CN104683996A - Mobile application safety management and control method and equipment - Google Patents
Mobile application safety management and control method and equipment Download PDFInfo
- Publication number
- CN104683996A CN104683996A CN201310631217.8A CN201310631217A CN104683996A CN 104683996 A CN104683996 A CN 104683996A CN 201310631217 A CN201310631217 A CN 201310631217A CN 104683996 A CN104683996 A CN 104683996A
- Authority
- CN
- China
- Prior art keywords
- mobile solution
- described mobile
- monitoring module
- management platform
- interaction request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
Landscapes
- Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a mobile application safety management and control method and equipment. The method comprises the following steps that a monitoring code is embedded in a mobile application passing the safety detection, and the monitoring code is used for monitoring and intercepting all network operations of the mobile application; after the mobile application is issued to terminal equipment, and when the mobile application sends a network interaction request, the monitoring code intercepts the network interaction request, copies the network interaction request and forwards the network interaction request to a mobile application platform; after the mobile application management platform receives the network interaction request, the network interaction request is forwarded to a target server corresponding to the mobile application, when response data returned by the target server is received, the response data is subjected to safety detection, corresponding processing is carried out according to the detection result, and the safe management and control can be carried out on the issued mobile application. According to the method and the equipment, the safety management control on the issued mobile application can be realized.
Description
Technical field
The present invention relates to communication technical field, particularly relate to a kind of mobile application security management-control method and equipment.
Background technology
Along with developing rapidly of mobile terminal the Internet, increasing of intelligent mobile terminal mobile phone, on mobile terminal, corresponding malicious code threatens and also increases gradually.In the malicious code of mobile terminal of current main flow, all there is network initiatively and connect behavior in most malicious code, connected by network, they connect with remote control service device, can download and propagate new malicious code, also can accept the instruction of remote server and then trigger corresponding malicious act, in this case simultaneously, its frequently network connect also result in a large amount of insignificant network traffics, impact is caused to gateway device.
Mobile store is in order to ensure app(application program of reaching the standard grade) safety, before app reaches the standard grade, all can do strict app fail safe detect, namely related art method is used, detect in app and whether comprise malicious code, whether can dynamic download malicious code, whether can obtain the picture of the content such as yellow, illegal from server, word etc.Only have the app detected by fail safe just can reach the standard grade, download for user.
But, although detected by the app fail safe before reaching the standard grade, the problem that Malware spreads unchecked can be solved to a certain extent.But after app reaches the standard grade, user downloads on app to oneself mobile phone and uses on store, now app has departed from the security management and control in Mobile solution store substantially, bag self can be downloaded and installed by networking, also yellow grade for illegal contents can be obtained by networking from server, and not by the supervision in application store.This problem cannot be solved at present to the safety detection method of Malware.
Summary of the invention
The invention provides a kind of mobile application security management-control method and equipment, carry out security management and control in order to realize the Mobile solution after to issue.
In order to reach above object, embodiments providing a kind of mobile application security management-control method, comprising:
When Mobile solution management platform receives the Mobile solution submitted to application developers side, and the fail safe of described Mobile solution is detected by rear, in described Mobile solution, embed monitoring module, this monitoring module for monitor and tackle this Mobile solution all-network operation;
When described Mobile solution management platform receives the download request to described Mobile solution of terminal equipment transmission, described Mobile solution is handed down to described terminal equipment;
When the network interaction request that the monitoring module that described Mobile solution management platform receives in described Mobile solution forwards, give this network interaction request forward the destination server that described Mobile solution is corresponding; Wherein, described network interaction request be monitoring module in described Mobile solution when the network interaction request intercepting described Mobile solution, copy and be transmitted to described Mobile solution management platform;
When described Mobile solution management platform receives the response data that destination server corresponding to described Mobile solution return, fail safe detection is carried out to described response data, and carries out respective handling according to testing result.
The embodiment of the present invention additionally provides a kind of mobile application security management-control method, and it is characterized in that, the method comprises:
Monitoring module in Mobile solution tackles the network interaction request of described Mobile solution;
Described network interaction request copies and is transmitted to Mobile solution management platform by described monitoring module, to make described Mobile solution management platform by described network interaction request forward to destination server corresponding to described Mobile solution, and when receiving the response data of destination server corresponding to described Mobile solution, fail safe detection is carried out to this response data.
The embodiment of the present invention additionally provides a kind of Mobile solution management platform, comprising:
Merge module, for receiving the Mobile solution submitted to application developers side when described mobile management platform, and the fail safe of described Mobile solution is detected by rear, in described Mobile solution, embed monitoring module, this monitoring module is for monitoring and tackling the all-network operation of this Mobile solution;
Release module, for receive in described Mobile solution management platform terminal equipment send the download request to described Mobile solution time, described Mobile solution is handed down to described terminal equipment;
Sending module, during the network interaction request that the monitoring module for receiving when described Mobile solution management platform in described Mobile solution forwards, gives this network interaction request forward the destination server that described Mobile solution is corresponding;
Processing module, during for receiving response data that destination server corresponding to described Mobile solution return when described Mobile solution management platform, carries out fail safe detection to described response data, and carries out respective handling according to testing result.
The embodiment of the present invention additionally provides a kind of mobile application security management and control devices, is embedded with monitoring module in the Mobile solution of described mobile application security management and control devices, and wherein, described monitoring module comprises:
Interception unit, for tackling the network interaction request of described Mobile solution;
First retransmission unit, for described network interaction request being copied and being transmitted to Mobile solution management platform, to make described Mobile solution management platform by described network interaction request forward to destination server corresponding to described Mobile solution, and when receiving the response data of destination server corresponding to described Mobile solution, fail safe detection is carried out to this response data.
In the above embodiment of the present invention, by fail safe detect by after Mobile solution in embed monitor code, this monitor code for monitor and tackle this Mobile solution all-network operation; After this Mobile solution is issued to terminal equipment, when this Mobile solution sends network interaction request, this monitor code tackles this network interaction request, and this network interaction request is copied and be transmitted to Mobile solution management platform; After Mobile solution management platform receives network interaction request, the destination server that this Mobile solution is corresponding is given by this network interaction request forward, and when receiving the response data that this destination server returns, fail safe detection is carried out to this response data, and carry out respective handling according to testing result, achieve the Mobile solution after to issue and carry out security management and control.
Accompanying drawing explanation
The schematic flow sheet of a kind of mobile application security management-control method that Fig. 1 provides for the embodiment of the present invention;
The handling process of mobile application security management and control technical scheme in monitoring module side that Fig. 2 provides for the embodiment of the present invention;
The system architecture diagram of a kind of embody rule scene that Fig. 3 provides for the embodiment of the present invention;
The structural representation of a kind of Mobile solution management platform that Fig. 4 provides for the embodiment of the present invention;
The structural representation of a kind of mobile application security management and control devices that Fig. 5 provides for the embodiment of the present invention;
The structural representation of a kind of mobile application security management and control devices that Fig. 6 A provides for the embodiment of the present invention;
The structural representation of a kind of mobile application security management and control devices that Fig. 6 B provides for the embodiment of the present invention.
Embodiment
For above-mentioned the problems of the prior art, embodiments provide a kind of technical scheme of mobile application security management and control.In this technical scheme, by fail safe detect by after Mobile solution in embed monitor code, this monitor code for monitor and tackle this Mobile solution all-network operation; After this Mobile solution is issued to terminal equipment, when this Mobile solution sends network interaction request, this monitor code tackles this network interaction request, and this network interaction request is copied and be transmitted to Mobile solution management platform; After Mobile solution management platform receives network interaction request, the destination server that this Mobile solution is corresponding is given by this network interaction request forward, and when receiving the response data that this destination server returns, fail safe detection is carried out to this response data, and carry out respective handling according to testing result, achieve the Mobile solution after to issue and carry out security management and control.
Below in conjunction with the accompanying drawing in the application, carry out clear, complete description to the technical scheme in the application, obviously, described embodiment is a part of embodiment of the application, instead of whole embodiments.Based on the embodiment in the application, the every other embodiment that those of ordinary skill in the art obtain under the prerequisite not making creative work, all belongs to the scope of the application's protection.
As shown in Figure 1, be the schematic flow sheet of a kind of mobile application security management-control method that the embodiment of the present invention provides, can comprise:
Step 101, Mobile solution management platform receive the Mobile solution that application developers side is submitted to, and carry out fail safe detection to this Mobile solution.
Concrete, Mobile solution management platform can carry out fail safe detection according to existing processing mode to it after receiving the Mobile solution submitted to application developers side.
Step 102, when Mobile solution management platform the fail safe of this Mobile solution detected by after, in this Mobile solution, embed monitoring module.
Concrete, in embodiments of the present invention, in order to realize the security management and control of the Mobile solution after to issue, fail safe is detected to the Mobile solution passed through, Mobile solution management platform can embed monitoring module in this Mobile solution, this monitoring module for monitor and tackle this Mobile solution all-network operation.
Wherein, the mode that Mobile solution management platform can be embedded by decompiling embeds monitoring module in Mobile solution.
Step 103, when Mobile solution management platform receive terminal equipment send the download request to this Mobile solution time, this Mobile solution is handed down to this terminal equipment.
Concrete, terminal equipment can by sending download request to Mobile solution management platform, and corresponding Mobile solution is downloaded in request.
Step 104, when Mobile solution management platform receives the network interaction request that monitoring module in this Mobile solution forwards, this network interaction request forward is given the destination server that this Mobile solution is corresponding by this Mobile solution management platform.
Concrete, after terminal equipment downloads to Mobile solution, when this terminal equipment runs this Mobile solution, this Mobile solution can send network interaction request to the destination server of correspondence.
In embodiments of the present invention, monitoring module in Mobile solution can tackle the network interaction request that this Mobile solution sends, and this network interaction request is copied and is transmitted to Mobile solution management platform, give corresponding destination server by Mobile solution management platform by this network interaction request forward.
Step 105, when Mobile solution management platform receives the response data that destination server corresponding to this Mobile solution return, fail safe detection is carried out to this response data, and carries out respective handling according to testing result.
Concrete, in embodiments of the present invention, after network interaction request forward is given corresponding destination server by Mobile solution management platform, if receive the response data that this destination server returns, then can carry out fail safe detection to this response data, as detected in this response data whether comprise the invalid information such as malicious code, yellow picture etc., when not comprising the invalid information such as malicious code, yellow picture in this response data, determine that testing result is that fail safe detection is passed through; When this response data comprises the invalid information such as malicious code, yellow picture, determine that testing result is that fail safe detection is not passed through.
If Mobile solution management platform (can according to concrete scene setting) in Preset Time does not receive the response data that destination server returns, then Mobile solution management platform can preserve this network interaction request, and in follow-up flow process, under specific circumstances (as when receiving complaint to this Mobile solution, report message) again by this network interaction request forward to destination server, and determine whether to receive response data, and when receiving response data, fail safe detection is carried out to response data.
Wherein, in embodiments of the present invention, when Mobile solution management platform receives the response data that destination server returns, and it is obstructed out-of-date to be that fail safe detects to the testing result that the fail safe of response data detects, and Mobile solution management platform can send alarm information to monitoring module.
The handling process of the mobile application security management and control technical scheme that the embodiment of the present invention provides in monitoring module side can as shown in Figure 2, can comprise the following steps:
Monitoring module in step 201, Mobile solution tackles the network interaction request of this Mobile solution.
This network interaction request copies and is transmitted to Mobile solution management platform by step 202, monitoring module, to make this Mobile solution management platform by this network interaction request forward to destination server corresponding to this Mobile solution, and when receiving the response data of destination server corresponding to this Mobile solution, fail safe detection is carried out to this response data.
Wherein, in embodiments of the present invention, after monitoring module has tackled the network interaction request of Mobile solution, can as described above this network interaction request have been copied and be transmitted to Mobile solution management platform on the one hand; On the other hand, this monitoring module can also carry out the process as mode one or mode two:
This network interaction request forward is given the destination server that this Mobile solution is corresponding by mode one, monitoring module, and when receiving the response data that destination server returns, this response data of buffer memory, and directly this response data is not shown on the display interface of this Mobile solution place terminal equipment; When monitoring module by network interaction request forward in the Preset Time after Mobile solution management platform, when receiving the alarm information of Mobile solution management platform, this monitoring module forbids this response data to show (namely this response data not shown on the display interface of this Mobile solution place terminal equipment) on the display interface of this Mobile solution place terminal equipment; When monitoring module by network interaction request forward in the Preset Time after Mobile solution management platform, when not receiving the alarm information of Mobile solution management platform, this response data shows by this monitoring module on the display interface of this Mobile solution place terminal equipment.
This network interaction request of mode two, monitoring module buffer memory, when monitoring module by network interaction request forward in the Preset Time after Mobile solution management platform, when receiving the alarm information of Mobile solution management platform, this monitoring module is forbidden this network interaction request forward to corresponding destination server (namely not by this network interaction request forward to corresponding destination server); When monitoring module by network interaction request forward in the Preset Time after Mobile solution management platform, when not receiving the alarm information of Mobile solution management platform, this network interaction request forward is given corresponding destination server by this monitoring module, and when receiving response data, this response data is shown on the display interface of the terminal equipment at this Mobile solution place.
In order to understand the technical scheme that the embodiment of the present invention provides better, below in conjunction with concrete application scenarios, the technical scheme that the embodiment of the present invention provides is described below in greater detail.
See Fig. 3, be the system architecture diagram of the embody rule scene that this embodiment provides, the flow process based on the mobile application security management-control method of this system architecture can comprise:
1, app is submitted to Mobile solution management platform by developer, and the fail safe of Mobile solution management platform to app detects;
2, after determining the fail safe of app, monitoring module is embedded app by the means such as decompiling embedding by mobile management platform, and the Main Function of this monitoring module can be supervised and tackle the all-network operation of this app;
3, after App issues, user downloads app running from application management platform, and when app own module (i.e. existing app originally just had module) carries out net interaction, all monitored module monitors of network interaction request is tackled;
4, monitoring module sends directly transparent for this network interaction request on the one hand, namely sends to destination server; On the other hand, network interaction request copied and be transmitted to Mobile solution management platform;
5, after Mobile solution management platform receives network interaction request, by network interaction request forward to destination server corresponding to app, to obtain response data;
If 6 Mobile solution management platforms can obtain response data, then analyze its content, mainly comprise (information such as binary code, picture, word), whether there is malicious code by security related tool detection, the invalid informations etc. such as yellow picture.
If 7 Mobile solution management platforms cannot obtain response data, then network interaction request is preserved, for tracing afterwards.
If 8 Mobile solution management platforms detect response data dangerous (testing result that namely fail safe detects is that fail safe detection is not passed through), then send alarm information, for subsequent operation reference to monitoring module.
Wherein, in this embodiment, in step 4, monitoring module by network interaction request forward to after destination server, when receiving the response message that destination server returns, first this response message of buffer memory, and when by network interaction request forward to when not receiving alarm information in the Preset Time after Mobile solution management platform, the display interface of this response message at the terminal equipment at Mobile solution place is shown; Otherwise, the display interface of this response message at Mobile solution place terminal equipment is not shown.
By above describe can find out, in the technical scheme that the embodiment of the present invention provides, by fail safe detect by after Mobile solution in embed monitor code, this monitor code for monitor and tackle this Mobile solution all-network operation; After this Mobile solution is issued to terminal equipment, when this Mobile solution sends network interaction request, this monitor code tackles this network interaction request, and this network interaction request is copied and be transmitted to Mobile solution management platform; After Mobile solution management platform receives network interaction request, the destination server that this Mobile solution is corresponding is given by this network interaction request forward, and when receiving the response data that this destination server returns, fail safe detection is carried out to this response data, and carry out respective handling according to testing result, when installing monitoring software on the terminal device without the need to user, achieving the Mobile solution after to issue and carrying out security management and control.
Based on identical technical conceive, the embodiment of the present invention additionally provides a kind of Mobile solution management platform, can be applied to said method embodiment.
As shown in Figure 4, be the structural representation of a kind of Mobile solution management platform that the embodiment of the present invention provides, can comprise:
Merge module 41, for receiving the Mobile solution submitted to application developers side when described mobile management platform, and the fail safe of described Mobile solution is detected by rear, in described Mobile solution, embed monitoring module, this monitoring module for monitor and tackle this Mobile solution all-network operation;
Release module 42, for receive in described Mobile solution management platform terminal equipment send the download request to described Mobile solution time, described Mobile solution is handed down to described terminal equipment;
Sending module 43, during the network interaction request that the monitoring module for receiving when described Mobile solution management platform in described Mobile solution forwards, gives this network interaction request forward the destination server that described Mobile solution is corresponding;
Processing module 44, during for receiving response data that destination server corresponding to described Mobile solution return when described Mobile solution management platform, carries out fail safe detection to described response data, and carries out respective handling according to testing result.
Wherein, described merge module 41 specifically for, the mode embedded by decompiling embeds monitoring module in described Mobile solution.
Wherein, the Mobile solution management platform that the embodiment of the present invention provides also comprises:
Cache module 45, after giving this network interaction request forward the destination server that described Mobile solution is corresponding in Mobile solution management platform, if when described Mobile solution management platform does not receive the response data that destination server corresponding to described Mobile solution return in Preset Time, then preserve described network interaction request.
Wherein, described processing module 44 specifically for, when described testing result, to be that fail safe detects obstructed out-of-date, sends alarm information to described monitoring module.
Based on identical technical conceive, the embodiment of the present invention additionally provides a kind of mobile application security management and control devices, can be applied to said method embodiment.
As shown in Figure 5, be the structural representation of a kind of mobile application security management and control devices that the embodiment of the present invention provides, be embedded with monitoring module in the Mobile solution of this mobile application security management and control devices, this monitoring module can comprise:
Interception unit 51, for tackling the network interaction request of described Mobile solution;
First retransmission unit 52, for described network interaction request being copied and being transmitted to Mobile solution management platform, to make described Mobile solution management platform by described network interaction request forward to destination server corresponding to described Mobile solution, and when receiving the response data of destination server corresponding to described Mobile solution, fail safe detection is carried out to this response data.
Wherein, see Fig. 6 A in one embodiment of this invention, this monitoring module can also comprise:
Second retransmission unit 53, for tackle described Mobile solution at described monitoring module network interaction request after, described Mobile solution is transmitted to destination server corresponding to described Mobile solution, and the response data that buffer memory receives;
First processing unit 54, for receive in Preset Time when described monitoring module described Mobile solution management platform send alarm information time, forbid described response data to show on the display interface of described Mobile solution place terminal equipment; Wherein, described alarm information is described Mobile solution management platform is that fail safe detection is obstructed out-of-date in the testing result that fail safe detects, and sends to described monitoring module.
Wherein, described first processing unit 54 also for, when described monitoring module do not receive in Preset Time described Mobile solution management platform send alarm information time, described response data is shown on the display interface of described Mobile solution place terminal equipment.
Wherein, see Fig. 6 B, in an alternative embodiment of the invention, this monitoring module can also comprise:
Buffer unit 55, for tackle described Mobile solution in described interception unit network interaction request after, network interaction request described in buffer memory;
Second processing unit 56, during for receiving alarm information that described Mobile solution management platform sends in Preset Time when described monitoring module, forbids described network interaction request forward to destination server corresponding to described Mobile solution; Wherein, described alarm information is described Mobile solution management platform is that fail safe detection is obstructed out-of-date in the testing result that fail safe detects, and sends to described monitoring module.
Wherein, described second processing unit 56 also for, when described monitoring module does not receive the alarm information that described Mobile solution management platform sends in Preset Time, destination server corresponding to described Mobile solution give described network interaction request forward.
