CN103065083A - Method and system for monitoring application program interface of intelligent mobile terminal - Google Patents
Method and system for monitoring application program interface of intelligent mobile terminal Download PDFInfo
- Publication number
- CN103065083A CN103065083A CN201310039310XA CN201310039310A CN103065083A CN 103065083 A CN103065083 A CN 103065083A CN 201310039310X A CN201310039310X A CN 201310039310XA CN 201310039310 A CN201310039310 A CN 201310039310A CN 103065083 A CN103065083 A CN 103065083A
- Authority
- CN
- China
- Prior art keywords
- programming interfaces
- application programming
- information
- application program
- threat
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a method and a system for monitoring an application program interface of an intelligent mobile terminal. The method comprises the following steps of: 1, starting the application program, transmitting call requesting information from the application program interface; and 2, determining whether the application program has threat or potential threat or not, if yes, returning no call requesting information to the application program interface, otherwise, returning the call requesting information to the application program interface. According to the invention, the application program is guaranteed not to generate the threat or the potential threat to the mobile terminal by monitoring the behavior of the application program and confirming whether or not to return the information which is expected to be obtained to the application program.
Description
Technical field
The present invention relates to software field, relate in particular to a kind of application programming interfaces method for supervising and system of intelligent mobile terminal.
Background technology
Along with the development of infotech, entire society begins to enter mobile Internet society at leisure.Intelligent mobile terminal on the market emerges in an endless stream, for example i Phone, Android mobile phone, BlackBerry etc.Apple is as whole field pioneer, and its unique business model outshines others, and the application shop of apple has become the application shop of smart mobile phone industry maximum.Along with the success of Apple, increasing tagger is also arranged on the market, use shop, blackberry, blueberry application shop etc. such as Android.
Complement each other in intelligent mobile terminal and the corresponding shop of using, so that each software engineer may become the software provider of using the shop, by uploading software for user's download to using the shop, the software product of function admirable not only can be provided for vast user, also might get interests by the owner who uses the shop.
But for mobile Internet, security is the problem of having to pay attention to always, by utilizing portable terminal to damage consumer's behavior or even to be engaged in the event of criminal activity of common occurrence.The security of intelligent mobile terminal mainly is because the software of installing at intelligent mobile terminal causes, a kind of situation is that some mountain vallage manufacturers cooperate with some value-added service providers, some application programs of pre-installation reach the purpose of obtaining economic interests on the intelligent mobile terminal of mountain vallage manufacturers produce, and another kind of situation to be some hacker can upload that some application programs are downloaded for the user to using the shop, after the client downloads this application program, obtain user's information by this application program, or even steal user's account and password, such as Bank Account Number and password etc.
In order to increase the security of portable terminal, be necessary that the application programs interface monitors, and take appropriate measures by the result of monitoring, thereby can protect mobile intelligent terminal user's safety, avoid the user to be subject to economically or otherwise loss.
Summary of the invention
In order to solve above-mentioned technical matters, the invention provides a kind of application programming interfaces method for supervising and system of intelligent mobile terminal, to improve the security of intelligent mobile terminal.
The invention provides a kind of application programming interfaces method for supervising of intelligent mobile terminal, comprising:
Step 1, behind the application program launching, application programming interfaces request call information;
Step 2 judges that whether this application program exists threat or potential threat, if so, does not then return the information of its request call, otherwise returns the information of its request call to these application programming interfaces to these application programming interfaces.
Preferably, in the step 2, information from its request call to these application programming interfaces that do not return comprises: return refuse information, blank message, virtual message, spoofed message or camouflage message to these application programming interfaces.
Preferably, in the step 2, judge whether this application program exists threat or potential threat to comprise: judge according to pre-stored security information storehouse whether this application program exists threat or potential threat.
Preferably, this method for supervising also comprises step 3, the information of the information association of record and application programming interfaces request call, and record is to the information of application programming interfaces transmission.
Preferably, the information of application programming interfaces request call comprises at least one in note, contact person, usemame/password, UDID, IMEI, IMSI and the Internet resources.
