CN105678161A - Installation monitoring method and apparatus of applications - Google Patents

Installation monitoring method and apparatus of applications Download PDF

Info

Publication number
CN105678161A
CN105678161A CN201510982927.4A CN201510982927A CN105678161A CN 105678161 A CN105678161 A CN 105678161A CN 201510982927 A CN201510982927 A CN 201510982927A CN 105678161 A CN105678161 A CN 105678161A
Authority
CN
China
Prior art keywords
terminal
application program
packet
service device
preset service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510982927.4A
Other languages
Chinese (zh)
Inventor
熊昱之
刘海粟
范晓草
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201510982927.4A priority Critical patent/CN105678161A/en
Publication of CN105678161A publication Critical patent/CN105678161A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephone Function (AREA)

Abstract

The present invention provides an installation monitoring method and apparatus of applications. The method comprises the steps of intercepting a to-be-installed application data packet pushed to a second terminal from a first terminal; analyzing the data packet, obtaining analysis data, and transmitting the analysis data to a preset server so as to enable the preset server to detect the analysis data according to a preset strategy; and obtaining a detection result returned by the preset server, and determining whether allowing the first terminal to push the to-be-installed application data packet to the second terminal according to the detection result. Popularization applications or malicious applications are prevented from being pushed to the second terminal, safety of information data in the second terminal is increased, the popularization applications in the second terminal can also be reduced, users are prevented from being disturbed, and user experience is improved.