Through the above description of the embodiments, those skilled in the art can be well understood to the mode that the present invention can add required general hardware platform by software and realize, and can certainly pass through hardware, but in a lot of situation, the former is better execution mode.Based on such understanding, technical scheme of the present invention can embody with the form of software product the part that prior art contributes in essence in other words, this computer software product is stored in a storage medium, comprising some instructions in order to make a station terminal equipment (can be mobile phone, personal computer, server, or the network equipment etc.) perform method described in each embodiment of the present invention.
The above is only the preferred embodiment of the present invention; it should be pointed out that for those skilled in the art, under the premise without departing from the principles of the invention; can also make some improvements and modifications, these improvements and modifications also should look protection scope of the present invention.
Claims (18)
1. a mobile application security management-control method, is characterized in that, comprising:
When Mobile solution management platform receives the Mobile solution submitted to application developers side, and the fail safe of described Mobile solution is detected by rear, in described Mobile solution, embed monitoring module, this monitoring module for monitor and tackle this Mobile solution all-network operation;
When described Mobile solution management platform receives the download request to described Mobile solution of terminal equipment transmission, described Mobile solution is handed down to described terminal equipment;
When the network interaction request that the monitoring module that described Mobile solution management platform receives in described Mobile solution forwards, give this network interaction request forward the destination server that described Mobile solution is corresponding; Wherein, described network interaction request be monitoring module in described Mobile solution when the network interaction request intercepting described Mobile solution, copy and be transmitted to described Mobile solution management platform;
When described Mobile solution management platform receives the response data that destination server corresponding to described Mobile solution return, fail safe detection is carried out to described response data, and carries out respective handling according to testing result.
2. the method for claim 1, is characterized in that, described Mobile solution management platform embeds monitoring module in described Mobile solution, is specially:
The mode that described Mobile solution management platform is embedded by decompiling embeds monitoring module in described Mobile solution.
3. the method for claim 1, is characterized in that, described Mobile solution management platform also comprises after giving this network interaction request forward the destination server that described Mobile solution is corresponding:
If when described Mobile solution management platform does not receive the response data that destination server corresponding to described Mobile solution return in Preset Time, then preserve described network interaction request.
4. the method for claim 1, is characterized in that, described Mobile solution management platform is carried out respective handling according to testing result and comprised:
When described testing result is that fail safe detection is obstructed out-of-date, described Mobile solution management platform sends alarm information to described monitoring module.
5. a mobile application security management-control method, is characterized in that, be embedded with monitoring module in described Mobile solution, the method comprises:
Monitoring module in Mobile solution tackles the network interaction request of described Mobile solution;
Described network interaction request copies and is transmitted to Mobile solution management platform by described monitoring module, to make described Mobile solution management platform by described network interaction request forward to destination server corresponding to described Mobile solution, and when receiving the response data of destination server corresponding to described Mobile solution, fail safe detection is carried out to this response data.
6. method as claimed in claim 5, it is characterized in that, the monitoring module in described Mobile solution also comprises after tackling the network interaction request of described Mobile solution:
Described Mobile solution is transmitted to destination server corresponding to described Mobile solution by described monitoring module, and the response data that buffer memory receives;
Described network interaction request copies and after being transmitted to Mobile solution management platform, also comprises by described monitoring module:
When described monitoring module receives the alarm information of described Mobile solution management platform transmission in Preset Time, described monitoring module forbids described response data to show on the display interface of described Mobile solution place terminal equipment; Wherein, described alarm information is described Mobile solution management platform is that fail safe detection is obstructed out-of-date in the testing result that fail safe detects, and sends to described monitoring module.
7. method as claimed in claim 6, it is characterized in that, the method also comprises:
When described monitoring module does not receive the alarm information of described Mobile solution management platform transmission in Preset Time, described response data shows by described monitoring module on the display interface of described Mobile solution place terminal equipment.
8. method as claimed in claim 5, it is characterized in that, the monitoring module in described Mobile solution also comprises after tackling the network interaction request of described Mobile solution:
Network interaction request described in described monitoring module buffer memory;
Described network interaction request copies and after being transmitted to Mobile solution management platform, also comprises by described monitoring module:
When described monitoring module receives the alarm information that described Mobile solution management platform sends in Preset Time, described monitoring module is forbidden described network interaction request forward to destination server corresponding to described Mobile solution; Wherein, described alarm information is described Mobile solution management platform is that fail safe detection is obstructed out-of-date in the testing result that fail safe detects, and sends to described monitoring module.