The invention provides a kind of application programming interfaces supervisory system of intelligent mobile terminal, comprising:
Application program module is used for by application programming interfaces request call information;
Monitoring module is used for judging whether this application program module exists threat or potential threat; When this application program module exists threat or potential threat, do not return the information of its request call to these application programming interfaces; When this application program module does not exist threat or potential threat, return the information of its request call to these application programming interfaces.
Preferably, information from its request call to these application programming interfaces that do not return comprises: return refuse information, blank message, virtual message, spoofed message or camouflage message to these application programming interfaces.
Preferably, judge whether this application program exists threat or potential threat to comprise: judge according to pre-stored security information storehouse whether this application program exists threat or potential threat.
Preferably, this supervising device also is used for the information of the information association of record and application programming interfaces request call, and records the information that sends to application programming interfaces.
Preferably, the information of application programming interfaces request call comprises at least one in note, contact person, usemame/password, UDID, IMEI, IMSI and the Internet resources.
The present invention monitors by the behavior of application programs, determines whether that then returning the desired information that obtains to application program guarantees that application program can not produce threat or potential threat to intelligent mobile terminal.
Description of drawings
Fig. 1 is application programming interfaces monitoring process flow diagram provided by the invention;
Fig. 2 is application programming interfaces supervisory system synoptic diagram provided by the invention.
Embodiment
Below in conjunction with accompanying drawing, the present invention is described in further detail.
In the prior art, after application program was installed to intelligent mobile terminal, application program can be moved or manually move by the user automatically.For malice or have and threaten or the application program of potential threat, if it automatically moves or the user manually moves, will produce some bad consequences, losing of data for example, the leakage of information or so that the travelling speed of intelligent mobile terminal is slack-off etc.This risk of bringing in order to solve the application program that is installed on the intelligent mobile terminal, the invention provides a solution, its main purpose is by a large amount of existing applications is monitored, form the security information storehouse of application program, behind application program launching, whether exist threat or potential threat to determine whether to return corresponding information to application programming interfaces by judging this application program.
The application programming interfaces monitoring flow process of intelligent mobile terminal provided by the present invention as shown in Figure 1.At first application program can start (step 101), and for example application program starts automatically or the user manually boots.Behind application program launching, application programming interfaces can be initiated the request (step 103) of recalls information, and the information of institute's request call includes but not limited at least one in note, contact person, usemame/password, UDID, IMEI, IMSI and the Internet resources.For fear of sending corresponding information to the application program that has threat or potential threat, come application programs to detect (step 105) by the security information storehouse among the present invention.For the security information storehouse, can realize by existing security monitoring scheme, for example in the prior art, the virus base that is provided by many security firms, virus base that provides for mobile Internet such as this base of kappa, Symantec etc. manufacturer etc., for example can to record this application program be Malware in the security information storehouse, and the information of request is used in unlawful activities etc.After the application programs detection, there are threat or potential threat if find application program, then can not send the information that its hope is called to application programming interfaces, if and find that application program does not exist threat or potential threat, then can send the information that its hope is called to application programming interfaces.When determining not to send the information that its hope calls to application programming interfaces, request that also can the application programs interface responds, for example return blank information, perhaps return the information of its request of refusal, perhaps return virtual message, spoofed message or camouflage message.So far, can finish protection to intelligent mobile terminal.
In addition, carry out record for the request of application programs interface interchange information with to the processing of this request, the application programming interfaces method for supervising of intelligent mobile terminal provided by the invention also the application programs interface action and the processing of this request carried out record, for example the records application program interface requests what information, whether returned corresponding information to application programming interfaces, and returned what information etc., so that the behavior of user's application programs is added up.For instance, if application programming interfaces have sent the request of calling IMSI, then record these application programming interfaces and when sent this request.After returning this IMSI to these application programming interfaces, then further be recorded in and when returned this IMSI to these application programming interfaces.
