CN104462952B - A kind of method and device forbidden using self-starting - Google Patents

A kind of method and device forbidden using self-starting Download PDF

Info

Publication number
CN104462952B
CN104462952B CN201410855681.XA CN201410855681A CN104462952B CN 104462952 B CN104462952 B CN 104462952B CN 201410855681 A CN201410855681 A CN 201410855681A CN 104462952 B CN104462952 B CN 104462952B
Authority
CN
China
Prior art keywords
application
starting
self
application program
package name
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410855681.XA
Other languages
Chinese (zh)
Other versions
CN104462952A (en
Inventor
宋振涛
符传坚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201410855681.XA priority Critical patent/CN104462952B/en
Publication of CN104462952A publication Critical patent/CN104462952A/en
Application granted granted Critical
Publication of CN104462952B publication Critical patent/CN104462952B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The present invention provides a kind of method forbidden using self-starting, comprises the following steps:Monitor the startup behavior of native application;Intercept and be used for the execution function for performing the application program launching in campaign management services process, obtain the bag name of the application;When this applies the permission item in the non-default data record of bag name, the startup behavior of the application program is terminated.Accordingly, the present invention also provides a kind of device forbidden using self-starting.The present invention can forbid the self-starting behavior of application and obstinate self-starting behavior, so as to reduce the power consumption of mobile terminal, while improve the speed of service.

Description

Method and device for forbidding application self-starting
Technical Field
The invention relates to an application self-starting control technology of mobile equipment, in particular to a method and a device for forbidding application self-starting.
Background
The application self-starting refers to the behavior that the application on the Android system is automatically started under the condition that a non-user actively runs. Many manufacturers now strive to commercialize APP to make its APP self-start at the time it needs to do so in an effort to their own interest.
The self-starting is divided into conventional self-starting and stubborn self-starting, when a user closes the stubborn self-starting application through self-starting management software, the stubborn self-starting application can immediately want to carry out self-repairing, although a plurality of self-starting management security software exist at present, the application which is self-started in a broadcast receiver mode can only be forbidden, the self-starting of service, provider and the stubborn self-starting application cannot be forbidden, and the excessive applications can cause the phenomena of fast power consumption, blocking, frequent popup advertisements and the like of a mobile phone of the user. The invention provides a scheme for forbidding self-starting, which can forbid the self-starting application in a broadcast receiver mode and can also effectively and accurately forbid the self-starting of service and provider and the application of stubborn self-starting.
Disclosure of Invention
The object of the present invention is to solve the problem of application self-start, in particular to solve the persistent self-start behavior of applications.
The invention provides a method for forbidding self-starting, which comprises the following steps:
monitoring the starting behavior of the native application program;
intercepting an execution function used for executing the application program starting in an activity management service process, and acquiring a package name of the application;
and when the application package name is not a permitted item in the preset data record, terminating the starting behavior of the application program.
Specifically, the data record is characterized in a form of a database, and the database has a mapping relationship between an application package name and a state item whether to allow the application program corresponding to the application package name to be started.
Preferably, the data record comprises a record of an application which is allowed to be automatically started and a record of an application which is forbidden to be automatically started;
or, only records of applications that are prohibited from booting.
Further, the data record further comprises a persistent self-starting log for recording the repeated self-starting application information.
Preferably, the method further provides a user interface for displaying the information of the persistent self-starting log record.
Further, the method for terminating the application program starting further comprises forcibly cutting off the awakened path of the stubborn self-starting application.
An apparatus for inhibiting application self-launching, comprising:
a monitoring unit: the system is used for monitoring the starting behavior of the model application program;
an interception unit: intercepting an execution function used for executing the application program starting in an activity management service process, and acquiring a package name of the application;
a prohibition unit: and when the application package name is not a permitted item in the preset data record, terminating the starting behavior of the application program.
Specifically, the data record is characterized in a form of a database, and the database has a mapping relationship between an application package name and a state item whether to allow the application program corresponding to the application package name to be started.
Furthermore, the device also comprises a persistent self-starting log generating unit which generates a log for recording the repeated self-starting application information.
Further, the device further comprises a wake-up path cutting unit for cutting off the wake-up path of the stubborn self-starting application.
Compared with the prior art, the scheme provided by the invention has the following advantages:
1. the invention provides a method for forbidding self-starting of an application, which comprises the steps of intercepting a member function startprocessLocked () called by ActivityManagerservice when the application is started, obtaining information of a packet name, pid, uid and the like of the application, determining the application which is forbidden to be self-started by a user according to the packet name of the application, terminating the process of the application and realizing the forbidding of self-starting.
2. The invention records a stubborn self-starting log for the repeatedly self-starting application, and can realize the accurate prohibition of the awakened application self-starting behavior by cutting off the path of the stubborn self-starting application awakened by the application program of the alliance of the stubborn self-starting application.
3. The invention provides a data record which is characterized by a database form, the database has a mapping relation between an application package name and a state item which is used for allowing the application program corresponding to the application package name to be started or not, the application forbidden by a user can be determined through the mapping relation, and compared with the intercepted application package name, whether the intercepted application is forbidden or not is rapidly determined.
4. The invention generates the stubborn self-starting log for recording the application information of repeated self-starting, presents the stubborn self-starting log to the user in an interface form, selects forbidden applications by the user according to the listed application information, presents the forbidden applications to the user in a more friendly interactive interface, and realizes the optimized forbidden self-starting.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The foregoing and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a flow chart of a method for prohibiting application self-starting
FIG. 2 is a schematic block diagram of an apparatus for prohibiting application self-start
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
As will be appreciated by those skilled in the art, "terminal" as used herein includes both devices that are wireless signal receivers, devices that have only wireless signal receivers without transmit capability, and devices that include receive and transmit hardware, devices that have receive and transmit hardware capable of performing two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (Personal Communications Service), which may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (Personal Digital Assistant), which may include a radio frequency receiver, a pager, internet/intranet access, a web browser, a notepad, a calendar and/or a GPS (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal" or "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or situated and/or configured to operate locally and/or in a distributed fashion at any other location(s) on earth and/or in space. As used herein, a "terminal Device" may also be a communication terminal, a web terminal, a music/video playing terminal, such as a PDA, an MID (Mobile Internet Device) and/or a Mobile phone with music/video playing function, or a smart tv, a set-top box, etc.
As will be appreciated by those skilled in the art, a remote network device, as used herein, includes, but is not limited to, a computer, a network host, a single network server, a collection of multiple network servers, or a cloud of multiple servers. Here, the Cloud is composed of a large number of computers or network servers based on Cloud Computing (Cloud Computing), which is a kind of distributed Computing, a super virtual computer composed of a group of loosely coupled computer sets. In the embodiment of the present invention, the remote network device, the terminal device and the WNS server may communicate with each other through any communication method, including but not limited to mobile communication based on 3GPP, LTE and WIMAX, computer network communication based on TCP/IP and UDP protocols, and short-range wireless transmission based on bluetooth and infrared transmission standards.
The method and the device are realized based on an Android operating system. In order to realize the functions of the scheme of the invention, the Root authority of the Android operating system needs to be acquired.
Root refers to a Root account in a Linux system that can operate all objects in the system, similar to an administeror account in a Windows system. Obtaining the Root authority may perform operations such as backing up the system, modifying internal programs of the system, obtaining a file directory, quiescing installation applications, uninstalling applications, and the like. The method comprises the steps that Root authority is obtained for mobile equipment of an Android system, SU files and super user.
The method for acquiring the Root authority is a known technology in the field, the Root can be realized by the mobile terminal in a plurality of ways in reality, and part of manufacturers also open the system Root authority for users or provide a convenient means for acquiring the Root authority. Therefore, the manner of obtaining the Root authority should not be considered as an essential component affecting the implementation of the present invention.
The Android system is used as an application platform, and the application self-starting mode in the mobile equipment mainly comprises the following three modes:
1. self-booting via a broadcast receiver component
broadcast receiver is a type of component in the Android system that accepts and responds to broadcast notifications, does not contain any user interface, but can initiate an activity or service to respond to the information they receive, or notify the user with a NotificationManager. There are two ways to register a broadcast receiver: dynamic registration and static registration.
The self-starting is realized by broadcasting, which is the most common self-starting mode of the application at present and is used most. When a target application adopts a static registration mode to register a broadcast component in a configuration file android manifest.
Therefore, a Broadcast component with the name of Broadcast Receiver is registered in the configuration file, when the system is started, a system Broadcast is sent to all applications, the Broadcast is named as android.
2. Implementing self-booting through service component
The Service is a Service component of an Android system, has no user interface, is an application running in a background, cannot directly interact with a user, and must be displayed and started by the user or other programs, has higher priority than that of the application in a foreground, but has higher priority than that of other applications in the background, and can be divided into local Service and remote Service.
The local service is the service which is currently applied in the same process, and has a common memory area, so that certain data can be conveniently and simply shared;
the remote service is mainly service access between different processes, and data can be shared between the different processes by using a common method through an AIDL tool.
The application realizes the self-starting mode through the service, the service needs to be registered in a configuration file android manifest. The addition code is as follows:
< | A! - -registration service >
<service android:name=”.MyService”>
Then, the registration service is started, and there are two ways to start the service:
one, start through startService ()
When an application starts a service through startService (), the service will be in a starting state, and once started, the service can run all the way down in the background even if the application starting it exits.
Two, starting through bindService
The bindService is a binding service and executes a logic flow in the service. The client establishes a connection with the service, communicates with the service by using the connection, binds the service by a context. Service in this mode starts with a call to context. Regardless of how many times StartService () is called, service can be stopped by only calling stopService ().
The application program can start the service to realize self-starting, and can also realize self-starting by binding the service, and other applications are awakened by the service.
3. Self-starting through content provider component
The content provider is one of the components in the Android system, is a mechanism for sharing data provided by the Android system, and enables an application program to access some private data of other application programs through the content provider by providing a standard data access interface. The shared data may be stored in a file system, a SQLite database, or some other medium.
The application program creates the Content Provider of the application program and provides information sharing service for other application programs. When other applications need to call the provider, the application program is called by other applications, so that self-starting is realized. The method comprises the following specific steps: each Content Provider registers itself in a configuration file android manifest, xml, and the code added in the configuration file is as follows:
<provider android:name=”.SomeProvider”
android:authorities=”com.your-company.SomeProvider”/>
therefore, the Content Provider provided by the SomeProvider is registered and authorized, the authorized basis URI is com.your-company.SomeProvider, and the specific Content Provider can be accurately positioned according to the authorized information system, so that an accessor can obtain the specified information. The starting event of the application is used as an authorized URI, and when other applications access the URI, the application can be automatically started to realize self-starting.
Referring to fig. 1, the present invention provides a method for prohibiting the self-starting application in the above three ways, and the specific implementation manner is as follows:
s11, monitoring the starting behavior of the native application program
The method comprises the steps of adopting a Hook function in the prior art to monitor the self-starting behavior of the application, firstly obtaining the system root authority of the mobile equipment, registering a communication service process to the system, and establishing a C/S (client/server) architecture communication pipeline between the service process and the application service process monitored by the service process through a Binder communication mechanism provided by an Android system.