Description

A kind of installation monitoring method of application program and device
Technical field
The present invention relates to Internet technical field, particularly relate to installation monitoring method and the device of a kind of application program.
Background technology
Along with the frequency of being on the increase of application program, terminal downloads set up applications is increasing, it is convenient that application program provides for the life of user to a certain extent.
In prior art, user is when to terminal downloads set up applications, generally can pass through exterior terminal, such as computer sends application program to mobile phone terminal and installs file, install in the process of file at computer to mobile phone terminal pushing application program, owing to the kind of application program is more, user cannot application programs classify, some application program additionally also can exist the application program hidden being associated with this application program, some application programs are some popularization and application program or malicious application, when after some useless popularization and application programs of user installation, in use can reduce the experience of user, when after some malicious application of user installation, the terminal that user can be used undoubtedly has undesirable effect, even cause leakage of personal information.
Summary of the invention
For the drawbacks described above existed in prior art, it is proposed that solve installation monitoring method and the device of a kind of application program of above-mentioned technical problem.
First aspect, the invention provides the installation supervising device of a kind of application program, including:
Blocking module, for intercepting the packet of the application program to be installed that first terminal pushes to the second terminal;
Data resolution module, for described packet is resolved, obtains resolution data;
First sending module, for sending preset service device by described resolution data, so that described resolution data is detected by described preset service device according to preset strategy;
Acquisition module, for obtaining the testing result that described preset service device returns;
Monitoring module, for according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal.
Optionally, described monitoring module, it is used for:
When receiving the instruction allowing installation that described preset service device returns, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
Optionally, described device also includes: sending module, for, after receiving the instruction allowing to install that described preset service device returns, sending for being confirmed whether the pop-up installing application program to be installed to described second terminal;
Described monitoring module, is additionally operable to when receiving the instruction of the confirmation that user triggers in described pop-up, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
Optionally, described monitoring module, it is used for:
When receiving the instruction stoping installation that described preset service device returns, described first terminal is stoped to push the packet of described application program to be installed to the second terminal.
Optionally, described data resolution module, it is used for:
Described packet is resolved, obtains the source path of described application program to be installed, destination path, title and/or MD5 value.
Optionally, described first terminal is PC terminal, and described second terminal is Android terminal;
Accordingly, described blocking module, it is used for:
Intercept the packet of the application program to be installed that described PC terminal is pushed to described Android terminal by ADB agreement.
Second aspect, present invention also offers the installation of a kind of application program monitoring method, including:
Intercept the packet of the application program to be installed that first terminal pushes to the second terminal;
Described packet is resolved, obtains resolution data, and described resolution data is sent preset service device, so that described resolution data is detected according to preset strategy by described preset service device;
Obtain the testing result that described preset service device returns, and according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal.
Optionally, the testing result that the described preset service device of described acquisition returns, and according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal, including:
If receiving the instruction allowing to install that described preset service device returns, then described first terminal is allowed to push the packet of described application program to be installed to the second terminal.
Optionally, after receiving the instruction allowing to install that described preset service device returns, described method also includes:
Send for being confirmed whether the pop-up installing application program to be installed to described second terminal;
When receiving the instruction of the confirmation that user triggers in described pop-up, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
Optionally, the testing result that the described preset service device of described acquisition returns, and according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal, including:
If receiving the instruction stoping installation that described preset service device returns, then described first terminal is stoped to push the packet of described application program to be installed to the second terminal.
Optionally, described described packet is resolved, obtain resolution data, including:
Described packet is resolved, obtains the source path of described application program to be installed, destination path, title and/or MD5 value.
Optionally, described first terminal is PC terminal, and described second terminal is Android terminal;
Accordingly, the packet of the application program to be installed that described interception first terminal pushes to the second terminal, including:
Intercept the packet of the application program to be installed that described PC terminal is pushed to described Android terminal by ADB agreement.
As shown from the above technical solution, the present invention provides installation monitoring method and the device of a kind of application program, when first terminal pushes the packet of application program to be installed to the second terminal, intercept this packet, by resolution data bag, and the data in this packet are detected, popularization and application program or malicious application is stoped to push to the second terminal, improve the safety of the second terminal internal information data, also make the popularization and application program in the second terminal reduce simultaneously, avoid bothering user, improve Consumer's Experience.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, the accompanying drawing used required in embodiment or description of the prior art will be briefly described below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the premise not paying creative work, it is also possible to obtain other accompanying drawing according to these figure.
The schematic flow sheet installing monitoring method of a kind of application program that Fig. 1 provides for one embodiment of the invention;
The schematic flow sheet installing monitoring method of a kind of application program that Fig. 2 provides for another embodiment of the present invention;
The schematic diagram of the pop-up that Fig. 3 provides for one embodiment of the invention;
The structural representation installing supervising device of a kind of application program that Fig. 4 provides for one embodiment of the invention.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only a part of embodiment of the present invention, rather than whole embodiments. Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art obtain under not making creative work premise, broadly fall into the scope of protection of the invention.
Fig. 1 illustrates the schematic flow sheet installing monitoring method of a kind of application program that one embodiment of the invention provides, as it is shown in figure 1, the method comprises the following steps:
101, the packet of the application program to be installed that first terminal pushes is intercepted to the second terminal.
First terminal in the present embodiment can be understood as PC terminal, and the second terminal can be understood as mobile phone terminal, and the mobile phone terminal in the present embodiment is all illustrated with the mobile phone terminal of android system.
102, described packet is resolved, obtain resolution data, and described resolution data is sent preset service device, so that described resolution data is detected according to preset strategy by described preset service device.
Due to push products; general user is without wishing to being arranged in mobile phone terminal by substantial amounts of malicious application or popularization and application program; malicious application can make the mobile phone terminal speed of service slack-off; data safety index in mobile phone terminal reduces; the practicality of popularization and application program is not high; and sometimes also constantly can push substantial amounts of advertisement to user, when user uses mobile phone terminal, often there is the problem perplexed by advertisement. Therefore, the program that first terminal is pushed detects, and so can pass through to detect the malicious application intercepted to the second terminal propelling movement and popularization and application program, improve the safety of the second data in terminal.
103, the testing result that described preset service device returns is obtained, and according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal.
Said method is when first terminal pushes the packet of application program to be installed to the second terminal, intercept this packet, by resolution data bag, and the data in this packet are detected, determine whether that the second terminal pushes the packet of application program to be installed, popularization and application program or malicious application is stoped to push to the second terminal, improve the safety of the second terminal internal information data, also make the popularization and application program in the second terminal reduce simultaneously, avoid bothering user, improve Consumer's Experience.
Below by specific embodiment, said method is described in detail, as in figure 2 it is shown, the method comprises the following steps:
201, the packet of the application program to be installed that first terminal pushes is intercepted to the second terminal.
First terminal in the present embodiment is PC terminal, and the second terminal is Android terminal;
Above-mentioned steps 201 can be understood as the packet intercepting the application program to be installed that described PC terminal is pushed to described Android terminal by ADB agreement.
Will be understood that, PC terminal generally has two paths to Android terminal pushing application program, Article 1, path is an existing application program in original Android terminal, PC terminal pushes the application program being associated with this application program by the mounted application program of Android terminal to Android terminal, such as, Android terminal includes XX chat software, PC terminal can push the application programs such as XX game, XX music according to XX chat software to Android terminal, to meet the practicality of Android terminal. Article 2 path is by ADB agreement, when PC terminal is to Android terminal pushing application program, be equivalent to the packet by the data-interface transfer characteristic agreement in PC terminal, then pass through ADB agency and be sent to Android terminal, at this moment the operating system of Android terminal can resolve the packet of reception, is transmitted the operation of file.
202, described packet is resolved, obtain resolution data, and described resolution data is sent preset service device, so that described resolution data is detected according to preset strategy by described preset service device.
Receiving packet, before this packet is transferred to Android terminal, the packet received by ADB agreement is resolved by the present embodiment, in order to packet is resolved, first have to obtain the source path of packet (can be understood as application program to be installed), destination path, title and/or MD5 value.
Above-mentioned resolution data is sent preset service device, it is possible to adopt various ways, illustrate in following two mode below.
First kind of way is local implementation, and namely the detection to resolution data is to complete in this locality;
For realizing the detection of resolution data is completed in this locality, first described preset strategy can be stored in this locality, when resolution data is determined, just can directly according to the preset strategy being stored in this locality, resolution data be determined, owing to which completes in this locality, so can realize without connecting network, relatively simple in realization;
The second way is cloud inquiry mode, namely the detection of resolution data is realized by cloud inquiry;
Realized by cloud inquiry for realizing the detection to resolution data, first described preset strategy can be stored in Cloud Server, when carrying out cloud inquiry, the feature of the feature of described historical progress with the process being currently running is sent to Cloud Server, resolution data is detected according to the preset strategy having by Cloud Server, receive the testing result sent by Cloud Server again, owing to the detection of resolution data being completed by which beyond the clouds, so without in locally stored preset strategy, resolution data is determined without in this locality, not only save the memory space of this locality, and reduce the processing pressure of this locality.
Certainly, in realization, the detection of resolution data also can being adopted other modes, this is not any limitation as and illustrates by the embodiment of the present invention.
Resolution data is carried out detection and can detect in the following ways by above-mentioned preset service device, and certainly, the present embodiment is only used for illustrating, but is not limited in the following ways.
According to the source path of above-mentioned acquisition packet, destination path, title and/or MD5 value, resolution data is carried out cluster analysis, determines whether the application program that this resolution data bag is corresponding is malicious application or popularization and application program according to the result of described analysis.
A kind of mode is the determination methods to popularization and application program, in judge the judgement whether application program that packet is corresponding is popularization and application program mentioned by the preset strategy in server, such as, when detecting that frequency that the packet comprising same title occurs within the same time period is more than predeterminated frequency, then think that application program corresponding to the packet comprising this title is popularization and application program, this considers that general popularization and application program can concentrate pushing to user of batch, at this moment if it find that certain application program 7:00-9:00 time period at night in a large number to Android terminal push, then think that the application program of this propelling movement is popularization and application program, can certainly judge according to the MD5 value etc. treating pushing application program, or by resolution data bag, by the source path of resolution data, destination path, title, and/or MD5 value mates with the list in popularization and application program in preset strategy, assume the title including resolution data in this list, or MD5 value is identical, or source path is all identical with destination path, then think that application program corresponding to this resolution data is popularization and application program, certainly existing certain methods can also be adopted whether application program to be detected is that popularization and application program carries out detection judgement, the present embodiment is no longer described in detail.
Another way is the determination methods to malicious application, specifically can pass through to previously generate the training pattern identifying malicious application or training pattern set, then again through in this training pattern or training pattern set, receive the packet treating pushing application program, this packet is detected.
Wherein generate and identify that the training pattern of malicious application or training pattern set can be accomplished by: extract the feature of resolution data in a large amount of existing set up applications packet, and feature is classified. Result according to classification, uses different decision machines to be trained inhomogeneity another characteristic, generates training pattern or training pattern set for identifying malicious application. Wherein, generation training pattern or training pattern set can adopt the mode of vector machine of the prior art, it would however also be possible to employ other modes, it is not defined by the present embodiment.
By the model after above-mentioned training, using application program to be detected as input, then can directly obtain testing result, certainly, if it is determined that application program to be detected is malicious application, then preset service device returns the instruction not allowing to install, if judging, application program to be detected is non-malicious application program, then preset service device returns the instruction allowing to install.
Whether what 203, judgement received the return of described preset service device is the instruction allowing to install, and if so, then performs step 204; Otherwise, step 205 is performed.
204, described first terminal is allowed to push the packet of described application program to be installed to the second terminal.
In a particular application, can also after receiving the instruction allowing to install that preset service device sends, the pop-up confirmed is sent to the second terminal, send this pop-up user to be made to reaffirm whether install, avoiding because of the less experience affecting user of the second tag memory, therefore above-mentioned steps 204 can also include following sub-step.
2041, send for being confirmed whether the pop-up installing application program to be installed to described second terminal.
As it is shown on figure 3, this pop-up can include " XX program is prepared on XX mobile phone installation XX software, if allow to install? "
2042, when receiving the instruction of the confirmation that user triggers in described pop-up, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
When receiving the instruction of the confirmation that user triggers in pop-up, when namely clicking "Yes", illustrate that user agrees to install the packet of this application program to be installed.
205, described first terminal is stoped to push the packet of described application program to be installed to the second terminal.
When receiving the instruction of the prevention that user triggers in pop-up, when namely clicking "No", illustrate that user disagrees the packet installing this application program to be installed.
Fig. 4 illustrates the structural representation installing supervising device of a kind of application program that the embodiment of the present invention provides, and as shown in Figure 4, this device includes:
Blocking module 41, for intercepting the packet of the application program to be installed that first terminal pushes to the second terminal;
Data resolution module 42, for described packet is resolved, obtains resolution data;
First sending module 43, for sending preset service device by described resolution data, so that described resolution data is detected by described preset service device according to preset strategy;
Acquisition module 44, for obtaining the testing result that described preset service device returns;
Monitoring module 45, for according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal.
One of the present embodiment preferred embodiment in, described monitoring module, be used for:
When receiving the instruction allowing installation that described preset service device returns, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
One of the present embodiment preferred embodiment in, described device also includes: sending module, for, after receiving the instruction allowing to install that described preset service device returns, sending for being confirmed whether the pop-up installing application program to be installed to described second terminal;
Described monitoring module, is additionally operable to when receiving the instruction of the confirmation that user triggers in described pop-up, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
One of the present embodiment preferred embodiment in, it is characterised in that described monitoring module, be used for:
When receiving the instruction stoping installation that described preset service device returns, described first terminal is stoped to push the packet of described application program to be installed to the second terminal.
One of the present embodiment preferred embodiment in, described data resolution module, be used for:
Described packet is resolved, obtains the source path of described application program to be installed, destination path, title and/or MD5 value.
One of the present embodiment preferred embodiment in, described first terminal is PC terminal, and described second terminal is Android terminal;
Accordingly, described blocking module, it is used for:
Intercept the packet of the application program to be installed that described PC terminal is pushed to described Android terminal by ADB agreement.
Embodiment of the invention discloses that:
A1, a kind of application program installation supervising device, it is characterised in that including:
Blocking module, for intercepting the packet of the application program to be installed that first terminal pushes to the second terminal;
Data resolution module, for described packet is resolved, obtains resolution data;
First sending module, for sending preset service device by described resolution data, so that described resolution data is detected by described preset service device according to preset strategy;
Acquisition module, for obtaining the testing result that described preset service device returns;
Monitoring module, for according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal.
A2, device according to A1, it is characterised in that described monitoring module, be used for:
When receiving the instruction allowing installation that described preset service device returns, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
A3, device according to A2, it is characterized in that, described device also includes: sending module, for, after receiving the instruction allowing to install that described preset service device returns, sending for being confirmed whether the pop-up installing application program to be installed to described second terminal;
Described monitoring module, is additionally operable to when receiving the instruction of the confirmation that user triggers in described pop-up, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
A4, device according to A1, it is characterised in that described monitoring module, be used for:
When receiving the instruction stoping installation that described preset service device returns, described first terminal is stoped to push the packet of described application program to be installed to the second terminal.
A5, device according to A1, it is characterised in that described data resolution module, be used for:
Described packet is resolved, obtains the source path of described application program to be installed, destination path, title and/or MD5 value.
A6, device according to any one of A1-5, it is characterised in that described first terminal is PC terminal, and described second terminal is Android terminal;
Accordingly, described blocking module, it is used for:
Intercept the packet of the application program to be installed that described PC terminal is pushed to described Android terminal by ADB agreement.
B7, a kind of application program installation monitoring method, it is characterised in that including:
Intercept the packet of the application program to be installed that first terminal pushes to the second terminal;
Described packet is resolved, obtains resolution data, and described resolution data is sent preset service device, so that described resolution data is detected according to preset strategy by described preset service device;
Obtain the testing result that described preset service device returns, and according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal.
B8, method according to B1, it is characterised in that the testing result that the described preset service device of described acquisition returns, and according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal, including:
If receiving the instruction allowing to install that described preset service device returns, then described first terminal is allowed to push the packet of described application program to be installed to the second terminal.
B9, method according to B8, it is characterised in that after receiving the instruction allowing to install that described preset service device returns, described method also includes:
Send for being confirmed whether the pop-up installing application program to be installed to described second terminal;
When receiving the instruction of the confirmation that user triggers in described pop-up, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
B10, method according to B7, it is characterized in that, the testing result that the described preset service device of described acquisition returns, and according to described testing result, determine whether that described first terminal pushes the packet of described application program to be installed to the second terminal, including:
If receiving the instruction stoping installation that described preset service device returns, then described first terminal is stoped to push the packet of described application program to be installed to the second terminal.
B11, method according to B7, it is characterised in that described described packet is resolved, obtain resolution data, including:
Described packet is resolved, obtains the source path of described application program to be installed, destination path, title and/or MD5 value.
B12, method according to any one of B7-11, it is characterised in that described first terminal is PC terminal, and described second terminal is Android terminal;
Accordingly, the packet of the application program to be installed that described interception first terminal pushes to the second terminal, including:
Intercept the packet of the application program to be installed that described PC terminal is pushed to described Android terminal by ADB agreement.
It should be noted that said apparatus and said method are one to one, the concrete implementation detail in said method is equally applicable to said apparatus, and the details that is embodied as of said apparatus is no longer described in detail by the present embodiment.
In the description of the present invention, describe a large amount of detail. It is to be appreciated, however, that embodiments of the invention can be put into practice when not having these details. In some instances, known method, structure and technology it are not shown specifically, in order to do not obscure the understanding of this description.
Similarly, it is to be understood that, one or more in order to what simplify that disclosure helping understands in each inventive aspect, herein above in the description of the exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or descriptions thereof sometimes. But, the method for the disclosure should not explained in reflecting an intention that namely the present invention for required protection requires feature more more than the feature being expressly recited in each claim. More precisely, as the following claims reflect, inventive aspect is in that all features less than single embodiment disclosed above. Therefore, it then follows claims of detailed description of the invention are thus expressly incorporated in this detailed description of the invention, wherein each claim itself as the independent embodiment of the present invention.
It will be understood by those skilled in the art that and can carry out the module in the equipment in embodiment adaptively changing and they being provided in one or more equipment that this embodiment is different. Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and multiple submodule or subelement or sub-component can be put them in addition. Except at least some in such feature and/or process or unit is mutually exclusive part, it is possible to adopt any combination that all processes or the unit of all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed any method or equipment are combined. Unless expressly stated otherwise, each feature disclosed in this specification (including adjoint claim, summary and accompanying drawing) can be replaced by the alternative features providing purpose identical, equivalent or similar.
In addition, those skilled in the art it will be appreciated that, although embodiments more described herein include some feature included in other embodiments rather than further feature, but the combination of the feature of different embodiment means to be within the scope of the present invention and form different embodiments. Such as, in the following claims, the one of any of embodiment required for protection can mode use in any combination.
The all parts embodiment of the present invention can realize with hardware, or realizes with the software module run on one or more processor, or realizes with their combination. It will be understood by those of skill in the art that the some or all functions of some or all parts in the equipment of a kind of browser terminal that microprocessor or digital signal processor (DSP) can be used in practice to realize according to embodiments of the present invention. The present invention is also implemented as part or all the equipment for performing method as described herein or device program (such as, computer program and computer program). The program of such present invention of realization can store on a computer-readable medium, or can have the form of one or more signal. Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or provides with any other form.
The present invention will be described rather than limits the invention to it should be noted above-described embodiment, and those skilled in the art can design alternative embodiment without departing from the scope of the appended claims. In the claims, any reference marks that should not will be located between bracket is configured to limitations on claims. Word " comprises " and does not exclude the presence of the element or step not arranged in the claims. Word "a" or "an" before being positioned at element does not exclude the presence of multiple such element. The present invention by means of including the hardware of some different elements and can realize by means of properly programmed computer. In the unit claim listing some devices, several in these devices can be through same hardware branch and specifically embody. Word first, second and third use do not indicate that any order. Can be title by these word explanations.
Last it is noted that various embodiments above is only in order to illustrate technical scheme, it is not intended to limit; Although the present invention being described in detail with reference to foregoing embodiments, it will be understood by those within the art that: the technical scheme described in foregoing embodiments still can be modified by it, or wherein some or all of technical characteristic is carried out equivalent replacement; And these amendments or replacement, do not make the essence of appropriate technical solution depart from the scope of various embodiments of the present invention technical scheme, it all should be encompassed in the middle of the claim of the present invention and the scope of description.

Claims (10)

1. the installation supervising device of an application program, it is characterised in that including:
Blocking module, for intercepting the packet of the application program to be installed that first terminal pushes to the second terminal;
Data resolution module, for described packet is resolved, obtains resolution data;
First sending module, for sending preset service device by described resolution data, so that described resolution data is detected by described preset service device according to preset strategy;
Acquisition module, for obtaining the testing result that described preset service device returns;
Monitoring module, for according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal.
2. device according to claim 1, it is characterised in that described monitoring module, is used for:
When receiving the instruction allowing installation that described preset service device returns, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
3. device according to claim 2, it is characterized in that, described device also includes: sending module, for, after receiving the instruction allowing to install that described preset service device returns, sending for being confirmed whether the pop-up installing application program to be installed to described second terminal;
Described monitoring module, is additionally operable to when receiving the instruction of the confirmation that user triggers in described pop-up, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
4. device according to claim 1, it is characterised in that described monitoring module, is used for:
When receiving the instruction stoping installation that described preset service device returns, described first terminal is stoped to push the packet of described application program to be installed to the second terminal.
5. device according to claim 1, it is characterised in that described data resolution module, is used for:
Described packet is resolved, obtains the source path of described application program to be installed, destination path, title and/or MD5 value.
6. the device according to any one of claim 1-5, it is characterised in that described first terminal is PC terminal, described second terminal is Android terminal;
Accordingly, described blocking module, it is used for:
Intercept the packet of the application program to be installed that described PC terminal is pushed to described Android terminal by ADB agreement.
7. the installation monitoring method of an application program, it is characterised in that including:
Intercept the packet of the application program to be installed that first terminal pushes to the second terminal;
Described packet is resolved, obtains resolution data, and described resolution data is sent preset service device, so that described resolution data is detected according to preset strategy by described preset service device;
Obtain the testing result that described preset service device returns, and according to described testing result, it is determined whether allow described first terminal to push the packet of described application program to be installed to the second terminal.
8. method according to claim 1, it is characterized in that, the testing result that the described preset service device of described acquisition returns, and according to described testing result, determine whether that described first terminal pushes the packet of described application program to be installed to the second terminal, including:
If receiving the instruction allowing to install that described preset service device returns, then described first terminal is allowed to push the packet of described application program to be installed to the second terminal.
9. method according to claim 8, it is characterised in that after receiving the instruction allowing to install that described preset service device returns, described method also includes:
Send for being confirmed whether the pop-up installing application program to be installed to described second terminal;
When receiving the instruction of the confirmation that user triggers in described pop-up, it is allowed to described first terminal pushes the packet of described application program to be installed to the second terminal.
10. method according to claim 7, it is characterized in that, the testing result that the described preset service device of described acquisition returns, and according to described testing result, determine whether that described first terminal pushes the packet of described application program to be installed to the second terminal, including:
If receiving the instruction stoping installation that described preset service device returns, then described first terminal is stoped to push the packet of described application program to be installed to the second terminal.
CN201510982927.4A 2015-12-23 2015-12-23 Installation monitoring method and apparatus of applications Pending CN105678161A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510982927.4A CN105678161A (en) 2015-12-23 2015-12-23 Installation monitoring method and apparatus of applications

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510982927.4A CN105678161A (en) 2015-12-23 2015-12-23 Installation monitoring method and apparatus of applications

Publications (1)

Publication Number Publication Date
CN105678161A true CN105678161A (en) 2016-06-15

Family

ID=56189653

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510982927.4A Pending CN105678161A (en) 2015-12-23 2015-12-23 Installation monitoring method and apparatus of applications

Country Status (1)

Country Link
CN (1) CN105678161A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106845217A (en) * 2017-01-20 2017-06-13 四川中大云科科技有限公司 A kind of detection method of Android application malicious act
CN106897169A (en) * 2017-02-20 2017-06-27 北京奇虎科技有限公司 A kind of data reconstruction method and device
CN110875933A (en) * 2018-08-29 2020-03-10 阿里巴巴集团控股有限公司 Information matching confirmation method and device
CN111107089A (en) * 2019-12-23 2020-05-05 成都三零瑞通移动通信有限公司 Method and device for protecting data transmission safety of Android system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050182924A1 (en) * 2004-02-17 2005-08-18 Microsoft Corporation User interface accorded to tiered object-related trust decisions
CN103279706A (en) * 2013-06-07 2013-09-04 北京奇虎科技有限公司 Method and device for intercepting installation of Android application program in mobile terminal
CN103632096A (en) * 2013-11-29 2014-03-12 北京奇虎科技有限公司 Method and device for carrying out safety detection on equipment
CN104424023A (en) * 2013-09-11 2015-03-18 阿里巴巴集团控股有限公司 Method and device for providing application programs and user recommend information

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050182924A1 (en) * 2004-02-17 2005-08-18 Microsoft Corporation User interface accorded to tiered object-related trust decisions
CN103279706A (en) * 2013-06-07 2013-09-04 北京奇虎科技有限公司 Method and device for intercepting installation of Android application program in mobile terminal
CN104424023A (en) * 2013-09-11 2015-03-18 阿里巴巴集团控股有限公司 Method and device for providing application programs and user recommend information
CN103632096A (en) * 2013-11-29 2014-03-12 北京奇虎科技有限公司 Method and device for carrying out safety detection on equipment

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106845217A (en) * 2017-01-20 2017-06-13 四川中大云科科技有限公司 A kind of detection method of Android application malicious act
CN106845217B (en) * 2017-01-20 2020-08-04 四川中大云科科技有限公司 Detection method for malicious behaviors of android application
CN106897169A (en) * 2017-02-20 2017-06-27 北京奇虎科技有限公司 A kind of data reconstruction method and device
CN106897169B (en) * 2017-02-20 2020-03-10 北京安云世纪科技有限公司 Data recovery method and device
CN110875933A (en) * 2018-08-29 2020-03-10 阿里巴巴集团控股有限公司 Information matching confirmation method and device
CN110875933B (en) * 2018-08-29 2022-05-10 阿里巴巴集团控股有限公司 Information matching confirmation method and device
CN111107089A (en) * 2019-12-23 2020-05-05 成都三零瑞通移动通信有限公司 Method and device for protecting data transmission safety of Android system
CN111107089B (en) * 2019-12-23 2022-03-11 成都三零瑞通移动通信有限公司 Method and device for protecting data transmission safety of Android system

Similar Documents

Publication Publication Date Title
US10182324B2 (en) Contextual deep linking of applications
EP2839406B1 (en) Detection and prevention of installation of malicious mobile applications
EP2755157B1 (en) Detecting undesirable content
CN102332071B (en) Methods and devices for discovering suspected malicious information and tracking malicious file
CN102594623B (en) The data detection method of fire compartment wall and device
CN105678161A (en) Installation monitoring method and apparatus of applications
US8683595B1 (en) Systems and methods for detecting potentially malicious content within near field communication messages
CN104503841A (en) Process clearing method and process clearing device
CN103093148A (en) Detection method, system and device of malicious advertisements
CN109379445A (en) A kind of sending method and device of PUSH message
CN106709336A (en) Method and apparatus for identifying malware
US10567395B2 (en) Detection of potentially malicious web content by emulating user behavior and user environment
CN103049697A (en) File detection method and system for enterprises
CN104765682A (en) Offline detection method and system for cross-site scripting vulnerability
KR101657667B1 (en) Malicious app categorization apparatus and malicious app categorization method
CN105681124A (en) Network speed detection method and device
CN103984697A (en) Barcode information processing method, device and system
CN103500114A (en) Method and device for installing application program
CN104992116B (en) Monitoring method based on intent sniffer and system
EP3834113B1 (en) Detecting security risks in binary software code
CN102156650A (en) Method and device capable of implementing automatic analysis of patch
CN104966020A (en) Eigenvector-based anti-virus detection method and system
CN103139169A (en) Virus detection system and method based on network behavior
CN105279091A (en) According-to-requirement tracking method based on dynamic taint analysis and device thereof
WO2015037850A1 (en) Device and method for detecting url call

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20160615