Unlock instant, AI-driven research and patent intelligence for your innovation.

Behavior-based mobile terminal security protection system and method

A technology of behavior and terminal equipment, applied in the direction of transmission system, computer security device, platform integrity maintenance, etc., can solve the problems of large monitoring granularity, difficult to accurately distinguish, low efficiency and accuracy of killing, and achieve damage prevention and saving cost, efficiency and accuracy improvements

Inactive Publication Date: 2011-06-01
BEIJING BANGCLE TECH CO LTD
View PDF3 Cites 45 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The monitoring objects of the firewall are ports and protocols, and users need to set whether to allow them to pass through, requiring users to have professional familiarity with the system, and the granularity of monitoring is too large to be accurately distinguished
[0003] The second killing method is based on the virus definition library. This method requires the establishment of a large-scale malware monitoring system, and requires a huge amount of manpower and material resources to define, make and maintain the virus definition library.
Direct scanning and killing on mobile terminals such as mobile phones requires too much processing power and storage capacity of terminal equipment. Under the current technology, the efficiency and accuracy of scanning and killing are low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Behavior-based mobile terminal security protection system and method
  • Behavior-based mobile terminal security protection system and method
  • Behavior-based mobile terminal security protection system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013] 下面结合附图和具体实施例对本发明提供的一种基于程序行为的安全防护系统和方法进行详细描述。

[0014] 在以下的描述中,将描述本发明的多个不同的方面,然而,对于本领域内的普通技术人员而言,可以仅仅利用本发明的一些或者全部结构或者流程来实施本发明。为了解释的明确性而言,阐述了特定的数目、配置和顺序,但是很明显,在没有这些特定细节的情况下也可以实施本发明。在其他情况下,为了不混淆本发明,对于一些众所周知的特征将不再进行详细阐述。

[0015] 总的来说,如 figure 1 所示,本发明提供的一种基于程序行为的移动设备的安全防护系统包括终端设备100和服务器200,服务器包括接收模块201,用来从终端设备100或者终端设备期望下载程序的源程序服务器端接收该程序。

[0016] 终端设备100是指经由通信设施和运营商设备或者应用服务器交互的设备,终端设备100通常设置在利用通信设施与服务器联接工作的方便场所,它主要由通信接口控制装置与专用或选定的输入输出装置组合而成,而移动终端设备却不受地域限制,更加灵活。本发明的终端设备包括但不限于移动通信设备(诸如手持电话、智能电话)、便携式娱乐设备(诸如苹果公司的IPAD、三星公司的GALAXY、索尼公司的PS系列)等等。

[0017] 本申请的终端设备100具有接收端口和发送端口,接收端口用于接收来自应用服务器的软件程序,发送端口用于将所接收的软件程序发送给服务器200。这里的应用服务器包括但不限于:提供软件下载的应用服务器、运营商服务器、与终端设备进行会话的会话服务器、对终端设备提供远程支持的应用服务器以及其他类型的静态和动态服务器。

[0018] 总的来说,如 figure 1 所示,本申请的服务器200包括接收模块201、分发模块202、检测模块203、比较模块204和报告产生模块205。其中,接收模块201用来接收来自终端设备100发送的软件程序或者其他文件;分发模块202用于将所接收的软件程序或者其他文件分发给由处理器组成的“云”中的其中一个的模拟器;检测模块203用于检测在服务器200的沙漏模型中运行的软件程序或者其他文件的行为;比较模块204用于将所检测到的该软件程序或者其他文件的执行过程中的行为和服务器200中的行为库进行比较,获知是否是已有行为,比较模块2...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a program behavior-based mobile equipment security protection system and a program behavior-based mobile equipment security protection method. The program behavior-based mobile equipment security protection system comprises terminal equipment and a server, wherein the server comprises a receiving module, a distribution module, a detection module and a report generation module; the receiving module is used for receiving a software program from the terminal equipment; the distribution module is used for distributing the received software program to a simulator in cloud consisting of processors; the detection module is used for detecting and recording the execution behaviors of the software program or other files run in an hourglass model of the server; and the report generation module is used for evaluating the friendliness or hazard level of the software program or the other files according to the execution behaviors of the software program in the hourglass model, and providing an analysis report for the terminal equipment.

Description

technical field [0001] 本申请涉及移动终端设备的安全技术,更具体地,本发明涉及一种基于程序行为的移动终端的安全防护系统和方法,其中,本发明所涉及的移动终端设备包括但不限于移动通信设备(诸如手持电话、智能电话)、便携式娱乐设备(诸如苹果公司的IPAD、三星公司的GALAXY、索尼公司的PS系列的平板电脑或者影音播放设备)等等。 Background technique [0002] 目前在病毒查杀领域,主要包括两种技术。第一种是防火墙技术,是针对Internet网络不安全因素所采取的一种保护措施。防火墙是用来阻挡外部不安全因素影响的内部网络屏障,其目的就是防止外部网络用户未经授权的访问。防火墙主要由服务访问政策、验证工具、包过滤和应用网关4个部分组成,是一个位于计算机和它所连接的网络之间的软件或硬件。防火墙的监控对象是端口和协议,需要用户自己设置是否允许通过,要求用户对系统具有专业性的熟悉程度,而且监控的粒度太大,难以准确区分。 [0003] 第二种查杀方法是基于病毒定义库来完成,这种方法需要建立大规模的恶意软件监测系统,并且需要花费巨大人力物力来定义、制作和维护病毒定义库。另外,这种杀毒软件只有捕获到病毒样本后,才能提取到病毒的特征码,而且对于新出现的未知病毒无法防范,病毒库也需要实时更新、升级才能即时跟踪。随着恶意软件数量的指数倍增长,这种方法越来越不能满足实际应用的需要。 [0004] 对于诸如手机的移动通信领域,目前的恶意软件查杀方法都是从计算机领域学习过来的,也存在与计算机领域相同的问题。另外,由于手机上的恶意软件的性质与计算机上的恶意软件存在很大不同,手机上的恶意软件在定义上与计算机上是不完全相同的,恶意软件在手机上很难进行大规模的传播。手机上的恶意软件的目的主要是窃取个人资料与信息、盗取银行账号、窃听电话等犯罪行为。在诸如手机的移动终端直接进行查杀,对终端设备的处理能力和存储量要求过高,在目前的技术下,查杀效率和准确度都较低。 Contents of the invention [0005] 为克服现有技术中的上述缺陷,本发明提供一种基于程序行为的移动设备的安全防护系统和方法。 [0006] 根据本发明的一个方面,提供了一种基于程序行为的移动通信设备的安全防护系统,包括终端设备和服务...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/00G06F21/57
Inventor 陈彪
Owner BEIJING BANGCLE TECH CO LTD