9. method as claimed in claim 8, it is characterized in that, the method also comprises:
When described monitoring module does not receive the alarm information of described Mobile solution management platform transmission in Preset Time, described network interaction request forward is given the destination server that described Mobile solution is corresponding by described monitoring module.
10. a Mobile solution management platform, is characterized in that, comprising:
Merge module, for receiving the Mobile solution submitted to application developers side when described mobile management platform, and the fail safe of described Mobile solution is detected by rear, in described Mobile solution, embed monitoring module, this monitoring module is for monitoring and tackling the all-network operation of this Mobile solution;
Release module, for receive in described Mobile solution management platform terminal equipment send the download request to described Mobile solution time, described Mobile solution is handed down to described terminal equipment;
Sending module, during the network interaction request that the monitoring module for receiving when described Mobile solution management platform in described Mobile solution forwards, gives this network interaction request forward the destination server that described Mobile solution is corresponding;
Processing module, during for receiving response data that destination server corresponding to described Mobile solution return when described Mobile solution management platform, carries out fail safe detection to described response data, and carries out respective handling according to testing result.
11. Mobile solution management platforms as claimed in claim 10, is characterized in that,
Described merge module specifically for, the mode embedded by decompiling embeds monitoring module in described Mobile solution.
12. Mobile solution management platforms as claimed in claim 10, is characterized in that, also comprise:
Cache module, after giving this network interaction request forward the destination server that described Mobile solution is corresponding in Mobile solution management platform, if when described Mobile solution management platform does not receive the response data that destination server corresponding to described Mobile solution return in Preset Time, then preserve described network interaction request.
13. Mobile solution management platforms as claimed in claim 10, is characterized in that,
Described processing module specifically for, when described testing result, to be that fail safe detects obstructed out-of-date, sends alarm information to described monitoring module.
14. 1 kinds of mobile application security management and control devices, is characterized in that, are embedded with monitoring module in the Mobile solution of described mobile application security management and control devices, and wherein, described monitoring module comprises:
Interception unit, for tackling the network interaction request of described Mobile solution;
First retransmission unit, for described network interaction request being copied and being transmitted to Mobile solution management platform, to make described Mobile solution management platform by described network interaction request forward to destination server corresponding to described Mobile solution, and when receiving the response data of destination server corresponding to described Mobile solution, fail safe detection is carried out to this response data.
15. mobile application security management and control devices as claimed in claim 14, it is characterized in that, described monitoring module also comprises:
Second retransmission unit, for tackle described Mobile solution at described monitoring module network interaction request after, described Mobile solution is transmitted to destination server corresponding to described Mobile solution, and the response data that buffer memory receives;
First processing unit, for receive in Preset Time when described monitoring module described Mobile solution management platform send alarm information time, forbid described response data to show on the display interface of described Mobile solution place terminal equipment; Wherein, described alarm information is described Mobile solution management platform is that fail safe detection is obstructed out-of-date in the testing result that fail safe detects, and sends to described monitoring module.
16. mobile application security management and control devices as claimed in claim 15, is characterized in that,
Described first processing unit also for, when described monitoring module do not receive in Preset Time described Mobile solution management platform send alarm information time, described response data is shown on the display interface of described Mobile solution place terminal equipment.
17. mobile application security management and control devices as claimed in claim 14, it is characterized in that, described monitoring module also comprises:
Buffer unit, for tackle described Mobile solution in described interception unit network interaction request after, network interaction request described in buffer memory;
Second processing unit, during for receiving alarm information that described Mobile solution management platform sends in Preset Time when described monitoring module, forbids described network interaction request forward to destination server corresponding to described Mobile solution; Wherein, described alarm information is described Mobile solution management platform is that fail safe detection is obstructed out-of-date in the testing result that fail safe detects, and sends to described monitoring module.
18. mobile application security management and control devices as claimed in claim 17, is characterized in that,
Described second processing unit also for, when described monitoring module does not receive the alarm information that described Mobile solution management platform sends in Preset Time, destination server corresponding to described Mobile solution give described network interaction request forward.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310631217.8A CN104683996B (en) | 2013-11-29 | 2013-11-29 | A kind of mobile application security management-control method and equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310631217.8A CN104683996B (en) | 2013-11-29 | 2013-11-29 | A kind of mobile application security management-control method and equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104683996A true CN104683996A (en) | 2015-06-03 |
CN104683996B CN104683996B (en) | 2018-07-24 |
Family
ID=53318448
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310631217.8A Active CN104683996B (en) | 2013-11-29 | 2013-11-29 | A kind of mobile application security management-control method and equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104683996B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060179484A1 (en) * | 2005-02-09 | 2006-08-10 | Scrimsher John P | Remediating effects of an undesired application |
CN102024127A (en) * | 2010-11-17 | 2011-04-20 | 中国联合网络通信集团有限公司 | Control platform, user terminal, distribution system and method of application software |
CN102110220A (en) * | 2011-02-14 | 2011-06-29 | 宇龙计算机通信科技(深圳)有限公司 | Application program monitoring method and device |
CN103279706A (en) * | 2013-06-07 | 2013-09-04 | 北京奇虎科技有限公司 | Method and device for intercepting installation of Android application program in mobile terminal |
-
2013
- 2013-11-29 CN CN201310631217.8A patent/CN104683996B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060179484A1 (en) * | 2005-02-09 | 2006-08-10 | Scrimsher John P | Remediating effects of an undesired application |
CN102024127A (en) * | 2010-11-17 | 2011-04-20 | 中国联合网络通信集团有限公司 | Control platform, user terminal, distribution system and method of application software |
CN102110220A (en) * | 2011-02-14 | 2011-06-29 | 宇龙计算机通信科技(深圳)有限公司 | Application program monitoring method and device |
CN103279706A (en) * | 2013-06-07 | 2013-09-04 | 北京奇虎科技有限公司 | Method and device for intercepting installation of Android application program in mobile terminal |
Also Published As
Publication number | Publication date |
---|---|
CN104683996B (en) | 2018-07-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3225009B1 (en) | Systems and methods for malicious code detection | |
US10148693B2 (en) | Exploit detection system | |
EP2755157B1 (en) | Detecting undesirable content | |
KR20070099201A (en) | Method of security management for mobile wireless device and apparatus for security management using the same | |
WO2017107830A1 (en) | Application installation method, apparatus and electronic device | |
US9747449B2 (en) | Method and device for preventing application in an operating system from being uninstalled | |
CN103294955B (en) | Macrovirus checking and killing method and system | |
CN112528296B (en) | Vulnerability detection method and device, storage medium and electronic equipment | |
KR102159399B1 (en) | Device for monitoring web server and analysing malicious code | |
CN104486292B (en) | A kind of control method of ERM secure access, apparatus and system | |
CN115348086B (en) | Attack protection method and device, storage medium and electronic equipment | |
EP3834113B1 (en) | Detecting security risks in binary software code | |
CN104992116B (en) | Monitoring method based on intent sniffer and system | |
CN106325993A (en) | Freezing method of application program and terminal | |
CN113412603B (en) | Privacy compliance detection method and related product | |
CN104683996A (en) | Mobile application safety management and control method and equipment | |
CN108234399B (en) | Interface communication method and terminal | |
KR101946569B1 (en) | Method and apparatus for preventing outgoing call spoofing in mobile operating system, computer readable medium and computer program | |
KR102541888B1 (en) | Image-based malicious code analysis method and apparatus and artificial intelligence-based endpoint detection and response system using the same | |
CN106713215B (en) | Information processing method, terminal and server | |
CN111107143B (en) | Network file transmission detection method, device and system | |
CN107562616A (en) | A kind of UAF vulnerability exploits determination methods and device | |
KR101473655B1 (en) | Method and appratus for detecting risk of message | |
CN113852623A (en) | Virus industrial control behavior detection method and device | |
KR20170015178A (en) | Security system and method for web server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |