æ¬åæå®æ½ä¾å ¬å¼äºä¸ç§éæ§æ è¯ç¬¦çè·åæ¹æ³åè£ ç½®ï¼æ¶åéä¿¡ææ¯é¢åï¼è½å¤è§£å³å ä»»ä½åºç¨ç¨åºé½è½å¤æå访é®éæ§æ è¯ç¬¦ï¼è导è´å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸åå¨å®å ¨éæ£çé®é¢ãæ¬åæå®æ½ä¾çæ¹æ³å æ¬ï¼æªè·åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦çæä½æ令ï¼æ ¹æ®æè¿°æä½æ令ï¼ç¡®å®å¨æè¿°åºç¨ç¨åºå¯å¨åï¼æè¿°åºç¨ç¨åºç访é®æ åµï¼å¹¶æ ¹æ®æ述访é®æ åµç¡®å®æè¿°åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼å¨æ ¹æ®æ述访é®æ åµç¡®å®æè¿°åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿åï¼åæè¿°åºç¨ç¨åºåé¦ä¼ªé ä¿¡æ¯æ空ç½ä¿¡æ¯ï¼ææ示ç¨æ·å³å®æ¯å¦å 许æè¿°åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ãæ¬åæå®æ½ä¾éç¨äºéæ§æ è¯ç¬¦çè·åè¿ç¨ã
The embodiment of the present invention discloses a method and device for obtaining a hidden identifier, which relates to the field of communication technology and can solve the problem that any application program can successfully access the hidden identifier, which leads to potential safety hazards in the process of using the terminal . The method in this embodiment of the present invention includes: intercepting an operation instruction for an application program to access a hidden identifier; according to the operation instruction, determining the access status of the application program after the application program is started, and determining the Whether the application has a tendency to maliciously access the hidden identifier; after determining that the application has a tendency to maliciously access the hidden identifier according to the access situation, feed back forged or blank information to the application, or Prompts the user to decide whether to allow the application in question to access the implicit identifier. The embodiment of the present invention is applicable to the acquisition process of the implicit identifier.
Description Translated from Chinese ä¸ç§éæ§æ è¯ç¬¦çè·åæ¹æ³åè£ ç½®A method and device for obtaining a hidden identifierææ¯é¢åtechnical field
æ¬åæå®æ½ä¾æ¶åéä¿¡ææ¯é¢åï¼å°¤å ¶æ¶åä¸ç§éæ§æ è¯ç¬¦çè·åæ¹æ³åè£ ç½®ãThe embodiments of the present invention relate to the field of communication technologies, and in particular, to a method and device for acquiring a hidden identifier.
èæ¯ææ¯Background technique
éçç»ç«¯åäºèç½çæ®åï¼çº¿ä¸æ¨å¹¿æ为ä¸ç§è¶å¿ã广åå ¬å¸ä¸ºäºææ¡å¤§é¨åç¨æ·çå ´è¶£ååï¼å¯ä»¥éè¿ç¹å®åºç¨ç¨åº(Applicationï¼app)è·è¸ªç¨æ·å¨ä¸åç½é¡µ(website)ãåºç¨ç¨åºä¸æ§è¡çæä½ï¼ä»¥äºè§£ç¨æ·è®¿é®äºåªäºå¹¿åï¼ä»èæ´æé对æ§å°ä¸ºç¨æ·æ¨éç¸åºç广åå 容ãWith the popularity of terminals and the Internet, online promotion has become a trend. In order to grasp the interest orientation of most users, advertising companies can use specific applications (Application, app) to track the actions performed by users on different web pages (websites) and applications, so as to understand which advertisements users have visited, so as to be more targeted Push the corresponding advertising content to users in a timely manner.
ç®åï¼å¨ç¹å®åºç¨ç¨åºè·è¸ªç¨æ·è¡ä¸ºçè¿ç¨ä¸ï¼å¯ä»¥ä½¿ç¨ç»ç«¯çæ¾æ§æ è¯ç¬¦åºåä¸åç¨æ·ï¼å ¶ä¸ï¼æ¾æ§æ è¯ç¬¦å¯ä»¥å æ¬å½é 移å¨è®¾å¤èº«ä»½ç (International MobileEquipment Identityï¼IMEI)ãå½é 移å¨ç¨æ·è¯å«ç (International Mobile SubscriberIdentification Numberï¼IMSI)çè½å¤å¯ä¸æ è¯ç»ç«¯çä¿¡æ¯ã为äºé¿å æ¶æåºç¨ç¨åºè·åç»ç«¯çæ¾æ§æ è¯ç¬¦ï¼æä½ç³»ç»(Operating Systemï¼OS)å¯ä»¥é¢å 设置å个åºç¨ç¨åºç访é®æéï¼å¹¶å¨æä¸åºç¨ç¨åºè¯å¾è®¿é®æä¸ç»ç«¯çæ¾æ§æ è¯ç¬¦æ¶ï¼å¯¹è¯¥åºç¨ç¨åºæ¯å¦å ·æ访é®æéè¿è¡å¤æï¼è¥è¯¥åºç¨ç¨åºå ·æ访é®æéï¼åç»ç«¯å 许该åºç¨ç¨åºè®¿é®æéçæ¾æ§æ è¯ç¬¦ï¼å¦åï¼è¯¥åºç¨ç¨åºæ æ³è·åå°æ¾æ§æ è¯ç¬¦ãAt present, in the process of tracking user behavior by a specific application program, the explicit identifier of the terminal can be used to distinguish different users, where the explicit identifier can include the International Mobile Equipment Identity (International MobileEquipment Identity, IMEI), International Mobile Subscriber Identity Information that can uniquely identify a terminal such as an International Mobile Subscriber Identification Number (IMSI). In order to prevent malicious applications from obtaining the explicit identifier of the terminal, the operating system (Operating System, OS) can pre-set the access rights of each application, and when an application tries to access the explicit identifier of a certain terminal, the Whether the application program has the access right is judged, and if the application program has the access right, the terminal allows the application program to access the required explicit identifier; otherwise, the application program cannot obtain the explicit identifier.
ä½æ¯ï¼å¨ç»ç«¯ä¸é¤äºå æ¬æ¾æ§æ è¯ç¬¦å¤ï¼è¿å æ¬éæ§æ è¯ç¬¦ãéæ§æ è¯ç¬¦ä¸åäºæ¾æ§æ è¯ç¬¦ï¼ç±äºéæ§æ è¯ç¬¦ä¸è¬ä¸ä¼è¢«è®¾ç½®è®¿é®æéï¼å³ä¾¿éæ§æ è¯ç¬¦å ·æ访é®æéï¼åºç¨ç¨åºå¨èº«ä»½è®¤è¯æ¶ä¹æ éåç¥æ£å¨ä½¿ç¨ç»ç«¯çç¨æ·ï¼å³å¯å®ææ´ä¸ªèº«ä»½è®¤è¯è¿ç¨ï¼å æ¤ï¼ä»»ä½åºç¨ç¨åºé½è½å¤æå访é®éæ§æ è¯ç¬¦ãè½ç¶ï¼éè¿ä¸ä¸ªéæ§æ è¯ç¬¦å¾é¾ç¡®å®å¯ä¸çä¸ä¸ªç»ç«¯ï¼ä½éè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åï¼å°±è½å¤å¾å®¹æå°åºåä¸åç¨æ·ãå æ¤ï¼åºç¨ç¨åºé¤äºå¯ä»¥éè¿æ¾æ§æ è¯ç¬¦åºåä¸åç¨æ·ï¼è¿å¯ä»¥æ ¹æ®å¤ä¸ªéæ§æ è¯ç¬¦çç»ååºåä¸åç¨æ·ãä¹å°±æå³çï¼æ 论æ¯ç¹å®åºç¨ç¨åºè¿æ¯æ¶æåºç¨ç¨åºï¼é½è½å¤æåè·åç»ç«¯çéæ§æ è¯ç¬¦ï¼ä¹åéè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åï¼åºåä¸åç¨æ·ãè¿æ ·ä¸æ¥ï¼æ¶æåºç¨ç¨åºä¾ç¶è½å¤äºè§£å个ç»ç«¯çä¿¡æ¯ï¼å¹¶è·è¸ªç¨æ·è¡ä¸ºï¼ä»èå¨æªç»ç¨æ·åæçæ åµä¸ï¼è¿åº¦æ¶éç¨æ·è¡ä¸ºæ°æ®ï¼å¢å ç¨æ·å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸çå®å ¨éæ£ãHowever, implicit identifiers are included in terminals in addition to explicit identifiers. Implicit identifiers are different from explicit identifiers. Since implicit identifiers generally do not have access permissions, even if implicit identifiers have access permissions, the application does not need to inform the user who is using the terminal during identity authentication. Complete the entire authentication process, so any application can successfully access the covert identifier. Although it is difficult to determine a unique terminal through a hidden identifier, different users can be easily distinguished through a combination of multiple hidden identifiers. Therefore, in addition to distinguishing different users through explicit identifiers, the application program can also distinguish different users based on the combination of multiple implicit identifiers. That is to say, whether it is a specific application or a malicious application, it can successfully obtain the hidden identifier of the terminal, and then distinguish different users through the combination of multiple hidden identifiers. In this way, malicious applications can still understand the information of each terminal and track user behavior, thereby excessively collecting user behavior data without the user's consent, increasing the security risks of the user in the process of using the terminal.
åæå 容Contents of the invention
æ¬åæå®æ½ä¾æä¾ä¸ç§éæ§æ è¯ç¬¦çè·åæ¹æ³åè£ ç½®ï¼è½å¤è§£å³å ä»»ä½åºç¨ç¨åºé½è½å¤æå访é®éæ§æ è¯ç¬¦ï¼è导è´å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸åå¨å®å ¨éæ£çé®é¢ãEmbodiments of the present invention provide a method and device for obtaining a hidden identifier, which can solve the problem of security risks in the process of using a terminal because any application program can successfully access the hidden identifier.
为达å°ä¸è¿°ç®çï¼æ¬åæå®æ½ä¾éç¨å¦ä¸ææ¯æ¹æ¡ï¼In order to achieve the above object, the embodiment of the present invention adopts the following technical solutions:
第ä¸æ¹é¢ï¼æ¬åæå®æ½ä¾æä¾ä¸ç§éæ§æ è¯ç¬¦çè·åæ¹æ³ã该æ¹æ³å æ¬ï¼æªè·åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦çæä½æ令ï¼ä¹åæ ¹æ®æä½æ令ï¼ç¡®å®å¨åºç¨ç¨åºå¯å¨åï¼åºç¨ç¨åºç访é®æ åµï¼å¹¶æ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼å¨æ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿åï¼ååºç¨ç¨åºåé¦ä¼ªé ä¿¡æ¯æ空ç½ä¿¡æ¯ï¼ææ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ãç¸æ¯è¾äºç°æææ¯ä¸ä»»ä½åºç¨ç¨åºé½è½å¤æå访é®éæ§æ è¯ç¬¦ï¼æ¬åæå®æ½ä¾å¯ä»¥å¨åºç¨ç¨åºè¯å¾è®¿é®éæ§æ è¯ç¬¦æ¶ï¼æªè·è¯¥åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦çæä½æ令ï¼ä¹åæ ¹æ®ææªè·çæä½æ令ï¼ç¡®å®å¨åºç¨ç¨åºå¯å¨å该åºç¨ç¨åºç访é®æ åµï¼å¹¶å¨ç»å访é®æ åµç¡®å®åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿åï¼ååºç¨ç¨åºåé¦ä¼ªé ä¿¡æ¯ï¼æ空ç½ä¿¡æ¯ï¼ææ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ãç±æ¤å¯è§ï¼æ¬åæå®æ½ä¾å©ç¨éæ§æ è¯ç¬¦å¨ä½¿ç¨è¿ç¨ä¸çç¹ç¹ï¼å³è·åéæ§æ è¯ç¬¦çä¸æ¹éè¦éè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åæè½å¯ä¸ç¡®å®æä¸ç»ç«¯ç身份ï¼å°é£äºé¢ç¹è·åéæ§æ è¯ç¬¦ãææ¯è·å大ééæ§æ è¯ç¬¦çåºç¨ç¨åºï¼ç¡®å®ä¸ºå ·ææ¶æ访é®éæ§æ è¯ç¬¦è¶å¿çåºç¨ç¨åºï¼ä¹å为äºä¿è¯ç»ç«¯ä½¿ç¨è¿ç¨ä¸çå®å ¨æ§ï¼é¿å 大ééæ§æ è¯ç¬¦çæ³é²ï¼å该åºç¨ç¨åºåé¦é误çéæ§æ è¯ç¬¦ææ¯ç©ºç½ä¿¡æ¯ï¼ä¹å¯ä»¥éè¿æéç¨æ·çæ¹å¼ï¼è®©ç¨æ·èªè¡å¤æåºç¨ç¨åºè·åéæ§æ è¯ç¬¦çè¿ç¨æ¯å¦åå¨å®å ¨éæ£ãè¿æ ·ä¸æ¥ï¼å¯¹äºé¢ç¹ææ¯å¤§éè·åéæ§æ è¯ç¬¦çåºç¨ç¨åºèè¨ï¼å¹¶ä¸ä¸å®è½å¤æå访é®ç»ç«¯çå®çéæ§æ è¯ç¬¦ï¼ä»è解å³å ä»»ä½åºç¨ç¨åºé½è½å¤æå访é®éæ§æ è¯ç¬¦ï¼è导è´å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸åå¨å®å ¨éæ£çé®é¢ãIn a first aspect, an embodiment of the present invention provides a method for acquiring a hidden identifier. The method includes: intercepting the operation instruction for the application program to access the hidden identifier, and then according to the operation instruction, determining the access situation of the application program after the application program starts, and determining whether the application program has malicious access to the hidden identifier according to the access situation Trend: After determining that the application has a tendency to maliciously access the hidden identifier according to the access situation, feed back fake information or blank information to the application, or prompt the user to decide whether to allow the application to access the hidden identifier. Compared with any application program in the prior art that can successfully access the hidden identifier, the embodiment of the present invention can intercept the operation instruction of the application program to access the hidden identifier when the application program tries to access the hidden identifier, and then according to The intercepted operating instructions determine the access status of the application program after the application program is started, and after combining the access status to determine the tendency of the application program to have a malicious access hidden identifier, feed back forged information or blank information to the application program, or Prompts the user to decide whether to allow the application to access the implicit identifier. It can be seen that the embodiment of the present invention utilizes the characteristics of hidden identifiers in the process of use, that is, the party who obtains the hidden identifier needs to combine multiple hidden identifiers to uniquely determine the identity of a certain terminal, and those who frequently Applications that obtain hidden identifiers, or obtain a large number of hidden identifiers, are determined to be applications that have a tendency to maliciously access hidden identifiers. In order to ensure the security of the terminal during use, avoid the use of a large number of hidden identifiers. Leakage, feeding back wrong hidden identifiers or blank information to the application, or by reminding the user, allowing the user to judge whether there is a security risk in the process of the application obtaining the hidden identifier. In this way, for applications that obtain hidden identifiers frequently or in large quantities, they may not be able to successfully access the real hidden identifiers of the terminal, so as to solve the problem that any application can successfully access hidden identifiers and It leads to the problem of potential safety hazards in the process of using the terminal.
å¨ä¸ç§å¯è½ç设计ä¸ï¼è®¿é®æ åµè³å°å æ¬ç¬¬ä¸æ°é以å第äºæ°éä¸çè³å°ä¸ä¸ªãå ¶ä¸ï¼ç¬¬ä¸æ°é为åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦çæ°éï¼ç¬¬äºæ°é为åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ç§ç±»çæ°éãä¹å°±æå³çï¼å¨æ¬åæå®æ½ä¾ä¸ï¼è½å¤æ ¹æ®åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦çæ°éå/æåºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ç§ç±»çæ°éï¼ç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ãIn a possible design, the access situation at least includes at least one of the first quantity and the second quantity. Wherein, the first quantity is the quantity of implicit identifiers accessed by applications, and the second quantity is the quantity of types of implicit identifiers accessed by applications. That is to say, in the embodiment of the present invention, it can be determined whether an application program has a tendency to maliciously access a covert identifier according to the number of covert identifiers accessed by the application program and/or the number of types of covert identifiers accessed by the application program .
å¨ä¸ç§å¯è½ç设计ä¸ï¼å±äºåä¸ç§ç±»ç两个éæ§æ è¯ç¬¦ä¹é´çç¸å ³æ§å¤§äºä¸¤ä¸ªéæ§æ è¯ç¬¦ä¸æ¯ä¸ªéæ§æ è¯ç¬¦ä¸å ¶ä»ç§ç±»ä¸ä»»æä¸ä¸ªéæ§æ è¯ç¬¦ä¹é´çç¸å ³æ§ã并ä¸ï¼ç¨äºååéæ§æ è¯ç¬¦ç§ç±»çååä¾æ®å æ¬éæ§æ è¯ç¬¦çæ¥æºãçææ¶é´ã使ç¨æ¹å¼ä¸çè³å°ä¸ä¸ªï¼éæ§æ è¯ç¬¦ç§ç±»å æ¬ç¨æ·çé¢UI设置以åç¨æ·ä¹ æ¯ä¸çè³å°ä¸ä¸ªãç±æ¤å¯è§ï¼éæ§æ è¯ç¬¦ç§ç±»çååå¯ä»¥ä¾æ®ç¨æ·ææ¯å·¥ä½äººå对äºå个åæ°å¨çæå使ç¨è¿ç¨ä¸åè½ä¸çå¤å«ï¼å½ç¶ä¹å¯ä»¥åºäºå个åæ°å¯¹äºç»ç«¯å®å ¨æ§çå½±åè¿è¡å¤å«ãè¿æ ·ä¸æ¥ï¼å¨ç»è¿ç§ç±»åååï¼å¯ä»¥æ´ç´è§åæ åºç¨ç¨åºæ¯å¦å±äºæ¶æ访é®ãIn one possible design, the correlation between two implicit identifiers belonging to the same category is greater than the correlation between each implicit identifier of the two implicit identifiers and any one of the other categories. Correlation. Moreover, the basis for classifying the types of implicit identifiers includes at least one of the source, generation time, and usage of the implicit identifiers; the types of implicit identifiers include at least one of user interface UI settings and user habits. It can be seen that the classification of implicit identifier types can be based on the user or staff's functional discrimination of each parameter in the process of generation and use, and of course can also be based on the impact of each parameter on terminal security. In this way, after classification, it can be more intuitive to reflect whether the application belongs to malicious access.
å¨ä¸ç§å¯è½ç设计ä¸ï¼è®¿é®æ åµå æ¬ç¬¬ä¸æ°éï¼åæ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼å¯ä»¥å®ç°ä¸ºï¼å½æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶æ¶ï¼ç¡®å®åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶æ¶ï¼ç¡®å®åºç¨ç¨åºä¸å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ãå ¶ä¸ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°é大äºç¬¬ä¸éå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°éå°äºæçäºç¬¬ä¸éå¼ï¼æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°éä¸ç¬¬ä¸æ»æ°éçæ¯å¼å¤§äºç¬¬äºéå¼ï¼å ¶ä¸ï¼ç¬¬ä¸æ»æ°é为éæ§æ è¯ç¬¦çæ»æ°éï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°éä¸ç¬¬ä¸æ»æ°éçæ¯å¼å°äºæçäºç¬¬äºéå¼ï¼æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°é大äºç¬¬ä¸éå¼ï¼ä»¥å第ä¸æ°éä¸ç¬¬ä¸æ»æ°éçæ¯å¼å¤§äºç¬¬åéå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°éå°äºæçäºç¬¬ä¸éå¼ï¼ä»¥å第ä¸æ°éä¸ç¬¬ä¸æ»æ°éçæ¯å¼å°äºæçäºç¬¬åéå¼ãç±äºè®¿é®æ åµè½å¤ææåæ æä¸åºç¨ç¨åºä¼å¾è·åéæ§æ è¯ç¬¦çæ°éï¼ä¸æ¶æåºç¨ç¨åºè·åéæ§æ è¯ç¬¦çç®çå¨äºï¼éè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åæ¥å¯ä¸ç¡®å®æä¸ç»ç«¯ç身份ï¼å æ¤ï¼å¨æ¬åæå®æ½ä¾ä¸ï¼å¯ä»¥æ ¹æ®ä¸è¿°åç§æ°éåæ°ä¸åèªå¯¹åºçéå¼ä¹é´ç大å°ç®¡çï¼ç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼ä¹å°±æ¯æ ¹æ®ä¸è¿°è®¿é®æ åµæ¥ç¡®å®æ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ãIn a possible design, the access situation includes the first quantity, then according to the access situation, it is determined whether the application program has a trend of malicious access to the hidden identifier, which can be implemented as follows: when one or more malicious access judgment conditions are met, determine The application has a tendency to maliciously access the hidden identifier, and when the malicious access judgment condition is not met, it is determined that the application does not have the tendency to maliciously access the hidden identifier. Wherein, meeting one or more malicious access judgment conditions includes: the first number is greater than the first threshold; not meeting the malicious access judgment condition includes: the first number is less than or equal to the first threshold; or, meeting one or more malicious access judgment conditions Including: the ratio of the first number to the first total number is greater than the second threshold, wherein the first total number is the total number of hidden identifiers; the condition for judging malicious access is not met includes: the ratio of the first number to the first total number less than or equal to the second threshold; or, satisfying one or more malicious access judgment conditions includes: the first number is greater than the third threshold, and the ratio of the first number to the first total number is greater than the fourth threshold; the malicious access judgment condition is not satisfied It includes: the first quantity is less than or equal to the third threshold, and the ratio of the first quantity to the first total quantity is less than or equal to the fourth threshold. Since the access situation can effectively reflect the number of hidden identifiers that an application attempts to obtain, and the purpose of obtaining hidden identifiers by malicious applications is to uniquely determine the identity of a certain terminal through the combination of multiple hidden identifiers, Therefore, in the embodiment of the present invention, it can be determined whether the application program has a tendency to maliciously access the hidden identifier according to the size management between the above-mentioned various quantity parameters and their respective corresponding thresholds, that is, it can be determined according to the above-mentioned access situation whether Tendency to have malicious access to implicit identifiers.
å¨ä¸ç§å¯è½ç设计ä¸ï¼è®¿é®æ åµå æ¬æ¯ä¸ªéæ§æ è¯ç¬¦çæéãé£ä¹ï¼ä¸è¿°æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶ï¼ä»¥åä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶è¿å¯ä»¥å æ¬æ´å¤é项ãæ¯å¦ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸åæ°å¤§äºç¬¬äºéå¼ï¼å ¶ä¸ï¼xiç¨äºè¡¨ç¤ºéæ§æ è¯ç¬¦içæéï¼nç¨äºè¡¨ç¤ºç¬¬ä¸æ°éï¼iãné½ä¸ºå¤§äºæçäº1çæ´æ°ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸åæ°å°äºæçäºç¬¬äºéå¼ï¼æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ¯å¼å¤§äºç¬¬å éå¼ï¼å ¶ä¸ï¼mç¨äºè¡¨ç¤ºç¬¬ä¸æ»æ°éï¼m为大äºæçäº1çæ´æ°ï¼ä¸nå°äºæçäºmï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ¯å¼å°äºæçäºç¬¬å éå¼ï¼æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸åæ°å¤§äºç¬¬ä¸éå¼ï¼ä»¥å第ä¸æ¯å¼å¤§äºç¬¬å «éå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸åæ°å°äºæçäºç¬¬ä¸éå¼ï¼ä»¥å第ä¸æ¯å¼å°äºæçäºç¬¬å «éå¼ãIn one possible design, the access profile includes a weight for each implicit identifier. Then, satisfying one or more malicious access judging conditions and not satisfying the malicious access judging conditions may further include more options. For example, satisfying one or more malicious access judgment conditions includes: the first parameter greater than the fifth threshold, where x i is used to represent the weight of the implicit identifier i, n is used to represent the first number, i and n are both integers greater than or equal to 1; conditions for judging malicious access that do not meet include: the first parameter less than or equal to the fifth threshold; or, meeting one or more malicious access judgment conditions includes: the first ratio Greater than the sixth threshold, where m is used to represent the first total quantity, m is an integer greater than or equal to 1, and n is less than or equal to m; the conditions for judging malicious access include: the first ratio Less than or equal to the sixth threshold; or, meeting one or more malicious access judgment conditions includes: the first parameter greater than the seventh threshold, and the first ratio greater than the eighth threshold; the conditions for judging malicious access are not satisfied include: the first parameter less than or equal to the seventh threshold, and the first ratio less than or equal to the eighth threshold.
å¨ä¸ç§å¯è½ç设计ä¸ï¼è®¿é®æ åµå æ¬ç¬¬äºæ°éï¼åæ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼å¯ä»¥å®ç°ä¸ºï¼å½æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶æ¶ï¼ç¡®å®åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶æ¶ï¼ç¡®å®åºç¨ç¨åºä¸å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ãå ¶ä¸ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°é大äºç¬¬ä¹éå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°éå°äºæçäºç¬¬ä¹éå¼ï¼æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°éä¸ç¬¬äºæ»æ°éçæ¯å¼å¤§äºç¬¬åéå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°éä¸ç¬¬äºæ»æ°éçæ¯å¼å°äºæçäºç¬¬åéå¼ï¼æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°é大äºç¬¬åä¸éå¼ï¼ä»¥å第äºæ°éä¸ç¬¬äºæ»æ°éçæ¯å¼å¤§äºç¬¬åäºéå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°éå°äºæçäºç¬¬åä¸éå¼ï¼ä»¥å第äºæ°éä¸ç¬¬äºæ»æ°éçæ¯å¼å°äºæçäºç¬¬åäºéå¼ãç±äºè®¿é®æ åµè½å¤ææåæ ä¼å¾è·åçéæ§æ è¯ç¬¦æå±ç±»åçæ°éï¼ä¸æ¶æåºç¨ç¨åºè·åéæ§æ è¯ç¬¦çç®çå¨äºï¼éè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åæ¥å¯ä¸ç¡®å®æä¸ç»ç«¯ç身份ï¼å æ¤ï¼å¨æ¬åæå®æ½ä¾ä¸ï¼å¯ä»¥æ ¹æ®ä¸è¿°åç§æ°éåæ°ä¸åèªå¯¹åºçéå¼ä¹é´ç大å°ç®¡çï¼ç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼ä¹å°±æ¯æ ¹æ®ä¸è¿°è®¿é®æ åµæ¥ç¡®å®æ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ãIn a possible design, the access situation includes the second quantity, then according to the access situation, it is determined whether the application program has a trend of malicious access to the hidden identifier, which can be implemented as: when one or more malicious access judgment conditions are met, determine The application has a tendency to maliciously access the hidden identifier, and when the malicious access judgment condition is not met, it is determined that the application does not have the tendency to maliciously access the hidden identifier. Wherein, meeting one or more malicious access judgment conditions includes: the second number is greater than the ninth threshold; not meeting the malicious access judgment condition includes: the second number is less than or equal to the ninth threshold; or, meeting one or more malicious access judgment conditions Including: the ratio of the second number to the second total number is greater than the tenth threshold; not meeting the malicious access judgment condition includes: the ratio of the second number to the second total number is less than or equal to the tenth threshold; or, satisfying one or more malicious accesses The access judgment condition includes: the second number is greater than the eleventh threshold, and the ratio of the second number to the second total number is greater than the twelfth threshold; the malicious access judgment condition does not meet: the second number is less than or equal to the eleventh threshold, And the ratio of the second quantity to the second total quantity is less than or equal to the twelfth threshold. Since the access situation can effectively reflect the number of types of hidden identifiers that are attempted to be obtained, and the purpose of obtaining hidden identifiers by malicious applications is to uniquely determine the identity of a certain terminal through the combination of multiple hidden identifiers, therefore , in the embodiment of the present invention, it can be determined whether the application program has a tendency of maliciously accessing the hidden identifier according to the size management between the above-mentioned various quantity parameters and the respective corresponding thresholds, that is, it is determined according to the above-mentioned access situation whether there is Tendency for malicious access to cryptic identifiers.
å¨ä¸ç§å¯è½ç设计ä¸ï¼è®¿é®æ åµå æ¬æ¯ä¸ªéæ§æ è¯ç¬¦ç§ç±»çæéãé£ä¹ï¼ä¸è¿°æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶ï¼ä»¥åä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶è¿å¯ä»¥å æ¬æ´å¤é项ãæ¯å¦ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºåæ°å¤§äºç¬¬åä¸éå¼ï¼å ¶ä¸ï¼yjç¨äºè¡¨ç¤ºéæ§æ è¯ç¬¦ç§ç±»jçæéï¼qç¨äºè¡¨ç¤ºç¬¬äºæ°éï¼jãqé½ä¸ºå¤§äºæçäº1çæ´æ°ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºåæ°å°äºæçäºç¬¬åä¸éå¼ï¼æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ¯å¼å¤§äºç¬¬ååéå¼ï¼å ¶ä¸ï¼pç¨äºè¡¨ç¤ºç¬¬ä¸æ»æ°éï¼p为大äºæçäº1çæ´æ°ï¼ä¸qå°äºæçäºpï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ¯å¼å°äºæçäºç¬¬ååéå¼ï¼æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºåæ°å¤§äºç¬¬åäºéå¼ï¼ä»¥å第äºæ¯å¼å¤§äºç¬¬åå éå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºåæ°å°äºæçäºç¬¬åäºéå¼ï¼ä»¥å第äºæ¯å¼å°äºæçäºåå éå¼ãIn one possible design, the access profile includes a weight for each implicit identifier category. Then, satisfying one or more malicious access judging conditions and not satisfying the malicious access judging conditions may further include more options. For example, meeting one or more malicious access judgment conditions includes: the second parameter greater than the thirteenth threshold, where y j is used to represent the weight of the type j of the implicit identifier, q is used to represent the second quantity, and j and q are both integers greater than or equal to 1; conditions for judging malicious access that do not meet include: second parameter less than or equal to the thirteenth threshold; or, meeting one or more malicious access judgment conditions includes: the second ratio Greater than the fourteenth threshold, where p is used to represent the first total quantity, p is an integer greater than or equal to 1, and q is less than or equal to p; the conditions for judging malicious access are not satisfied include: the second ratio less than or equal to the fourteenth threshold; or, satisfying one or more malicious access judgment conditions includes: the second parameter greater than the fifteenth threshold, and the second ratio greater than the sixteenth threshold; the conditions for judging malicious access are not met include: the second parameter less than or equal to the fifteenth threshold, and the second ratio Less than or equal to the sixteenth threshold.
å¨ä¸ç§å¯è½ç设计ä¸ï¼å¨æ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ä¹åï¼è¯¥æ¹æ³è¿å æ¬ï¼è®°å½æä½æ令ãé£ä¹ï¼æ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ï¼å¯ä»¥å®ç°ä¸ºï¼å¨æ»¡è¶³æå®æ¡ä»¶åï¼æ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ãå ¶ä¸ï¼æå®æ¡ä»¶è³å°å æ¬æä½æ令çæ°é大äºç¬¬åä¸éå¼åæªè·æä½æ令çæ¶é´è¶ è¿é¢è®¾æ¶é´èå´ä¸çä¸é¡¹ãä¹å°±æå³çï¼å¨æ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦æ¶ï¼è¿å¯ä»¥éè¿ä¸æåå¨æä½æ令ï¼ä¹åç»ä¸è¯¢é®ç¨æ·çæ¹å¼æ¥å®ç°ãè¿æ ·ä¸æ¥ï¼è½å¤å¨æ¶æåºç¨ç¨åºé¢ç¹è¯·æ±è·åéæ§æ è¯ç¬¦æ¶ï¼é¿å å¨ç»ç«¯æ¾ç¤ºçé¢ä¸ä¸æå¼¹åºæ示对è¯æ¡ï¼å½±åç¨æ·æä½ãæ¯å¦ï¼å¨ç¨æ·æ£å¨è¿è¡æ¸¸æ软件ææ¯å ¶ä»ä¸å¯éæ¶ä¸æçåºç¨ç¨åºæ¶ï¼æ¹éåé¦è½å¤å¨ç¡®ä¿ç»ç«¯å®å ¨æ§çæ åµä¸ï¼å°½å¯è½ä¸å½±åç¨æ·å¯¹ç»ç«¯çæä½è¿ç¨ãIn a possible design, before the user is prompted to decide whether to allow the application program to access the implicit identifier, the method further includes: recording an operation instruction. Then, prompting the user to decide whether to allow the application program to access the hidden identifier may be implemented as: prompting the user to decide whether to allow the application program to access the hidden identifier after a specified condition is met. Wherein, the designated condition includes at least one of the number of operating instructions greater than a seventeenth threshold and the time of intercepting the operating instructions exceeding a preset time range. That is to say, when prompting the user to decide whether to allow the application to access the hidden identifier, it can also be realized by continuously storing operation instructions and then uniformly asking the user. In this way, when a malicious application program frequently requests to obtain a hidden identifier, it is possible to avoid continuously popping up prompt dialog boxes on the terminal display interface and affecting user operations. For example, when the user is running game software or other applications that cannot be interrupted at any time, batch feedback can ensure the security of the terminal without affecting the user's operation of the terminal as much as possible.