The Hook technology is a technology for changing the execution result of the API, and is a platform of the Windows message processing mechanism, on which an application program can set its own sub-process for monitoring some message of a specified window, and the monitoring window can be created by other processes. When a message arrives, it is processed before the target window processing function. Hook is translated into Hook, which is a program segment for processing message, and is hung into the system through system call, when a specific message is sent out, the Hook function captures the message before the specific message does not reach a destination window, and can process the message, or can directly release the message without processing, and also can forcibly end the message transmission.
The API Hook comprises two modes, one mode is an import table based on a PE file, and the other mode is an inline Hook for modifying the first 5 bytes direct JMP. The principle of the first mode is that the PE file is provided with an import table which represents which external APIs are called by the module, after the module is loaded into the memory, the PE loader modifies the import table, changes the address into a real address after the external API is relocated, and directly changes the address in the PE file into the address of a new function, so that Hook of the corresponding API can be completed; the principle of the second mode is to analyze the instructions at the beginning of the function, copy the instructions to an array for storage, replace the instructions, execute the stored original instructions after the new function finishes processing, and call back the addresses after the instructions for execution.
Specifically, a Root authority of the system is obtained, and a monitoring module is injected into a system service process, and the method specifically comprises the following steps:
firstly, suspending a system service process;
then, covering the modified library file of the system service process with the original library file; and the function in the modified library file comprises a function code, a jar package, a so file and the like of the monitoring module. Therefore, the monitoring module is injected into the service process of the system to monitor the service processes of other applications in the system.
Secondly, when the application is started, the activityManagerservice is called, the hook function in the monitoring module monitors the initialization function of the target process, the hook function monitors the component calling instruction, which means that the entry point of the component calling instruction (function) in the target application process is monitored, and at this time, the fact that the component calling instruction has the running characteristic but does not execute the internal function of the component calling instruction occurs. The hook function hooks at an entry point of the hook function, modifies an address pointer to enable a target application process to be transferred to a new address, executes the hook function, and then transfers to the entry point of the hook to execute an original instruction after the hook function completes processing.
S12, intercepting the executive function for executing the application program in the activity management service process, and obtaining the package name of the application
In the Android system, the ActivityManagerService is responsible for managing the creation of an application program, runs in an independent process SystemServer, creates a new process for the application when the system needs to start an Activity or Service in the new process, and calls a member function startProcessLocked () to start a new process for the application program. The member function startprocessLocked () is defined in a frame/base/services/java/com/android/se rver/am/activityManagerService, java file, and part of codes of the function method is as follows:
intercepting the startprocessLocke () function, and acquiring package information app.info of self-starting application to obtain information such as application package names app.info.packagename, uid, pid and the like.
The related information of the application process can be obtained by capturing the log information, and the specific implementation manner may be as follows: defining a service watchdog, establishing a new logcat process in a watchdog.onstart function, and rewriting the onStart function for responding to service starting and creating actions and the log information of a Hook system. The specific codes are as follows:
mLogcat=safeExec(“logcat-c”);
mLogcat=safeExec(“logcat–v raw ActivityManager:I*:S”);
then monitoring the output information of the mLogcat process, redirecting the output information, extracting log information according to lines and analyzing and processing the log information, wherein the method specifically comprises the following steps:
is=mLogcat.getInputStream();
isr=new InputStreamReader(is);
reader=new BufferedReader(isr,0x400);
extracting and analyzing the flow information to obtain the package name, pid, uid and starting mode of the application program, wherein if the application is started by other applications, the information also comprises the package name of the application for executing calling, the calling path between the two applications and the like.
S13, when the name of the application package is not the allowed item in the preset data record, the start action of the application program is terminated
And comparing the self-starting application package names obtained by interception with the application package names in the data records respectively, and judging whether the intercepted self-starting application package names are forbidden application package names in the data records. The specific process is that a service process injected into the system scans information in the data record to obtain application package names set to a forbidden state, the intercepted application package names are respectively compared with the application package names set to the forbidden state one by one, if the intercepted application package names are forbidden items in the data record, the application is forbidden to be automatically started, otherwise, the application is not forbidden to be automatically started.
The data records are characterized in a database form, have a mapping relation between an application package name and a state item whether the application program corresponding to the application package name is allowed to be started or not, and comprise records of applications which are allowed to be automatically started and records of applications which are forbidden to be automatically started or only records of applications which are forbidden to be automatically started; including information such as application package name, startup times, status items, etc.
Forbidding the acquired name of the forbidding self-starting application package, wherein the specific implementation mode is as follows: and when the self-starting application package name obtained by intercepting exists in the database and the self-starting behavior of the application is realized in a broadcast receiver mode, executing a process.
In addition, the invention also records a persistent self-starting log, records the application of repeated self-starting and does not include the self-starting application of the system. The stubborn self-starting log records the application package name, the starting times of the repeated self-starting application, the user statistical proportion for forbidding the self-starting of the application, the state item and the like. The application package name is obtained by intercepting an execution function startprocessLocked () in an Activity management service ActivityManagerService process when the application is started.
The application starting mode of the repeated self-starting is generally started through the service or the content provider, and since the broadcast receiver is self-started by receiving the broadcast sent by the system, the method is different from the method of mutually calling and starting through the service or the content provider, the self-starting application program is repeatedly awakened and called by the application program calling the self-starting application program, and the application program calling the self-starting application program is in an activated state and can be awakened to have a calling relationship with the self-starting application program, so that the self-starting of the called application program is realized. The application process self-started through the broadcast receiver can be killed once, and repeated self-starting generally cannot occur. The application self-started in the service or content provider mode may be a persistent self-start of some applications caused by calling and waking up the self-start by an alliance application or a homologous application, so that the persistent self-start log generally records the self-start application information caused by the above-mentioned start mode.
The starting times can be counted by monitoring the times of the onResume and the onPause methods called by the application, the onResume and the onPause methods called once are recorded as one-time application starting, and the self-starting times of the application are counted by the service process injected into the system.
The user statistical proportion for forbidding the application self-starting is counted by the cloud server and pushed to a background service process in the injection system, the background service process sends a stubborn self-starting application package name to the remote server, the server is matched with a pre-recorded user statistical proportion table with the application forbidden, and a result obtained by matching is pushed to the background service process and recorded in a stubborn self-starting log.
And displaying the stubborn self-starting log to a user in an interface mode, wherein the user can select an application to be prohibited according to the prompted application starting information, and if the state item of the application is set to be a prohibition state, the injected background service process can prohibit the self-starting of the application according to the set state item of the application. For example, the application of the alliance, namely, the application writes the SDK of the alliance into each other, and self-starting is realized through mutual calling; awakening the self-started homologous application through the service, forwarding the related information started by the application process to the service process of the injection system, judging the name of the started application packet and the name of the started application packet by the service process, and analyzing an awakening path between the applications; when the user sets the state item of the application to a forbidden state, the service process injected into the system cuts off a mutual starting path between the applications by calling a processPapackage () function, and forcibly closes the started application process.
It should be noted that, for applications which are mutually awaken to start, only the applications which are started in the service mode are forbidden, and for applications in the provider mode, the applications are not forbidden, because the provider transmits data information, and if the applications are forbidden, the transmission of normal data is affected, so that the self-starting applications in the form are not forbidden. In addition, when an application is restarted for multiple times within a preset time threshold, for example, the application is restarted for three times within 1 second, the application is determined to be a system application, the self-starting behavior of the system application is not prohibited, and otherwise, power consumption is easily caused.
Correspondingly, referring to fig. 2, the present invention further provides a device for prohibiting the application from being started, including a monitoring unit 11, an intercepting unit 12, and a prohibiting unit 13. Further, the apparatus includes a persistent self-start log generation unit 14 and a wake-up path cutoff unit 15. Wherein,
the monitoring unit 11 is configured to monitor a self-starting behavior of the application of the mobile terminal, and perform a hook function to a hook of an execution function when the application is started by injecting a service process into the system, where the hook function hooks at an entry point of the hook function to modify an address pointer, so that a target application process is transferred to a new address, and perform the hook function itself, and after the hook function completes processing, the hook function turns to the entry point of the hook to execute an original instruction, or directly releases the process without any processing, or directly and forcibly kills the process, thereby implementing monitoring on the target application.
The interception unit 12 is configured to intercept an execution function of the self-starting application, and obtain a package name of the execution function; when the application process of hook is started, intercepting a member function startprocessLocked () executed when the activiManagerService creates the application process, and acquiring information such as a starting mode of the intercepted application, an application package name and the like.
The inhibition unit 13 is configured to inhibit the user from selecting the inhibited application self-start behavior. Comparing the intercepted application package names with the forbidden application package names in the data record one by one, if the intercepted application package names are forbidden items in the data record, ending the process of the application by executing a process. Meanwhile, the persistent self-boot log generated by the persistent log generation unit 14 is used for recording an application which is repeatedly self-booted. Displaying the stubborn log information to a user in an interface mode, and selecting forbidden stubborn self-starting applications by the user. For the application which is selected to be prohibited by the user, the wake-up path cutting unit 15 forwards the relevant information of the start of the application process to the service process of the injection system, the service process judges the name of the application packet of the start application and the name of the application packet of the started application, analyzes the wake-up path between the applications, cuts off the mutually started paths by calling a forcetcp packet () function, forcibly closes the process of the started application, and prohibits the self-starting behavior of the application.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (15)

1. A method for inhibiting application self-launching, comprising the steps of:
monitoring the starting behavior of the native application program, wherein the starting behavior of the native application program is monitored by adopting a Hook technology;
intercepting an execution function used for executing the application program starting in an activity management service process, and acquiring a package name of the application;
when the application package name is not an allowed item in the preset data record, terminating the starting behavior of the application program, wherein the database has a mapping relation between the application package name and a state item for allowing the application program corresponding to the application package name to be started, and the data record comprises a record of an application which allows self-starting and a record of an application which forbids self-starting; or, only records of applications that are prohibited from booting.
2. The method for prohibiting self-starting of an application according to any of the claims 1, wherein said data record further comprises a persistent self-starting log for recording information of a repeatedly self-starting application.
3. The method of claim 1, wherein the method further provides a user interface for displaying information of persistent restart log records.
4. The method according to claim 1, wherein the activity management service process is specifically a process in which an activity management service is located.
5. The method for prohibiting self-starting of an application according to claim 1, wherein the execution function of the application program start-up specifically refers to a member function startProcessLocked () called by activitymanager service at the time of application start-up.
6. The method for prohibiting the self-starting of an application according to claim 1, wherein said specific method for terminating the start of an application is calling function killProcess ().
7. The method for prohibiting the application from booting according to claim 1, wherein the method for terminating the application program booting further comprises forcing to cut off the wakened path of the stubborn self-booting application.
8. An apparatus for inhibiting application self-launching, comprising:
a monitoring unit: the method comprises the steps that the starting behavior of the machine type application program is monitored, and the Hook technology is adopted for monitoring the starting behavior of the machine type application program;
an interception unit: intercepting an execution function used for executing the application program starting in an activity management service process, and acquiring a package name of the application;
a prohibition unit: when the application package name is not an allowed item in the preset data record, terminating the starting behavior of the application program, wherein the database has a mapping relation between the application package name and a state item for allowing the application program corresponding to the application package name to be started, and the data record comprises a record of an application which allows self-starting and a record of an application which forbids self-starting; or, only records of applications that are prohibited from booting.
9. The apparatus of claim 8, wherein the data record further comprises a persistent restart log for recording information of the repeatedly started applications.
10. The apparatus according to claim 8, further comprising a persistent restart log generating unit for generating a log recording information of the repetitive restart applications.
11. The apparatus for prohibiting self-starting of an application according to claim 8, wherein said monitoring unit monitors the starting behavior of the native application by using Hook technology.
12. The apparatus according to claim 8, wherein the activity management service process is specifically a process in which the activity management service is located.
13. The apparatus according to claim 8, wherein the execution function of the application program start-up specifically refers to a member function startProcessLocked () called by activitymanager service at the time of application start-up.
14. The apparatus for prohibiting self-starting of an application according to claim 8, wherein a specific method for terminating the start of the application program in the prohibiting unit is to call a killProcess ().
15. The apparatus for prohibiting self-starting of an application according to claim 8, wherein said apparatus further comprises a wake-up path cutting unit for cutting off the wake-up path of the stubborn self-starting application.
CN201410855681.XA 2014-12-31 2014-12-31 A kind of method and device forbidden using self-starting Active CN104462952B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410855681.XA CN104462952B (en) 2014-12-31 2014-12-31 A kind of method and device forbidden using self-starting