Correspondingly, the present invention also provides a kind of application programming interfaces supervisory system of intelligent mobile terminal, as shown in Figure 2, specifically comprises: application program module 201 and monitoring module 203.Application program module 201 is used for after application program module starts, by application programming interfaces request call information; Monitoring module 203 is used for judging whether this application program module exists threat or potential threat; When this application program module exists threat or potential threat, do not return the information of its request call to these application programming interfaces; When this application program module does not exist threat or potential threat, return the information of its request call to these application programming interfaces.Preferably, information from its request call to these application programming interfaces that do not return comprises: return refuse information, blank message, virtual message, spoofed message or camouflage message to these application programming interfaces.Wherein, judge whether this application program exists threat or potential threat to comprise: judge according to pre-stored security information storehouse whether this application program exists threat or potential threat.Preferably, this supervising device also is used for the information of the information association of record and application programming interfaces request call, and records the information that sends to application programming interfaces.Preferably, the information of application programming interfaces request call comprises at least one in note, contact person, usemame/password, UDID, IMEI, IMSI and the Internet resources.
Those skilled in the art can also carry out various modifications to above content under the condition that does not break away from the definite the spirit and scope of the present invention of claims.Therefore scope of the present invention is not limited in above explanation, but determined by the scope of claims.
Claims (10)
1. the application programming interfaces method for supervising of an intelligent mobile terminal is characterized in that, comprising:
Step 1, behind the application program launching, application programming interfaces request call information;
Step 2 judges that whether this application program exists threat or potential threat, if so, does not then return the information of its request call, otherwise returns the information of its request call to these application programming interfaces to these application programming interfaces.
2. application programming interfaces method for supervising as claimed in claim 1, it is characterized in that, in the step 2, information from its request call to these application programming interfaces that do not return comprises: return refuse information, blank message, virtual message, spoofed message or camouflage message to these application programming interfaces.
3. application programming interfaces method for supervising as claimed in claim 1, it is characterized in that, in the step 2, judge whether this application program exists threat or potential threat to comprise: judge according to pre-stored security information storehouse whether this application program exists threat or potential threat.
4. application programming interfaces method for supervising as claimed in claim 1 is characterized in that, this method for supervising also comprises step 3, the information of the information association of record and application programming interfaces request call, and record is to the information of application programming interfaces transmission.
5. such as the described application programming interfaces method for supervising of claim 1-4 any one, it is characterized in that the information of application programming interfaces request call comprises at least one in note, contact person, usemame/password, UDID, IMEI, IMSI and the Internet resources.
6. the application programming interfaces supervisory system of an intelligent mobile terminal is characterized in that, comprising:
Application program module is used for by application programming interfaces request call information;
Monitoring module is used for judging whether this application program module exists threat or potential threat; When this application program module exists threat or potential threat, do not return the information of its request call to these application programming interfaces; When this application program module does not exist threat or potential threat, return the information of its request call to these application programming interfaces.
7. application programming interfaces supervisory system as claimed in claim 6, it is characterized in that information from its request call to these application programming interfaces that do not return comprises: return refuse information, blank message, virtual message, spoofed message or camouflage message to these application programming interfaces.
8. application programming interfaces supervisory system as claimed in claim 6 is characterized in that, judges whether this application program exists threat or potential threat to comprise: judge according to pre-stored security information storehouse whether this application program exists threat or potential threat.
9. application programming interfaces supervisory system as claimed in claim 6 is characterized in that, this supervising device also is used for the information of the information association of record and application programming interfaces request call, and records the information that sends to application programming interfaces.
10. such as the described application programming interfaces supervisory system of claim 6-9 any one, it is characterized in that the information of application programming interfaces request call comprises at least one in note, contact person, usemame/password, UDID, IMEI, IMSI and the Internet resources.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310039310XA CN103065083A (en) | 2013-01-31 | 2013-01-31 | Method and system for monitoring application program interface of intelligent mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310039310XA CN103065083A (en) | 2013-01-31 | 2013-01-31 | Method and system for monitoring application program interface of intelligent mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103065083A true CN103065083A (en) | 2013-04-24 |
Family
ID=48107711
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310039310XA Pending CN103065083A (en) | 2013-01-31 | 2013-01-31 | Method and system for monitoring application program interface of intelligent mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103065083A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103544434A (en) * | 2013-11-12 | 2014-01-29 | 北京网秦天下科技有限公司 | Method and terminal used for ensuring safe operation of application program |
| CN103747433A (en) * | 2013-12-02 | 2014-04-23 | 上海斐讯数据通信技术有限公司 | Method and mobile terminal for realizing root request management through manufacturer server |
| CN104462957A (en) * | 2013-09-23 | 2015-03-25 | 联想(北京)有限公司 | Application management method and electronic equipment |
| CN104951715A (en) * | 2015-06-11 | 2015-09-30 | 联想(北京)有限公司 | Information processing method and electronic equipment |
| WO2017000369A1 (en) * | 2015-06-30 | 2017-01-05 | 中兴通讯股份有限公司 | Information security management method and apparatus, and storage medium |
| CN106777381A (en) * | 2017-02-13 | 2017-05-31 | 广东欧珀移动通信有限公司 | A kind of Access and control strategy of database method, device and intelligent terminal |
| CN107995213A (en) * | 2015-02-04 | 2018-05-04 | 广东欧珀移动通信有限公司 | Short message sending control method and device |
| WO2019001388A1 (en) * | 2017-06-28 | 2019-01-03 | Oppo广东移动通信有限公司 | Payment application program management method and device, and mobile terminal |
| CN111385791A (en) * | 2018-12-28 | 2020-07-07 | 华为技术有限公司 | Security threat detection method and terminal |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030060189A1 (en) * | 2001-08-15 | 2003-03-27 | Brian Minear | Test enabled application execution |
| US20090325615A1 (en) * | 2008-06-29 | 2009-12-31 | Oceans' Edge, Inc. | Mobile Telephone Firewall and Compliance Enforcement System and Method |
| CN102186167A (en) * | 2011-04-11 | 2011-09-14 | 中兴通讯股份有限公司 | Method and system for monitoring applications |
| CN102404727A (en) * | 2011-11-24 | 2012-04-04 | 中兴通讯股份有限公司 | Method and device for safety control of mobile terminal |
-
2013
- 2013-01-31 CN CN201310039310XA patent/CN103065083A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030060189A1 (en) * | 2001-08-15 | 2003-03-27 | Brian Minear | Test enabled application execution |
| US20090325615A1 (en) * | 2008-06-29 | 2009-12-31 | Oceans' Edge, Inc. | Mobile Telephone Firewall and Compliance Enforcement System and Method |
| CN102186167A (en) * | 2011-04-11 | 2011-09-14 | 中兴通讯股份有限公司 | Method and system for monitoring applications |
| CN102404727A (en) * | 2011-11-24 | 2012-04-04 | 中兴通讯股份有限公司 | Method and device for safety control of mobile terminal |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104462957A (en) * | 2013-09-23 | 2015-03-25 | 联想(北京)有限公司 | Application management method and electronic equipment |
| CN104462957B (en) * | 2013-09-23 | 2018-03-27 | 联想(北京)有限公司 | Application management method and electronic equipment |
| CN103544434B (en) * | 2013-11-12 | 2016-08-24 | 北京网秦天下科技有限公司 | For guaranteeing method and the terminal of safety operation of applied program |
| CN103544434A (en) * | 2013-11-12 | 2014-01-29 | 北京网秦天下科技有限公司 | Method and terminal used for ensuring safe operation of application program |
| CN103747433B (en) * | 2013-12-02 | 2020-03-20 | 上海斐讯数据通信技术有限公司 | Method for realizing root request management through manufacturer server and mobile terminal |
| CN103747433A (en) * | 2013-12-02 | 2014-04-23 | 上海斐讯数据通信技术有限公司 | Method and mobile terminal for realizing root request management through manufacturer server |
| CN107995213A (en) * | 2015-02-04 | 2018-05-04 | 广东欧珀移动通信有限公司 | Short message sending control method and device |
| CN107995213B (en) * | 2015-02-04 | 2020-12-25 | Oppo广东移动通信有限公司 | Short message sending control method and device |
| CN104951715A (en) * | 2015-06-11 | 2015-09-30 | 联想(北京)有限公司 | Information processing method and electronic equipment |
| WO2017000369A1 (en) * | 2015-06-30 | 2017-01-05 | 中兴通讯股份有限公司 | Information security management method and apparatus, and storage medium |
| CN106777381A (en) * | 2017-02-13 | 2017-05-31 | 广东欧珀移动通信有限公司 | A kind of Access and control strategy of database method, device and intelligent terminal |
| WO2019001388A1 (en) * | 2017-06-28 | 2019-01-03 | Oppo广东移动通信有限公司 | Payment application program management method and device, and mobile terminal |
| CN111385791A (en) * | 2018-12-28 | 2020-07-07 | 华为技术有限公司 | Security threat detection method and terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103065083A (en) | Method and system for monitoring application program interface of intelligent mobile terminal | |
| CN106156619B (en) | Application security protection method and device | |
| EP2839406B1 (en) | Detection and prevention of installation of malicious mobile applications | |
| CN104376263B (en) | The method and apparatus that application behavior intercepts | |
| CN103744686B (en) | Control method and the system of installation is applied in intelligent terminal | |
| CN104462978A (en) | Method and device for application program authority management | |
| KR101281825B1 (en) | Apparatus and method that enhance security using virtual interface in cloud system | |
| CN103207969A (en) | Device and method for detecting Android malware | |
| CN104199654A (en) | Open platform calling method and device | |
| US9747449B2 (en) | Method and device for preventing application in an operating system from being uninstalled | |
| US20150193280A1 (en) | Method and device for monitoring api function scheduling in mobile terminal | |
| CN104881667A (en) | Characteristic information extraction method and apparatus | |
| CN104021141A (en) | Method, device and system for data processing and cloud service | |
| CN103686688A (en) | Method and device for protecting user address list of mobile terminal and mobile terminal | |
| CN104992116A (en) | Monitoring method and system based on intent sniffer | |
| CN103067246A (en) | Method and apparatus used for processing file received based on instant communication service | |
| CN104751046B (en) | A kind of user authen method and mobile terminal device of application program | |
| CN103176882A (en) | Method and system for monitoring network application program interface of intelligent mobile terminal | |
| CN106102011A (en) | Method, device and the terminal that a kind of terminal positioning processes | |
| CN109699030B (en) | Unmanned aerial vehicle authentication method, device, equipment and computer readable storage medium | |
| CN105453104A (en) | File security management apparatus and management method for system protection | |
| CN110908881A (en) | Method and device for sending buried point data, electronic equipment and computer readable storage medium | |
| CN105872775A (en) | Silent uninstalling method and device for smart cloud TV application | |
| CN111722850A (en) | Method, device and system for processing application among multiple systems | |
| CN109088854B (en) | Access method and device of shared application and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: FENGLING CHUANGJING (BEIJING) TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: CHENFENGYUN (BEIJING) TECHNOLOGY CO., LTD. Effective date: 20140905 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20140905 Address after: 100080, room 7, floor 2, No. 701-51 East Third Street, Haidian District, Beijing, Haidian Applicant after: FENGLING CHUANGJING (BEIJING) TECHNOLOGY Co.,Ltd. Address before: 100080, room 1, building 3, Haidian Avenue, Haidian District, Beijing, Applicant before: Morning wind (Beijing) Technology Co., Ltd. |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20151223 Address after: 100085 Beijing, Haidian District, No. ten on the street Baidu building, No. 10 Applicant after: BEIJING BAIDU NETCOM SCIENCE AND TECHNOLOGY Co.,Ltd. Address before: 100080, room 7, floor 2, No. 701-51 East Third Street, Haidian District, Beijing, Haidian Applicant before: FENGLING CHUANGJING (BEIJING) TECHNOLOGY Co.,Ltd. |
|
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130424 |
|
| RJ01 | Rejection of invention patent application after publication |