å¨ä¸ç§å¯è½ç设计ä¸ï¼ä¼ªé ä¿¡æ¯è³å°å æ¬éæºçæçèåéæ§æ è¯ç¬¦æé¢å 设置çèåéæ§æ è¯ç¬¦ä¸çä¸ç§ãç±æ¤å¯è§ï¼éè¿å©ç¨éæ§æ è¯ç¬¦å¨ä½¿ç¨è¿ç¨ä¸çç¹ç¹ï¼å³è·åéæ§æ è¯ç¬¦çä¸æ¹éè¦éè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åæè½å¯ä¸ç¡®å®æä¸ç»ç«¯ç身份ï¼å°é£äºé¢ç¹è·åéæ§æ è¯ç¬¦ãææ¯è·å大ééæ§æ è¯ç¬¦çåºç¨ç¨åºï¼ç¡®å®ä¸ºå ·ææ¶æ访é®éæ§æ è¯ç¬¦è¶å¿çåºç¨ç¨åºï¼ä¹å为äºä¿è¯ç»ç«¯ä½¿ç¨è¿ç¨ä¸çå®å ¨æ§ï¼é¿å 大ééæ§æ è¯ç¬¦çæ³é²ï¼å该åºç¨ç¨åºåé¦é误çéæ§æ è¯ç¬¦ææ¯ç©ºç½ä¿¡æ¯ï¼ä¹å¯ä»¥éè¿æéç¨æ·çæ¹å¼ï¼è®©ç¨æ·èªè¡å¤æåºç¨ç¨åºè·åéæ§æ è¯ç¬¦çè¿ç¨æ¯å¦åå¨å®å ¨éæ£ãè¿æ ·ä¸æ¥ï¼å¯¹äºé¢ç¹ææ¯å¤§éè·åéæ§æ è¯ç¬¦çåºç¨ç¨åºèè¨ï¼å¹¶ä¸ä¸å®è½å¤æå访é®ç»ç«¯çå®çéæ§æ è¯ç¬¦ï¼ä»è解å³å ä»»ä½åºç¨ç¨åºé½è½å¤æå访é®éæ§æ è¯ç¬¦ï¼è导è´å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸åå¨å®å ¨éæ£çé®é¢ãIn a possible design, the fake information includes at least one of randomly generated false hidden identifiers or preset false hidden identifiers. It can be seen that by utilizing the characteristics of hidden identifiers in the use process, that is, the party who acquires hidden identifiers needs to combine multiple hidden identifiers to uniquely determine the identity of a certain terminal, and those who frequently obtain hidden identifiers Identifiers, or applications that obtain a large number of hidden identifiers, are determined to be applications with a tendency to maliciously access hidden identifiers. In order to ensure the security of the terminal during use and avoid the leakage of a large number of hidden identifiers, the The app feeds back wrong hidden identifiers or blank information, and can also remind the user to let the user judge whether there is a security risk in the process of the app obtaining the hidden identifier. In this way, for applications that obtain hidden identifiers frequently or in large quantities, they may not be able to successfully access the real hidden identifiers of the terminal, so as to solve the problem that any application can successfully access hidden identifiers and It leads to the problem of potential safety hazards in the process of using the terminal.
å¨ä¸ç§å¯è½ç设计ä¸ï¼éæ§æ è¯ç¬¦å æ¬æªè¢«è®¾ç½®è®¿é®æéçæ è¯ç¬¦ï¼ä»¥å被设置äºè®¿é®æéãä½å¨åºç¨ç¨åºè¿è¡èº«ä»½è®¤è¯çè¿ç¨ä¸æ ééç¥ç»ç«¯åç°ç»ç¨æ·çæ è¯ç¬¦ä¸çè³å°ä¸ç§ãå¨æ¬åæå®æ½ä¾ä¸ï¼åºç¨ç¨åºå¯ä»¥éè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åï¼åºåä¸åç¨æ·ãä¹å°±æå³çï¼åºç¨ç¨åºé¤äºå¯ä»¥éè¿æ¾æ§æ è¯ç¬¦åºåä¸åç¨æ·ï¼è¿å¯ä»¥æ ¹æ®å¤ä¸ªéæ§æ è¯ç¬¦çç»ååºåä¸åç¨æ·ãè¿æ ·ä¸æ¥ï¼æ 论æ¯ç¹å®åºç¨ç¨åºè¿æ¯æ¶æåºç¨ç¨åºï¼é½è½å¤æåè·åç»ç«¯çéæ§æ è¯ç¬¦ï¼ä¹åéè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åï¼åºåä¸åç¨æ·ã对äºæ¶æåºç¨ç¨åºèè¨ï¼è¯¥æ¶æåºç¨ç¨åºè½å¤äºè§£å个ç»ç«¯çä¿¡æ¯ï¼å¹¶è·è¸ªç¨æ·è¡ä¸ºï¼ä»èå¨æªç»ç¨æ·åæçæ åµä¸ï¼è¿åº¦æ¶éç¨æ·è¡ä¸ºæ°æ®ï¼å¢å ç¨æ·å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸çå®å ¨éæ£ãç¶èï¼å¨æ¬åæå®æ½ä¾ä¸ï¼éç¨ä¸è¿°åç§å¯è½ç设计æ¹æ¡åï¼å¯ä»¥éå¶æ¶æåºç¨ç¨åºè®¿é®é¨åææ¯å ¨é¨éæ§æ è¯ç¬¦ï¼ä»è解å³å ä»»ä½åºç¨ç¨åºé½è½å¤æå访é®éæ§æ è¯ç¬¦ï¼è导è´å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸åå¨å®å ¨éæ£çé®é¢ãIn a possible design, implicit identifiers include identifiers for which access rights are not set, and identifiers for which access rights are set but do not need to be notified to the terminal to be presented to the user during the identity authentication process of the application program. at least one. In the embodiment of the present invention, the application program can distinguish different users through the combination of multiple implicit identifiers. That is to say, in addition to distinguishing different users through explicit identifiers, the application can also distinguish different users based on the combination of multiple implicit identifiers. In this way, whether it is a specific application or a malicious application, it can successfully obtain the hidden identifier of the terminal, and then distinguish different users through the combination of multiple hidden identifiers. For a malicious application, the malicious application can understand the information of each terminal and track user behavior, thereby excessively collecting user behavior data without the user's consent, increasing the security risk of the user in the process of using the terminal. However, in the embodiment of the present invention, after adopting the above-mentioned various possible design schemes, it is possible to restrict malicious applications from accessing part or all of the hidden identifiers, so as to solve the problem that any application can successfully access the hidden identifiers. It leads to the problem of potential safety hazards in the process of using the terminal.
å¨ä¸ç§å¯è½ç设计ä¸ï¼éæ§æ è¯ç¬¦å ·ä½å¯ä»¥ä¸ºç»ç«¯å ç½®è¯ççåå·ãç»ç«¯å±å¹çå辨çãè¿è¡å¨ç»ç«¯ä¸æä½ç³»ç»OSççæ¬ãç»ç«¯æå¤çæ¶åºãç»ç«¯æ¯æçåä½å¤§å°ãç»ç«¯ä¸å·²å®è£ åºç¨ç¨åºappç§ç±»ãç»ç«¯å½å使ç¨çæ示é声ãç»ç«¯çåå¨ç©ºé´ãç»ç«¯çèçæ è¯ãç»ç«¯æ¥å ¥æ 线å±åç½WLANçæ è¯çä¸éè¦åç¥ç¨æ·å³å¯è·åçåæ°ãIn a possible design, the implicit identifier can specifically be the model of the built-in chip of the terminal, the resolution of the terminal screen, the version of the operating system OS running on the terminal, the time zone where the terminal is located, the font size supported by the terminal, the Parameters that can be obtained without notifying the user, such as the type of application program installed on the device, the prompt ringtone currently used by the terminal, the storage space of the terminal, the Bluetooth identification of the terminal, and the identification of the terminal accessing the wireless local area network WLAN.
å¨ä¸ç§å¯è½ç设计ä¸ï¼è¥éè¦è®¾ç½®æ¯ä¸ªéæ§æ è¯ç¬¦çæéï¼é£ä¹ææéæ§æ è¯ç¬¦çæéä¹åä¸è¬è®¾ç½®ä¸º1ï¼åçï¼è¥éè¦è®¾ç½®æ¯ä¸ªéæ§æ è¯ç¬¦ç§ç±»çæéï¼é£ä¹ææç§ç±»çæéä¹åä¸è¬è®¾ç½®ä¸º1ãå¨å®é 设置æéçè¿ç¨ä¸ï¼å¯ä»¥å°æ¶æåºç¨ç¨åºé¢ç¹è·åçä¸ä¸ªææ¯å¤ä¸ªéæ§æ è¯ç¬¦ï¼ä»¥åä¸ä¸ªææ¯å¤ä¸ªç§ç±»çéæ§æ è¯ç¬¦çæé设置为è¾é«çæ°å¼ï¼åçï¼å¯¹äºæ¶æåºç¨ç¨åºè·åé¢æ¬¡è¾ä½çéæ§æ è¯ç¬¦ï¼ä»¥åé£ä¸ç§ç±»çéæ§æ è¯ç¬¦ï¼å¯ä»¥å°æé设置为è¾ä½çæ°å¼ï¼çè³æ¥è¿äº0ãç±æ¤å¯è§ï¼ä¸è¿°æ示çå ç§ç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿çå®ç°æ¹å¼ï¼ä¸ä» å¯ä»¥èèå°ç¨æ·ææ¯å·¥ä½äººå对äºç»ç«¯ä½¿ç¨å®å ¨æ§çéæ±ï¼è¿è½èèå°å个éæ§æ è¯ç¬¦ææ¯å½å±äºåä¸ç§ç±»çéæ§æ è¯ç¬¦çéè¦æ§ãå ¶ä¸ï¼è¿éçéè¦æ§ä¸»è¦æ¯ææ¶æåºç¨ç¨åºå¯¹äºè¿ç±»éæ§æ è¯ç¬¦çéæ±è¾é«ï¼å³è·åè¿ç±»éæ§æ è¯ç¬¦ç次æ°è¾å¤ãè¿æ ·ä¸æ¥ï¼å°±è½å¤ä¾¿äºç¨æ·ææ¯å·¥ä½äººåæ§å¶æä¾ç»å个åºç¨ç¨åºè·åéæ§æ è¯ç¬¦çæ°éï¼å¹¶å¨æ»¡è¶³ç¨æ·ææ¯å·¥ä½äººåéæ±çæ åµä¸ï¼å°½å¯è½é¿å æ¶æåºç¨ç¨åºè·å足å¤çéæ§æ è¯ç¬¦ãIn a possible design, if it is necessary to set the weight of each implicit identifier, the sum of the weights of all implicit identifiers is generally set to 1. Similarly, if it is necessary to set the weight of each implicit identifier type , then the sum of all types of weights is generally set to 1. In the process of actually setting the weight, the weight of one or more hidden identifiers frequently obtained by malicious applications and one or more types of hidden identifiers can be set to a higher value. Similarly, For the hidden identifiers obtained by malicious applications with low frequency, and the hidden identifiers of that type, the weight can be set to a lower value, even close to 0. It can be seen that the implementation methods for determining whether an application program has a tendency to maliciously access hidden identifiers shown above can not only consider the needs of users or staff for terminal use security, but also consider the individual hidden identifiers. The importance of gender identifiers or implicit identifiers belonging to the same category. Wherein, the importance here mainly refers to that malicious applications have higher requirements for such hidden identifiers, that is, the frequency of obtaining such hidden identifiers is relatively large. In this way, it is easy for users or staff to control the number of hidden identifiers provided to each application, and to avoid malicious applications from obtaining enough hidden identifiers while meeting the needs of users or staff. identifier.
第äºæ¹é¢ï¼æ¬åæå®æ½ä¾æä¾ä¸ç§éæ§æ è¯ç¬¦çè·åè£ ç½®ãè¯¥è£ ç½®å¯ä»¥å®ç°ä¸è¿°æ¹æ³å®æ½ä¾ä¸æå®ç°çåè½ï¼æè¿°åè½å¯ä»¥éè¿ç¡¬ä»¶å®ç°ï¼ä¹å¯ä»¥éè¿ç¡¬ä»¶æ§è¡ç¸åºç软件å®ç°ãæ述硬件æ软件å æ¬ä¸ä¸ªæå¤ä¸ªä¸è¿°åè½ç¸åºç模åãIn a second aspect, an embodiment of the present invention provides a device for obtaining a hidden identifier. The device can implement the functions implemented in the foregoing method embodiments, and the functions can be implemented by hardware, or by executing corresponding software on the hardware. The hardware or software includes one or more modules with corresponding functions above.
第ä¸æ¹é¢ï¼æ¬åæå®æ½ä¾æä¾ä¸ç§è®¡ç®æºè®¾å¤ï¼è¯¥è®¡ç®æºè®¾å¤å æ¬åå¨å¨ãå¤çå¨åå¨åå¨å¨ä¸å¹¶å¯å¨å¤çå¨ä¸è¿è¡ç计ç®æºç¨åºï¼è¯¥å¤çå¨å¨æ§è¡ç¨åºæ¶å¯ä»¥å®ç°ä¸è¿°ç¬¬ä¸æ¹é¢ä¸ææ¶åçæ¹æ³æ¥éª¤ãIn a third aspect, an embodiment of the present invention provides a computer device, the computer device includes a memory, a processor, and a computer program on the memory that can run on the processor, and the processor can implement the above first aspect when executing the program The method steps involved in.
第åæ¹é¢ï¼æ¬åæå®æ½ä¾æä¾ä¸ç§è®¡ç®æºåå¨ä»è´¨ï¼ç¨äºå¨å为å®ç°ä¸è¿°åè½æç¨ç计ç®æºè½¯ä»¶æ令ï¼å ¶å å«ç¨äºæ§è¡ä¸è¿°æ¹é¢æ设计çç¨åºãIn a fourth aspect, an embodiment of the present invention provides a computer storage medium for storing computer software instructions for realizing the above functions, including the program designed for executing the above aspects.
éå¾è¯´æDescription of drawings
å¾1为æ¬åæå®æ½ä¾æä¾çä¸ç§å ·ä½åºç¨åºæ¯ç¤ºæå¾ï¼FIG. 1 is a schematic diagram of a specific application scenario provided by an embodiment of the present invention;
å¾2为æ¬åæå®æ½ä¾æä¾çä¸ç§éæ§æ è¯ç¬¦çè·åæ¹æ³æµç¨å¾ï¼FIG. 2 is a flowchart of a method for obtaining a hidden identifier provided by an embodiment of the present invention;
å¾3ãå¾4为æ¬åæå®æ½ä¾æä¾çå¦ä¸ç§éæ§æ è¯ç¬¦çè·åæ¹æ³æµç¨å¾ï¼Fig. 3 and Fig. 4 are flowcharts of another method for acquiring a hidden identifier provided by an embodiment of the present invention;
å¾5为æ¬åæå®æ½ä¾æä¾çä¸ç§éæ§æ è¯ç¬¦çè·åè£ ç½®çç»æ示æå¾ï¼FIG. 5 is a schematic structural diagram of a device for acquiring a hidden identifier provided by an embodiment of the present invention;
å¾6为æ¬åæå®æ½ä¾æä¾çå¦ä¸ç§éæ§æ è¯ç¬¦çè·åè£ ç½®çç»æ示æå¾ãFig. 6 is a schematic structural diagram of another device for acquiring a hidden identifier provided by an embodiment of the present invention.
å ·ä½å®æ½æ¹å¼Detailed ways
ä¸é¢å°ç»åæ¬åæå®æ½ä¾ä¸çéå¾ï¼å¯¹æ¬åæå®æ½ä¾ä¸çææ¯æ¹æ¡è¿è¡æè¿°ãæ¬æææ¶åçææ¯æ¯è¯çä¸è±æå¯¹ç §åè§è¡¨ä¸å 容ãThe technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention. For the Chinese-English comparison of the technical terms involved in this article, please refer to Table 1.
表ä¸Table I
æ¬åæå®æ½ä¾å¯ä»¥ç¨äºä¸ç§éä¿¡ç½ç»ç³»ç»ï¼å¨è¯¥éä¿¡ç½ç»ç³»ç»ä¸ï¼è³å°å æ¬ç»ç«¯åæ¶ææå¡å¨ãå ¶ä¸ï¼æ¶ææå¡å¨è¡¨ç¤ºé£äºä¼å¾éè¿æ¶æåºç¨ç¨åºï¼ä»ç¨æ·ä½¿ç¨çç»ç«¯ä¸è·åéå½¢æ è¯ç¬¦ç设å¤ï¼å¨ç»ç«¯ä¸é常è¿è¡çè³å°ä¸ä¸ªåºç¨ç¨åºï¼ä¾ç¨æ·ä½¿ç¨ï¼å¨æ¬åæå®æ½ä¾ä¸ï¼ç»ç«¯å ·ä½å¯ä»¥ä¸ºæºè½ææºãçµèçå ·ææä¾éæ§æ è¯ç¬¦ç设å¤ãå ¶ä¸ï¼éæ§æ è¯ç¬¦å æ¬æªè¢«è®¾ç½®è®¿é®æéçæ è¯ç¬¦ï¼ä»¥å被设置äºè®¿é®æéãä½å¨åºç¨ç¨åºè¿è¡èº«ä»½è®¤è¯çè¿ç¨ä¸æ ééç¥ç»ç«¯åç°ç»ç¨æ·çæ è¯ç¬¦ä¸çè³å°ä¸ç§ãThe embodiment of the present invention can be used in a communication network system, in which at least a terminal and a malicious server are included. Among them, the malicious server refers to those devices that attempt to obtain invisible identifiers from the terminal used by the user through a malicious application program; at least one application program is usually running on the terminal for the user to use. In the embodiment of the present invention, the terminal can specifically Devices that provide implicit identifiers for smartphones, computers, etc. Wherein, the implicit identifier includes at least one of identifiers with no access rights set, and at least one of identifiers with access rights set but not required to be notified to the terminal to be presented to the user during the identity authentication process of the application program.
åºç¨ç¨åºå¯ä»¥éè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åï¼åºåä¸åç¨æ·ãä¹å°±æå³çï¼åºç¨ç¨åºé¤äºå¯ä»¥éè¿æ¾æ§æ è¯ç¬¦åºåä¸åç¨æ·ï¼è¿å¯ä»¥æ ¹æ®å¤ä¸ªéæ§æ è¯ç¬¦çç»ååºåä¸åç¨æ·ãè¿æ ·ä¸æ¥ï¼æ 论æ¯ç¹å®åºç¨ç¨åºè¿æ¯æ¶æåºç¨ç¨åºï¼é½è½å¤æåè·åç»ç«¯çéæ§æ è¯ç¬¦ï¼ä¹åéè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åï¼åºåä¸åç¨æ·ã对äºæ¶æåºç¨ç¨åºèè¨ï¼è¯¥æ¶æåºç¨ç¨åºè½å¤äºè§£å个ç»ç«¯çä¿¡æ¯ï¼å¹¶è·è¸ªç¨æ·è¡ä¸ºï¼ä»èå¨æªç»ç¨æ·åæçæ åµä¸ï¼è¿åº¦æ¶éç¨æ·è¡ä¸ºæ°æ®ï¼å¢å ç¨æ·å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸çå®å ¨éæ£ãApplications can distinguish different users through the combination of multiple implicit identifiers. That is to say, in addition to distinguishing different users through explicit identifiers, the application can also distinguish different users based on the combination of multiple implicit identifiers. In this way, whether it is a specific application or a malicious application, it can successfully obtain the hidden identifier of the terminal, and then distinguish different users through the combination of multiple hidden identifiers. For a malicious application, the malicious application can understand the information of each terminal and track user behavior, thereby excessively collecting user behavior data without the user's consent, increasing the security risk of the user in the process of using the terminal.
å¨æ¬åæå®æ½ä¾ä¸ï¼éç¨åææåºçææ¯æ¹æ¡åï¼å¯ä»¥éå¶æ¶æåºç¨ç¨åºè®¿é®é¨åææ¯å ¨é¨éæ§æ è¯ç¬¦ï¼ä»è解å³å ä»»ä½åºç¨ç¨åºé½è½å¤æå访é®éæ§æ è¯ç¬¦ï¼è导è´å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸åå¨å®å ¨éæ£çé®é¢ãIn the embodiment of the present invention, after adopting the technical solution proposed later, it is possible to restrict malicious applications from accessing part or all of the hidden identifiers, thereby solving the problem that any application can successfully access the hidden There are potential safety hazards during use.
å¦å¾1æ示çåºç¨åºæ¯ä¸ï¼è³å°ç±ç¨æ·åä¸ç§å¯è½çéä¿¡ç½ç»ç³»ç»ç»æãå¨è¯¥åºç¨åºæ¯ä¸ï¼æ¶ææå¡å¨ä¸ç»ç«¯ä¹é´å¯ä»¥è¿è¡æ°æ®äº¤äºï¼è¯¥æ¶ææå¡å¨è¯å¾éè¿åºç¨ç¨åº1è³nä¸çè³å°ä¸ä¸ªæ¶æåºç¨ç¨åºï¼ä»ç»ç«¯çç³»ç»èµæºä¸è·åéæ§æ è¯ç¬¦ãå ¶ä¸ï¼n为大äºæçäº1çæ´æ°ï¼å®é åå¼å¤§å°ä¸»è¦åå³äºç»ç«¯ä¸å®è£ çåºç¨ç¨åºçæ°éï¼ææ¯ç»ç«¯å½åæ£å¨è¿è¡çåºç¨ç¨åºçæ°éãIn the application scenario shown in FIG. 1 , it consists of at least a user and a possible communication network system. In this application scenario, data interaction may be performed between the malicious server and the terminal, and the malicious server tries to obtain a hidden identifier from the system resources of the terminal through at least one malicious application program in the application programs 1 to n. Wherein, n is an integer greater than or equal to 1, and the actual value mainly depends on the number of application programs installed on the terminal, or the number of application programs currently running on the terminal.
æ 论æ¯æ¶ææå¡å¨åå©æ¶æåºç¨ç¨åºï¼è¯å¾è·åéæ§æ è¯ç¬¦ï¼ææ¯å¨ç¨æ·æ£å¸¸ä½¿ç¨æä¸åºç¨ç¨åºæ¶ï¼è¯¸å¦èæ¯ææ¯ä¸æè¿°çç¹å®åºç¨ç¨åº(å³åºç¨ç¨åº1è³nä¸çè³å°ä¸ä¸ªåºç¨ç¨åº)è¯å¾è·è¸ªç¨æ·çæä½ï¼æ¶æåºç¨ç¨åºåç¹å®åºç¨ç¨åºé½éè¦å¨æä½ç³»ç»ç管çæºå¶ä¸ï¼ç±è®¿é®çæ§å¨(ä¹å¯ä»¥ç§°ä½éæ§æ è¯ç¬¦è®¿é®çæ§å¨)æªè·æ¶æåºç¨ç¨åºåç¹å®åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦çæä½æ令ãWhether it is a malicious server trying to obtain a hidden identifier with the help of a malicious application, or when a user uses a certain application normally, such as the specific application described in the background technology (that is, at least one of the applications 1 to n ) trying to track user operations, both malicious applications and specific applications need to be intercepted by access monitors (also called hidden identifier access monitors) under the management mechanism of the operating system. Instructions for manipulating implicit identifiers.
éè¦è¯´æçæ¯ï¼è®¿é®çæ§å¨è½ç¶ä¸ç¡®å®åªä¸ªææ¯åªäºåºç¨ç¨åºå±äºæ¶æåºç¨ç¨åºï¼ä½è®¿é®çæ§å¨å¯ä»¥äºè§£æ¯ä¸ªåºç¨ç¨åºç访é®æ åµï¼å³å¨ä¸ä¸ªåºç¨ç¨åºå¯å¨åï¼è®¿é®çæ§å¨å¯ä»¥ææ¡è¯¥åºç¨ç¨åºææè¯å¾è®¿é®éæ§æ è¯ç¬¦çå¨æã访é®çæ§å¨è½å¤æ ¹æ®å个åºç¨ç¨åºç访é®æ åµï¼åºååªä¸ªææ¯åªäºåºç¨ç¨åºæå¯è½å±äºæ¶æåºç¨ç¨åºï¼ä»¥ååªä¸ªææ¯åªäºåºç¨ç¨åºå±äºæ®éåºç¨ç¨åºãå ¶ä¸ï¼æ®éåºç¨ç¨åºä¸å æ¬ç¹å®åºç¨ç¨åºï¼æ®éåºç¨ç¨åºæ¯æç¨æ·å¨ç»ç«¯ä¸è¿è¡åºç¨ç¨åºæ¶ï¼è¯¥åºç¨ç¨åºä¸ºäºæ¹ä¾¿ç¨æ·æä½ï¼ææ¯ä¸ºäºåå°ç¨æ·çå¾ æ¶é´è读åç¨æ·åºç¡æ°æ®ççåºç¨ç¨åºï¼å³ä¸éè¦å°è®¿é®å°çéæ§æ è¯ç¬¦åé¦ç»æ¶ææå¡å¨çåºç¨ç¨åºãIt should be noted that although the access monitor does not determine which or which applications are malicious applications, the access monitor can understand the access situation of each application, that is, after an application is started, the access monitor can grasp the All attempts by the application to access implicit identifiers. The access monitor can distinguish which application program or applications may belong to a malicious application program and which application program or applications belong to a normal application program according to the access status of each application program. Among them, common applications include specific applications, and normal applications refer to applications that read user basic data for the convenience of user operations or to reduce user waiting time when users run applications on the terminal. , that is, applications that do not need to feed back accessed implicit identifiers to malicious servers.
ä¹åï¼è¢«è®¿é®çæ§å¨ç¡®å®ä¸ºæ®éåºç¨ç¨åºçåºç¨ç¨åºï¼è½å¤ç´æ¥è®¿é®ç³»ç»èµæºä¸çéæ§æ è¯ç¬¦ï¼è被访é®çæ§å¨ç¡®å®ä¸ºå¯è½ä¸ºæ¶æåºç¨ç¨åºçåºç¨ç¨åºï¼åä¼è·åå°è½¬æ¢å¨(ä¹å¯ä»¥ç§°ä½éæ§æ è¯ç¬¦è½¬æ¢å¨)æä¾ç伪é ä¿¡æ¯æ空ç½ä¿¡æ¯ãå ¶ä¸ï¼è½¬æ¢å¨è½å¤ä¸è®¿é®çæ§å¨ä¹é´è¿è¡æ°æ®äº¤äºï¼è½¬æ¢å¨å¯ä»¥å°ä¼ªé ä¿¡æ¯æ空ç½ä¿¡æ¯åé¦ç»è®¿é®çæ§å¨ï¼ä»¥ä¾¿äºè®¿é®çæ§å¨å°å¾å°çä¿¡æ¯åé¦ç»å¯è½å±äºæ¶æåºç¨ç¨åºçåºç¨ç¨åºãAfterwards, the application program determined by the access monitor as a common application program can directly access the hidden identifier in the system resource; and the application program determined by the access monitor as a possibly malicious application program will obtain the converter ( Can also be referred to as fake or blank information provided by the Identifier Converter). Wherein, the converter can perform data interaction with the access monitor, and the converter can feed back fake information or blank information to the access monitor, so that the access monitor can feed back the obtained information to applications that may belong to malicious applications.
å¦å¤ï¼éè¦è¯´æçæ¯ï¼éæ§æ è¯ç¬¦å ·ä½å¯ä»¥ä¸ºç»ç«¯å ç½®è¯ççåå·ãç»ç«¯å±å¹çå辨çãè¿è¡å¨ç»ç«¯ä¸OSççæ¬ãç»ç«¯æå¤çæ¶åºãç»ç«¯æ¯æçåä½å¤§å°ãç»ç«¯ä¸å·²å®è£ appç§ç±»ãç»ç«¯å½å使ç¨çæ示é声ãç»ç«¯çåå¨ç©ºé´ãç»ç«¯çèçæ è¯ãç»ç«¯æ¥å ¥WLANçæ è¯çä¸éè¦åç¥ç¨æ·å³å¯è·åçåæ°ãIn addition, it should be noted that the implicit identifier can specifically be the model of the built-in chip of the terminal, the resolution of the terminal screen, the version of the OS running on the terminal, the time zone where the terminal is located, the font size supported by the terminal, and the font size installed on the terminal. Parameters that can be obtained without notifying the user, such as the app type, the prompt ringtone currently used by the terminal, the storage space of the terminal, the Bluetooth identification of the terminal, and the identification of the terminal accessing WLAN.
æ¬åæå®æ½ä¾æä¾ä¸ç§éæ§æ è¯ç¬¦çè·åæ¹æ³ï¼å¦å¾2æ示ï¼è¯¥æ¹æ³å¯ä»¥ç±å¦å¾1æ示ç»ç«¯æ§è¡ï¼è¯¥æ¹æ³å ·ä½å æ¬ï¼An embodiment of the present invention provides a method for obtaining a hidden identifier. As shown in FIG. 2, the method can be executed by the terminal shown in FIG. 1, and the method specifically includes:
æ¥éª¤101ãæªè·åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦çæä½æ令ãStep 101, intercepting an operation instruction for an application program to access a hidden identifier.
å¨åºç¨ç¨åºçè¿è¡è¿ç¨ä¸ï¼è¥è¯¥åºç¨ç¨åºè¯å¾ä»å¦å¾1æ示çç³»ç»èµæºä¸è·åéæ§æ è¯ç¬¦ï¼å该åºç¨ç¨åºä¼çææä½æ令ï¼èç»ç«¯ç访é®çæ§å¨å¯ä»¥å¨è¯¥æä½æ令çä¼ è¾è¿ç¨ä¸ï¼å°è¯¥æä½æ令æªè·ãéè¦è¯´æçæ¯ï¼è¯¥æä½æ令ä¸è³å°æºå¸¦æåºç¨ç¨åºè¯å¾è·åçéæ§æ è¯ç¬¦çç±»åãå/æéæ§æ è¯ç¬¦çå 容ãDuring the running of the application program, if the application program attempts to obtain the implicit identifier from the system resources shown in Figure 1, the application program will generate an operation instruction, and the access monitor of the terminal can During transmission, the operation instruction is intercepted. It should be noted that the operation instruction at least carries the type of the implicit identifier that the application program tries to obtain and/or the content of the implicit identifier.
æ¥éª¤102ãæ ¹æ®æä½æ令ï¼ç¡®å®å¨åºç¨ç¨åºå¯å¨åï¼åºç¨ç¨åºç访é®æ åµãStep 102, according to the operation instruction, determine the access status of the application program after the application program is started.
å ¶ä¸ï¼è®¿é®æ åµè³å°å æ¬ç¬¬ä¸æ°é以å第äºæ°éä¸çè³å°ä¸ä¸ªï¼ç¬¬ä¸æ°é为åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦çæ°éï¼ç¬¬äºæ°é为åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ç§ç±»çæ°éãå¨æ¬åæå®æ½ä¾ä¸ï¼ç¡®å®åºç¨ç¨åºç访é®æ åµï¼ä¸»è¦æ¯ä¾æ®æä½æ令ä¸æºå¸¦çä¿¡æ¯æ¥ç¡®å®çï¼æ¯å¦ï¼è¥æä½æ令æºå¸¦æéæ§æ è¯ç¬¦çå 容ï¼å访é®æ åµå¯ä»¥å æ¬ç¬¬ä¸æ°éï¼åçï¼è¥æä½æ令æºå¸¦æéæ§æ è¯ç¬¦çç±»åï¼å访é®æ åµå¯ä»¥å æ¬ç¬¬äºæ°éãéè¦è¯´æçæ¯ï¼å ·ä½ç¡®å®è®¿é®æ åµçæ¹å¼ä¼å¨åæï¼é对æä½æ令ä¸æºå¸¦å 容çä¸åèåå«æåºç¸åºçå®ç°æ¹æ¡ï¼å¨æ¤ä¸åèµè¿°ãWherein, the access situation includes at least one of a first quantity and a second quantity, the first quantity is the quantity of implicit identifiers accessed by applications, and the second quantity is the quantity of types of implicit identifiers accessed by applications. In the embodiment of the present invention, the determination of the access status of the application program is mainly determined based on the information carried in the operation instruction. For example, if the operation instruction carries the content of the implicit identifier, the access status may include the first number, Similarly, if the operation instruction carries a type of implicit identifier, the access condition may include the second quantity. It should be noted that the method of specifically determining the access status will be described later, and corresponding implementation solutions will be proposed for different contents carried in the operation instructions, which will not be repeated here.
å¦å¤ï¼å±äºåä¸ç§ç±»ç两个éæ§æ è¯ç¬¦ä¹é´çç¸å ³æ§å¤§äºä¸¤ä¸ªéæ§æ è¯ç¬¦ä¸æ¯ä¸ªéæ§æ è¯ç¬¦ä¸å ¶ä»ç§ç±»ä¸ä»»æä¸ä¸ªéæ§æ è¯ç¬¦ä¹é´çç¸å ³æ§ï¼ç¨äºååéæ§æ è¯ç¬¦ç§ç±»çååä¾æ®å æ¬éæ§æ è¯ç¬¦çæ¥æºãçææ¶é´ã使ç¨æ¹å¼ä¸çè³å°ä¸ä¸ªï¼éæ§æ è¯ç¬¦ç§ç±»å æ¬UI设置以åç¨æ·ä¹ æ¯ä¸çè³å°ä¸ä¸ªãå ¶ä¸ï¼ç¸å ³æ§ç¨äºè¡¨ç¤ºè³å°ä¸¤ä¸ªéæ§æ è¯ç¬¦ä¹é´çå ³èå ³ç³»ï¼æ¯å¦ï¼ç¸å ³æ§è¾é«çè³å°ä¸¤ä¸ªéæ§æ è¯ç¬¦çå ±æ§ç¸å¯¹è¾é«ï¼åä¹ï¼ç¸å ³æ§è¾ä½çè³å°ä¸¤ä¸ªéæ§æ è¯ç¬¦çå ±æ§ç¸å¯¹è¾ä½ãæ¯å¦ï¼éç¨éæ§æ è¯ç¬¦ççææ¶é´å¯¹éæ§æ è¯ç¬¦çç§ç±»è¿è¡ååï¼é£ä¹çææ¶é´ç¹ç¸è¿çå¤ä¸ªéæ§æ è¯ç¬¦è½å¤è¢«åå为åä¸ç±»å«ãå ¶ä¸ï¼çææ¶é´ç¹æ¯å¦ç¸è¿å¯ä»¥ç±ç¨æ·ææ¯å·¥ä½äººåé¢å 设置ç¸åºçè§åè¿è¡å¤æï¼æ¯å¦ï¼è¥ä¸¤ä¸ªéæ§æ è¯ç¬¦çæçæ¶é´é´éå°äºé¢è®¾çæ¶é¿ï¼å认为è¿ä¸¤ä¸ªéæ§æ è¯ç¬¦ççææ¶é´ç¹ç¸è¿ãå¨æ¬åæå®æ½ä¾ä¸ï¼ä¸è¿°å å®¹ä» ä½ä¸ºä¸ç§å¯è½ç示ä¾ï¼å¹¶ä¸ä½ä¸ºä¸è¿°å个åè¯ææ¯åæ°çéå®ãIn addition, the correlation between two implicit identifiers belonging to the same category is greater than the correlation between each implicit identifier of the two implicit identifiers and any one of the other categories; used to divide The basis for classifying the types of implicit identifiers includes at least one of the source, generation time, and usage of the implicit identifiers, and the types of implicit identifiers include at least one of UI settings and user habits. Among them, the correlation is used to indicate the association relationship between at least two implicit identifiers, for example, the commonality of at least two implicit identifiers with high correlation is relatively high, and on the contrary, at least two implicit identifiers with low correlation Implicit identifiers have relatively low commonality. For example, if the generation time of the implicit identifier is used to classify the types of the implicit identifier, then multiple implicit identifiers with similar generation time points can be classified into the same category. Among them, whether the generation time points are similar can be judged by the corresponding rules preset by the user or the staff. For example, if the time interval between the generation of two implicit identifiers is less than the preset duration, the two implicit identifiers are considered The generation time point is close. In the embodiment of the present invention, the foregoing content is only used as a possible example, and is not intended as a limitation of the foregoing terms or parameters.
éè¦è¯´æçæ¯ï¼éæ§æ è¯ç¬¦ç§ç±»å¯ä»¥ç±ç¨æ·ææ¯å·¥ä½äººåé¢å ååï¼æ¯å¦ï¼ç»ç«¯å±å¹çå辨çåç»ç«¯æ¯æçåä½å¤§å°ï¼å±äºâUI设置âç±»ï¼ç»ç«¯å½å使ç¨çæ示é声åç»ç«¯æå¤çæ¶åºï¼å±äºâç¨æ·ä¹ æ¯âç±»ãå¦å¤ï¼æ¯ä¸ªéæ§æ è¯ç¬¦å¯ä»¥å½å±äºè³å°ä¸ä¸ªéæ§æ è¯ç¬¦ç§ç±»ï¼ä¸ä¸ä¸ªéæ§æ è¯ç¬¦ç§ç±»ä¸å æ¬è³å°ä¸ä¸ªéæ§æ è¯ç¬¦ï¼å¯¹äºéæ§æ è¯ç¬¦ç§ç±»çååï¼å¯ä»¥æ ¹æ®éæ§æ è¯ç¬¦çæ¥æºãçææ¶é´ã使ç¨æ¹å¼çè¿è¡ååï¼å ¶ç®ç主è¦å¨äºï¼å°å ·æç¸å ³æ§ææ¯ç¸å ³æ§è¾é«çå¤ä¸ªéæ§æ è¯ç¬¦ååè³åä¸ç±»å«ï¼å ·ä½çååä¾æ®å¨æ¤ä¸åéå®ãIt should be noted that the types of implicit identifiers can be pre-divided by users or staff, for example, the resolution of the terminal screen and the font size supported by the terminal belong to the category of "UI settings", the prompt ringtone currently used by the terminal and the font size supported by the terminal. The time zone at , which belongs to the category of "user habits". In addition, each implicit identifier can belong to at least one implicit identifier category, and one implicit identifier category includes at least one implicit identifier; for the division of implicit identifier categories, it can be based on the implicit identifier The source, generation time, usage method, etc. of the identifiers are classified mainly for the purpose of classifying multiple implicit identifiers with correlation or high correlation into the same category, and the specific basis for classification is not limited here.
æ¥éª¤103ãæ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ãStep 103. Determine whether the application program has a tendency to maliciously access the hidden identifier according to the access situation.
ç±äºè®¿é®æ åµè½å¤ææåæ æä¸åºç¨ç¨åºä¼å¾è·åéæ§æ è¯ç¬¦çæ°éãææ¯ä¼å¾è·åçéæ§æ è¯ç¬¦æå±ç±»åçæ°éï¼ä¸æ¶æåºç¨ç¨åºè·åéæ§æ è¯ç¬¦çç®çå¨äºï¼éè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åæ¥å¯ä¸ç¡®å®æä¸ç»ç«¯ç身份ï¼å æ¤ï¼å¨æ¬åæå®æ½ä¾ä¸ï¼å¯ä»¥æ ¹æ®ä¸è¿°åç§æ°éåæ°ç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼ä¹å°±æ¯æ ¹æ®ä¸è¿°è®¿é®æ åµæ¥ç¡®å®æ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ãå ¶ä¸ï¼ç¡®å®æ¹å¼ä¼å¨åææåºå ·ä½çå®ç°æ¹æ¡ï¼å¨æ¤ä¸åèµè¿°ãSince the access situation can effectively reflect the number of hidden identifiers that an application attempts to obtain, or the number of types of hidden identifiers that an application attempts to obtain, and the purpose of obtaining hidden identifiers by malicious applications is to Therefore, in the embodiment of the present invention, it can be determined whether the application program has a tendency to maliciously access the hidden identifier according to the above-mentioned various quantitative parameters, that is, according to the above-mentioned access situation To determine whether there is a tendency to maliciously access implicit identifiers. Wherein, the determination method will provide a specific implementation scheme later, and will not be repeated here.
æ¥éª¤104ãå¨æ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿åï¼ååºç¨ç¨åºåé¦ä¼ªé ä¿¡æ¯æ空ç½ä¿¡æ¯ï¼ææ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ãStep 104: After determining that the application has a tendency to maliciously access the hidden identifier according to the access situation, feed back forged or blank information to the application, or prompt the user to decide whether to allow the application to access the hidden identifier.
å¨æ¬åæå®æ½ä¾ä¸ï¼ä¼ªé ä¿¡æ¯è³å°å æ¬éæºçæçèåéæ§æ è¯ç¬¦æé¢å 设置çèåéæ§æ è¯ç¬¦ä¸çä¸ç§ãå ¶ä¸ï¼éæºçæèåéæ§æ è¯ç¬¦çæ¹å¼å¯ä»¥ç±ç¨æ·ææ¯å·¥ä½äººåé¢å 设å®ï¼æ¯å¦ï¼å¨çå®çéæ§æ è¯ç¬¦çå 容ä¸ï¼æ´æ¹æä¸å符ææ¯å符串ï¼ä»èçæèåéæ§æ è¯ç¬¦ï¼ææ¯ï¼å°é¤è¯¥ç»ç«¯ä»¥å¤çå ¶ä»è®¾å¤ä¸çéæ§æ è¯ç¬¦ä½ä¸ºæ¤æ¶æ¶æåºç¨ç¨åºä¼å¾è·åçéæ§æ è¯ç¬¦çåé¦æ¶æ¯çï¼å ·ä½è®¾ç½®æ¹å¼å¨æ¤ä¸åéå®ãIn the embodiment of the present invention, the fake information includes at least one of a randomly generated false hidden identifier or a preset false hidden identifier. Among them, the method of randomly generating false hidden identifiers can be preset by users or staff, for example, on the content of real hidden identifiers, a certain character or character string is changed to generate false hidden identifiers Identifier, or using the hidden identifier on other devices other than the terminal as the feedback message of the hidden identifier that the malicious application program attempts to obtain at this time, etc. The specific setting method is not limited here.
ç±æ¤å¯è§ï¼éè¿å©ç¨éæ§æ è¯ç¬¦å¨ä½¿ç¨è¿ç¨ä¸çç¹ç¹ï¼å³è·åéæ§æ è¯ç¬¦çä¸æ¹éè¦éè¿å¤ä¸ªéæ§æ è¯ç¬¦çç»åæè½å¯ä¸ç¡®å®æä¸ç»ç«¯ç身份ï¼å°é£äºé¢ç¹è·åéæ§æ è¯ç¬¦ãææ¯è·å大ééæ§æ è¯ç¬¦çåºç¨ç¨åºï¼ç¡®å®ä¸ºå ·ææ¶æ访é®éæ§æ è¯ç¬¦è¶å¿çåºç¨ç¨åºï¼ä¹å为äºä¿è¯ç»ç«¯ä½¿ç¨è¿ç¨ä¸çå®å ¨æ§ï¼é¿å 大ééæ§æ è¯ç¬¦çæ³é²ï¼å该åºç¨ç¨åºåé¦é误çéæ§æ è¯ç¬¦ææ¯ç©ºç½ä¿¡æ¯ï¼ä¹å¯ä»¥éè¿æéç¨æ·çæ¹å¼ï¼è®©ç¨æ·èªè¡å¤æåºç¨ç¨åºè·åéæ§æ è¯ç¬¦çè¿ç¨æ¯å¦åå¨å®å ¨éæ£ãè¿æ ·ä¸æ¥ï¼å¯¹äºé¢ç¹ææ¯å¤§éè·åéæ§æ è¯ç¬¦çåºç¨ç¨åºèè¨ï¼å¹¶ä¸ä¸å®è½å¤æå访é®ç»ç«¯çå®çéæ§æ è¯ç¬¦ï¼ä»è解å³å ä»»ä½åºç¨ç¨åºé½è½å¤æå访é®éæ§æ è¯ç¬¦ï¼è导è´å¨ç»ç«¯ä½¿ç¨è¿ç¨ä¸åå¨å®å ¨éæ£çé®é¢ãIt can be seen that by utilizing the characteristics of hidden identifiers in the use process, that is, the party who acquires hidden identifiers needs to combine multiple hidden identifiers to uniquely determine the identity of a certain terminal, and those who frequently obtain hidden identifiers Identifiers, or applications that obtain a large number of hidden identifiers, are determined to be applications with a tendency to maliciously access hidden identifiers. In order to ensure the security of the terminal during use and avoid the leakage of a large number of hidden identifiers, the The app feeds back wrong hidden identifiers or blank information, and can also remind the user to let the user judge whether there is a security risk in the process of the app obtaining the hidden identifier. In this way, for applications that obtain hidden identifiers frequently or in large quantities, they may not be able to successfully access the real hidden identifiers of the terminal, so as to solve the problem that any application can successfully access hidden identifiers and It leads to the problem of potential safety hazards in the process of using the terminal.
é对访é®æ åµå æ¬ç¬¬ä¸æ°éçæ¹æ¡èè¨ï¼å¨å¦å¾2æ示çå®ç°æ¹å¼çåºç¡ä¸ï¼è¿å¯ä»¥å®ç°ä¸ºå¦å¾3æ示çå®ç°æ¹å¼ãå ¶ä¸ï¼æ¥éª¤103æ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ï¼å ·ä½å¯ä»¥å®ç°ä¸ºæ¥éª¤201ææ¥éª¤202ï¼æè ï¼å®ç°ä¸ºæ¥éª¤203ææ¥éª¤204ï¼For the scheme that the access situation includes the first quantity, on the basis of the implementation manner shown in FIG. 2 , the implementation manner shown in FIG. 3 may also be implemented. Wherein, step 103 determines whether the application program has a tendency to maliciously access the hidden identifier according to the access situation, which can be specifically implemented as step 201 or step 202, or as step 203 or step 204:
æ¥éª¤201ãå½æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶æ¶ï¼ç¡®å®åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ãStep 201. When one or more malicious access judging conditions are met, determine that the application has a tendency to maliciously access the hidden identifier.
æ¥éª¤202ãå½ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶æ¶ï¼ç¡®å®åºç¨ç¨åºä¸å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿ãStep 202, when the malicious access judging condition is not satisfied, determine that the application program does not have a tendency of malicious access to the hidden identifier.
å ¶ä¸ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°é大äºç¬¬ä¸éå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°éå°äºæçäºç¬¬ä¸éå¼ï¼Wherein, meeting one or more malicious access judgment conditions includes: the first number is greater than the first threshold; not satisfying the malicious access judgment condition includes: the first number is less than or equal to the first threshold;
æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°éä¸ç¬¬ä¸æ»æ°éçæ¯å¼å¤§äºç¬¬äºéå¼ï¼å ¶ä¸ï¼ç¬¬ä¸æ»æ°é为éæ§æ è¯ç¬¦çæ»æ°éï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°éä¸ç¬¬ä¸æ»æ°éçæ¯å¼å°äºæçäºç¬¬äºéå¼ï¼Alternatively, satisfying one or more malicious access judgment conditions includes: the ratio of the first quantity to the first total quantity is greater than a second threshold, wherein the first total quantity is the total quantity of hidden identifiers; not satisfying the malicious access judgment condition includes : the ratio of the first quantity to the first total quantity is less than or equal to the second threshold;
æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°é大äºç¬¬ä¸éå¼ï¼ä»¥å第ä¸æ°éä¸ç¬¬ä¸æ»æ°éçæ¯å¼å¤§äºç¬¬åéå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ°éå°äºæçäºç¬¬ä¸éå¼ï¼ä»¥å第ä¸æ°éä¸ç¬¬ä¸æ»æ°éçæ¯å¼å°äºæçäºç¬¬åéå¼ãAlternatively, meeting one or more malicious access judgment conditions includes: the first number is greater than the third threshold, and the ratio of the first number to the first total number is greater than the fourth threshold; not satisfying the malicious access judgment condition includes: the first number is less than or is equal to the third threshold, and the ratio of the first quantity to the first total quantity is less than or equal to the fourth threshold.
è¥è®¿é®æ åµå æ¬æ¯ä¸ªéæ§æ è¯ç¬¦çæéï¼é£ä¹æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶ï¼ä»¥åä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶è¿å¯ä»¥å æ¬æ´å¤é项ãIf the access situation includes the weight of each implicit identifier, then satisfying one or more malicious access judging conditions and not satisfying the malicious access judging conditions may further include more options.
å³æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸åæ°å¤§äºç¬¬äºéå¼ï¼å ¶ä¸ï¼xiç¨äºè¡¨ç¤ºéæ§æ è¯ç¬¦içæéï¼nç¨äºè¡¨ç¤ºç¬¬ä¸æ°éï¼iãné½ä¸ºå¤§äºæçäº1çæ´æ°ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸åæ°å°äºæçäºç¬¬äºéå¼ï¼That is, satisfying one or more malicious access judgment conditions includes: the first parameter is greater than the fifth threshold, where x i is used to represent the weight of the implicit identifier i, n is used to represent the first number, i and n are both integers greater than or equal to 1; conditions for judging malicious access that do not meet include: the first parameter less than or equal to the fifth threshold;
æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ¯å¼å¤§äºç¬¬å éå¼ï¼å ¶ä¸ï¼mç¨äºè¡¨ç¤ºç¬¬ä¸æ»æ°éï¼m为大äºæçäº1çæ´æ°ï¼ä¸nå°äºæçäºmï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸æ¯å¼å°äºæçäºç¬¬å éå¼ï¼Alternatively, satisfying one or more malicious access judgment conditions includes: the first ratio Greater than the sixth threshold, where m is used to represent the first total quantity, m is an integer greater than or equal to 1, and n is less than or equal to m; the conditions for judging malicious access include: the first ratio less than or equal to the sixth threshold;
æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸åæ°å¤§äºç¬¬ä¸éå¼ï¼ä»¥å第ä¸æ¯å¼å¤§äºç¬¬å «éå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬ä¸åæ°å°äºæçäºç¬¬ä¸éå¼ï¼ä»¥å第ä¸æ¯å¼å°äºæçäºç¬¬å «éå¼ãAlternatively, satisfying one or more malicious access judgment conditions includes: the first parameter greater than the seventh threshold, and the first ratio greater than the eighth threshold; the conditions for judging malicious access are not satisfied include: the first parameter less than or equal to the seventh threshold, and the first ratio less than or equal to the eighth threshold.
é对访é®æ åµå æ¬ç¬¬äºæ°éèè¨ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°é大äºç¬¬ä¹éå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°éå°äºæçäºç¬¬ä¹éå¼ï¼Regarding the access situation including the second number, meeting one or more malicious access judgment conditions includes: the second number is greater than the ninth threshold; not satisfying the malicious access judgment condition includes: the second number is less than or equal to the ninth threshold;
æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°éä¸ç¬¬äºæ»æ°éçæ¯å¼å¤§äºç¬¬åéå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°éä¸ç¬¬äºæ»æ°éçæ¯å¼å°äºæçäºç¬¬åéå¼ï¼Alternatively, meeting one or more malicious access judgment conditions includes: the ratio of the second number to the second total number is greater than the tenth threshold; not satisfying the malicious access judgment condition includes: the ratio of the second number to the second total number is less than or equal to the tenth threshold tenthreshold;
æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°é大äºç¬¬åä¸éå¼ï¼ä»¥å第äºæ°éä¸ç¬¬äºæ»æ°éçæ¯å¼å¤§äºç¬¬åäºéå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ°éå°äºæçäºç¬¬åä¸éå¼ï¼ä»¥å第äºæ°éä¸ç¬¬äºæ»æ°éçæ¯å¼å°äºæçäºç¬¬åäºéå¼ãAlternatively, meeting one or more malicious access judgment conditions includes: the second number is greater than the eleventh threshold, and the ratio of the second number to the second total number is greater than the twelfth threshold; not meeting the malicious access judgment condition includes: the second number is less than or equal to the eleventh threshold, and the ratio of the second number to the second total number is less than or equal to the twelfth threshold.
è¥è®¿é®æ åµå æ¬æ¯ä¸ªéæ§æ è¯ç¬¦ç§ç±»çæéï¼é£ä¹æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶ï¼ä»¥åä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶è¿å¯ä»¥å æ¬æ´å¤é项ãIf the access situation includes the weight of each type of implicit identifier, then satisfying one or more malicious access judging conditions and not satisfying the malicious access judging conditions may also include more options.
å³æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºåæ°å¤§äºç¬¬åä¸éå¼ï¼å ¶ä¸ï¼yjç¨äºè¡¨ç¤ºéæ§æ è¯ç¬¦ç§ç±»jçæéï¼qç¨äºè¡¨ç¤ºç¬¬äºæ°éï¼jãqé½ä¸ºå¤§äºæçäº1çæ´æ°ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºåæ°å°äºæçäºç¬¬åä¸éå¼ï¼That is, satisfying one or more malicious access judgment conditions includes: the second parameter greater than the thirteenth threshold, where y j is used to represent the weight of the type j of the implicit identifier, q is used to represent the second quantity, and j and q are both integers greater than or equal to 1; conditions for judging malicious access that do not meet include: second parameter less than or equal to the thirteenth threshold;
æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ¯å¼å¤§äºç¬¬ååéå¼ï¼å ¶ä¸ï¼pç¨äºè¡¨ç¤ºç¬¬ä¸æ»æ°éï¼p为大äºæçäº1çæ´æ°ï¼ä¸qå°äºæçäºpï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºæ¯å¼å°äºæçäºç¬¬ååéå¼ï¼Alternatively, satisfying one or more malicious access judgment conditions includes: the second ratio greater than the fourteenth threshold, where p is used to represent the first total quantity, p is an integer greater than or equal to 1, and q is less than or equal to p; the conditions for judging malicious access are not satisfied include: the second ratio less than or equal to the fourteenth threshold;
æè ï¼æ»¡è¶³ä¸ä¸ªæå¤ä¸ªæ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºåæ°å¤§äºç¬¬åäºéå¼ï¼ä»¥å第äºæ¯å¼å¤§äºç¬¬åå éå¼ï¼ä¸æ»¡è¶³æ¶æ访é®å¤ææ¡ä»¶å æ¬ï¼ç¬¬äºåæ°å°äºæçäºç¬¬åäºéå¼ï¼ä»¥å第äºæ¯å¼å°äºæçäºåå éå¼ãAlternatively, satisfying one or more malicious access judgment conditions includes: the second parameter greater than the fifteenth threshold, and the second ratio greater than the sixteenth threshold; the conditions for judging malicious access are not met include: the second parameter less than or equal to the fifteenth threshold, and the second ratio Less than or equal to the sixteenth threshold.
éè¦è¯´æçæ¯ï¼ä¸è¿°ç¬¬ä¸è³ç¬¬åå éå¼çåå¼ï¼å¯ä»¥ç±ç¨æ·ææ¯å·¥ä½äººåé¢å 设å®ï¼å ·ä½å¯ä»¥åèåå²ç»éªå¼ãæ¯å¦ï¼è¶ è¿80ï¼ çæ¶æåºç¨ç¨åºä¼è·å5个å以ä¸çéæ§æ è¯ç¬¦ï¼é£ä¹ç¬¬ä¸éå¼å¯ä»¥è¢«è®¾ç½®ä¸º4个ï¼è¶ è¿90ï¼ çæ¶æåºç¨ç¨åºè·åéæ§æ è¯ç¬¦çæ°éå ææéæ§æ è¯ç¬¦æ»æ°éçæ¯ä¾å¤§äº1/4ï¼é£ä¹ç¬¬äºéå¼å¯ä»¥è¢«è®¾ç½®ä¸º1/4ãå¦å¤ï¼æ¯èèè¶ è¿80ï¼ çæ¶æåºç¨ç¨åºçå ±æ§ï¼è¿æ¯èèè¶ è¿90ï¼ çæ¶æåºç¨ç¨åºçå ±æ§ï¼å¨æ¬åæå®æ½ä¾ä¸ä¸åéå®ãå ¶ä¸ï¼80ï¼ å90ï¼ å¯ä»¥è¢«è§ä¸ºç¨äºè¡¡é大é¨åæ¶æåºç¨ç¨åºå ±æ§ç置信度ï¼è¯¥ç½®ä¿¡åº¦ç设置æ¹å¼å¯ä»¥èèç¨æ·ææ¯å·¥ä½äººå对ç»ç«¯ä½¿ç¨å®å ¨æ§çéæ±ï¼å¯¹äºå®å ¨æ§éæ±è¾é«çç»ç«¯èè¨ï¼å¯ä»¥å°ç½®ä¿¡åº¦è®¾ç½®ä¸ºç¸å¯¹è¾ä½çæ°å¼ï¼åçï¼å¯¹äºå®å ¨æ§éæ±è¾ä½çç»ç«¯èè¨ï¼å¯ä»¥å°½å¯è½çå°ç½®ä¿¡åº¦è®¾ç½®ä¸ºè¾é«çæ°å¼ï¼çè³è®¾ç½®æ100ï¼ ãIt should be noted that the values of the above-mentioned first to sixteenth thresholds may be preset by a user or a staff member, for details, reference may be made to historical experience values. For example, if more than 80% of malicious applications obtain 5 or more hidden identifiers, then the first threshold can be set to 4; more than 90% of malicious applications obtain the number of hidden identifiers accounting for all If the ratio of the total number of identifiers is greater than 1/4, then the second threshold may be set to 1/4. In addition, it is not limited in this embodiment of the present invention whether to consider the commonality of more than 80% of malicious applications or the commonality of more than 90% of malicious applications. Among them, 80% and 90% can be regarded as the confidence level used to measure the commonality of most malicious applications. For terminals with high security, you can set the confidence level to a relatively low value. Similarly, for terminals with low security requirements, you can set the confidence level as high as possible, even 100 %.
对äºæ¯ä¸ªéæ§æ è¯ç¬¦çæéï¼åæ¯ä¸ªéæ§æ è¯ç¬¦ç§ç±»çæéï¼ä¹éè¦ç¨æ·ææ¯å·¥ä½äººåé¢å æ ¹æ®åå²ç»éªå¼è¿è¡è®¾ç½®ï¼å¹¶å¨è®¾ç½®ååå¨å¨ç»ç«¯æ¬å°ææ¯åå¨å¨å ¶ä»è½å¤ä¸ç»ç«¯è¿è¡æ°æ®äº¤äºç设å¤çãéè¦è¯´æçæ¯ï¼è¥éè¦è®¾ç½®æ¯ä¸ªéæ§æ è¯ç¬¦çæéï¼é£ä¹ææéæ§æ è¯ç¬¦çæéä¹åä¸è¬è®¾ç½®ä¸º1ï¼åçï¼è¥éè¦è®¾ç½®æ¯ä¸ªéæ§æ è¯ç¬¦ç§ç±»çæéï¼é£ä¹ææç§ç±»çæéä¹åä¸è¬è®¾ç½®ä¸º1ãå¨å®é 设置æéçè¿ç¨ä¸ï¼å¯ä»¥å°æ¶æåºç¨ç¨åºé¢ç¹è·åçä¸ä¸ªææ¯å¤ä¸ªéæ§æ è¯ç¬¦ï¼ä»¥åä¸ä¸ªææ¯å¤ä¸ªç§ç±»çéæ§æ è¯ç¬¦çæé设置为è¾é«çæ°å¼ï¼åçï¼å¯¹äºæ¶æåºç¨ç¨åºè·åé¢æ¬¡è¾ä½çéæ§æ è¯ç¬¦ï¼ä»¥åé£ä¸ç§ç±»çéæ§æ è¯ç¬¦ï¼å¯ä»¥å°æé设置为è¾ä½çæ°å¼ï¼çè³æ¥è¿äº0ãFor the weight of each hidden identifier, and the weight of each type of hidden identifier, users or staff also need to pre-set according to the historical experience value, and after setting, store it locally in the terminal or in other capable Devices for data interaction with terminals, etc. It should be noted that if the weight of each implicit identifier needs to be set, the sum of the weights of all implicit identifiers is generally set to 1. Similarly, if the weight of each implicit identifier type needs to be set, then all The sum of the weights of categories is generally set to 1. In the process of actually setting the weight, the weight of one or more hidden identifiers frequently obtained by malicious applications and one or more types of hidden identifiers can be set to a higher value. Similarly, For the hidden identifiers obtained by malicious applications with low frequency, and the hidden identifiers of that type, the weight can be set to a lower value, even close to 0.
ç±æ¤å¯è§ï¼ä¸è¿°æ示çå ç§ç¡®å®åºç¨ç¨åºæ¯å¦å ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿çå®ç°æ¹å¼ï¼ä¸ä» å¯ä»¥èèå°ç¨æ·ææ¯å·¥ä½äººå对äºç»ç«¯ä½¿ç¨å®å ¨æ§çéæ±ï¼è¿è½èèå°å个éæ§æ è¯ç¬¦ææ¯å½å±äºåä¸ç§ç±»çéæ§æ è¯ç¬¦çéè¦æ§ãå ¶ä¸ï¼è¿éçéè¦æ§ä¸»è¦æ¯ææ¶æåºç¨ç¨åºå¯¹äºè¿ç±»éæ§æ è¯ç¬¦çéæ±è¾é«ï¼å³è·åè¿ç±»éæ§æ è¯ç¬¦ç次æ°è¾å¤ãè¿æ ·ä¸æ¥ï¼å°±è½å¤ä¾¿äºç¨æ·ææ¯å·¥ä½äººåæ§å¶æä¾ç»å个åºç¨ç¨åºè·åéæ§æ è¯ç¬¦çæ°éï¼å¹¶å¨æ»¡è¶³ç¨æ·ææ¯å·¥ä½äººåéæ±çæ åµä¸ï¼å°½å¯è½é¿å æ¶æåºç¨ç¨åºè·å足å¤çéæ§æ è¯ç¬¦ãIt can be seen that the implementation methods for determining whether an application program has a tendency to maliciously access hidden identifiers shown above can not only consider the needs of users or staff for terminal use security, but also consider the individual hidden identifiers. The importance of gender identifiers or implicit identifiers belonging to the same category. Wherein, the importance here mainly refers to that malicious applications have higher requirements for such hidden identifiers, that is, the frequency of obtaining such hidden identifiers is relatively large. In this way, it is easy for users or staff to control the number of hidden identifiers provided to each application, and to avoid malicious applications from obtaining enough hidden identifiers while meeting the needs of users or staff. identifier.
为äºèçç»ç«¯å é¨åé¨ä»¶è¿è¡æ°æ®äº¤äºæ¶æèè´¹çè½èï¼å¨æ¬åæå®æ½ä¾çä¸ä¸ªå®ç°æ¹å¼ä¸ï¼ç»ç«¯ä¸ç访é®çæ§å¨å¯ä»¥å¨å®æä¸æ¹æä½æ令çè®°å½åï¼ç»ä¸è¯¢é®ç¨æ·æ¯å¦å 许åºç¨ç¨åºçè·åéæ±ãå æ¤ï¼å¨å¦å¾2åå¾3æ示çå®ç°æ¹å¼çåºç¡ä¸ï¼ä»¥å¾2为ä¾ï¼è¿å¯ä»¥å®ç°ä¸ºå¦å¾4æ示çå®ç°æ¹å¼ãIn order to save the energy consumed by the internal components of the terminal for data interaction, in an implementation of the embodiment of the present invention, the access monitor in the terminal can uniformly ask the user whether to allow the application after recording a batch of operation instructions. Program acquisition requirements. Therefore, on the basis of the implementation manners shown in FIG. 2 and FIG. 3 , taking FIG. 2 as an example, the implementation manner shown in FIG. 4 may also be implemented.
å ¶ä¸ï¼æ¥éª¤104å¨æ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿åï¼ååºç¨ç¨åºåé¦ä¼ªé ä¿¡æ¯æ空ç½ä¿¡æ¯ï¼ææ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ï¼å¯ä»¥å ·ä½å®ç°ä¸ºæ¥éª¤301ï¼ææ§è¡æ¥éª¤401åæ¥éª¤402ï¼Among them, step 104, after determining that the application program has a tendency to maliciously access the hidden identifier according to the access situation, feeds back fake information or blank information to the application program, or prompts the user to decide whether to allow the application program to access the hidden identifier, which can be specifically implemented as Step 301, or execute steps 401 and 402:
æ¥éª¤301ãå¨æ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿åï¼ååºç¨ç¨åºåé¦ä¼ªé ä¿¡æ¯æ空ç½ä¿¡æ¯ãStep 301 , after determining that the application program has a tendency to maliciously access the hidden identifier according to the access situation, feeding back forged or blank information to the application program.
ç±æ¤å¯è§ï¼å¨è®¿é®çæ§å¨å°åºç¨ç¨åºç¡®å®ä¸ºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿çåºç¨ç¨åºåï¼è¥è¯¥åºç¨ç¨åºä»ç¶è¯å¾è®¿é®ç³»ç»èµæºä¸çéæ§æ è¯ç¬¦ï¼é£ä¹ï¼çæ§å¨å¯ä»¥å该åºç¨ç¨åºæä¾ç±è½¬æ¢å¨çæç伪é ä¿¡æ¯ææ¯ç©ºç½ä¿¡æ¯ï¼å½ç¶ï¼è¿äºä¿¡æ¯ä¹å¯ä»¥ç±ç¨æ·ææ¯å·¥ä½äººåé¢åï¼ä¹åç±è½¬æ¢å¨ä»ç¸åºåå¨ä½ç½®è·åï¼å¹¶æä¾ç»çæ§å¨ãIt can be seen that after the access monitor determines that the application program is an application program with a tendency to maliciously access the hidden identifier, if the application program still tries to access the hidden identifier in the system resource, then the monitor can send the application program to the hidden identifier. The application program provides fake information or blank information generated by the converter. Of course, the information can also be pre-stored by the user or staff, and then the converter obtains it from the corresponding storage location and provides it to the monitor.
éè¦è¯´æçæ¯ï¼å¯¹äºä¼ªé ä¿¡æ¯çåå¨ä½ç½®ï¼å¨æ¤ä¸åéå®ï¼å¯ä»¥ç´æ¥åå¨å¨ç³»ç»èµæºä¸ç¨äºåå¨çå®çéæ§æ è¯ç¬¦çåå¨ç©ºé´ä¸ï¼è¢«åååºçåç¬ç¨äºåå¨ä¼ªé ä¿¡æ¯çåå¨ç©ºé´ã为äºæ¹ä¾¿è½¬æ¢å¨æä¾ä¼ªé ä¿¡æ¯ï¼è¿å¯ä»¥å¨åå¨æ¶ï¼ç´æ¥åå¨æ¯æ¡ä¼ªé ä¿¡æ¯ä»¥åä¸æ¯æ¡ä¼ªé ä¿¡æ¯å¯¹åºççå®çéæ§æ è¯ç¬¦ï¼è¿æ ·ï¼æ¯å½æ¶æåºç¨ç¨åºè¯å¾è®¿é®è¿ä¸æ¡çå®çéæ§æ è¯ç¬¦æ¶ï¼è½¬æ¢å¨è½å¤ç´æ¥ä¾æ®é¢åçå¹é å ³ç³»ï¼å°äºè¿ä¸æ¡çå®çéæ§æ è¯ç¬¦åå¨å¯¹åºå ³ç³»çé£ä¸æ¡ä¼ªé ä¿¡æ¯æä¾ç»çæ§å¨ãIt should be noted that the storage location of the forged information is not limited here, and it can be directly stored in the storage space used to store the real hidden identifier in the system resources, and the storage space for storing the forged information is divided into storage. In order to facilitate the converter to provide fake information, it is also possible to directly store each piece of fake information and the real hidden identifier corresponding to each piece of fake information when storing, so that whenever a malicious application tries to access this real hidden When identifying an identifier, the converter can directly provide the forged information to the monitor based on the pre-stored matching relationship.
æ¥éª¤401ãå¨æ ¹æ®è®¿é®æ åµç¡®å®åºç¨ç¨åºå ·ææ¶æ访é®éæ§æ è¯ç¬¦çè¶å¿åï¼è®°å½æä½æ令ãStep 401, after determining that the application program has a tendency to maliciously access the hidden identifier according to the access situation, record the operation instruction.
æ¥éª¤402ãå¨æ»¡è¶³æå®æ¡ä»¶åï¼æ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦ãStep 402, prompting the user to decide whether to allow the application program to access the implicit identifier after the specified condition is satisfied.
å ¶ä¸ï¼æå®æ¡ä»¶è³å°å æ¬æä½æ令çæ°é大äºç¬¬åä¸éå¼åæªè·æä½æ令çæ¶é´è¶ è¿é¢è®¾æ¶é´èå´ä¸çä¸é¡¹ãWherein, the designated condition includes at least one of the number of operating instructions greater than a seventeenth threshold and the time of intercepting the operating instructions exceeding a preset time range.
å¨æ¬åæå®æ½ä¾ä¸ï¼å¯ä»¥å°è®°å½çæä½æ令åå¨è³ç»ç«¯çåå¨ç©ºé´å ï¼å¨åå¨çæä½æ令çæ¡æ°å¤§äºç¬¬åä¸éå¼ååé¦ç»ç¨æ·ï¼ææ¯ï¼å¨æ¶æåºç¨ç¨åºè¿è¡çæ¶é´è¾¾å°æä¸ç¹å®æ¶é¿åå³è·åæä½æ令çæ¶é´è¶ è¿é¢è®¾æ¶é´èå´ååé¦ç»ç¨æ·ãå ¶ä¸ï¼ä¸è¿°ç¬¬åä¸éå¼ä¸é¢è®¾æ¶é´èå´åæ ·å¯ä»¥ç±å·¥ä½äººåæç¨æ·ï¼æ ¹æ®åå²ç»éªå¼è¿è¡é¢å 设置ï¼å¯¹äºè®¾ç½®æ¹å¼ã设置æ¶æºçï¼å¨æ¬åæå®æ½ä¾ä¸ä¸è¿è¡éå®ãIn the embodiment of the present invention, the recorded operation instructions can be stored in the storage space of the terminal, and fed back to the user after the number of stored operation instructions is greater than the seventeenth threshold; After a certain period of time, the operation command is obtained and fed back to the user after the time exceeds the preset time range. Wherein, the above-mentioned seventeenth threshold and the preset time range can also be preset by staff or users based on historical experience values, and the setting method, setting timing, etc. are not limited in this embodiment of the present invention.
ç±äºå¨åç¨æ·åé¦ä¹åï¼éè¦åå¨è¿æ®µæ¶é´å è·åå°çæä½æ令ï¼èç»ç«¯çåå¨ç©ºé´æ¯æéçï¼å æ¤ï¼å¯ä»¥å¨è®°å½æä½æ令åãææ¯å¨è®°å½æä½æ令æ¶ãææ¯å¨è®°å½æä½åçä¸æ®µæ¶é´å ï¼è®¾ç½®æä½æ令çè®°å½æ°éä¸éï¼å½è¾¾å°è¿ä¸ä¸éåï¼å¯ä»¥ç»ä¸åç¨æ·è¯¢é®æ¯å¦å 许访é®ãä¹å°±æå³çï¼å³ä½¿å½åæ åµæªæ»¡è¶³æå®æ¡ä»¶ï¼ä½åºäºç»ç«¯åå¨ç©ºé´æéçèèï¼ä»ç¶å¯ä»¥ç»ååå¨ç©ºé´å½åçåå¨æ åµï¼æåç»äºç¨æ·æ示ãSince the operation instructions obtained during this period need to be stored before giving feedback to the user, and the storage space of the terminal is limited, it is possible to record the operation instructions before, or when recording the operation instructions, or when recording the operation instructions. In the next period of time, set the upper limit of the number of records of operation instructions. When this upper limit is reached, the user can be uniformly asked whether to allow access. That is to say, even if the current situation does not meet the specified conditions, due to the limited storage space of the terminal, it is still possible to give the user a reminder in advance in combination with the current storage situation of the storage space.
ç±æ¤å¯è§ï¼å¨æ示ç¨æ·å³å®æ¯å¦å 许åºç¨ç¨åºè®¿é®éæ§æ è¯ç¬¦æ¶ï¼è¿å¯ä»¥éè¿ä¸æåå¨æä½æ令ï¼ä¹åç»ä¸è¯¢é®ç¨æ·çæ¹å¼æ¥å®ç°ãè¿æ ·ä¸æ¥ï¼è½å¤å¨æ¶æåºç¨ç¨åºé¢ç¹è¯·æ±è·åéæ§æ è¯ç¬¦æ¶ï¼é¿å å¨ç»ç«¯æ¾ç¤ºçé¢ä¸ä¸æå¼¹åºæ示对è¯æ¡ï¼å½±åç¨æ·æä½ãæ¯å¦ï¼å¨ç¨æ·æ£å¨è¿è¡æ¸¸æ软件ææ¯å ¶ä»ä¸å¯éæ¶ä¸æçåºç¨ç¨åºæ¶ï¼æ¹éåé¦è½å¤å¨ç¡®ä¿ç»ç«¯å®å ¨æ§çæ åµä¸ï¼å°½å¯è½ä¸å½±åç¨æ·å¯¹ç»ç«¯çæä½è¿ç¨ãIt can be seen that when prompting the user to decide whether to allow the application program to access the hidden identifier, it can also be realized by continuously storing operation instructions and then uniformly asking the user. In this way, when a malicious application program frequently requests to obtain a hidden identifier, it is possible to avoid continuously popping up prompt dialog boxes on the terminal display interface and affecting user operations. For example, when the user is running game software or other applications that cannot be interrupted at any time, batch feedback can ensure the security of the terminal without affecting the user's operation of the terminal as much as possible.
å¨ä¸è¿°ç»ç«¯ä¸å¯ä»¥è®¾ç½®æéæ§æ è¯ç¬¦çè·åè£ ç½®ãéæ§æ è¯ç¬¦çè·åè£ ç½®ä¸ºäºå®ç°ä¸è¿°åè½ï¼å ¶å å«äºæ§è¡å个åè½ç¸åºç硬件ç»æå/æ软件模åãæ¬é¢åææ¯äººååºè¯¥å¾å®¹ææè¯å°ï¼ç»åæ¬æä¸æå ¬å¼çå®æ½ä¾æè¿°çå示ä¾çåå åç®æ³æ¥éª¤ï¼æ¬åæè½å¤ä»¥ç¡¬ä»¶æ硬件å计ç®æºè½¯ä»¶çç»åå½¢å¼æ¥å®ç°ãæ个åè½ç©¶ç«ä»¥ç¡¬ä»¶è¿æ¯è®¡ç®æºè½¯ä»¶é©±å¨ç¡¬ä»¶çæ¹å¼æ¥æ§è¡ï¼åå³äºææ¯æ¹æ¡çç¹å®åºç¨å设计约ææ¡ä»¶ãä¸ä¸ææ¯äººåå¯ä»¥å¯¹æ¯ä¸ªç¹å®çåºç¨æ¥ä½¿ç¨ä¸åæ¹æ³æ¥å®ç°ææè¿°çåè½ï¼ä½æ¯è¿ç§å®ç°ä¸åºè®¤ä¸ºè¶ åºæ¬åæçèå´ãA device for obtaining a hidden identifier may be provided in the above terminal. In order to realize the above-mentioned functions, the device for obtaining the implicit identifier includes corresponding hardware structures and/or software modules for performing various functions. Those skilled in the art should easily realize that the present invention can be realized in the form of hardware or a combination of hardware and computer software in combination with the units and algorithm steps of each example described in the embodiments disclosed herein. Whether a certain function is executed by hardware or computer software drives hardware depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present invention.
æ¬åæå®æ½ä¾å¯ä»¥æ ¹æ®ä¸è¿°æ¹æ³ç¤ºä¾å¯¹éæ§æ è¯ç¬¦çè·åè£ ç½®è¿è¡åè½æ¨¡åçååï¼ä¾å¦ï¼å¯ä»¥å¯¹åºå个åè½ååå个åè½æ¨¡åï¼ä¹å¯ä»¥å°ä¸¤ä¸ªæ两个以ä¸çåè½éæå¨ä¸ä¸ªå¤ç模åä¸ãä¸è¿°éæç模åæ¢å¯ä»¥éç¨ç¡¬ä»¶çå½¢å¼å®ç°ï¼ä¹å¯ä»¥éç¨è½¯ä»¶åè½æ¨¡åçå½¢å¼å®ç°ãéè¦è¯´æçæ¯ï¼æ¬åæå®æ½ä¾ä¸å¯¹æ¨¡åçååæ¯ç¤ºææ§çï¼ä» ä» ä¸ºä¸ç§é»è¾åè½ååï¼å®é å®ç°æ¶å¯ä»¥æå¦å¤çååæ¹å¼ãIn the embodiment of the present invention, according to the above-mentioned method example, the device for obtaining the implicit identifier can be divided into functional modules. For example, each functional module can be divided corresponding to each function, or two or more functions can be integrated into one processing module. middle. The above-mentioned integrated modules can be implemented in the form of hardware or in the form of software function modules. It should be noted that the division of modules in the embodiment of the present invention is schematic, and is only a logical function division, and there may be another division manner in actual implementation.
å¦å¾5æ示ï¼ä¸ºä¸è¿°å®æ½ä¾ä¸ææ¶åçéæ§æ è¯ç¬¦çè·åè£ ç½®çä¸ç§å¯è½çç»æ示æå¾ãéæ§æ è¯ç¬¦çè·åè£ ç½®10å æ¬ï¼è·å模å11ãç¡®å®æ¨¡å12ãåé模å13ååå¨æ¨¡å14ãå ¶ä¸ï¼è·å模å11ç¨äºæ¯æéæ§æ è¯ç¬¦çè·åè£ ç½®10æ§è¡å¾2è³å¾4ä¸çæ¥éª¤101ï¼ç¡®å®æ¨¡å12ç¨äºæ¯æéæ§æ è¯ç¬¦çè·åè£ ç½®10æ§è¡å¾2è³å¾4ä¸çæ¥éª¤102ï¼å¾2ãå¾4ä¸çæ¥éª¤103ï¼å¾3ä¸çæ¥éª¤201åæ¥éª¤202ï¼åé模å13ç¨äºæ¯æéæ§æ è¯ç¬¦çè·åè£ ç½®10æ§è¡å¾2åå¾3çæ¥éª¤104ï¼å¾4ä¸çæ¥éª¤301åæ¥éª¤402ï¼åå¨æ¨¡å14ç¨äºæ¯æéæ§æ è¯ç¬¦çè·åè£ ç½®10æ§è¡å¾4ä¸çæ¥éª¤401ãAs shown in FIG. 5 , it is a schematic structural diagram of a possible structure of the device for acquiring a hidden identifier involved in the above-mentioned embodiment. The device 10 for obtaining a hidden identifier includes: an obtaining module 11 , a determining module 12 , a sending module 13 and a storage module 14 . Among them, the acquisition module 11 is used to support the acquisition device 10 of the implicit identifier to perform step 101 in Figure 2 to Figure 4; the determination module 12 is used to support the acquisition device 10 of the implicit identifier to perform the steps in Figure 2 to Figure 4 102, step 103 in Fig. 2 and Fig. 4, step 201 and step 202 in Fig. 3; the sending module 13 is used to support the acquisition device 10 of the implicit identifier to execute step 104 in Fig. 2 and Fig. 3, and step 104 in Fig. 4 Step 301 and step 402; the storage module 14 is used to support the acquisition device 10 of the implicit identifier to execute step 401 in FIG. 4 .
éè¦è¯´æçæ¯ï¼è·å模å11ä¸åé模å13é¤äºå¯ä»¥åå¼é¨ç½²å¤ï¼è¿å¯ä»¥éæå¨é信模å20ä¸ï¼ç±é信模å20å®ç°è·å模å11ä¸åé模å13æè½å®ç°çåè½ï¼å/æç¨äºæ¯æéæ§æ è¯ç¬¦çè·åè£ ç½®10ä¸ç»ç«¯ä¸å个模åä¹é´è¿è¡æ°æ®äº¤äºï¼å/ææ¯æç»ç«¯ä¸å ¶ä»ç½å ä¹é´çéä¿¡ï¼ç¡®å®æ¨¡å12å¯ä»¥å®ç°ä¸ºå¤ç模å21ï¼è¿ç¨äºå®ç°æ¬æææè¿°çææ¯çå ¶å®è¿ç¨ï¼åå¨æ¨¡å14è¿å¯ä»¥ç¨äºåå¨åºç«çç¨åºä»£ç åæ°æ®ãIt should be noted that, in addition to being deployed separately, the acquisition module 11 and the sending module 13 can also be integrated on the communication module 20, and the communication module 20 realizes the functions that the acquisition module 11 and the sending module 13 can realize, and/or is used for The acquisition device 10 that supports the implicit identifier performs data interaction with various modules in the terminal, and/or supports communication between the terminal and other network elements; the determination module 12 can be implemented as a processing module 21, and is also used to realize the Other processes of the technology described; the storage module 14 can also be used to store program codes and data of the base station.
å ¶ä¸ï¼å¤ç模å21å¯ä»¥å®ç°ä¸ºå¤çå¨ææ§å¶å¨ï¼ä¾å¦å¯ä»¥æ¯CPUï¼éç¨å¤çå¨ï¼DSPï¼ASICï¼FPGAæè å ¶ä»å¯ç¼ç¨é»è¾å¨ä»¶ãæ¶ä½ç®¡é»è¾å¨ä»¶ã硬件é¨ä»¶æè å ¶ä»»æç»åãå ¶å¯ä»¥å®ç°ææ§è¡ç»åæ¬åæå ¬å¼å 容ææè¿°çåç§ç¤ºä¾æ§çé»è¾æ¹æ¡ï¼æ¨¡ååçµè·¯ãæè¿°å¤çå¨ä¹å¯ä»¥æ¯å®ç°è®¡ç®åè½çç»åï¼ä¾å¦å å«ä¸ä¸ªæå¤ä¸ªå¾®å¤çå¨ç»åï¼DSPåå¾®å¤çå¨çç»åççãé信模å20å¯ä»¥å®ç°ä¸ºæ¶åçµè·¯æéä¿¡æ¥å£çãåå¨æ¨¡å14å¯ä»¥å®ç°ä¸ºåå¨å¨ï¼å ¶ä¸ï¼è¯¥åå¨å¨åºä¸ºéç¬æåå¨å¨ãWherein, the processing module 21 may be implemented as a processor or a controller, such as a CPU, a general processor, DSP, ASIC, FPGA or other programmable logic devices, transistor logic devices, hardware components or any combination thereof. It can implement or execute the various illustrative logical blocks, modules and circuits described in connection with the present disclosure. The processor may also be a combination of computing functions, for example, a combination of one or more microprocessors, a combination of DSP and a microprocessor, and so on. The communication module 20 can be realized as a transceiver circuit or a communication interface, and the like. The storage module 14 can be implemented as a memory, wherein the memory should be a non-transitory memory.
è¥å¤ç模å21å®ç°ä¸ºå¤çå¨ãåå¨æ¨¡å14å®ç°ä¸ºåå¨å¨ï¼åå¦å¾6æ示ï¼éæ§æ è¯ç¬¦çè·åè£ ç½®30å æ¬ï¼å¤çå¨31ãåå¨å¨32ï¼ä»¥åæ»çº¿33ãå ¶ä¸ï¼å¤çå¨31ãåå¨å¨32éè¿æ»çº¿33ç¸äºè¿æ¥ï¼æ»çº¿33å¯ä»¥æ¯PCIæ»çº¿æEISAæ»çº¿çãæè¿°æ»çº¿å¯ä»¥å为å°åæ»çº¿ãæ°æ®æ»çº¿ãæ§å¶æ»çº¿çã为便äºè¡¨ç¤ºï¼å¾6ä¸ä» ç¨ä¸æ¡ç²çº¿è¡¨ç¤ºï¼ä½å¹¶ä¸è¡¨ç¤ºä» æä¸æ ¹æ»çº¿æä¸ç§ç±»åçæ»çº¿ãIf the processing module 21 is implemented as a processor and the storage module 14 is implemented as a memory, then as shown in FIG. Wherein, the processor 31 and the memory 32 are connected to each other through a bus 33; the bus 33 may be a PCI bus or an EISA bus or the like. The bus can be divided into address bus, data bus, control bus and so on. For ease of representation, only one thick line is used in FIG. 6 , but it does not mean that there is only one bus or one type of bus.
ç»åæ¬åæå ¬å¼å 容ææè¿°çæ¹æ³æè ç®æ³çæ¥éª¤å¯ä»¥ç¡¬ä»¶çæ¹å¼æ¥å®ç°ï¼ä¹å¯ä»¥æ¯ç±å¤çå¨æ§è¡è½¯ä»¶æ令çæ¹å¼æ¥å®ç°ã软件æ令å¯ä»¥ç±ç¸åºç软件模åç»æï¼è½¯ä»¶æ¨¡åå¯ä»¥è¢«åæ¾äºRAMãéªåãROMãEPROMãEEPROMãå¯åå¨ã硬çã移å¨ç¡¬çãCD-ROMæè æ¬é¢åçç¥çä»»ä½å ¶å®å½¢å¼çåå¨ä»è´¨ä¸ãä¸ç§ç¤ºä¾æ§çåå¨ä»è´¨è¦åè³å¤çå¨ï¼ä»è使å¤çå¨è½å¤ä»è¯¥åå¨ä»è´¨è¯»åä¿¡æ¯ï¼ä¸å¯å该åå¨ä»è´¨åå ¥ä¿¡æ¯ãå½ç¶ï¼åå¨ä»è´¨ä¹å¯ä»¥æ¯å¤çå¨çç»æé¨åãå¤çå¨ååå¨ä»è´¨å¯ä»¥é¨ç½²å¨åä¸è®¾å¤ä¸ï¼æè ï¼å¤çå¨ååå¨ä»è´¨ä¹å¯ä»¥ä½ä¸ºåç«ç»ä»¶é¨ç½²å¨äºä¸åç设å¤ä¸ãThe steps of the methods or algorithms described in conjunction with the disclosure of the present invention may be implemented in the form of hardware, or may be implemented in the form of a processor executing software instructions. The software instructions may consist of corresponding software modules, and the software modules may be stored in RAM, flash memory, ROM, EPROM, EEPROM, registers, hard disk, removable hard disk, CD-ROM or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be a component of the processor. The processor and the storage medium may be deployed in the same device, or the processor and the storage medium may also be deployed in different devices as separate components.
æ¬é¢åææ¯äººååºè¯¥å¯ä»¥æè¯å°ï¼å¨ä¸è¿°ä¸ä¸ªæå¤ä¸ªç¤ºä¾ä¸ï¼æ¬åæå®æ½ä¾ææè¿°çåè½å¯ä»¥ç¨ç¡¬ä»¶ã软件ãåºä»¶æå®ä»¬çä»»æç»åæ¥å®ç°ãå½ä½¿ç¨è½¯ä»¶å®ç°æ¶ï¼å¯ä»¥å°è¿äºåè½åå¨å¨è®¡ç®æºå¯è¯»ä»è´¨ä¸æè ä½ä¸ºè®¡ç®æºå¯è¯»ä»è´¨ä¸çä¸ä¸ªæå¤ä¸ªæ令æ代ç è¿è¡ä¼ è¾ã计ç®æºå¯è¯»ä»è´¨å æ¬è®¡ç®æºåå¨ä»è´¨åéä¿¡ä»è´¨ï¼å ¶ä¸éä¿¡ä»è´¨å æ¬ä¾¿äºä»ä¸ä¸ªå°æ¹åå¦ä¸ä¸ªå°æ¹ä¼ é计ç®æºç¨åºçä»»ä½ä»è´¨ãåå¨ä»è´¨å¯ä»¥æ¯éç¨æä¸ç¨è®¡ç®æºè½å¤ååçä»»ä½å¯ç¨ä»è´¨ãThose skilled in the art should be aware that, in the above one or more examples, the functions described in the embodiments of the present invention may be implemented by hardware, software, firmware or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.
以ä¸æè¿°çå ·ä½å®æ½æ¹å¼ï¼å¯¹æ¬åæå®æ½ä¾çç®çãææ¯æ¹æ¡åæçææè¿è¡äºè¿ä¸æ¥è¯¦ç»è¯´æï¼æåºç解çæ¯ï¼ä»¥ä¸æè¿°ä» ä¸ºæ¬åæçå ·ä½å®æ½æ¹å¼èå·²ï¼å¹¶ä¸ç¨äºéå®æ¬åæçä¿æ¤èå´ï¼å¡å¨æ¬åæå®æ½ä¾çææ¯æ¹æ¡çåºç¡ä¹ä¸ï¼æåçä»»ä½ä¿®æ¹ãçåæ¿æ¢ãæ¹è¿çï¼ååºå æ¬å¨æ¬åæå®æ½ä¾çä¿æ¤èå´ä¹å ãThe specific implementation manners described above have further described the purpose, technical solutions and beneficial effects of the embodiments of the present invention in detail. It should be understood that the above descriptions are only specific implementation modes of the present invention and are not intended to limit this In the protection scope of the invention, any modifications, equivalent replacements, improvements, etc. made on the basis of the technical solutions of the embodiments of the present invention shall be included in the protection scope of the embodiments of the present invention.
Claims (20)1. A method for acquiring an implicit identifier, the method comprising:
intercepting an operation instruction of an application program for accessing a recessive identifier;
determining the access condition of the application program after the application program is started according to the operation instruction, and determining whether the application program has a trend of maliciously accessing the recessive identifier or not according to the access condition;
and after determining that the application program has a trend of maliciously accessing the covert identifier according to the access condition, feeding fake information or blank information back to the application program, or prompting a user to decide whether to allow the application program to access the covert identifier.
2. The method of claim 1, wherein the access condition comprises at least one of a first number and a second number, the first number being a number of the application access covert identifiers, and the second number being a number of the application access covert identifier categories.
3. The method according to claim 2, characterized in that the correlation between two covert identifiers belonging to the same category is greater than the correlation between each of said two covert identifiers and any one covert identifier of the other category; the division for dividing the recessive identifier category includes at least one of a source, a generation time, and a usage manner of the recessive identifier, and the recessive identifier category includes at least one of a user interface UI setting and a user habit.
4. A method according to claim 2 or 3, wherein the access condition comprises the first number; the trend of determining whether the application program has a malicious access recessive identifier according to the access condition comprises the following steps:
when one or more malicious access judgment conditions are met, determining that the application program has a trend of a malicious access recessive identifier, and when the one or more malicious access judgment conditions are not met, determining that the application program does not have the trend of the malicious access recessive identifier;
wherein,
the satisfying of the one or more malicious access determination conditions includes: the first number is greater than a first threshold; the unsatisfied malicious access judgment condition comprises: the first number is less than or equal to the first threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: the ratio of the first number to a first total number is greater than a second threshold, wherein the first total number is the total number of the recessive identifiers; the unsatisfied malicious access judgment condition comprises: the ratio of the first number to the first total number is less than or equal to a second threshold;
or, the meeting of one or more malicious access judgment conditions includes: the first number is greater than a third threshold, and a ratio of the first number to the first total number is greater than a fourth threshold; the unsatisfied malicious access judgment condition comprises: the first number is less than or equal to the third threshold, and a ratio of the first number to the first total number is less than or equal to the fourth threshold.
5. The method of claim 4, wherein the access condition comprises a weight for each covert identifier;
the satisfying of the one or more malicious access determination conditions includes: first parameterGreater than a fifth threshold value, where xiA weight for representing an implicit identifier i, n being for representing the first number, both i, n being integers greater than or equal to 1; the unsatisfied malicious access judgment condition comprises: the first parameterLess than or equal to the fifth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: first ratioGreater than a sixth threshold, where m is used to represent the first total number, m is an integer greater than or equal to 1, and n is less than or equal to m; the unsatisfied malicious access judgment condition comprises: the first mentionedA ratio ofLess than or equal to the sixth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: the first parameterGreater than a seventh threshold value, and the first ratioGreater than an eighth threshold; the unsatisfied malicious access judgment condition comprises: the first parameterLess than or equal to a seventh threshold value, and the first ratioLess than or equal to an eighth threshold.
6. A method according to claim 2 or 3, wherein the access situation comprises the second number; the trend of determining whether the application program has a malicious access recessive identifier according to the access condition comprises the following steps:
when one or more malicious access judgment conditions are met, determining that the application program has a trend of a malicious access recessive identifier, and when the one or more malicious access judgment conditions are not met, determining that the application program does not have the trend of the malicious access recessive identifier;
wherein,
the satisfying of the one or more malicious access determination conditions includes: the second number is greater than a ninth threshold; the unsatisfied malicious access judgment condition comprises: the second number is less than or equal to the ninth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: a ratio of the second number to the second total number is greater than a tenth threshold; the unsatisfied malicious access judgment condition comprises: the ratio of the second number to the second total number is less than or equal to the tenth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: the second number is greater than an eleventh threshold and a ratio of the second number to the second total number is greater than a twelfth threshold; the unsatisfied malicious access judgment condition comprises: the second number is less than or equal to the eleventh threshold, and a ratio of the second number to the second total number is less than or equal to the twelfth threshold.
7. The method of claim 6, wherein the access profile includes a weight for each implicit identifier category;
the satisfying of the one or more malicious access determination conditions includes: second parameterGreater than a thirteenth threshold value, wherein yjA weight for representing a recessive identifier category j, q for representing said second number, j, q both being integers greater than or equal to 1; the unsatisfied malicious access judgment condition comprises: the second parameterLess than or equal to the thirteenth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: second ratioGreater than a fourteenth threshold, where p is used to represent the first total number, p is an integer greater than or equal to 1, and q is less than or equal to p; the dissatisfaction with aversionThe intentional access judgment condition includes: the second ratioLess than or equal to the fourteenth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: the second parameterGreater than a fifteenth threshold, and the second ratioGreater than a sixteenth threshold; the unsatisfied malicious access judgment condition comprises: the second parameterLess than or equal to the fifteenth threshold, and the second ratioLess than or equal to the sixteen thresholds.
8. The method of any of claims 1-7, wherein prior to the prompting the user to decide whether to allow the application to access an implicit identifier, the method further comprises:
recording the operation instruction;
the prompting the user to decide whether to allow the application program to access the recessive identifier specifically includes:
and prompting a user to decide whether to allow the application program to access the recessive identifier after a specified condition is met, wherein the specified condition at least comprises one of the condition that the number of the operation instructions is greater than a seventeenth threshold value and the condition that the time for intercepting the operation instructions exceeds a preset time range.
9. The method of any one of claims 1 to 8, wherein the fake information comprises at least one of a randomly generated false covert identifier or a preset false covert identifier.
10. The method according to any one of claims 1 to 9, wherein the recessive identifier comprises at least one of an identifier without access right set and an identifier with access right set but without notifying the terminal of the user during the authentication of the application.
11. An apparatus for obtaining an implicit identifier, the apparatus comprising:
the acquisition module is used for intercepting an operation instruction of the application program for accessing the recessive identifier;
the determining module is used for determining the access condition of the application program after the application program is started according to the operation instruction intercepted by the acquiring module, and determining whether the application program has a trend of malicious access to the recessive identifier according to the access condition;
and the sending module is used for feeding back fake information or blank information to the application program or prompting a user to decide whether to allow the application program to access the recessive identifier or not after the determining module determines that the application program has the trend of malicious access to the recessive identifier according to the access condition intercepted by the acquisition module.
12. The apparatus of claim 11, wherein the access condition comprises at least one of a first number and a second number, the first number being a number of the application access covert identifiers, and the second number being a number of the application access covert identifier categories.
13. The apparatus of claim 12, wherein a correlation between two covert identifiers belonging to the same category is greater than a correlation between each of the two covert identifiers and any one of the other categories; the division for dividing the recessive identifier category includes at least one of a source, a generation time, and a usage manner of the recessive identifier, and the recessive identifier category includes at least one of a user interface UI setting and a user habit.
14. The apparatus of claim 12 or 13, wherein the access condition comprises the first number; the determining module is further configured to:
when one or more malicious access judgment conditions are met, determining that the application program has a trend of a malicious access recessive identifier, and when the one or more malicious access judgment conditions are not met, determining that the application program does not have the trend of the malicious access recessive identifier;
wherein,
the satisfying of the one or more malicious access determination conditions includes: the first number is greater than a first threshold; the unsatisfied malicious access judgment condition comprises: the first number is less than or equal to the first threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: the ratio of the first number to a first total number is greater than a second threshold, wherein the first total number is the total number of the recessive identifiers; the unsatisfied malicious access judgment condition comprises: the ratio of the first number to the first total number is less than or equal to a second threshold;
or, the meeting of one or more malicious access judgment conditions includes: the first number is greater than a third threshold, and a ratio of the first number to the first total number is greater than a fourth threshold; the unsatisfied malicious access judgment condition comprises: the first number is less than or equal to the third threshold, and a ratio of the first number to the first total number is less than or equal to the fourth threshold.
15. The apparatus of claim 14, wherein the access condition comprises a weight for each covert identifier;
the satisfying of the one or more malicious access determination conditions includes: first parameterGreater than a fifth threshold value, where xiA weight for representing an implicit identifier i, n being for representing the first number, both i, n being integers greater than or equal to 1; the unsatisfied malicious access judgment condition comprises: the first parameterLess than or equal to the fifth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: first ratioGreater than a sixth threshold, where m is used to represent the first total number, m is an integer greater than or equal to 1, and n is less than or equal to m; the unsatisfied malicious access judgment condition comprises: the first ratioLess than or equal to the sixth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: the first parameterGreater than a seventh threshold value, and the first ratioGreater than an eighth threshold; the unsatisfied malicious access judgment condition comprises: the first parameterLess than or equal to a seventh threshold value, and the first ratioLess than or equal to an eighth threshold.
16. The apparatus of claim 12 or 13, wherein the access condition comprises the second number; the determining module is further configured to:
when one or more malicious access judgment conditions are met, determining that the application program has a trend of a malicious access recessive identifier, and when the one or more malicious access judgment conditions are not met, determining that the application program does not have the trend of the malicious access recessive identifier;
wherein,
the satisfying of the one or more malicious access determination conditions includes: the second number is greater than a ninth threshold; the unsatisfied malicious access judgment condition comprises: the second number is less than or equal to the ninth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: a ratio of the second number to the second total number is greater than a tenth threshold; the unsatisfied malicious access judgment condition comprises: the ratio of the second number to the second total number is less than or equal to the tenth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: the second number is greater than an eleventh threshold and a ratio of the second number to the second total number is greater than a twelfth threshold; the unsatisfied malicious access judgment condition comprises: the second number is less than or equal to the eleventh threshold, and a ratio of the second number to the second total number is less than or equal to the twelfth threshold.
17. The apparatus of claim 16, wherein the access profile comprises a weight for each implicit identifier category;
the satisfying of the one or more malicious access determination conditions includes: second parameterGreater than a thirteenth threshold value, wherein yjA weight for representing a recessive identifier category j, q for representing said second number, j, q both being integers greater than or equal to 1; the unsatisfied malicious access judgment condition comprises: the second parameterLess than or equal to the thirteenth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: second ratioGreater than a fourteenth threshold, where p is used to represent the first total number, p is an integer greater than or equal to 1, and q is less than or equal to p; the unsatisfied malicious access judgment condition comprises: the second ratioLess than or equal to the fourteenth threshold;
or,
the satisfying of the one or more malicious access determination conditions includes: the second parameterGreater than a fifteenth threshold, and the second ratioGreater than a sixteenth threshold; the unsatisfied malicious access judgment condition comprises: the second parameterLess than or equal to the fifteenth threshold, and the second ratioLess than or equal to the sixteen thresholds.
18. The apparatus of any one of claims 11 to 17, further comprising:
the storage module is used for recording the operation instruction;
the sending module is further configured to:
and prompting a user to decide whether to allow the application program to access the recessive identifier after a specified condition is met, wherein the specified condition at least comprises one of the condition that the number of the operation instructions is greater than a seventeenth threshold value and the condition that the time for intercepting the operation instructions exceeds a preset time range.
19. The apparatus of any of claims 11 to 18, wherein the fake information comprises at least one of a randomly generated false covert identifier or a preset false covert identifier.
20. The apparatus according to any one of claims 11 to 19, wherein the recessive identifier comprises at least one of an identifier in which no access right is set and an identifier in which an access right is set but the terminal does not need to be notified of the presentation to the user during the authentication of the application.
CN201710297568.8A 2017-04-28 2017-04-28 A method and device for acquiring an implicit identifier Active CN108804911B (en) Priority Applications (1) Application Number Priority Date Filing Date Title CN201710297568.8A CN108804911B (en) 2017-04-28 2017-04-28 A method and device for acquiring an implicit identifier Applications Claiming Priority (1) Application Number Priority Date Filing Date Title CN201710297568.8A CN108804911B (en) 2017-04-28 2017-04-28 A method and device for acquiring an implicit identifier Publications (2) Family ID=64053937 Family Applications (1) Application Number Title Priority Date Filing Date CN201710297568.8A Active CN108804911B (en) 2017-04-28 2017-04-28 A method and device for acquiring an implicit identifier Country Status (1) Cited By (1) * Cited by examiner, â Cited by third party Publication number Priority date Publication date Assignee Title CN110351387A (en) * 2019-07-25 2019-10-18 è ¾è®¯ç§æï¼æ·±å³ï¼æéå ¬å¸ Broadcasting, transmission method and the device of media resource, storage medium and electronic device Citations (5) * Cited by examiner, â Cited by third party Publication number Priority date Publication date Assignee Title CN1633063A (en) * 2005-01-07 2005-06-29 å京é®çµå¤§å¦ Method for Improving Privacy Data Security in Open Business US7092953B1 (en) * 2000-12-28 2006-08-15 Rightlsline, Inc. Apparatus and methods for intellectual property database navigation CN102110220A (en) * 2011-02-14 2011-06-29 å®é¾è®¡ç®æºéä¿¡ç§æ(æ·±å³)æéå ¬å¸ Application program monitoring method and device CN103020515A (en) * 2012-12-26 2013-04-03 ä¸å½äººæ°è§£æ¾åå½é²ç§å¦ææ¯å¤§å¦ Application program execution permission control method for operating system CN104376263A (en) * 2014-12-09 2015-02-25 å京å¥èç§ææéå ¬å¸ Application behavior intercepting method and application behavior intercepting deviceRetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4