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410855681.XA CN104462952B (en) 2014-12-31 2014-12-31 A kind of method and device forbidden using self-starting

Publications (2)

Publication Number Publication Date
CN104462952A CN104462952A (en) 2015-03-25
CN104462952B true CN104462952B (en) 2017-11-10

Family

ID=52908977

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410855681.XA Active CN104462952B (en) 2014-12-31 2014-12-31 A kind of method and device forbidden using self-starting

Country Status (1)

Country Link
CN (1) CN104462952B (en)

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104991803B (en) * 2015-07-10 2018-04-06 上海斐讯数据通信技术有限公司 To the managing and control system and method for the self-starting under given conditions of android application programs
CN104994481B (en) * 2015-07-10 2018-09-28 上海斐讯数据通信技术有限公司 The receiving/transmission method and system to broadcast the message between application program in a kind of android system
CN108650702B (en) * 2015-08-25 2021-06-15 Oppo广东移动通信有限公司 Broadcast information processing method and user terminal
CN105159771A (en) * 2015-09-21 2015-12-16 北京奇虎科技有限公司 Method and apparatus for processing inter-application chain type start
CN105204908B (en) * 2015-09-30 2019-06-14 北京金山安全软件有限公司 Application program package stopping method and device and electronic equipment
CN105516487B (en) * 2015-12-04 2019-07-16 上海斐讯数据通信技术有限公司 Broadcast receiving method, system and equipment
CN105607722A (en) * 2015-12-18 2016-05-25 北京金山安全软件有限公司 Power saving method and device and electronic equipment
CN106909834A (en) * 2015-12-23 2017-06-30 北京奇虎科技有限公司 A kind of data processing method and device
CN106909413A (en) * 2015-12-23 2017-06-30 北京奇虎科技有限公司 A kind of data processing method and device
CN105677533B (en) * 2015-12-30 2018-12-11 广东欧珀移动通信有限公司 Application process monitoring method and application process monitoring device
CN105700916B (en) * 2015-12-30 2019-06-14 Oppo广东移动通信有限公司 Application process starts method and application process starter
CN105653364B (en) * 2015-12-30 2019-04-16 Oppo广东移动通信有限公司 Application process management method and application process managing device
CN105786570A (en) * 2016-02-29 2016-07-20 周奇 Method and device for managing starting-up self-starting of program
CN105808257B (en) * 2016-03-08 2020-07-07 杭州朗和科技有限公司 Application popup identification method and device
CN106095478A (en) * 2016-05-31 2016-11-09 刘华英 Mode control method and system
CN106126562B (en) * 2016-06-15 2018-09-04 广东欧珀移动通信有限公司 A kind of pop-up hold-up interception method and terminal
CN106127030A (en) * 2016-06-22 2016-11-16 广东欧珀移动通信有限公司 A kind of interface control method and device
CN106203067B (en) * 2016-06-22 2019-09-13 Oppo广东移动通信有限公司 A kind of method for cleaning and device of application program
CN106203068B (en) * 2016-06-22 2019-12-10 Oppo广东移动通信有限公司 Control method and device for terminal application
CN106095517A (en) * 2016-06-28 2016-11-09 宇龙计算机通信科技(深圳)有限公司 The method and device that a kind of end application runs
CN106203075A (en) * 2016-07-19 2016-12-07 北京珠穆朗玛移动通信有限公司 A kind of method and device preventing application program from waking up up mutually
CN106155704A (en) * 2016-08-05 2016-11-23 硕诺科技(深圳)有限公司 A kind of method and system stoping application program mutually to wake up up
CN106372493A (en) * 2016-08-30 2017-02-01 广州视源电子科技股份有限公司 Unlocking method and device
CN106708697B (en) * 2016-09-29 2020-12-22 腾讯科技(深圳)有限公司 Method and device for detecting application program used by user
CN106598434A (en) * 2016-12-19 2017-04-26 深圳天珑无线科技有限公司 Starter application processing method, and terminal
CN106844532B (en) * 2016-12-29 2020-12-11 北京奇虎科技有限公司 Application program acquisition method and device and terminal equipment
CN106817414A (en) * 2017-01-12 2017-06-09 硕诺科技(深圳)有限公司 Using the method for mutually waking up startup in a kind of blocking Android system
CN107038358B (en) * 2017-04-20 2020-12-25 北京安云世纪科技有限公司 Self-starting processing method and device and mobile terminal
CN107247507A (en) * 2017-04-26 2017-10-13 努比亚技术有限公司 Prevent from applying booting-self controller method and terminal, computer-readable recording medium
CN109144676B (en) * 2017-06-15 2022-05-17 阿里巴巴集团控股有限公司 Self-starting detection method and device of application program and server
CN107343311A (en) * 2017-06-19 2017-11-10 北京小米移动软件有限公司 Push control method and device
CN107944258A (en) * 2017-11-21 2018-04-20 广东欧珀移动通信有限公司 Start control method, device, storage medium and the terminal of application with method of service
CN107831886B (en) * 2017-11-21 2020-06-26 Oppo广东移动通信有限公司 Control method and device for associated starting application, storage medium and intelligent terminal
CN107944257A (en) * 2017-11-21 2018-04-20 广东欧珀移动通信有限公司 Start control method, device, storage medium and the terminal of application with method of service
CN108769106B (en) * 2018-04-12 2021-06-01 网宿科技股份有限公司 Application package name acquisition method, data package transmission method and terminal equipment
CN110888683B (en) * 2018-08-16 2022-05-06 腾讯科技(深圳)有限公司 Performance optimization method and device of operating system and readable medium
WO2020093284A1 (en) * 2018-11-07 2020-05-14 深圳市欢太科技有限公司 Application information processing method, computer-readable storage medium and electronic device
WO2020103032A1 (en) * 2018-11-21 2020-05-28 深圳市欢太科技有限公司 Method and device for controlling running of process, storage medium and electronic device
CN110324715A (en) * 2019-07-04 2019-10-11 深圳市康冠技术有限公司 Application management method, device and computer readable storage medium
CN113806741A (en) * 2020-06-12 2021-12-17 北京小米移动软件有限公司 Information processing method and device
CN112738631A (en) * 2020-12-24 2021-04-30 深圳创维-Rgb电子有限公司 Startup processing method and device based on smart television, terminal equipment and medium
CN113158164A (en) * 2021-05-20 2021-07-23 读书郎教育科技有限公司 Android student tablet management and control application method
CN113157377B (en) * 2021-05-20 2023-06-27 读书郎教育科技有限公司 Method and equipment for realizing control of application part by Android system
CN116048325A (en) * 2022-06-30 2023-05-02 荣耀终端有限公司 Processing method for abnormal behavior of application, electronic equipment and storage medium
CN116048647B (en) * 2022-07-15 2023-10-20 荣耀终端有限公司 Method for controlling background application to be self-started and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101620529A (en) * 2008-07-03 2010-01-06 联想(北京)有限公司 Method and system for intercepting pop-up window
CN103279706A (en) * 2013-06-07 2013-09-04 北京奇虎科技有限公司 Method and device for intercepting installation of Android application program in mobile terminal
CN104077521A (en) * 2013-03-25 2014-10-01 联想(北京)有限公司 Information processing method and device
CN104123162A (en) * 2014-07-29 2014-10-29 北京奇虎科技有限公司 Method and device controlling self-starting of application programs

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101620529A (en) * 2008-07-03 2010-01-06 联想(北京)有限公司 Method and system for intercepting pop-up window
CN104077521A (en) * 2013-03-25 2014-10-01 联想(北京)有限公司 Information processing method and device
CN103279706A (en) * 2013-06-07 2013-09-04 北京奇虎科技有限公司 Method and device for intercepting installation of Android application program in mobile terminal
CN104123162A (en) * 2014-07-29 2014-10-29 北京奇虎科技有限公司 Method and device controlling self-starting of application programs

Also Published As

Publication number Publication date
CN104462952A (en) 2015-03-25

Similar Documents

Publication Publication Date Title
CN104462952B (en) A kind of method and device forbidden using self-starting
US11206451B2 (en) Information interception processing method, terminal, and computer storage medium
CN108595970B (en) Configuration method and device of processing assembly, terminal and storage medium
US9697353B2 (en) Method and device for intercepting call for service by application
US8844036B2 (en) Method and system for application-based policy monitoring and enforcement on a mobile device
US10440111B2 (en) Application execution program, application execution method, and information processing terminal device that executes application
US9875353B2 (en) Log information generation apparatus and recording medium, and log information extraction apparatus and recording medium
US11245725B2 (en) Dynamically updating policy controls for mobile devices and applications
US10176327B2 (en) Method and device for preventing application in an operating system from being uninstalled
JP5690689B2 (en) Application analysis apparatus and program
CN104462980A (en) Authority management method, device and system of application programs and mobile terminal
WO2015058574A1 (en) Method and apparatus for implementing push notification of extensive application program
CN102855148A (en) Android-based startup management method
Egners et al. Messing with Android's permission model
JP5723760B2 (en) Application analysis apparatus, application analysis system, and program
CN105975320B (en) Method and device for forbidding installation of third-party application and terminal
US20140378100A1 (en) Data calling method and device
US11531716B2 (en) Resource distribution based upon search signals
WO2017140154A1 (en) Method and system for security information management based on intelligent platform
CN106293821B (en) Method and device for acquiring and transmitting application program data and running application program
CN104573489A (en) Method and device for forbidding application to establish desktop icon
JP5828457B2 (en) API execution control device and program
CN104954223A (en) Data processing method and device based on virtual private network
EP4191946B1 (en) Cloud environment security tool
US11176021B2 (en) Messaging systems with improved reliability

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220725

Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015

Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Patentee before: Qizhi software (Beijing) Co.,Ltd.