CN104683996B - A kind of mobile application security management-control method and equipment - Google Patents
A kind of mobile application security management-control method and equipment Download PDFInfo
- Publication number
- CN104683996B CN104683996B CN201310631217.8A CN201310631217A CN104683996B CN 104683996 B CN104683996 B CN 104683996B CN 201310631217 A CN201310631217 A CN 201310631217A CN 104683996 B CN104683996 B CN 104683996B
- Authority
- CN
- China
- Prior art keywords
- mobile application
- mobile
- monitoring module
- management platform
- network interaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
Landscapes
- Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a kind of mobile application security management-control methods and equipment, this method to include:The embedded monitor code in the mobile application after safety detection passes through, the monitor code are used to monitor and intercept the all-network operation of the mobile application;After the mobile application is issued to terminal device, when the mobile application sends network interaction request, which intercepts network interaction request, and the network interaction is asked to replicate and is transmitted to mobile solution management platform;After mobile solution management platform receives network interaction request, network interaction request is transmitted to the corresponding destination server of the mobile application, and when receiving the response data of destination server return, safety detection is carried out to the response data, and respective handling is carried out according to testing result, it realizes and security management and control is carried out to the mobile application after publication.In the present invention, it realizes and security management and control is carried out to the mobile application after publication.
Description
Technical field
The present invention relates to field of communication technology more particularly to a kind of mobile application security management-control method and equipment.
Background technology
With the rapid development of mobile terminal internet, intelligent mobile terminal mobile phone increases, corresponding on mobile terminal
Malicious code threat also gradually increases.In the malicious code of mobile terminal of current mainstream, most of malicious code all exists
The network connection behavior of active, by network connection, they are attached with remote control server, can download and propagate and is new
Malicious code, the instruction of remote server can also be received and then trigger corresponding malicious act, while in this case,
Its frequent network connection also results in a large amount of meaningless network flow, and impact is caused to gateway device.
Store is moved in order to ensure the app that reaches the standard grade(Application program)Safety, stringent app peaces can be done before app reaches the standard grade
Property detection entirely uses related art method, whether detect in app includes malicious code, if meeting dynamic download malicious code,
Whether the picture of the contents such as yellow, illegal, word etc. can be obtained from server.Only by the app of safety detection ability
Line is downloaded for user.
But although by the app safety detections before reaching the standard grade, it can solve what Malware was spread unchecked to a certain extent
Problem.But after app reaches the standard grade, user downloads on store and is used on app to the mobile phone of oneself, and app is substantially departing from shifting at this time
The dynamic security management and control using store can download installation kit self-renewing by networking, can also be obtained by networking from server
The illegal contents such as extracting yellow, without being supervised by using store.This can not be solved to the safety detection method of Malware at present
Problem.
Invention content
The present invention provides a kind of mobile application security management-control method and equipment, to realize to the mobile application after publication
Carry out security management and control.
In order to reach object above, an embodiment of the present invention provides a kind of mobile application security management-control methods, including:
When mobile solution management platform receives the mobile application of application developers side submission, and to the mobile application
After safety detection passes through, the embedded monitoring module in the mobile application, the monitoring module is for monitoring and intercepting the movement
The all-network of application operates;
When the download to the mobile application that the mobile solution management platform receives terminal device transmission is asked,
The mobile application is handed down to the terminal device;
When the network interaction that the mobile solution management platform receives the forwarding of the monitoring module in the mobile application is asked
When asking, network interaction request is transmitted to the corresponding destination server of the mobile application;Wherein, the network interaction request
It is monitoring module in the mobile application in the network interaction request for intercepting the mobile application, replicates and be transmitted to institute
State mobile solution management platform;
When the mobile solution management platform receives the number of responses that the corresponding destination server of the mobile application returns
According to when, safety detection is carried out to the response data, and carries out respective handling according to testing result.
The embodiment of the present invention additionally provides a kind of mobile application security management-control method, which is characterized in that this method includes:
Monitoring module in mobile application intercepts the network interaction request of the mobile application;
The network interaction is asked to replicate and is transmitted to mobile solution management platform by the monitoring module, so that the shifting
Network interaction request is transmitted to the corresponding destination server of the mobile application by dynamic application management platform, and is worked as and received
When the response data of the corresponding destination server of the mobile application, safety detection is carried out to the response data.
The embodiment of the present invention additionally provides a kind of mobile solution management platform, including:
Embedded module, the mobile application for receiving the submission of application developers side when the mobile management platform, and it is right
After the safety detection of the mobile application passes through, the embedded monitoring module in the mobile application, the monitoring module is for supervising
Control and intercept the all-network operation of the mobile application;
Release module, for the mobile solution management platform receive terminal device transmission to the mobile application
Download request when, the mobile application is handed down to the terminal device;
Sending module, for receiving the forwarding of the monitoring module in the mobile application when the mobile solution management platform
Network interaction request when, by the network interaction request be transmitted to the corresponding destination server of the mobile application;
Processing module receives the corresponding destination server of the mobile application for working as the mobile solution management platform
When the response data of return, safety detection is carried out to the response data, and carry out respective handling according to testing result.
The embodiment of the present invention additionally provides a kind of mobile application security management and control devices, the mobile application security management and control devices
Mobile application in be embedded with monitoring module, wherein the monitoring module includes:
Interception unit, the network interaction for intercepting the mobile application are asked;
First retransmission unit, for the network interaction to be asked to replicate and is transmitted to mobile solution management platform, so that
Network interaction request is transmitted to the corresponding destination server of the mobile application by the mobile solution management platform, and is worked as
When receiving the response data of the corresponding destination server of the mobile application, safety detection is carried out to the response data.
It, should by embedded monitor code in the mobile application after safety detection passes through in the above embodiment of the present invention
Monitor code is used to monitor and intercept the all-network operation of the mobile application;After the mobile application is issued to terminal device,
When the mobile application sends network interaction request, which intercepts network interaction request, and the network interaction is asked
It asks and replicates and be transmitted to mobile solution management platform;After mobile solution management platform receives network interaction request, by the network
Interaction request is transmitted to the corresponding destination server of the mobile application, and when the response data for receiving destination server return
When, safety detection is carried out to the response data, and carry out respective handling according to testing result, realized to the movement after publication
Using progress security management and control.
Description of the drawings
Fig. 1 is a kind of flow diagram of mobile application security management-control method provided in an embodiment of the present invention;
Fig. 2 is processing stream of the mobile application security management and control technical solution provided in an embodiment of the present invention in monitoring module side
Journey;
Fig. 3 is a kind of system architecture diagram of concrete application scene provided in an embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of mobile solution management platform provided in an embodiment of the present invention;
Fig. 5 is a kind of structural schematic diagram of mobile application security management and control devices provided in an embodiment of the present invention;
Fig. 6 A are a kind of structural schematic diagram of mobile application security management and control devices provided in an embodiment of the present invention;
Fig. 6 B are a kind of structural schematic diagram of mobile application security management and control devices provided in an embodiment of the present invention.
Specific implementation mode
The problems in for the above-mentioned prior art, an embodiment of the present invention provides a kind of technologies of mobile application security management and control
Scheme.In the technical scheme, pass through embedded monitor code, the monitor code in the mobile application after safety detection passes through
All-network for monitoring and intercepting the mobile application operates;After the mobile application is issued to terminal device, when the movement
When using sending network interaction request, which intercepts network interaction request, and network interaction request is replicated simultaneously
It is transmitted to mobile solution management platform;After mobile solution management platform receives network interaction request, which is asked
It is transmitted to the corresponding destination server of the mobile application, and when receiving the response data of destination server return, to this
Response data carries out safety detection, and carries out respective handling according to testing result, realize to the mobile application after publication into
Row security management and control.
Below in conjunction with the attached drawing in the application, clear, complete description is carried out to the technical solution in the application, is shown
So, described embodiment is a part of the embodiment of the application, instead of all the embodiments.Based on the implementation in the application
Example, the every other embodiment that those of ordinary skill in the art are obtained without making creative work all belong to
In the range of the application protection.
As shown in Figure 1, be a kind of flow diagram of mobile application security management-control method provided in an embodiment of the present invention, it can
To include:
Step 101, mobile solution management platform receive the mobile application that application developers side is submitted, and to the mobile application
Carry out safety detection.
Specifically, after mobile solution management platform receives the mobile application that application developers side is submitted, it can be according to existing
There is processing mode to carry out safety detection to it.
Step 102, after mobile solution management platform passes through the safety detection of the mobile application, in the mobile application
Middle embedded monitoring module.
Specifically, in embodiments of the present invention, in order to realize the security management and control to the mobile application after publication, for safety
Property the mobile application that passes through of detection, mobile solution management platform can be embedded in monitoring module in the mobile application, the monitoring mould
Block is used to monitor and intercept the all-network operation of the mobile application.
Wherein, mobile solution management platform embedded in mobile application by way of decompiling insertion can monitor mould
Block.
Step 103 is asked when mobile solution management platform receives the download to the mobile application that terminal device is sent
When, which is handed down to the terminal device.
Specifically, terminal device can download request by being sent to mobile solution management platform, request is downloaded corresponding
Mobile application.
Step 104, when mobile solution management platform receive the monitoring module in the mobile application forwarding network interaction
When request, which is transmitted to the corresponding destination server of the mobile application by network interaction request.
Specifically, after terminal device downloads to mobile application, when the terminal device runs the mobile application, which answers
It is asked with network interaction can be sent to corresponding destination server.
In embodiments of the present invention, the monitoring module in mobile application can intercept the network interaction of mobile application transmission
Request, and the network interaction is asked to replicate and is transmitted to mobile solution management platform, by mobile solution management platform by the net
Network interaction request is transmitted to corresponding destination server.
Step 105 receives the response that the corresponding destination server of the mobile application returns when mobile solution management platform
When data, safety detection is carried out to the response data, and carry out respective handling according to testing result.
Specifically, in embodiments of the present invention, network interaction request is transmitted to corresponding mesh by mobile solution management platform
After marking server, if receiving the response data of destination server return, safety inspection can be carried out to the response data
It surveys, whether includes malicious code, yellow picture invalid information etc. such as detected in the response data, when not wrapped in the response data
When including the invalid informations such as malicious code, yellow picture, determine that testing result passes through for safety detection;It is wrapped when in the response data
When including the invalid informations such as malicious code, yellow picture, determine that testing result is that safety detection does not pass through.
If mobile solution management platform is in preset time(It can be arranged according to concrete scene)Destination service is not received
The response data that device returns, then mobile solution management platform can preserve network interaction request, and in follow-up process, in spy
In the case of fixed(When such as receiving the complaint to the mobile application, reporting message)Network interaction request is transmitted to target again
Server, and determine whether that response data can be received, and when receiving response data, safety inspection is carried out to response data
It surveys.
Wherein, in embodiments of the present invention, when mobile solution management platform receives the number of responses of destination server return
According to, and be that safety detection is obstructed out-of-date to the testing result of the safety detection of response data, mobile solution management platform can
To send alarm information to monitoring module.
Process flow of the mobile application security management and control technical solution provided in an embodiment of the present invention in monitoring module side can be with
As shown in Fig. 2, may comprise steps of:
Monitoring module in step 201, mobile application intercepts the network interaction request of the mobile application.
The network interaction is asked to replicate and is transmitted to mobile solution management platform by step 202, monitoring module, so that the shifting
Network interaction request is transmitted to the corresponding destination server of the mobile application by dynamic application management platform, and is worked as and received the shifting
When the response data of the corresponding destination server of dynamic application, safety detection is carried out to the response data.
Wherein, in embodiments of the present invention, after monitoring module has intercepted the network interaction request of mobile application, on the one hand
As described above the network interaction can be asked to replicate and be transmitted to mobile solution management platform;On the other hand, the monitoring
Module can also carry out the processing such as mode one or mode two:
Network interaction request is transmitted to the corresponding destination server of the mobile application, and worked as by mode one, monitoring module
When receiving the response data of destination server return, the response data is cached, and not directly by the response data in the shifting
It is shown on the display interface of terminal device where dynamic application;When network interaction request is being transmitted to mobile application pipe by monitoring module
In preset time after platform, when receiving the alarm information of mobile solution management platform, which forbids should
Response data is being shown where the mobile application on the display interface of terminal device(I.e. not by the response data in the mobile application
It is shown on the display interface of place terminal device);When monitoring module is transmitted to mobile application management and puts down by network interaction request
In preset time after platform, when not receiving the alarm information of mobile solution management platform, the monitoring module is by the number of responses
According to being shown on the display interface of terminal device where the mobile application.
Mode two, monitoring module cache network interaction request, when network interaction request is being transmitted to shifting by monitoring module
In preset time after dynamic application management platform, when receiving the alarm information of mobile solution management platform, the monitoring module
Forbid network interaction request being transmitted to corresponding destination server(Network interaction request corresponding mesh is not transmitted to
Mark server);When monitoring module by network interaction request be transmitted to mobile solution management platform after preset time in, not
When receiving the alarm information of mobile solution management platform, which is transmitted to corresponding target by network interaction request
Server, and when receiving response data, by the response data the terminal device where the mobile application display interface
Upper display.
The technical solution that embodiment provides for a better understanding of the present invention, with reference to specific application scenarios to this hair
The technical solution that bright embodiment provides is described below in greater detail.
Referring to Fig. 3, for the system architecture diagram for the concrete application scene that the embodiment provides, the movement based on the system architecture
May include using the flow of security control method:
1, app is submitted to mobile solution management platform by developer, and mobile solution management platform carries out the safety of app
Detection;
2, after the safety for determining app, monitoring module is embedded in by mobile management platform by means such as decompiling insertions
App, the main function of the monitoring module are the all-network operations that can supervise and intercept the app;
3, after App publications, user downloads app from application management platform and runs, app own modules(I.e. existing app is original
The module just having)When carrying out net interaction, the monitored module monitors of network interaction request intercept;
4, monitoring module on the one hand by the network interaction request directly it is transparent send, that is, be sent to destination server;
On the other hand, network interaction is asked to replicate and is transmitted to mobile solution management platform;
5, after mobile solution management platform receives network interaction request, it is corresponding that network interaction request is transmitted to app
Destination server, to obtain response data;
If 6, mobile solution management platform can get response data, its content is analyzed, includes mainly(Binary code,
The information such as picture, word), detect whether that there are malicious codes, the invalid informations such as yellow picture etc. by security related tool.
If 7, mobile solution management platform can not obtain response data, network interaction request is preserved, for thing
After trace.
If 8, mobile solution management platform detects that response data is dangerous(I.e. the testing result of safety detection is safety
Property detection do not pass through), then alarm information is sent to monitoring module, so that subsequent operation refers to.
Wherein, in this embodiment, in step 4, after network interaction request is transmitted to destination server by monitoring module, when
When receiving the response message of destination server return, the response message is first cached, and be transmitted to when by network interaction request
When not receiving alarm information in the preset time after mobile solution management platform, by the response message where mobile application
The display interface of terminal device is shown;Otherwise, response message display interface of terminal device where mobile application is not shown
Show.
By above description as can be seen that in technical solution provided in an embodiment of the present invention, by safety detection
Embedded monitor code in mobile application after, the monitor code are used to monitor and intercept the all-network behaviour of the mobile application
Make;After the mobile application is issued to terminal device, when the mobile application sends network interaction request, which intercepts
The network interaction is asked, and the network interaction is asked to replicate and is transmitted to mobile solution management platform;Mobile application management is flat
After platform receives network interaction request, network interaction request is transmitted to the corresponding destination server of the mobile application, and work as
When receiving the response data of destination server return, safety detection is carried out to the response data, and according to testing result
Carrying out respective handling realizes in the case where installing monitoring software on the terminal device without user to the movement after publication
Using progress security management and control.
Based on the same technical idea, the embodiment of the present invention additionally provides a kind of mobile solution management platform, can apply
In above method embodiment.
As shown in figure 4, being a kind of structural schematic diagram of mobile solution management platform provided in an embodiment of the present invention, can wrap
It includes:
Embedded module 41, the mobile application for receiving the submission of application developers side when the mobile management platform, and
After passing through to the safety detection of the mobile application, embedded monitoring module, the monitoring module are used in the mobile application
Monitor and intercept the all-network operation of the mobile application;
Release module 42, for receiving answering the movement for terminal device transmission in the mobile solution management platform
When download is asked, the mobile application is handed down to the terminal device;
Sending module 43 turns for receiving the monitoring module in the mobile application when the mobile solution management platform
When the network interaction request of hair, network interaction request is transmitted to the corresponding destination server of the mobile application;
Processing module 44 receives the corresponding destination service of the mobile application for working as the mobile solution management platform
When the response data that device returns, safety detection is carried out to the response data, and carry out respective handling according to testing result.
Wherein, the embedded module 41 is specifically used for, embedded in the mobile application by way of decompiling insertion
Monitoring module.
Wherein, mobile solution management platform provided in an embodiment of the present invention further includes:
Cache module 45, for network interaction request to be transmitted to the mobile application pair in mobile solution management platform
After the destination server answered, if the mobile solution management platform does not receive the mobile application in preset time and corresponds to
Destination server return response data when, then preserve network interaction request.
Wherein, the processing module 44 is specifically used for, when the testing result is that safety detection is obstructed out-of-date, to described
Monitoring module sends alarm information.
Based on the same technical idea, the embodiment of the present invention additionally provides a kind of mobile application security management and control devices, can be with
Applied to above method embodiment.
As shown in figure 5, be a kind of structural schematic diagram of mobile application security management and control devices provided in an embodiment of the present invention, it should
It is embedded with monitoring module in the mobile application of mobile application security management and control devices, which may include:
Interception unit 51, the network interaction for intercepting the mobile application are asked;
First retransmission unit 52, for the network interaction to be asked to replicate and is transmitted to mobile solution management platform, with
Make the mobile solution management platform that network interaction request is transmitted to the corresponding destination server of the mobile application, and
When receiving the response data of the corresponding destination server of the mobile application, safety detection is carried out to the response data.
Wherein, in one embodiment of this invention referring to Fig. 6 A, which can also include:
Second retransmission unit 53, after the network interaction for intercepting the mobile application in the monitoring module is asked,
The mobile application is transmitted to the corresponding destination server of the mobile application, and caches the response data received;
First processing units 54, for working as the monitoring module, that the mobile application management is received in preset time is flat
When the alarm information that platform is sent, forbid showing the response data where the mobile application on the display interface of terminal device
Show;Wherein, it is safety detection that the alarm information, which is the mobile solution management platform in the testing result of safety detection,
It is obstructed out-of-date, it is sent to the monitoring module.
Wherein, the first processing units 54 are additionally operable to, when the monitoring module do not received in preset time it is described
When the alarm information that mobile solution management platform is sent, by the response data in the aobvious of terminal device where the mobile application
Show and is shown on interface.
Wherein, referring to Fig. 6 B, in an alternative embodiment of the invention, which can also include:
Buffer unit 55, after the network interaction for intercepting the mobile application in the interception unit is asked, caching
The network interaction request;
Second processing unit 56, for working as the monitoring module, that the mobile application management is received in preset time is flat
When the alarm information that platform is sent, forbid network interaction request being transmitted to the corresponding destination server of the mobile application;
Wherein, the alarm information is that the mobile solution management platform is obstructed for safety detection in the testing result of safety detection
It is out-of-date, it is sent to the monitoring module.
Wherein, the second processing unit 56 is additionally operable to, when the monitoring module do not received in preset time it is described
When the alarm information that mobile solution management platform is sent, network interaction request is transmitted to the corresponding mesh of the mobile application
Mark server.
Through the above description of the embodiments, those skilled in the art can be understood that the present invention can be by
Software adds the mode of required general hardware platform to realize, naturally it is also possible to which by hardware, but the former is more in many cases
Good embodiment.Based on this understanding, technical scheme of the present invention substantially in other words contributes to the prior art
Part can be expressed in the form of software products, which is stored in a storage medium, if including
Dry instruction is used so that a station terminal equipment(Can be mobile phone, personal computer, server or the network equipment etc.)Execute sheet
Invent the method described in each embodiment.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered
Depending on protection scope of the present invention.
Claims (18)
1. a kind of mobile application security management-control method, which is characterized in that including:
When mobile solution management platform receives the mobile application of application developers side submission, and to the safety of the mobile application
Property detection pass through after, the embedded monitoring module in the mobile application, the monitoring module is for monitoring and intercepting the mobile application
All-network operation;
When the download to the mobile application that the mobile solution management platform receives terminal device transmission is asked, by institute
It states mobile application and is handed down to the terminal device;
When the mobile solution management platform receives the network interaction request of the forwarding of the monitoring module in the mobile application,
Network interaction request is transmitted to the corresponding destination server of the mobile application;Wherein, the network interaction request is institute
The monitoring module in mobile application is stated in the network interaction request for intercepting the mobile application, replicates and is transmitted to the shifting
Dynamic application management platform;
When the mobile solution management platform receives the response data that the corresponding destination server of the mobile application returns,
Safety detection is carried out to the response data, and carries out respective handling according to testing result.
2. the method as described in claim 1, which is characterized in that the mobile solution management platform is embedding in the mobile application
Enter monitoring module, specially:
The mobile solution management platform embedded monitoring module in the mobile application by way of decompiling insertion.
3. the method as described in claim 1, which is characterized in that the mobile solution management platform turns network interaction request
After issuing the corresponding destination server of the mobile application, further include:
If the mobile solution management platform does not receive the corresponding destination server of the mobile application in preset time and returns
When the response data returned, then the network interaction request is preserved.
4. the method as described in claim 1, which is characterized in that the mobile solution management platform carries out phase according to testing result
Should handle including:
When the testing result is that safety detection is obstructed out-of-date, the mobile solution management platform is sent to the monitoring module
Alarm information.
5. a kind of mobile application security management-control method, which is characterized in that be embedded with monitoring module, this method in the mobile application
Including:
Monitoring module in mobile application intercepts the network interaction request of the mobile application;
The network interaction is asked to replicate and is transmitted to mobile solution management platform by the monitoring module, so that the movement is answered
Network interaction request is transmitted to the corresponding destination server of the mobile application with management platform, and described when receiving
When the response data of the corresponding destination server of mobile application, safety detection is carried out to the response data.
6. method as claimed in claim 5, which is characterized in that the monitoring module in the mobile application intercepts the movement and answers
After network interaction request, further include:
The mobile application is transmitted to the corresponding destination server of the mobile application by the monitoring module, and is cached and received
Response data;
After the network interaction is asked duplication and is transmitted to mobile solution management platform by the monitoring module, further include:
It is described when the monitoring module receives the alarm information that the mobile solution management platform is sent in preset time
Monitoring module is forbidden showing the response data where the mobile application on the display interface of terminal device;Wherein, institute
It is that the mobile solution management platform is obstructed out-of-date for safety detection in the testing result of safety detection to state alarm information, to
What the monitoring module was sent.
7. method as claimed in claim 6, which is characterized in that this method further includes:
When the monitoring module does not receive the alarm information that the mobile solution management platform is sent in preset time, institute
Monitoring module is stated to show the response data where the mobile application on the display interface of terminal device.
8. method as claimed in claim 5, which is characterized in that the monitoring module in the mobile application intercepts the movement and answers
After network interaction request, further include:
The monitoring module caches the network interaction request;
After the network interaction is asked duplication and is transmitted to mobile solution management platform by the monitoring module, further include:
It is described when the monitoring module receives the alarm information that the mobile solution management platform is sent in preset time
Monitoring module is forbidden network interaction request being transmitted to the corresponding destination server of the mobile application;Wherein, the announcement
It in the testing result of safety detection is that safety detection is obstructed out-of-date that alert message, which is the mobile solution management platform, to described
What monitoring module was sent.
9. method as claimed in claim 8, which is characterized in that this method further includes:
When the monitoring module does not receive the alarm information that the mobile solution management platform is sent in preset time, institute
It states monitoring module and network interaction request is transmitted to the corresponding destination server of the mobile application.
10. a kind of mobile solution management platform, which is characterized in that including:
Embedded module, the mobile application for receiving the submission of application developers side when the mobile management platform, and to described
After the safety detection of mobile application passes through, the embedded monitoring module in the mobile application, the monitoring module is for monitoring simultaneously
Intercept the all-network operation of the mobile application;
Release module, for the mobile solution management platform receive terminal device transmission under the mobile application
When carrying request, the mobile application is handed down to the terminal device;
Sending module, the monitoring module for being received when the mobile solution management platform in the mobile application replicate and turn
When the network interaction request of hair, network interaction request is transmitted to the corresponding destination server of the mobile application;
Processing module receives the corresponding destination server return of the mobile application for working as the mobile solution management platform
Response data when, safety detection is carried out to the response data, and carries out respective handling according to testing result.
11. mobile solution management platform as claimed in claim 10, which is characterized in that
The embedded module is specifically used for, and monitoring module is embedded in the mobile application by way of decompiling insertion.
12. mobile solution management platform as claimed in claim 10, which is characterized in that further include:
Cache module, for network interaction request to be transmitted to the corresponding mesh of the mobile application in mobile solution management platform
After marking server, if the mobile solution management platform does not receive the corresponding target of the mobile application in preset time
When the response data that server returns, then the network interaction request is preserved.
13. mobile solution management platform as claimed in claim 10, which is characterized in that
The processing module is specifically used for, when the testing result be safety detection it is obstructed out-of-date, to the monitoring module send out
Send alarm information.
14. a kind of mobile application security management and control devices, which is characterized in that the mobile application of the mobile application security management and control devices
In be embedded with monitoring module, wherein the monitoring module includes:
Interception unit, the network interaction for intercepting the mobile application are asked;
First retransmission unit, for asking to replicate by the network interaction and being transmitted to mobile solution management platform, so that described
Network interaction request is transmitted to the corresponding destination server of the mobile application by mobile solution management platform, and when reception
To the corresponding destination server of the mobile application response data when, to the response data carry out safety detection.
15. mobile application security management and control devices as claimed in claim 14, which is characterized in that the monitoring module further includes:
Second retransmission unit will be described after the network interaction for intercepting the mobile application in the monitoring module is asked
Mobile application is transmitted to the corresponding destination server of the mobile application, and caches the response data received;
First processing units receive the mobile solution management platform transmission for working as the monitoring module in preset time
Alarm information when, forbid showing the response data where the mobile application on the display interface of terminal device;Its
In, the alarm information is that the mobile solution management platform does not pass through in the testing result of safety detection for safety detection
When, it is sent to the monitoring module.
16. mobile application security management and control devices as claimed in claim 15, which is characterized in that
The first processing units are additionally operable to, when the monitoring module does not receive the mobile application management in preset time
When the alarm information that platform is sent, the response data is being shown where the mobile application on the display interface of terminal device
Show.
17. mobile application security management and control devices as claimed in claim 14, which is characterized in that the monitoring module further includes:
Buffer unit caches the net after the network interaction for intercepting the mobile application in the interception unit is asked
Network interaction request;
Second processing unit receives the mobile solution management platform transmission for working as the monitoring module in preset time
Alarm information when, forbid by the network interaction request be transmitted to the corresponding destination server of the mobile application;Wherein, institute
It is that the mobile solution management platform is obstructed out-of-date for safety detection in the testing result of safety detection to state alarm information, to
What the monitoring module was sent.
18. mobile application security management and control devices as claimed in claim 17, which is characterized in that
The second processing unit is additionally operable to, when the monitoring module does not receive the mobile application management in preset time
When the alarm information that platform is sent, network interaction request is transmitted to the corresponding destination server of the mobile application.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310631217.8A CN104683996B (en) | 2013-11-29 | 2013-11-29 | A kind of mobile application security management-control method and equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310631217.8A CN104683996B (en) | 2013-11-29 | 2013-11-29 | A kind of mobile application security management-control method and equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104683996A CN104683996A (en) | 2015-06-03 |
CN104683996B true CN104683996B (en) | 2018-07-24 |
Family
ID=53318448
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310631217.8A Active CN104683996B (en) | 2013-11-29 | 2013-11-29 | A kind of mobile application security management-control method and equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104683996B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102024127A (en) * | 2010-11-17 | 2011-04-20 | 中国联合网络通信集团有限公司 | Control platform, user terminal, distribution system and method of application software |
CN102110220A (en) * | 2011-02-14 | 2011-06-29 | 宇龙计算机通信科技(深圳)有限公司 | Application program monitoring method and device |
CN103279706A (en) * | 2013-06-07 | 2013-09-04 | 北京奇虎科技有限公司 | Method and device for intercepting installation of Android application program in mobile terminal |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060179484A1 (en) * | 2005-02-09 | 2006-08-10 | Scrimsher John P | Remediating effects of an undesired application |
-
2013
- 2013-11-29 CN CN201310631217.8A patent/CN104683996B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102024127A (en) * | 2010-11-17 | 2011-04-20 | 中国联合网络通信集团有限公司 | Control platform, user terminal, distribution system and method of application software |
CN102110220A (en) * | 2011-02-14 | 2011-06-29 | 宇龙计算机通信科技(深圳)有限公司 | Application program monitoring method and device |
CN103279706A (en) * | 2013-06-07 | 2013-09-04 | 北京奇虎科技有限公司 | Method and device for intercepting installation of Android application program in mobile terminal |
Also Published As
Publication number | Publication date |
---|---|
CN104683996A (en) | 2015-06-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8051480B2 (en) | System and method for monitoring and analyzing multiple interfaces and multiple protocols | |
CN106339309B (en) | Application program testing method, client and system | |
CN104484259A (en) | Application program traffic monitoring method and device, and mobile terminal | |
CN104883680B (en) | A kind of data guard method and user terminal | |
KR20070099201A (en) | Method of security management for mobile wireless device and apparatus for security management using the same | |
EP2755157A1 (en) | Detecting undesirable content | |
CN104641377A (en) | Data loss prevention for mobile computing devices | |
CN109347882B (en) | Webpage Trojan horse monitoring method, device, equipment and storage medium | |
CN106341373B (en) | Method and apparatus for detecting and preventing malicious clicks on advertisement links | |
US10567395B2 (en) | Detection of potentially malicious web content by emulating user behavior and user environment | |
CN106156611A (en) | The dynamic analysing method of smart mobile phone application program and system | |
US10623450B2 (en) | Access to data on a remote device | |
CN105430747A (en) | Communication method, device and system | |
KR20130066901A (en) | Apparatus and method for analyzing malware in data analysis system | |
CN107948199A (en) | A kind of method and device being used for quickly detecting to terminal shared access | |
US11636198B1 (en) | System and method for cybersecurity analyzer update and concurrent management system | |
CN104992116B (en) | Monitoring method based on intent sniffer and system | |
KR102159399B1 (en) | Device for monitoring web server and analysing malicious code | |
CN102572814A (en) | Method, system and device for monitoring viruses in mobile terminal | |
CN104462242A (en) | Webpage reflow quantity counting method and device | |
CN108228457B (en) | Test agent method and device of mobile terminal and computer readable storage medium | |
WO2015037850A1 (en) | Device and method for detecting url call | |
KR102314557B1 (en) | System for managing security control and method thereof | |
CN104683996B (en) | A kind of mobile application security management-control method and equipment | |
CN103281288B (en) | A kind of SMSCallFilter system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |