Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for detecting safety of user login interface of Android software

A login interface and security technology, applied in electrical components, transmission systems, etc., can solve problems such as wide coverage of speed and efficiency, large amount of detection tasks, user loss, etc., to achieve the effect of high detection efficiency and accuracy

Active Publication Date: 2015-06-03
INST OF INFORMATION ENG CAS
View PDF4 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, even a simple login mechanism will involve many security issues. Once the developer does not consider it comprehensively, it may cause serious losses to users.
[0004] The traditional Android application detection method is to conduct a holistic detection of the apk file (Android software installation package), and its speed and efficiency will be affected by problems such as wide coverage and large detection tasks.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting safety of user login interface of Android software
  • Method for detecting safety of user login interface of Android software
  • Method for detecting safety of user login interface of Android software

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The present invention will be described in further detail below through specific embodiments and accompanying drawings.

[0021] figure 1 Is the general flowchart of the method of the present invention. First analyze the apk installation package to obtain the layout files and codes related to the login page, then analyze and track the login-related code segments, and divide the entire login detection process into three stages: pre-login detection, data packet transmission detection, and post-login detection. Corresponding vulnerability detection is carried out according to the characteristics of each stage, the result of code execution is recorded, and finally, whether there is a relevant vulnerability is judged according to the execution result of each stage. Each step is described in detail below.

[0022] 1) First decompile the apk file, get all the layout files and smali code, traverse all the layout files, according to some common features of the login interface,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method for detecting the safety of a user login interface of Android software. The method comprises the steps of firstly, analyzing an apk (Android Package) of the Android software, and locating related codes of a login page by using a feature matching method; then, abstracting a user login behavior into three stages of login pre-processing, data package transmission and login post-processing, establishing a detecting model, and carrying out safety testing on key nodes which easily cause a safety problem; finally, judging nodes having the safety problem according to an execution situation of the codes and a feedback situation of a server, carrying out safety evaluation, and analyzing the existing safety problem. According to the method disclosed by the invention, the detection is carried out aiming at the safety of the login page of the Android software, covered detection points are multiple, and the detection efficiency and the detection accuracy are high.

Description

technical field [0001] The invention relates to the field of mobile terminal application security, and more particularly relates to a method for detecting the security of a login interface on Android software. Background technique [0002] At present, with the increasing popularity of mobile terminals and mobile operating systems, the number of mobile terminal applications is growing explosively. However, the security problems of mobile applications are also becoming more and more serious. Sensitive data leakage incidents such as password accounts on mobile terminal applications Occurs from time to time, which poses a great threat to the property and privacy security of users. The Android platform is currently the most popular smart mobile terminal platform, and the applications developed for the Android system account for the majority. Therefore, the security of Android software is very important to the safe development of the mobile Internet and the privacy security of mob...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1433H04L67/06
Inventor 马彬陈恺张颖君
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com