a notebook computer, a POS machine, and an in-vehicle computer, but is not limited thereto.
- An application is installed on the user terminal 104.
- the customized terminal 102 is configured to generate a data collection toolkit corresponding to different applications, and publish the application installed with the data collection toolkit to the corresponding user terminal 104.
- the customized terminal 102 pre-stores a plurality of data collection scripts, each of which has a corresponding one or more data collection items.
- the customized terminal 102 displays a plurality of data collection items in the form of a data collection configuration page. Based on the displayed data collection configuration page, the application developer can select the data collection item at the customized terminal 102 according to the development requirement, and input configuration parameters corresponding to the selected data collection item, such as a custom function, or include multiple Custom arrays of preset identifiers, etc.
- the customized terminal 102 extracts a corresponding data collection script according to the selected data collection item, and updates the extracted data collection script by using the configuration parameter. For example, the custom terminal 102 fills the extracted data collection script by using a custom function function; or loops through the preset identifier in the custom array, and inserts the preset identifier in the custom array into the class name in the data collection script.
- the customized terminal 102 compiles the updated data collection script, and confuses and encapsulates the compiled data collection script to obtain a customized data collection toolkit.
- you need to develop a data collection toolkit for different applications you only need to change the selection of data collection items to improve the efficiency of data collection toolkit development.
- a data collection toolkit customization method is provided.
- the method is applied to a customized terminal as an example, and specifically includes the following steps:
- Step 202 Acquire multiple data collection scripts; the data collection script has corresponding multiple data collection items.
- a custom terminal can be a control terminal for a variety of applications.
- the applications here can be sensitive applications that require network transactions, such as financial applications, financial applications, and e-commerce applications.
- Pre-written custom commands can vary depending on the operating system running on the custom terminal.
- the custom command can be a gradle command (a project automation build tool).
- the gradle command is a script written by the application developer using the groovy language (a programming language) that can be run in the build tool gradle. It can be understood that the data collection toolkit can be customized by triggering the customized terminal in other ways, which is not limited.
- the customized terminal obtains a pre-packaged basic data collection toolkit according to the data collection toolkit customization request.
- the underlying data collection toolkit can be developed by the application developer.
- the basic data collection toolkit can also be developed by a third party, and the developed data collection toolkit is opened to the public in the form of an interface for custom terminal calls.
- the data collection toolkit is used to collect target data from the application.
- the target data may be view information or user behavior data corresponding to the application page, such as a view name, a view attribute, a user's touch operation on the application page, and an access frequency.
- each data collection script has a corresponding script identifier.
- the script identifier includes data collection items and processing operations on the data collection items. That is, each data collection script is associated with one or more data collection items. For example, if the data collection script SDK.x is used to collect the view attributes in the application page, the data collection script can be identified by "view attribute collection"; the data collection script SDK.y is used to collect the view corresponding to the application page.
- the touch event, and intercept the touch event you can use "touch event interception" to identify the data collection script.
- Step 204 Display the data collection item through a data collection configuration page.
- Step 206 Acquire a selected operation on the data collection item, and obtain the selected data collection item and the configuration parameter corresponding to the selected data collection item according to the selected operation.
- the customized terminal acquires script identifiers corresponding to multiple data collection scripts, and displays multiple script identifiers through the data collection configuration page.
- the application developer can select one or more script identifiers on the data collection configuration page after understanding the function of each data collection script according to the script identifier displayed on the data collection configuration page.
- the data collection script function in the pre-packaged basic data collection toolkit is relatively simple.
- the customized terminal adds a corresponding to each script identifier on the data collection configuration page.
- Script change input box When there is a specific data collection requirement for a data collection item, the application developer can enter the corresponding configuration parameter in the script change input box corresponding to the data collection item. It is easy to understand that the application developer can also enter the configuration parameters by file uploading on the data collection configuration page, which is not limited. Configuration parameters can be functional functions supplemented by the application developer or custom strings.
- Step 208 Extract a corresponding data collection script according to the selected data collection item, update the extracted data collection script by using the configuration parameter, and compile the updated data collection script.
- the customized terminal extracts the corresponding data collection script in the pre-packaged basic data collection toolkit according to one or more script identifiers selected by the application developer on the data collection configuration page. If the selected one or more script identifiers have corresponding configuration parameters, the customized terminal updates the corresponding data collection script with the configuration parameters.
- the configuration parameter includes a custom function function
- the step of updating the extracted data collection script by using the configuration parameter includes: populating the extracted data collection script with a custom function function.
- Custom function functions can be pre-written by application developers based on other functions that the desired data collection script can implement.
- Configuration parameters also include the addition of custom function functions, including insert and replace.
- the add mode is insert
- the configuration parameters also include the insertion position of the custom function function; when the add mode is replacement, the configuration parameter also includes the replacement object of the custom function function.
- the custom terminal inserts the custom function into the corresponding data collection script according to the insertion position of the custom function.
- the application developer expects the data collection script SDK.y to report the touch event, and the touch event reporting function can be inserted into the data collection script SDK.y.
- the custom terminal deletes the replacement object in the corresponding data collection script according to the replacement object of the custom function function, and inserts a custom function function at the position of the replacement object.
- the application developer only needs to write a custom function of the new function according to the development requirements, and the custom function function is filled into the basic data collection script to update the data collection script without the entire data collection script. Modifications can be made to reduce the development of application developers, which in turn can improve the efficiency of data collection toolkit development.
- the configuration parameters include a custom array
- the custom array includes a plurality of preset identifiers
- the step of updating the extracted data collection scripts by using the configuration parameters includes: looping through the preset identifiers in the custom array, Insert the preset identifier in the custom array into the class name in the data collection script to get multiple updated data collection scripts.
- the application developer needs to separately develop corresponding data collection toolkits for different applications.
- the implementation logic of the various applications developed by the same application developer is the same or similar, making the corresponding data collection toolkits of several applications similar.
- the data collection toolkit includes multiple data collection scripts.
- Each data collection script includes one or more object classes, each object class having a corresponding class name; each object class includes one or more functions, and each function has a corresponding function name.
- the data collection toolkit for some applications differs only in the class name or function name. If there are many applications that need to collect target data, the application developer needs to perform a lot of repetitive actions, waste manpower, and reduce data collection efficiency.
- custom terminals allow application developers to enter custom arrays as configuration parameters on the data collection page, using custom arrays to customize the data collection toolkit.
- the Data Collection Toolkit corresponds to a variety of applications that implement the same or similar logic.
- the custom array is a one-dimensional array, and one or more preset identifiers are recorded as array elements.
- the preset identifier can be a character or a string or the like.
- the custom terminal adds the first array element in the custom array as a prefix or suffix to all class names in the corresponding data collection script to update the data collection script.
- the custom terminal traverses the custom array, adds the next array element as a prefix or suffix to all class names in the corresponding data collection script in the above manner, and so on, and obtains a plurality of updated data collection scripts in batches.
- the customized terminal can obtain multiple customized data collection toolkits for the updated data collection script. It's easy to understand that the number of data collection toolkits obtained is the same as the number of array elements in a custom array. Application developers can change the number of custom data collection toolkits that need to be generated by changing the array elements of the custom array to improve the customization efficiency of the data collection toolkit.
- custom array is [ABC, DEF, GHI]
- add the prefix ABC before all class names in the corresponding data collection script and obtain the customized data collection toolkit X after compilation
- add the prefix DEF before all class names in the corresponding data collection script.
- obtain a customized data collection toolkit Y After compiling, obtain a customized data collection toolkit Y; add the prefix GHI before all class names in the corresponding data collection script, and obtain a customized data collection toolkit Z after compilation.
- Step 210 Perform obfuscated encryption on the compiled data collection script, and encapsulate the encrypted data collection script to obtain a customized data collection toolkit.
- the customized terminal compiles the updated data collection script, executes the package command, and obtains a customized data collection toolkit.
- the customized terminal installs the customized data collection toolkit to the corresponding application, and publishes the application with the customized data collection toolkit to the user terminal, so that the user terminal installs the customized data collection tool in the corresponding application. package.
- the customized terminal is compiled after the compiled data collection script is encapsulated. Data collection scripts confuse encryption to improve the security of the data collection toolkit.
- multiple data collection items are displayed through the data collection configuration page, so that the application developer can select the data collection item on the data collection configuration page and input the configuration parameters corresponding to the selected data collection item; According to the selected data collection item, the corresponding data collection script can be extracted; the extracted data collection script is updated by using the configuration parameter to meet the personalized data collection requirement; and the updated data collection script is compiled,
- the data collection item is selected by means of page configuration, so that the data collection toolkit customization can be realized by adding or deleting the easy-to-read data collection item without rewriting the code, which reduces the development threshold and development cost of the data collection toolkit.
- you need to develop a data acquisition toolkit for another application you only need to change the selection of data collection items to improve the efficiency of data collection toolkit development.
- the step of performing obfuscated encryption on the compiled data collection script includes: obtaining a sensitive field in the data collection script, and calculating a binary value corresponding to the sensitive field; and classifying the class name in the data collection script according to a preset rule.
- the function name is spliced to obtain the salt value corresponding to the sensitive field, and the binary value corresponding to the salt value is calculated; the binary value corresponding to the sensitive field and the binary value corresponding to the salt value are subjected to a preset logical operation to obtain a confused string; The string replaces the corresponding sensitive field and confuses the data collection script.
- Sensitive fields include user name, password, key, domain name, IP address (Internet Protocol), CA (Certification Authority) digital certificate, and digital signature.
- Salt value encryption refers to associating an n-bit random sequence with a sensitive sequence to be encrypted, which is a "salt value".
- the system method is used to convert sensitive fields into readable strings.
- the salt value needs to be replaced to reduce the encryption efficiency. More importantly, when the string conversion fails, the salt value associated with the sensitive field is facing storage problems. If the salt value is built in the data collection script in plain text, it is not conducive to the encryption effect, and the security of the sensitive field is still not tall.
- the customized terminal obtains the sensitive field in the updated collection script, dynamically generates the salt value corresponding to the sensitive field, generates an obfuscated string according to the sensitive field and the corresponding salt value, and encrypts the sensitive field by using the obfuscated string.
- the custom terminal converts sensitive fields into binary values.
- the customized terminal obtains multiple class names and function names in the data collection script, and splices the obtained class name and function name according to a preset rule to obtain a random string, and performs hash transformation on the random string to generate a salt corresponding to the sensitive field. value.
- the customized terminal converts the salt value corresponding to the sensitive field into a binary value, and encrypts the binary value corresponding to the sensitive field and the binary value corresponding to the salt value, and performs the binary value corresponding to the encrypted sensitive field and the binary value corresponding to the salt value.
- Preset logic operations include XOR operations.
- the custom terminal converts the target binary value to a hexadecimal value and replaces the sensitive field with the hexadecimal value as an obfuscated string.
- the confusing string containing the data information of the sensitive field and the salt value is built in the data collection script, which can solve the storage problem of the salt value corresponding to the sensitive field, and the confusing string can be obtained by simply converting the string and solving the string.
- the problem of conversion failure can improve the encryption efficiency of sensitive fields.
- the customized terminal issues the obfuscated encrypted data collection toolkit to the user terminal.
- the user terminal acquires an obfuscated string in the data collection script, decrypts the obfuscated string, and restores the obfuscated string to a sensitive field.
- the user terminal converts the obfuscated string in the data collection script into a binary value.
- the user terminal generates the salt value corresponding to the confusion string according to the above manner, that is, obtains multiple class names and function names in the data collection script, and splices the obtained class name and function name according to a preset rule to obtain a random character string, which is random.
- the string is hashed to generate a salt value corresponding to the obfuscated string. Since the data is generated according to the preset rules using the class name and function name in the data collection script, the salt value generated when the confusing string is decrypted is the same as the salt value generated when the cryptographic field is encrypted.
- the user terminal converts the salt value corresponding to the confusion string into a binary value, and performs a preset logical operation on the binary value corresponding to the confusion string and the binary value corresponding to the salt value to obtain the target binary value. Preset logic operations include XOR operations.
- the user terminal converts the target binary value into a hexadecimal value. It can be understood that the hexadecimal value is a sensitive field. The acquisition of sensitive fields requires only a simple hexadecimal conversion, which can improve the decryption efficiency of the confusing string.
- the obfuscated encryption process dynamically generates a salt value by using a class name or a function name in the data collection script, thereby reducing the risk of the salt value being leaked.
- the confusing string of data information containing sensitive fields and salt values is built into the data collection script to solve the storage problem of salt values corresponding to sensitive fields.
- Obfuscated string acquisition requires only a simple binary conversion, which can solve the problem of string conversion failure, and thus can improve the encryption efficiency of sensitive fields.
- the step of obfuscating and encrypting the compiled data collection script comprises: encapsulating the code in the data collection script into a preset main function by a function pointer, and the preset main function includes a plurality of input and output type conversion statements.
- the input and output type conversion statement is used to convert the input type of the data acquisition script into the first fixed type, and the output type is converted into the second fixed type to confuse the data collection script.
- the data collection script is confusingly encrypted using an obfuscated encryption tool.
- the existing obfuscated encryption tool has insufficient encryption strength for data collection scripts, and is easily cracked by an attacker, causing leakage of sensitive data such as customer information. For example, if you use escape to confuse the encrypted data collection script, you only need to use the unescape function to restore the source data collection script.
- the existing obfuscated encryption tool is difficult to ensure the security of the data collection script.
- the customized terminal confuses the input type and output type of the updated data collection script.
- the code in the data collection script is encapsulated into a preset main function.
- the default main function can be a main function implemented based on a preset programming language. It is easy to understand that the code used in the data collection script can be different depending on the operating system. For example, on the andriod platform, data acquisition scripts can be written in the Java language (a programming language); in the IOS (iPhone Operating System) platform, data acquisition scripts can be written in the Objective-C language (a programming language).
- data acquisition scripts can be written in JS language (JavaScript, literal translation scripting language).
- the default programming language can be a programming language that is different from the one used to develop a data collection script, such as C language or C++ language (a programming language).
- the preset main function includes a plurality of input and output type conversion statements.
- the input-output type conversion statement is used to convert the diverse data input types and output types in the data collection script into the first fixed type and the second fixed type, respectively.
- Input-output type conversion statements can be implemented by defining a structure in a preset main function.
- the preset main function includes a plurality of structures, each of which declares a plurality of function pointers, and the function pointers point to one or more object classes in the data collection script.
- Each structure has a corresponding structure variable, and the structure variable data type is a first fixed type or a second fixed type.
- the first fixed type and the second fixed type may be int type (integer type), long type (long type) or String (string type), respectively.
- the preset main function uses the function pointer to call the code in the corresponding data collection script, thereby encapsulating the code in the data collection script into the preset main function.
- the custom terminal converts the input type and the output type of the data collection script into a fixed type by executing a preset main function, thereby confusing the input type and the output type of the data collection script, and the confusion is irreversible confusion. It can be understood that the input-output type conversion statement can also be implemented in other ways, which is not limited.
- the input type and the output type of each object class in the data collection script are confused, and the confusion is irreversible confusion.
- the input type and output type obtained by the attacker through decompilation are numbers or letters, and the attacker It is impossible to know the actual input type and output type of the data collection script, and thus the actual function of each function in the data collection script cannot be known, and the cracking cost of the data collection script is increased.
- the step of performing obfuscated encryption on the compiled data collection script includes: obtaining a plurality of function names having functional meanings in the data collection script; acquiring a custom character string corresponding to the function name; The string replaces the corresponding function name, and hides the function meaning of the function name to confuse the data collection script.
- the customized terminal replaces the function name of the data collection script with a clear functional meaning with a non-realistic custom string.
- the custom string can be a configuration parameter entered by the application developer on the data collection configuration page, or can be randomly generated by the customized terminal according to a preset rule.
- the custom string can be a combination of higher preset characters and/or Chinese characters of the security system, such as "#", "@", "*", and the like.
- the alternative can be to add a macro definition statement in the data collection script, etc.
- the macro definition statement includes the replaced function name and the corresponding custom string, such as #define SafeHideInvoke(x)a#, thereby replacing the SafeHideInvoke(x) function name with the self.
- the function name obtained by the attacker through decompilation is a character or Chinese character with no practical meaning, and it is difficult to guess the function function according to the function name, thereby increasing the cracking cost of the data collection script.
- the length of the character corresponding to the function name having a clear functional meaning in the data collection script is generally long.
- the length of the custom string is less than the length of the corresponding function name, so that replacing the function name in the data collection script with a custom string can also function as a code compression for the data collection script, and reduce the resources for the customized terminal. Occupied.
- the step of obfuscating and encrypting the compiled data collection script comprises: querying a function call statement in the data collection script; the function call statement includes a function name of the calling function and a function name of the called function; The function name of the function queries the function body of the called function.
- the calling relationship between the calling function and the called function is hidden to encrypt and encrypt the data collection script.
- the customized terminal hides the calling relationship between multiple functions in the data collection script. Specifically, the customized terminal queries whether the function call statement exists in the updated data collection script.
- the custom terminal hides the calling relationship between the calling function and the called function by adding a preset keyword before the return type item of the function body of the called function.
- the default keyword can be the inline keyword (a keyword).
- the called function can be specified as the inline function corresponding to the calling function.
- the inline function can be directly inserted into the calling function to execute the called function, which is different from the traditional method of directly calling the called function, so that it can be between the calling function and the called function. The calling relationship is hidden.
- the attacker after hiding the calling relationship between the functions, the attacker obtains multiple isolated functions through decompilation, and has no knowledge of the logical relationship between the multiple functions, thereby making it difficult to determine the data collection script for each function.
- the function of the function can further increase the cost of cracking the data collection script.
- steps in the flowchart of FIG. 2 are sequentially displayed as indicated by the arrows, these steps are not necessarily performed in the order indicated by the arrows. Except as explicitly stated herein, the execution of these steps is not strictly limited, and the steps may be performed in other orders. Moreover, at least some of the steps in FIG. 2 may include a plurality of sub-steps or stages, which are not necessarily performed at the same time, but may be executed at different times, the execution of these sub-steps or stages The order is also not necessarily sequential, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of the other steps.
- a data collection toolkit customization apparatus including: a page display module 302, a parameter configuration module 304, a script update module 306, and an obfuscation encryption module 308, wherein:
- the page display module 302 is configured to acquire a plurality of data collection scripts; the data collection script has a plurality of corresponding data collection items; and the data collection items are displayed through the data collection configuration page.
- the parameter configuration module 304 is configured to obtain a selected operation on the data collection item, and obtain the selected data collection item and the configuration parameter corresponding to the selected data collection item according to the selected operation.
- the script update module 306 is configured to extract a corresponding data collection script from the data collection toolkit according to the selected data collection item, update the extracted data collection script by using the configuration parameter, and perform the updated data collection script. Compile.
- the obfuscated encryption module 308 is configured to perform obfuscated encryption on the compiled data collection script, and encapsulate the encrypted data collection script to obtain a customized data collection toolkit.
- the obfuscation encryption module 308 is further configured to obtain a sensitive field in the data collection script, and calculate a binary value corresponding to the sensitive field; and splicing the class name or function name in the data collection script according to a preset rule to obtain sensitivity
- the salt value corresponding to the field is calculated, and the binary value corresponding to the salt value is calculated; the binary value corresponding to the sensitive field and the binary value corresponding to the salt value are subjected to a preset logical operation to obtain an obfuscated string; and the corresponding sensitive field is replaced by the confusing string Confused encryption of data collection scripts.
- the data collection kit customization apparatus described above can be implemented in the form of a computer readable instruction that can be run on a terminal as shown in FIG.
- an internal block diagram of a terminal is provided, as shown in FIG. 4, the terminal includes a processor connected via a system bus, an internal memory, a non-volatile storage medium, a network interface, a display screen, and an input device .
- the processor is used to provide computing and control capabilities to support the operation of the entire terminal.
- the non-volatile storage medium of the customized terminal stores an operating system and computer readable instructions executable by the processor to implement a data collection toolkit customization method provided by the following embodiments.
- the internal memory in the terminal provides an environment for the operation of the operating system and computer readable instructions in the non-volatile storage medium.
- the network interface is used to connect to the network for communication.
- the display is used to display various interfaces, for example, to display the data acquisition configuration page.
- the input device may be a touch layer covered on the display screen, or may be a button, a trackball or a touchpad provided on the outer casing of the electronic device, or may be an external keyboard, a touchpad or a mouse, etc., for inputting configuration parameters. And various instructions.
- the processor executes the computer readable instructions, the following steps may be performed: acquiring a plurality of data collection scripts; the data collection script has a plurality of corresponding data collection items; displaying the data collection items through the data collection configuration page; and obtaining the selection of the data collection items
- the operation acquires the selected data collection item and the configuration parameter corresponding to the selected data collection item according to the selected operation; extracts a corresponding data collection script according to the selected data collection item, and extracts the extracted data by using the configuration parameter
- the data collection script is updated to compile the updated data collection script; and the compiled data collection script is confusingly encrypted, and the encrypted data collection script is encapsulated to obtain a customized data collection toolkit.
- FIG. 4 is only a block diagram of a part of the structure related to the solution of the present application, and does not constitute a limitation on the terminal to which the solution of the present application is applied.
- the specific terminal may include a ratio. More or fewer components are shown in the figures, or some components are combined, or have different component arrangements.
- the configuration parameters include a custom function function or a custom array, the custom array including a plurality of preset identifiers; the processor executing the computer readable instructions further performing the following steps: using the custom function function to extract the extracted data The script fills in; or the preset identifier in the custom array is looped through, and the preset identifier in the custom array is inserted into the class name in the data collection script to obtain a plurality of updated data collection scripts.
- the method when the processor executes the computer readable instructions, the method further includes: obtaining a sensitive field in the data collection script, calculating a binary value corresponding to the sensitive field; and classifying the class name or function in the data collection script according to a preset rule.
- the name is spliced to obtain the salt value corresponding to the sensitive field, and the binary value corresponding to the salt value is calculated; the binary value corresponding to the sensitive field and the binary value corresponding to the salt value are subjected to a preset logical operation to obtain an ambiguous character string; and the confusing character is obtained by The string replaces the corresponding sensitive field and confuses the data collection script.
- the processor when executing the computer readable instructions, further performs the steps of: encapsulating the code in the data collection script into a preset main function by a function pointer, the preset main function comprising a plurality of input and output type conversion statements;
- the input and output type conversion statement is used to convert the input type of the data collection script into the first fixed type, and the output type is converted into the second fixed type to perform obfuscated encryption on the data collection script.
- the processor when executing the computer readable instructions, further performs the steps of: obtaining a plurality of function names having functional meanings in the data collection script; obtaining a custom character string corresponding to the function name; and by using the custom characters The string replaces the corresponding function name and hides the function meaning of the function name to confuse the data collection script.
- the processor when executing the computer readable instructions, further performs the steps of: querying a function call statement in the data collection script; the function call statement includes a function name of the calling function and a function name of the called function; and The function name is used to query the function body of the called function.
- the processor By adding a preset keyword to the function body of the called function, the calling relationship between the calling function and the called function is hidden to encrypt and encrypt the data collection script.
- one or more non-transitory readable storage mediums storing computer readable instructions that, when executed by one or more processors, cause one or more processes
- the device performs the following steps: acquiring multiple data collection scripts; the data collection script has corresponding multiple data collection items; displaying data collection items through the data collection configuration page; obtaining selected operations on the data collection items, and obtaining the selected operations according to the selected operations
- the selected data collection item and the configuration parameter corresponding to the selected data collection item the corresponding data collection script is extracted according to the selected data collection item, and the extracted data collection script is updated by using the configuration parameter, and the update is performed.
- the data acquisition script is compiled; and the compiled data collection script is confusingly encrypted, and the encrypted data collection script is encapsulated to obtain a customized data collection toolkit.
- the foregoing storage medium may be a non-volatile readable storage medium such as a magnetic disk, an optical disk, or a read-only memory (ROM).
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
一种数据采集工具包定制方法,包括:获取多个数据采集脚本;数据采集脚本具有对应的多个数据采集项;通过数据采集配置页面显示数据采集项;获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
Description
本申请要求于2017年11月13日提交中国专利局,申请号为2017111137834,申请名称为“数据采集工具包定制方法、装置、终端和存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本申请涉及计算机技术领域,特别是涉及数据采集工具包定制方法、装置、终端和存储介质。
为了更好的推广运营APP(Application,应用程序),APP开发商需要采集APP中的用户行为数据,并对采集到的数据进行分析。目前,用户行为数据采集方式主要是针对APP开发对应的数据采集SDK工具包(Software Development Kit,软件开发工具包),向用户发布安装有该数据采集SDK工具包的APP。传统方式中,如果要实现多款APP用户行为数据的采集,APP开发商需要手动针对每款APP分别开发对应的数据采集SDK工具包,开发成本和维护成本高,且开发效率低。
发明内容
根据本申请公开的各种实施例,提供一种数据采集工具包定制方法、装置、终端和存储介质。
一种数据采集工具包定制方法,包括:
获取多个数据采集脚本;所述数据采集脚本具有对应的多个数据采集项;
通过数据采集配置页面显示所述数据采集项;
获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;
根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及
对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
一种数据采集工具包定制装置,所述装置包括:
页面展示模块,用于获取多个数据采集脚本;所述数据采集脚本具有对应的多个数据采集项;通过数据采集配置页面显示所述数据采集项;
参数配置模块,用于获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;
脚本更新模块,用于根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及
混淆加密模块,用于对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
一种终端,包括存储器和处理器,所述存储器中储存有计算机可读指令,所述计算机可读指令被所述处理器执行时,使得所述处理器执行以下步骤:
获取多个数据采集脚本;所述数据采集脚本具有对应的多个数据采集项;
通过数据采集配置页面显示所述数据采集项;
获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;
根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及
对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
一个或多个存储有计算机可读指令的非易失性可读存储介质,计算机可读指令被一个或多个处理器执行时,使得一个或多个处理器执行以下步骤:
获取多个数据采集脚本;所述数据采集脚本具有对应的多个数据采集项;
通过数据采集配置页面显示所述数据采集项;
获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;
根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及
对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
本申请的一个或多个实施例的细节在下面的附图和描述中提出。本申请的其它特征和优点将从说明书、附图以及权利要求书变得明显。
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其它的附图。
图1为一个实施例中数据采集工具包定制方法的应用环境图;
图2为一个实施例中数据采集工具包定制方法的流程图;
图3为一个实施例中数据采集工具包定制装置的结构图;
图4为一个实施例中终端的框图。
为了使本申请的技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步详细说明。应当理解,此处描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。
可以理解,本申请所使用的术语“第一”、“第二”等可在本文中用于描述各种元件,但这些元件不受这些术语限制。这些术语仅用于将第一个元件与另一个元件区分。举例来说,在不脱离本申请的范围的情况下,可以将第一客户端称为第二客户端,且类似地,可将第二客户端称为第一客户端。第一客户端和第二客户端两者都是客户端,但其不是同一客户端。
本申请提供一种数据采集工具包定制方法,可以应用于如图1所示的应用环境中。其中,定制终端102通过网络与用户终端104连接。用户终端104可以是智能手机、平板电脑、笔记本电脑、POS机、车载电脑中的至少一种,但并不局限于此。用户终端104上安装有应用程序。定制终端102用于生成不同应用程序对应的数据采集工具包,并向对应的用户终端104发布安装有该数据采集工具包的应用程序。定制终端102预存储了多个数据采集脚本,每个数据采集脚本具有对应的一个或多个数据采集项。定制终端102将多个数据采集项以数据采集配置页面的形式显示。基于显示的数据采集配置页面,应用程序开发商可以根据开发需求在定制终端102对数据采集项进行选择,并输入与选定的数据采集项对应的配置参数,如自定义功能函数,或者包括多个预设标识的定制数组等。定制终端102根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新。例如,定制终端102利用自定义功能函数对提取到的数据采集脚本进行填充;或对定制数组中的预设标识进行循环遍历,将定制数组中的预设标识插入数据采集脚本中的类名,得到多个更新后的数据采集脚本。定制终端102对更新后的数据采集脚本进行编译,并对编译后的数据采集脚本进行混淆加密和封装,得到定制的数据采集工具包。当需要针对不同应用程序开发数据采集工具包时,只需变更对数据采集项选择即可,可以提高数据采集工具包开发效率。
在一个实施例中,如图2所示,提供了一种数据采集工具包定制方法,以该方法应用于定制终端为例进行说明,具体包括以下步骤:
步骤202,获取多个数据采集脚本;数据采集脚本具有对应的多个数据采集项。
当需要针对某款应用程序定制对应的数据采集工具包时,应用程序开发商可以通过在定制终端的命令行窗口输入预设的定制命令,向定制终端发起数据采集工具包定制请求。定制终端可以是多款应用程序的控制终端。这里的应用程序可以是金融应用、理财应用、电商应用等需要进行网络交易的敏感应用。根据定制终端上运行的操作系统不同,预先编写的定制命令可以不同。例如,在andriod(安卓)平台,定制命令可以是gradle命 令(一种项目自动化构建工具)。gradle命令是应用程序开发商利用groovy语言(一种编程语言)编写的能够在构建工具gradle中运行的脚本。可以理解,还可以采用其他方式触发定制终端对数据采集工具包进行定制,对此不作限制。
定制终端根据数据采集工具包定制请求获取预先封装的基础的数据采集工具包。基础的数据采集工具包可以是应用程序开发商自行开发的。基础的数据采集工具包也可以由第三方开发,并将开发的数据采集工具包以接口的形式对外开放,以供定制终端调用。
数据采集工具包用于对应用程序中的目标数据进行采集。目标数据可以是应用程序页面对应的视图信息或用户行为数据等,如视图名称,视图属性,用户对应用程序页面的触摸操作和访问频率等。根据数据采集脚本能够实现的功能,每个数据采集脚本具有对应的脚本标识。脚本标识包括数据采集项以及对数据采集项的处理操作。也就是说,每个数据采集脚本与一个或多个数据采集项相关联。例如,数据采集脚本SDK.x用于对应用程序页面中的视图属性进行采集,则可以用“视图属性采集”标识该数据采集脚本;数据采集脚本SDK.y用于采集应用程序页面中视图对应的触摸事件,并对触摸事件进行拦截,则可以用“触摸事件拦截”标识该数据采集脚本。
步骤204,通过数据采集配置页面显示所述数据采集项。
步骤206,获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数。
定制终端获取多个数据采集脚本对应的脚本标识,并通过数据采集配置页面对多个脚本标识进行展示。应用程序开发商可以根据数据采集配置页面展示的脚本标识对每个数据采集脚本的功能进行了解后,在数据采集配置页面对一个或多个脚本标识进行选择。
预先封装的基础的数据采集工具包中的数据采集脚本功能较为单一,为了满足应用程序开发商对每个数据采集项的个性化采集需求,定制终端在数据采集配置页面对每个脚本标识添加对应的脚本变更输入框。当对某个数据采集项具有特定的数据采集需求时,应用程序开发商可以在该数据采集项对应的脚本变更输入框录入相应的配置参数。容易理解,应用程序开发商也可以在数据采集配置页面以文件上传的方式对配置参数进行录入,对此不作限定。配置参数可以是应用程序开发商补充的功能函数或者自定义的字符串等。
步骤208,根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译。
定制终端根据应用程序开发商在数据采集配置页面选定的一个或多个脚本标识,在预先封装的基础的数据采集工具包中提取对应的数据采集脚本。若选定的一个或多个脚本标识具有对应的配置参数,则定制终端利用配置参数对相应的数据采集脚本进行更新。
在一个实施例中,配置参数包括自定义功能函数,利用配置参数对提取到的数据采集脚本进行更新的步骤,包括:利用自定义功能函数对提取到的数据采集脚本进行填充。
当预先封装的数据采集工具包中的某个数据采集脚本无法达到应用程序开发商的采集需求时,应用程序开发商可以在数据采集配置页面将自定义功能函数作为配置参数录入 对应的脚本变更输入框。自定义功能函数可以是应用程序开发商根据期望数据采集脚本能够实现的其他功能预先编写的。配置参数还包括自定义功能函数对应的添加方式,添加方式包括插入和替换。当添加方式为插入时,配置参数还包括自定义功能函数的插入位置;当添加方式为替换时,配置参数还包括自定义功能函数的替换对象。
当自定义功能函数的添加方式为插入时,定制终端根据自定义功能函数的插入位置,将自定义功能函数插入对应的数据采集脚本。例如,在上述举例中,应用程序开发商期望数据采集脚本SDK.y可以对触摸事件进行上报,则可以将触摸事件上报功能函数插入至数据采集脚本SDK.y。当自定义功能函数的添加方式为替换时,定制终端根据自定义功能函数的替换对象,在相应的数据采集脚本中将替换对象删除,在该替换对象所在位置插入自定义功能函数。应用程序开发商只需根据开发需求编写新增功能的自定义功能函数,将该自定义功能函数填充至基础的数据采集脚本,即可实现对数据采集脚本的更新,而无需对整个数据采集脚本进行修改,减少应用程序开发商开发量,进而可以提高数据采集工具包开发效率。
在一个实施例中,配置参数包括定制数组,定制数组包括多个预设标识;利用配置参数对提取到的数据采集脚本进行更新的步骤,包括:对定制数组中的预设标识进行循环遍历,将定制数组中的预设标识插入数据采集脚本中的类名,得到多个更新后的数据采集脚本。
传统方式中,在利用数据采集工具包对用户行为数据进行采集之前,应用程序开发商需要预先针对不同的应用程序分别开发对应的数据采集工具包。但事实上,同一应用程序开发商开发的多款应用程序的实现逻辑相同或相似,使得多款应用程序分别对应的数据采集工具包相似。例如,数据采集工具包包括多个数据采集脚本。每个数据采集脚本包括一个或多个对象类,每个对象类具有对应的类名;每个对象类包括一个或多个函数,每个函数具有对应的函数名。部分应用程序对应的数据采集工具包的区别仅在于类名或函数名。若需要进行目标数据采集的应用程序较多,则应用程序开发商需要进行大量的重复动作,浪费人力,也降低了数据采集效率。
为了减少重复操作,定制终端允许应用程序开发商在数据采集页面将定制数组作为配置参数进行录入,利用定制数组批量定制数据采集工具包。数据采集工具包与实现逻辑相同或相似的多款应用程序相对应。具体的,定制数组为一维数组,将一个或多个预设标识作为数组元素进行记录。预设标识可以是字符或字符串等。
定制终端将定制数组中第一个数组元素作为前缀或后缀添加至相应数据采集脚本中全部类名中,以对数据采集脚本进行更新。定制终端对定制数组进行遍历,按照上述方式将下一个数组元素作为前缀或后缀添加至相应数据采集脚本中全部类名中,以此类推,批量获得多个更新后的数据采集脚本。定制终端对更新后的数据采集脚本可以获取多个定制的数据采集工具包。容易理解,获得数据采集工具包的数量与定制数组中数组元素的数量相同。应用程序开发商可以通过变更定制数组的数组元素,对需要生成的定制的数据采集 工具包的数量自由调整,提高数据采集工具包的定制效率。例如,假设定制数组为[ABC,DEF,GHI],在相应数据采集脚本中所有类名前添加前缀ABC,编译后获得定制的数据采集工具包X;在相应数据采集脚本中所有类名前添加前缀DEF,编译后获得定制的数据采集工具包Y;在相应数据采集脚本中所有类名前添加前缀GHI,编译后获得定制的数据采集工具包Z。
步骤210,对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
定制终端对更新后的数据采集脚本进行编译,执行封装命令,得到定制的数据采集工具包。定制终端将定制的数据采集工具包安装至对应的应用程序,将安装有定制的数据采集工具包的应用程序发布至用户终端,以使用户终端在相应的应用程序中安装该定制的数据采集工具包。在一个实施例中,由于需要进行目标数据采集的应用程序可能是涉及网络交易的敏感应用,为了减少敏感数据的泄漏风险,在对编译后的数据采集脚本进行封装之前,定制终端对编译后的数据采集脚本混淆加密,以提高数据采集工具包的安全性。
本实施例中,通过数据采集配置页面对多个数据采集项进行展示,使得应用程序开发商可以在数据采集配置页面对数据采集项进行选择并输入与选定的数据采集项对应的配置参数;根据被选定的数据采集项,可以提取对应的数据采集脚本;利用配置参数对提取到的数据采集脚本进行更新,可以满足个性化的数据采集需求;在对更新后的数据采集脚本进行编译,混淆加密和封装后,可以得到安全性高的数据采集工具包。采用页面配置的方式选定数据采集项,使得无需重新编写代码,只需添加或删除易读的数据采集项即可实现数据采集工具包定制,降低了数据采集工具包的开发门槛和开发成本。当需要针对其他某款应用程序开发数据采集工具包时,只需变更对数据采集项的选择即可,可以提高数据采集工具包开发效率。
在一个实施例中,对编译后的数据采集脚本进行混淆加密的步骤,包括:获取数据采集脚本中的敏感字段,计算敏感字段对应的二进制数值;按照预设规则将数据采集脚本中的类名或函数名进行拼接,得到敏感字段对应的盐值,计算盐值对应的二进制数值;对敏感字段对应的二进制数值和盐值对应的二进制数值进行预设逻辑运算,得到混淆字符串;通过将混淆字符串对相应敏感字段进行替换,对数据采集脚本进行混淆加密。
为了提高数据采集工具包中的敏感字段的安全性,应用程序开发商通常采用盐值加密的方式对敏感字段进行加密。敏感字段包括用户名、密码、密钥、域名、IP地址(Internet Protocol,网络协议)、CA(Certification Authority,认证)数字证书和数字签名等。盐值加密是指给待加密的敏感字段关联一个n位随机序列,该n位随机序列即为“盐值”。传统的盐值加密方式中,利用系统方法将敏感字段转化为可读的字符串。但采用系统方法难以保证字符串转换成功率,一旦转换失败,则需要更换盐值,降低加密效率。更重要的是,当字符串转换失败时,敏感字段关联的盐值面临着存储的问题,如果将盐值以明文的方式内置在数据采集脚本中则不利于加密效果,敏感字段的安全性仍不高。
为了解决上述问题,定制终端获取更新后的采集脚本中的敏感字段,动态生成敏感字段对应的盐值,根据敏感字段及对应盐值生成混淆字符串,利用混淆字符串对敏感字段进行加密。具体的,定制终端将敏感字段转化为二进制数值。定制终端获取数据采集脚本中的多个类名和函数名,按照预设规则将获取到的类名和函数名进行拼接,得到随机字符串,对随机字符串进行哈希变换,生成敏感字段对应的盐值。定制终端将敏感字段对应的盐值转化为二进制数值,对敏感字段对应的二进制数值和盐值对应的二进制数值分别进行加密,对加密后的敏感字段对应的二进制数值和盐值对应的二进制数值进行预设逻辑运算,得到目标二进制数值。预设逻辑运算包括异或运算。定制终端将目标二进制数值转化为十六进制数值,将该十六进制数值作为混淆字符串对敏感字段进行替换。将包含敏感字段和盐值的数据信息的混淆字符串内置在数据采集脚本中,可以解决敏感字段对应盐值的存储问题,且混淆字符串的获取只需简单的进制转换,可以解决字符串转换失败的问题,从而可以提高对敏感字段的加密效率。
定制终端将混淆加密后的数据采集工具包发布至用户终端。当合法用户在用户终端使用安装有该数据采集工具包的应用程序时,用户终端获取数据采集脚本中的混淆字符串,对混淆字符串进行解密,将混淆字符串还原为敏感字段。具体的,用户终端将数据采集脚本中的混淆字符串转换为二进制数值。用户终端按照上述方式生成混淆字符串对应的盐值,即获取数据采集脚本中的多个类名和函数名,按照预设规则将获取到的类名和函数名进行拼接,得到随机字符串,对随机字符串进行哈希变换,生成混淆字符串对应的盐值。由于均是按照预设规则利用数据采集脚本中的类名和函数名生成,对混淆字符串解密时生成的盐值与对敏感字段加密时生成的盐值相同。用户终端将混淆字符串对应的盐值转化为二进制数值,对混淆字符串对应的二进制数值和盐值对应的二进制数值进行预设逻辑运算,得到目标二进制数值。预设逻辑运算包括异或运算。用户终端将目标二进制数值转化为十六进制数值。可以理解,该十六进制数值即为敏感字段。敏感字段的获取只需简单的进制转换,可以提高对混淆字符串的解密效率。
本实施例中,混淆加密过程利用数据采集脚本中的类名或函数名动态产生盐值,可以减少盐值被泄漏的风险。将包含敏感字段和盐值的数据信息的混淆字符串内置在数据采集脚本中,可以解决敏感字段对应盐值的存储问题。混淆字符串的获取只需简单的进制转换,可以解决字符串转换失败的问题,进而可以提高对敏感字段的加密效率。
在一个实施例中,对编译后的数据采集脚本进行混淆加密的步骤,包括:通过函数指针将数据采集脚本中的代码封装至预设主函数,预设主函数包括多条输入输出类型转换语句;利用输入输出类型转换语句将数据采集脚本的输入类型转换为第一固定类型,输出类型转换为第二固定类型,以对数据采集脚本进行混淆加密。
传统方式中,利用混淆加密工具对数据采集脚本进行混淆加密。但现有混淆加密工具对数据采集脚本的混淆加密强度不够,很容易被攻击者破解,造成客户信息等敏感数据的泄漏。例如,使用escape混淆加密后的数据采集脚本,只需要使用unescape函数即可还 原出源数据采集脚本,现有的混淆加密工具难以保证数据采集脚本的安全。
为了解决上述问题,定制终端对更新后的数据采集脚本的输入类型和输出类型进行混淆。具体的,定制终端对更新后的数据采集脚本进行编译后,将数据采集脚本中的代码封装至预设主函数中。预设主函数可以是基于预设编程语言实现的主函数。容易理解,根据操作系统的不同,数据采集脚本中的代码采用的编程语言可以不同。例如,在andriod平台,可以采用Java语言(一种编程语言)编写数据采集脚本;在IOS(iPhone Operating System,苹果操作系统)平台,可以采用Objective-C语言(一种编程语言)编写数据采集脚本;在混合应用平台,可以采用JS语言(JavaScript,直译式脚本语言)编写数据采集脚本。预设编程语言可以是区别于开发数据采集脚本时采用的编程语言,如C语言或者C++语言(一种编程语言)等。
预设主函数包括多条输入输出类型转换语句。输入输出类型转换语句用于将数据采集脚本中多样化的数据输入类型和输出类型分别转换为第一固定类型和第二固定类型。输入输出类型转换语句可以通过在预设主函数定义结构体来实现。具体的,预设主函数包括多个结构体,每个结构体中声明了多个函数指针,将函数指针指向数据采集脚本中的一个或多个对象类。每个结构体具有对应的结构体变量,结构体变量数据类型为第一固定类型或第二固定类型。第一固定类型和第二固定类型分别可以是int型(整数型),long型(长整数型)或者String(字符串类型)等。当定制终端对更新后的数据采集脚本进行编译时,预设主函数利用函数指针调用对应数据采集脚本中的代码,从而将数据采集脚本中的代码封装至预设主函数中。定制终端通过执行预设主函数将数据采集脚本的输入类型和输出类型转换为固定的类型,从而对数据采集脚本的输入类型和输出类型进行混淆,且该混淆为不可逆混淆。可以理解,输入输出类型转换语句也可以通过其他方式实现,对此不作限制。
本实施例中,对数据采集脚本中每个对象类的输入类型和输出类型进行混淆,且该混淆为不可逆混淆,攻击者通过反编译得到的输入类型和输出类型均为数字或字母,攻击者无从知晓数据采集脚本的实际输入类型和输出类型,从而也就无法获知数据采集脚本中各个函数的实际功能,增加了数据采集脚本的破解成本。
在一个实施例中,对编译后的数据采集脚本进行混淆加密的步骤,包括:获取数据采集脚本中的多个具有功能含义的函数名;获取函数名对应的自定义字符串;通过将自定义字符串对相应的函数名进行替换,对函数名的功能含义进行隐藏,以对数据采集脚本进行混淆加密。
为了提高数据采集工具包的安全性,定制终端将数据采集脚本中具有明确的功能含义的函数名替换为无实际意义的自定义字符串。自定义字符串可以是应用程序开发商在数据采集配置页面录入的配置参数,也可以是定制终端按照预设规则随机生成的。自定义字符串可以是由安全系统较高的预设字符和/或汉字组合而成,如“#”,“@”,“*”等。替换方式可以是在数据采集脚本中添加宏定义语句等,宏定义语句包括被替换函数名和对应的自定义字符串,如#define SafeHideInvoke(x)a#,从而将SafeHideInvoke(x)函数名替换 为自定义字符串a#。对函数名进行替换后,攻击者通过反编译得到的函数名均为无实际意义的字符或汉字,难以根据函数名猜测函数功能,进而可以增加数据采集脚本的破解成本。
需要说明的是,数据采集脚本中具有明确的功能含义的函数名对应的字符长度普遍较长。本方案中,自定义字符串的长度小于对应函数名的长度,从而采用自定义字符串替换数据采集脚本中的函数名还可以对数据采集脚本起到代码压缩的作用,减少对定制终端资源的占用。
在一个实施例中,对编译后的数据采集脚本进行混淆加密的步骤,包括:查询数据采集脚本中函数调用语句;函数调用语句包括调用函数的函数名及被调用函数的函数名;根据被调用函数的函数名查询被调用函数的函数体,通过在被调用函数的函数体添加预设关键字,对调用函数和被调用函数之间的调用关系进行隐藏,以对数据采集脚本进行混淆加密。
为了提高数据采集工具包的安全性,定制终端对数据采集脚本中多个函数之间的调用关系进行隐藏。具体的,定制终端在更新后的数据采集脚本中查询是否存在函数调用语句。函数调用语句包括调用函数的函数名和被调用函数的函数名,如函数static sum(){c=fun(a,b);}中,sum()为调用函数的函数名;fun(a,b)为被调用函数的函数名。定制终端通过在被调用函数对应函数体的返回类型项前添加预设关键字,对该调用函数和被调用函数之间的调用关系进行隐藏。
预设关键字可以是inline关键字(一种关键字)。通过在被调用函数对应函数体的返回类型项前添加inline关键字,可以将被调用函数指定为对应调用函数的内联函数。当执行调用函数时,内联函数可以直接插入调用函数,从而对被调用函数进行执行,区别于传统的采用直接调用的方式对被调用函数进行执行,从而可以对调用函数和被调用函数之间的调用关系进行隐藏。
本实施例中,对函数之间的调用关系进行隐藏后,攻击者通过反编译得到的多个孤立的函数,无从知晓多个函数之间的逻辑关系,从而难以确定每个函数对数据采集脚本的功能作用,进而可以增加数据采集脚本的破解成本。
应当理解的是,虽然图2的流程图中的各个步骤按照箭头的指示依次显示,但是这些步骤并不是必然按照箭头指示的顺序依次执行。除非本文中有明确的说明,这些步骤的执行并没有严格的顺序限制,这些步骤可以以其它的顺序执行。而且,图2中的至少一部分步骤可以包括多个子步骤或者多个阶段,这些子步骤或者阶段并不必然是在同一时刻执行完成,而是可以在不同的时刻执行,这些子步骤或者阶段的执行顺序也不必然是依次进行,而是可以与其它步骤或者其它步骤的子步骤或者阶段的至少一部分轮流或者交替地执行。
在一个实施例中,如图3所示,提供了一种数据采集工具包定制装置,包括:页面展示模块302,参数配置模块304,脚本更新模块306和混淆加密模块308,其中:
页面展示模块302,用于获取多个数据采集脚本;数据采集脚本具有对应的多个数据 采集项;通过数据采集配置页面显示数据采集项。
参数配置模块304,用于获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数。
脚本更新模块306,用于根据被选定的数据采集项,从数据采集工具包中提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译。
混淆加密模块308,用于对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
在一个实施例中,混淆加密模块308还用于获取数据采集脚本中的敏感字段,计算敏感字段对应的二进制数值;按照预设规则将数据采集脚本中的类名或函数名进行拼接,得到敏感字段对应的盐值,计算盐值对应的二进制数值;对敏感字段对应的二进制数值和盐值对应的二进制数值进行预设逻辑运算,得到混淆字符串;通过将混淆字符串对相应敏感字段进行替换,对数据采集脚本进行混淆加密。
上述的数据采集工具包定制装置可以实现为一种计算机可读指令的形式,计算机可读指令可在如图4所示的终端上运行。
在一个实施例中,提供了一种终端的内部框图,如图4所示,该终端包括通过系统总线连接的处理器、内存储器、非易失性存储介质、网络接口、显示屏和输入装置。其中,该处理器用于提供计算和控制能力,支撑整个终端的运行。该定制终端的非易失性存储介质存储有操作系统和计算机可读指令,该计算机可读指令可被处理器所执行以实现以下各实施例所提供的一种数据采集工具包定制方法。终端中的内存储器为非易失性存储介质中的操作系统和计算机可读指令的运行提供环境。网络接口用于连接到网络进行通信。显示屏用于显示各种界面,比如,可显示数据采集配置页面。输入装置可以是显示屏上覆盖的触摸层,也可以是电子设备外壳上设置的按键、轨迹球或触控板,也可以是外接的键盘、触控板或鼠标等,用于供输入配置参数和各种指令。处理器执行计算机可读指令时可以执行以下步骤:获取多个数据采集脚本;数据采集脚本具有对应的多个数据采集项;通过数据采集配置页面显示数据采集项;获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
本领域技术人员可以理解,图4中示出的结构,仅仅是与本申请方案相关的部分结构的框图,并不构成对本申请方案所应用于其上的终端的限定,具体的终端可以包括比图中所示更多或更少的部件,或者组合某些部件,或者具有不同的部件布置。
在一个实施例中,配置参数包括自定义功能函数或定制数组,定制数组包括多个预设 标识;处理器执行计算机可读指令时还执行以下步骤:利用自定义功能函数对提取到的数据采集脚本进行填充;或定制数组中的预设标识进行循环遍历,将定制数组中的预设标识插入数据采集脚本中的类名,得到多个更新后的数据采集脚本。
在一个实施例中,处理器执行计算机可读指令时还执行以下步骤:获取数据采集脚本中的敏感字段,计算敏感字段对应的二进制数值;按照预设规则将数据采集脚本中的类名或函数名进行拼接,得到敏感字段对应的盐值,计算盐值对应的二进制数值;对敏感字段对应的二进制数值和盐值对应的二进制数值进行预设逻辑运算,得到混淆字符串;及通过将混淆字符串对相应敏感字段进行替换,对数据采集脚本进行混淆加密。
在一个实施例中,处理器执行计算机可读指令时还执行以下步骤:通过函数指针将数据采集脚本中的代码封装至预设主函数,预设主函数包括多条输入输出类型转换语句;及利用输入输出类型转换语句将数据采集脚本的输入类型转换为第一固定类型,输出类型转换为第二固定类型,以对数据采集脚本进行混淆加密。
在一个实施例中,处理器执行计算机可读指令时还执行以下步骤:获取数据采集脚本中的多个具有功能含义的函数名;获取函数名对应的自定义字符串;及通过将自定义字符串对相应的函数名进行替换,对函数名的功能含义进行隐藏,以对数据采集脚本进行混淆加密。
在一个实施例中,处理器执行计算机可读指令时还执行以下步骤:查询数据采集脚本中函数调用语句;函数调用语句包括调用函数的函数名及被调用函数的函数名;及根据被调用函数的函数名查询被调用函数的函数体,通过在被调用函数的函数体添加预设关键字,对调用函数和被调用函数之间的调用关系进行隐藏,以对数据采集脚本进行混淆加密。
在一个实施例中,提供了一种一个或多个存储有计算机可读指令的非易失性可读存储介质,计算机可读指令被一个或多个处理器执行时,使得一个或多个处理器执行以下步骤:获取多个数据采集脚本;数据采集脚本具有对应的多个数据采集项;通过数据采集配置页面显示数据采集项;获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机可读指令来指令相关的硬件来完成,前述计算机可读指令可存储于一非易失性计算机可读取存储介质中,该计算机可读指令在执行时,可包括如上述各方法的实施例的流程。其中,前述存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)等非易失性可读存储介质。
以上实施例的各技术特征可以进行任意的组合,为使描述简洁,未对上述实施例中的 各个技术特征所有可能的组合都进行描述,然而,只要这些技术特征的组合不存在矛盾,都应当认为是本说明书记载的范围。
以上实施例仅表达了本申请的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对发明专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本申请构思的前提下,还可以做出若干变形和改进,这些都属于本申请的保护范围。因此,本申请专利的保护范围应以所附权利要求为准。
Claims (20)
- 一种数据采集工具包定制方法,包括:获取多个数据采集脚本;所述数据采集脚本具有对应的多个数据采集项;通过数据采集配置页面显示所述数据采集项;获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
- 根据权利要求1所述的方法,其特征在于,所述配置参数包括自定义功能函数或定制数组,所述定制数组包括多个预设标识;所述利用配置参数对提取到的数据采集脚本进行更新包括:利用自定义功能函数对提取到的数据采集脚本进行填充;或对定制数组中的预设标识进行循环遍历,将定制数组中的预设标识插入数据采集脚本中的类名,得到多个更新后的数据采集脚本。
- 根据权利要求1所述的方法,其特征在于,所述对编译后的数据采集脚本进行混淆加密包括:获取数据采集脚本中的敏感字段,计算所述敏感字段对应的二进制数值;按照预设规则将数据采集脚本中的类名或函数名进行拼接,得到敏感字段对应的盐值,计算所述盐值对应的二进制数值;对所述敏感字段对应的二进制数值和所述盐值对应的二进制数值进行预设逻辑运算,得到混淆字符串;及通过将所述混淆字符串对相应所述敏感字段进行替换,对所述数据采集脚本进行混淆加密。
- 根据权利要求1所述的方法,其特征在于,所述对编译后的数据采集脚本进行混淆加密包括:通过函数指针将数据采集脚本中的代码封装至预设主函数,所述预设主函数包括多条输入输出类型转换语句;及利用所述输入输出类型转换语句将数据采集脚本的输入类型转换为第一固定类型,输出类型转换为第二固定类型,以对所述数据采集脚本进行混淆加密。
- 根据权利要求1所述的方法,其特征在于,所述对编译后的数据采集脚本进行混淆加密包括:获取数据采集脚本中的多个具有功能含义的函数名;及获取函数名对应的自定义字符串;通过将自定义字符串对相应的函数名进行替换,对 所述函数名的功能含义进行隐藏,以对所述数据采集脚本进行混淆加密。
- 根据权利要求1所述的方法,其特征在于,所述对编译后的数据采集脚本进行混淆加密包括:查询数据采集脚本中函数调用语句;所述函数调用语句包括调用函数的函数名及被调用函数的函数名;及根据被调用函数的函数名查询被调用函数的函数体,通过在所述被调用函数的函数体添加预设关键字,对调用函数和被调用函数之间的调用关系进行隐藏,以对所述数据采集脚本进行混淆加密。
- 一种数据采集工具包定制装置,包括:页面展示模块,用于获取多个数据采集脚本;所述数据采集脚本具有对应的多个数据采集项;通过数据采集配置页面显示所述数据采集项;参数配置模块,用于获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;脚本更新模块,用于根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及混淆加密模块,用于对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
- 根据权利要求7所述的装置,其特征在于,所述混淆加密模块还用于获取数据采集脚本中的敏感字段,计算所述敏感字段对应的二进制数值;按照预设规则将数据采集脚本中的类名或函数名进行拼接,得到敏感字段对应的盐值,计算所述盐值对应的二进制数值;对所述敏感字段对应的二进制数值和所述盐值对应的二进制数值进行预设逻辑运算,得到混淆字符串;及通过将所述混淆字符串对相应所述敏感字段进行替换,对所述数据采集脚本进行混淆加密。
- 一种终端,包括存储器及处理器,所述存储器中储存有计算机可读指令,所述计算机可读指令被所述处理器执行时,使得所述处理器执行以下步骤:获取多个数据采集脚本;所述数据采集脚本具有对应的多个数据采集项;通过数据采集配置页面显示所述数据采集项;获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
- 根据权利要求9所述的终端,其特征在于,所述配置参数包括自定义功能函数或定制数组,所述定制数组包括多个预设标识;所述处理器执行所述计算机可读指令时还 执行以下步骤:利用自定义功能函数对提取到的数据采集脚本进行填充;或对定制数组中的预设标识进行循环遍历,将定制数组中的预设标识插入数据采集脚本中的类名,得到多个更新后的数据采集脚本。
- 根据权利要求9所述的终端,其特征在于,所述处理器执行所述计算机可读指令时还执行以下步骤:获取数据采集脚本中的敏感字段,计算所述敏感字段对应的二进制数值;按照预设规则将数据采集脚本中的类名或函数名进行拼接,得到敏感字段对应的盐值,计算所述盐值对应的二进制数值;对所述敏感字段对应的二进制数值和所述盐值对应的二进制数值进行预设逻辑运算,得到混淆字符串;及通过将所述混淆字符串对相应所述敏感字段进行替换,对所述数据采集脚本进行混淆加密。
- 根据权利要求9所述的终端,其特征在于,所述处理器执行所述计算机可读指令时还执行以下步骤:通过函数指针将数据采集脚本中的代码封装至预设主函数,所述预设主函数包括多条输入输出类型转换语句;及利用所述输入输出类型转换语句将数据采集脚本的输入类型转换为第一固定类型,输出类型转换为第二固定类型,以对所述数据采集脚本进行混淆加密。
- 根据权利要求9所述的终端,其特征在于,所述处理器执行所述计算机可读指令时还执行以下步骤:获取数据采集脚本中的多个具有功能含义的函数名;及获取函数名对应的自定义字符串;通过将自定义字符串对相应的函数名进行替换,对所述函数名的功能含义进行隐藏,以对所述数据采集脚本进行混淆加密。
- 根据权利要求9所述的终端,其特征在于,所述处理器执行所述计算机可读指令时还执行以下步骤:查询数据采集脚本中函数调用语句;所述函数调用语句包括调用函数的函数名及被调用函数的函数名;及根据被调用函数的函数名查询被调用函数的函数体,通过在所述被调用函数的函数体添加预设关键字,对调用函数和被调用函数之间的调用关系进行隐藏,以对所述数据采集脚本进行混淆加密。
- 一个或多个存储有计算机可读指令的非易失性可读存储介质,计算机可读指令被一个或多个处理器执行时,使得一个或多个处理器执行以下步骤:获取多个数据采集脚本;所述数据采集脚本具有对应的多个数据采集项;通过数据采集配置页面显示所述数据采集项;获取对数据采集项的选定操作,根据选定操作获取被选定的数据采集项以及与被选定的数据采集项对应的配置参数;根据被选定的数据采集项提取对应的数据采集脚本,利用配置参数对提取到的数据采集脚本进行更新,对更新后的数据采集脚本进行编译;及对编译后的数据采集脚本进行混淆加密,对加密后的数据采集脚本进行封装以得到定制的数据采集工具包。
- 根据权利要求15所述的存储介质,其特征在于,所述配置参数包括自定义功能函数或定制数组,所述定制数组包括多个预设标识;所述计算机可读指令被所述处理器执行时还执行以下步骤:利用自定义功能函数对提取到的数据采集脚本进行填充;或对定制数组中的预设标识进行循环遍历,将定制数组中的预设标识插入数据采集脚本中的类名,得到多个更新后的数据采集脚本。
- 根据权利要求15所述的存储介质,其特征在于,所述计算机可读指令被所述处理器执行时还执行以下步骤:获取数据采集脚本中的敏感字段,计算所述敏感字段对应的二进制数值;按照预设规则将数据采集脚本中的类名或函数名进行拼接,得到敏感字段对应的盐值,计算所述盐值对应的二进制数值;对所述敏感字段对应的二进制数值和所述盐值对应的二进制数值进行预设逻辑运算,得到混淆字符串;及通过将所述混淆字符串对相应所述敏感字段进行替换,对所述数据采集脚本进行混淆加密。
- 根据权利要求15所述的存储介质,其特征在于,所述计算机可读指令被所述处理器执行时还执行以下步骤:通过函数指针将数据采集脚本中的代码封装至预设主函数,所述预设主函数包括多条输入输出类型转换语句;及利用所述输入输出类型转换语句将数据采集脚本的输入类型转换为第一固定类型,输出类型转换为第二固定类型,以对所述数据采集脚本进行混淆加密。
- 根据权利要求15所述的存储介质,其特征在于,所述计算机可读指令被所述处理器执行时还执行以下步骤:获取数据采集脚本中的多个具有功能含义的函数名;及获取函数名对应的自定义字符串;通过将自定义字符串对相应的函数名进行替换,对所述函数名的功能含义进行隐藏,以对所述数据采集脚本进行混淆加密。
- 根据权利要求15所述的存储介质,其特征在于,所述计算机可读指令被所述处理器执行时还执行以下步骤:查询数据采集脚本中函数调用语句;所述函数调用语句包括调用函数的函数名及被调 用函数的函数名;及根据被调用函数的函数名查询被调用函数的函数体,通过在所述被调用函数的函数体添加预设关键字,对调用函数和被调用函数之间的调用关系进行隐藏,以对所述数据采集脚本进行混淆加密。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711113783.4A CN107908392B (zh) | 2017-11-13 | 2017-11-13 | 数据采集工具包定制方法、装置、终端和存储介质 |
CN201711113783.4 | 2017-11-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019091016A1 true WO2019091016A1 (zh) | 2019-05-16 |
Family
ID=61844913
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2018/076961 WO2019091016A1 (zh) | 2017-11-13 | 2018-02-22 | 数据采集工具包定制方法、装置、终端和存储介质 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN107908392B (zh) |
WO (1) | WO2019091016A1 (zh) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108829396B (zh) * | 2018-06-15 | 2022-02-01 | 腾讯科技(深圳)有限公司 | 脚本编译的方法、脚本执行的方法、相关装置及系统 |
CN109063040B (zh) * | 2018-07-17 | 2020-07-07 | 清华大学 | 客户端程序数据采集方法及系统 |
CN109218322B (zh) * | 2018-09-28 | 2021-05-28 | 郑州昂视信息科技有限公司 | 一种拟态防御方法、装置及系统 |
CN109543433B (zh) * | 2018-11-27 | 2022-06-24 | 杭州网易智企科技有限公司 | 软件开发工具包加密方法、装置、计算机和存储介质 |
CN109918048B (zh) * | 2018-12-27 | 2022-09-06 | 北京奇艺世纪科技有限公司 | 目标对象提取方法、装置、系统及计算机可读存储介质 |
CN110222104A (zh) * | 2019-04-30 | 2019-09-10 | 中国人民财产保险股份有限公司 | 数据提取方法、设备及存储介质 |
CN113312053A (zh) * | 2020-02-27 | 2021-08-27 | 北京沃东天骏信息技术有限公司 | 一种数据处理的方法和装置 |
CN113691574B (zh) * | 2020-05-19 | 2024-10-15 | 武汉同创元盛科技有限公司 | 一种基于电商交易的综合服务管理平台及其实现方法 |
CN113992342A (zh) * | 2021-09-10 | 2022-01-28 | 南京南瑞信息通信科技有限公司 | 一种无损网络安全监测管控方法、装置及系统 |
CN114039743A (zh) * | 2021-09-27 | 2022-02-11 | 成都鲁易科技有限公司 | 数据的加密方法、装置、存储介质以及终端 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101267333A (zh) * | 2007-06-15 | 2008-09-17 | 南京联创科技股份有限公司 | 自动变更采集代理的业务系统监控方法 |
CN101833498A (zh) * | 2009-07-31 | 2010-09-15 | 北京伟晨豪嘉科技有限责任公司 | 一种基于测试脚本技术的嵌入式系统自动化检测系统 |
CN104360837A (zh) * | 2014-10-16 | 2015-02-18 | 公安部第三研究所 | 取证软件中基于自定义脚本实现电子数据取证分析的方法 |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100485690C (zh) * | 2007-08-09 | 2009-05-06 | 姜边 | 一种策略导向的面向领域的互联网信息采集方法 |
JP5369744B2 (ja) * | 2009-02-13 | 2013-12-18 | 三菱電機株式会社 | 情報収集システム、端末装置、情報収集用プログラム、端末用プログラム |
CN103188088B (zh) * | 2011-12-27 | 2015-11-18 | 北京新媒传信科技有限公司 | 设备信息采集系统及方法 |
CN104166822B (zh) * | 2013-05-20 | 2017-10-13 | 阿里巴巴集团控股有限公司 | 一种数据保护的方法和装置 |
US9386415B2 (en) * | 2013-07-17 | 2016-07-05 | Qualcomm Incorporated | Geofences based on RF fingerprints |
CN103886095B (zh) * | 2014-04-03 | 2017-10-24 | 北京深思数盾科技股份有限公司 | 跨平台目标文件复用方法 |
CN103973450B (zh) * | 2014-04-24 | 2017-07-11 | 广东华邦云计算股份有限公司 | 一种通信方法、系统及终端设备 |
CN106933551B (zh) * | 2015-12-30 | 2021-01-22 | 北京国双科技有限公司 | 配置处理方法和装置 |
CN106445526B (zh) * | 2016-09-26 | 2019-06-14 | 哈尔滨工业大学 | Hit-tena数据采集器及hit-tena数据采集方法 |
-
2017
- 2017-11-13 CN CN201711113783.4A patent/CN107908392B/zh active Active
-
2018
- 2018-02-22 WO PCT/CN2018/076961 patent/WO2019091016A1/zh active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101267333A (zh) * | 2007-06-15 | 2008-09-17 | 南京联创科技股份有限公司 | 自动变更采集代理的业务系统监控方法 |
CN101833498A (zh) * | 2009-07-31 | 2010-09-15 | 北京伟晨豪嘉科技有限责任公司 | 一种基于测试脚本技术的嵌入式系统自动化检测系统 |
CN104360837A (zh) * | 2014-10-16 | 2015-02-18 | 公安部第三研究所 | 取证软件中基于自定义脚本实现电子数据取证分析的方法 |
Also Published As
Publication number | Publication date |
---|---|
CN107908392B (zh) | 2020-12-22 |
CN107908392A (zh) | 2018-04-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019091016A1 (zh) | 数据采集工具包定制方法、装置、终端和存储介质 | |
TWI598765B (zh) | Data protection methods and devices | |
US10586026B2 (en) | Simple obfuscation of text data in binary files | |
US9195809B1 (en) | Automated vulnerability and error scanner for mobile applications | |
US20150121533A1 (en) | Dynamic analysis interpreter modification for application dataflow | |
CN104854561A (zh) | 用于应用程序管理框架的应用程序封装 | |
CN105022936A (zh) | 一种类class文件加密解密方法和装置 | |
CN106295255A (zh) | 应用程序的加固方法和装置 | |
CN104680039A (zh) | 一种应用程序安装包的数据保护方法及装置 | |
CN110532165B (zh) | 应用程序安装包特性检测方法、装置、设备及存储介质 | |
CN112214653B (zh) | 字符串识别方法、装置、存储介质及电子设备 | |
US20200177368A1 (en) | Virtual enigma cipher | |
CN107871066B (zh) | 基于安卓系统的代码编译方法及装置 | |
CN109885990A (zh) | 脚本管理方法 | |
CN114547558B (zh) | 授权方法、授权控制方法及装置、设备和介质 | |
Ozkan et al. | Security analysis of mobile authenticator applications | |
CN110597496B (zh) | 应用程序的字节码文件获取方法及装置 | |
Di Pierro | web2py | |
CN116235174A (zh) | 用于执行加密算法的设备和方法 | |
CN117786726A (zh) | 一种源码文件处理方法、装置、电子设备和存储介质 | |
JP2023542527A (ja) | ヘテロジニアス暗号化を通したソフトウェア・アクセス | |
CN115758464A (zh) | 一种基于配置的数据脱敏管理方法、装置、介质及设备 | |
CN113420313A (zh) | 程序安全运行、加密方法及其装置、设备、介质 | |
CN113282892A (zh) | 代码混淆方法、装置、计算机设备和存储介质 | |
CN110032832B (zh) | 一种Web应用程序的处理方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 18876353 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 14.08.2020) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 18876353 Country of ref document: EP Kind code of ref document: A1 |