Android application security monitoring method based on plug-in loading and storage medium

An application security and plug-in technology, applied in the field of information security, can solve the problems of difficult to find detection capabilities, poor cooperation in system iterative development, etc. Effect

Active Publication Date: 2019-07-05
FUJIAN TQ DIGITAL
View PDF10 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, it is difficult for such a highly coupled security detection tool to be quickly updated to detect the latest vulnerabilities, and the collaboration between tool maintenance and system iterative development is relatively poor.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android application security monitoring method based on plug-in loading and storage medium
  • Android application security monitoring method based on plug-in loading and storage medium
  • Android application security monitoring method based on plug-in loading and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0082] Please refer to figure 1 , this embodiment provides a plug-in-based Android application security monitoring method, which is suitable for comprehensive and effective security vulnerability detection of Android APP, and the detection method has low coupling, high availability and scalability.

[0083] The method of the present embodiment comprises the following steps:

[0084] (1) Detection plug-in preparation process

[0085] S1: Define the detection plug-in base class;

[0086] Define and agree on a vulnerability detection plug-in base class, which defines member variable attributes including plug-in name, associated vulnerability number, plug-in version, detection result, plug-in priority, number of discoveries, and detection status. Using the characteristics of class inheritance in object-oriented programming (inheritance is one of the most important concepts in object-oriented programming, inheritance allows the use of existing classes in the hierarchical structur...

Embodiment 2

[0126] This embodiment corresponds to Embodiment 1, and provides a computer-readable storage medium on which a computer program is stored. When the program is executed by a processor, the Android application security monitoring based on plug-in loading described in Embodiment 1 can be realized. The steps included in the method. The specific steps will not be repeated here, please refer to the description of Embodiment 1 for details.

[0127] Wherein, the storage medium may be a magnetic disk, an optical disk, a read-only memory (Read-Only Memory, ROM) or a random access memory (Random Access Memory, RAM) and the like.

Embodiment 3

[0129] This embodiment corresponds to Embodiment 1, and provides an Android application security monitoring system based on plug-in loading, and implements the method described in Embodiment 1 through specific functional modules.

[0130] Specifically, the system of this embodiment includes a basic analysis module 10, a plug-in module 20, a plug-in loading module 30, a plug-in running module 40, a storage module 50, a reporting module 60 and an insertion update and upgrade module 70. For the connection relationship of each module, please refer to figure 2 .

[0131] Wherein, the basic analysis module 10 is used to pre-prepare the apk_info_dict parameter before running the plug-in. For the specific execution process, refer to the content of S4 in the first embodiment.

[0132] Wherein, the plug-in module 10 is composed of a template plug-in, a plug-in directory, and all security detection plug-ins under the plug-in directory. Among them, the template plug-in is the base class...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an Android application security monitoring method based on plug-in loading and a storage medium. The method comprises: a plug-in base class is defined and detected; constructinga detection plug-in library by inheriting the detection plug-in base class, and storing the detection plug-in library locally; updating the local detection plug-in library according to the latest detection plug-in list obtained from the cloud server at regular time; obtaining related information parameters of the apk file of the to-be-detected application, organizing the related information parameters into an information dictionary format, and storing the information dictionary format; dynamically loading all plug-ins in the detection plug-in library; introducing related information parameters of an information dictionary format; and sequentially executing the loaded plug-ins. The method has the function of detecting automatic updating of the plug-in, the latest security holes can be detected timely and accurately, and the detection rate is increased. In addition, the efficiency and the collaboration of plug-in iterative development and maintenance can be remarkably improved by defining and detecting the plug-in base class, and therefore efficient comprehensive safety detection can be conducted on the Android application.

Description

technical field [0001] The invention relates to the field of information security, in particular to a plug-in-based Android application security monitoring method and a storage medium. Background technique [0002] During the design, development, installation and operation of Android APP, some security issues may be introduced or brought about, including APP installation package security, sensitive information leakage, data communication security, component security, server interface security, business logic security etc. [0003] Most of the existing security detections for Android APPs are based on decompilation methods. For example, use a decompilation tool to decompile the APK to obtain the code, and then use the vulnerability signature code combined with static code analysis and scanning technology to realize security vulnerability detection. However, it is difficult for such a highly coupled security detection tool to be quickly updated to realize the ability to disc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57G06F9/445
CPCG06F9/44526G06F21/563G06F21/566G06F21/577G06F2221/033
Inventor 刘德建周友禄张晓威黄文成林琛
Owner FUJIAN TQ DIGITAL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap