CN103632096B - A kind of method and apparatus that safety detection is carried out to equipment - Google Patents

Abstract

The invention discloses a method and device for security detection of equipment, wherein the method includes: when the mobile equipment is connected to the computing equipment, receiving the mobile equipment security information sent by the computing equipment on the side of the mobile equipment; A detection request, wherein the safety detection request includes a designated detection object; obtaining safety detection result information corresponding to the designated detection object on the mobile device side, and sending the safety detection result information to the computing device side; The mobile device side receives the execution instruction sent by the computing device side, the execution instruction is generated by the computing device according to the security detection result information; and the execution instruction is executed on the mobile device side. The invention can enable the user to realize the safety detection of the mobile device on the computing device side, thereby improving the safety of the mobile device.

Description

A method and device for safety detection of equipment

technical field

The invention relates to the technical field of equipment safety detection, in particular to a method for safety detection of equipment and a device for safety detection of equipment.

Background technique

With the improvement of informatization and the continuous introduction of various applicable technologies, smart terminals such as computers or mobile phones have been widely used in learning, entertainment, work, etc., and are playing an increasingly important role in people's daily life. However, the wide application of smart terminals also puts forward higher requirements for smart terminals in terms of garbage data cleaning and security protection.

In response to the above requirements, many third-party security application manufacturers have developed security applications for smart terminals. The security applications can perform physical examinations on the smart terminals on the side of the smart terminals, and perform a series of repair operations based on the results of the physical examinations to ensure the security of the smart terminals. performance and security. As far as mobile devices are concerned, although some anti-virus software is pre-installed on some mobile devices, it is easy to be infected with viruses when users do not install Mobile Guard on them, especially when they visit the application market and download some applications. Being bundled or downloaded to install software such as malicious applications, plug-ins, or advertising applications often causes users to suffer from mobile device traffic being stolen, privacy being stolen, or malicious deductions, etc. loss, so it is necessary to protect the security of the user's mobile device from various channels.

Contents of the invention

In view of the above problems, the present invention is proposed to provide a method for performing security detection on equipment and a corresponding device for performing security detection on equipment, which overcome the above problems or at least partially solve the above problems.

According to one aspect of the present invention, a method for safety detection of equipment is provided, including:

When the mobile device is connected to the computing device, a security detection request for the mobile device sent by the computing device side is received at the mobile device side, and the security detection request includes a specified detection object;

Obtaining security detection result information corresponding to the specified detection object at the mobile device side, and sending the security detection result information to the computing device side;

receiving, at the mobile device side, an execution instruction sent by the computing device side, the execution instruction being generated by the computing device according to the security detection result information;

Executing the execution instruction at the mobile device side.

Optionally, before the mobile device side receives the mobile device security detection request sent by the computing device side, it may further include:

The mobile device side receives the third-party application installation package sent by the computing device side, and the third-party application installation package is sent from the server when the computing device side detects that no third-party application is installed on the mobile device side. downloaded;

The mobile device side installs a third-party application according to the third-party application installation package.

Optionally, before the mobile device side receives the mobile device security detection request sent by the computing device side, it may further include:

A SOCKET connection channel between the mobile device and the computing device is established, and the mobile device receives a security detection request, sends security detection result information, and receives an execution instruction through the SOCKET connection channel.

Optionally, the step of receiving, at the mobile device side, a security detection request for the mobile device sent by the computing device side is:

Using the third-party application on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The step of obtaining the safety detection result information corresponding to the specified detection object at the mobile device side, and sending the safety detection result information to the computing device side includes:

Using the third-party application on the mobile device side to perform a security testing operation on a designated testing object according to the security testing request, and obtain security testing result information;

returning the security detection result information to the computing device side by the third-party application;

The step of receiving, at the mobile device side, the execution instruction sent by the computing device side is:

Using the third-party application on the mobile device side to receive the execution instruction sent by the computing device side;

The step of executing the execution instruction on the mobile device side is:

The execution instruction is executed by using the third-party application on the mobile device side.

Optionally, a first client program is installed on the mobile device side, and the step of receiving, at the mobile device side, a security detection request for the mobile device sent by the computing device side is:

Using the first client program on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The step of obtaining the safety detection result information corresponding to the specified detection object at the mobile device side, and sending the safety detection result information to the computing device side includes:

On the mobile device side, the first client program is used to send the safety detection request to the third-party application, and the third-party medical device performs a safety detection operation on a designated detection object according to the safety detection request, Obtain the security detection result information and return it to the first client program;

The first client program returns the security detection result information to the computing device side;

The step of receiving, at the mobile device side, the execution instruction sent by the computing device side is:

Using the first client program on the mobile device side to receive an execution instruction sent by the computing device side;

The step of executing the execution instruction on the mobile device side is:

The first client program is used on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction.

Optionally, the step of the first client program sending the security detection request to the third-party application includes:

The first client program calls the service interface of the third-party application according to the specified detection object, and sends the security detection request to the third-party application.

Optionally, the specified detection object includes one or more of the following services for mobile devices: mobile device hanging horse vulnerability detection, detection of whether cloud scanning and killing is enabled, detection of dangerous software, detection of virus database update, Detect whether the security service is enabled, detect whether the mobile device has counterfeit applications, detect whether there are malicious advertising applications on the mobile device, and detect whether the active defense function is enabled.

Optionally, the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, garbage data cleaning detection, cache cleaning detection, application cleaning Residual file detection after uninstallation, installation package cleaning detection, large file cleaning, and privacy trace cleaning detection.

Optionally, the safety detection result information includes safety detection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

Optionally, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, cloud scanning and killing, risk software repair, virus database update , Enable security services, repair counterfeit apps, repair malicious advertising apps, and enable active defense functions.

Optionally, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software shutdown, automatic startup software shutdown, garbage data cleaning, cache cleaning , Clean up residual files that exist after app uninstallation, clean up installation packages, clean up large files, and clean up privacy traces.

According to another aspect of the present invention, a method for security detection of equipment is provided, including:

When the computing device side detects that there is a mobile device access, the computing device side sends a security detection request to the mobile device to the mobile device side, and the security detection request includes a designated detection object;

receiving, at the computing device side, security detection result information for the security detection request returned by the mobile device side, where the security detection result information is obtained by the mobile device side according to the designated detection object;

A corresponding execution instruction is generated on the computing device side according to the security detection result information and sent to the mobile device side, and the execution instruction is executed by the mobile device side.

Optionally, before the step of the computing device side sending the mobile device security detection request to the mobile device side, it may further include:

Reading installation package information of all installed applications on the mobile device side at the computing device side, where the installation package information includes an installation package identifier;

When the computing device side judges that there is no third-party application installation package identification in the installation package identification, obtain the download address of the third-party application installation package from the server;

The computing device side downloads the third-party application installation package according to the download address of the third-party application installation package and sends it to the mobile device side.

Optionally, before the step of the computing device side sending the mobile device security detection request to the mobile device side, it may further include:

A SOCKET connection channel between the mobile device and the computing device is established, and the computing device sends a security detection request, receives security detection result information, and sends an execution instruction through the connection channel.

Optionally, the security detection result information has type identification information, and the step of generating a corresponding execution instruction according to the security detection result information on the computing device side and sending it to the mobile device side includes:

The computing device side looks up the execution suggestion information corresponding to the type identifier in a preset mapping table, and the preset mapping table stores a mapping relationship between the type identifier and the execution suggestion information pre-agreed between the computing device and the mobile device;

Displaying the security detection result information and corresponding execution suggestion information on the computing device side;

receiving, at the computing device side, user selected instructions for the one or more implementation suggestion messages;

One or more execution instructions corresponding to the execution suggestion information are generated according to the selected instruction and sent to the mobile device side.

Optionally, the specified detection object includes one or more of the following services for mobile devices: mobile device hanging horse vulnerability detection, detection of whether cloud scanning and killing is enabled, detection of dangerous software, detection of virus database update, Detect whether the security service is enabled, detect whether the mobile device has counterfeit applications, detect whether there are malicious advertising applications on the mobile device, and detect whether the active defense function is enabled.

Optionally, the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, garbage data cleaning detection, cache cleaning detection, application cleaning Residual file detection after uninstallation, installation package cleaning detection, large file cleaning, and privacy trace cleaning detection.

Optionally, the safety detection result information includes safety detection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

Optionally, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, cloud scanning and killing, risk software repair, virus database update , Enable security services, repair counterfeit apps, repair malicious advertising apps, and enable active defense functions.

Optionally, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software shutdown, automatic startup software shutdown, garbage data cleaning, cache cleaning , Clean up residual files that exist after app uninstallation, clean up installation packages, clean up large files, and clean up privacy traces.

According to another aspect of the present invention, a device for safety detection of equipment is provided, including:

The security detection request receiving module is adapted to receive, on the mobile device side, a security detection request for the mobile device sent by the computing device side when the mobile device is connected to the computing device, and the security detection request includes a designated detection object;

The safety detection result information sending module is adapted to obtain the safety detection result information corresponding to the specified detection object on the mobile device side, and send the safety detection result information to the computing device side;

The execution command receiving module is adapted to receive the execution command sent by the computing device side at the mobile device side, the execution command is generated by the computing device according to the security detection result information;

The execution instruction execution module is adapted to execute the execution instruction on the side of the mobile device.

Optionally, the device also includes:

The installation package receiving module is adapted to receive the third-party application installation package sent by the computing device side before the mobile device side receives the security detection request for the mobile device sent by the computing device side, The third-party application installation package is downloaded from the server when the computing device side detects that no third-party application is installed on the mobile device side;

The installation package installation module is adapted to install a third-party application on the mobile device side according to the third-party application installation package.

Optionally, the device also includes:

The channel establishment module is adapted to establish a SOCKET connection channel between the mobile device and the computing device before the mobile device side receives the security detection request for the mobile device sent by the computing device side, and the mobile device passes through the The SOCKET connection channel receives security testing requests, sends security testing result information, and receives execution instructions.

Optionally, the safety detection request receiving module is also adapted to:

Using the third-party application on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The described safety detection result information sending module is also suitable for:

Using the third-party application on the mobile device side to perform a security testing operation on a designated testing object according to the security testing request, and obtain security testing result information;

returning the security detection result information to the computing device side by the third-party application;

The execution instruction receiving module is also suitable for:

Using the third-party application on the mobile device side to receive the execution instruction sent by the computing device side;

The execution instruction execution module is also suitable for:

The execution instruction is executed by using the third-party application on the mobile device side.

Optionally, the safety detection request receiving module is also adapted to:

Using the first client program on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The described safety detection result information sending module is also suitable for:

On the mobile device side, the first client program is used to send the safety detection request to the third-party application, and the third-party medical device performs a safety detection operation on a designated detection object according to the safety detection request, Obtain the security detection result information and return it to the first client program;

The first client program returns the security detection result information to the computing device side;

The execution instruction receiving module is also suitable for:

Using the first client program on the mobile device side to receive an execution instruction sent by the computing device side;

The execution instruction execution module is also suitable for:

The first client program is used on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction.

Optionally, the first client program sends the security detection request to the third-party application, specifically:

The first client program calls the service interface of the third-party application according to the specified detection object, and sends the security detection request to the third-party application.

Optionally, the specified detection object includes one or more of the following services for mobile devices: mobile device hanging horse vulnerability detection, detection of whether cloud scanning and killing is enabled, detection of dangerous software, detection of virus database update, Detect whether the security service is enabled, detect whether the mobile device has counterfeit applications, detect whether there are malicious advertising applications on the mobile device, and detect whether the active defense function is enabled.

Optionally, the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, garbage data cleaning detection, cache cleaning detection, application cleaning Residual file detection after uninstallation, installation package cleaning detection, large file cleaning, and privacy trace cleaning detection.

Optionally, the safety detection result information includes safety detection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

Optionally, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, cloud scanning and killing, risk software repair, virus database update , Enable security services, repair counterfeit apps, repair malicious advertising apps, and enable active defense functions.

Optionally, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software shutdown, automatic startup software shutdown, garbage data cleaning, cache cleaning , Clean up residual files that exist after app uninstallation, clean up installation packages, clean up large files, and clean up privacy traces.

According to another aspect of the present invention, a device for safety detection of equipment is provided, including:

The security detection request sending module is adapted to send a security detection request to the mobile device from the computing device side to the mobile device side when the computing device side safely detects that there is a mobile device access, and the security detection request includes a specified detection object ;

The safety inspection result information receiving module is adapted to receive, on the computing device side, the safety inspection result information for the safety inspection request returned by the mobile device, and the safety inspection result information is sent by the mobile device according to the Obtained by specifying the detection object;

The execution instruction sending module is adapted to generate a corresponding execution instruction according to the security detection result information on the computing device side and send it to the mobile device side, and the mobile device side executes the execution instruction.

Optionally, the device also includes:

The installation package information acquisition module is adapted to read the installation package information of all installed applications on the mobile device side before the computing device side sends a security detection request to the mobile device side to the mobile device side , the installation package information includes an installation package identifier;

The search module is adapted to obtain the download address of the third-party application installation package from the server when the computing device side judges that there is no third-party application installation package identification in the installation package identification;

The installation package sending module is adapted to download the third-party application installation package on the computing device side according to the download address of the third-party application installation package and send it to the mobile device side.

Optionally, the device also includes:

A connection channel establishment module, adapted to establish a SOCKET connection channel between the mobile device and the computing device before the computing device side sends a security detection request to the mobile device side, and the computing device passes the The above connection channel sends a security detection request, receives security detection result information, and sends an execution instruction.

Optionally, the security detection result information has type identification information, and the execution instruction sending module is further adapted to:

The computing device side looks up the execution suggestion information corresponding to the type identifier in a preset mapping table, and the preset mapping table stores a mapping relationship between the type identifier and the execution suggestion information pre-agreed between the computing device and the mobile device;

Displaying the security detection result information and corresponding execution suggestion information on the computing device side;

receiving, at the computing device side, user selected instructions for the one or more implementation suggestion messages;

One or more execution instructions corresponding to the execution suggestion information are generated according to the selected instruction and sent to the mobile device side.

Optionally, the specified detection object includes one or more of the following services for mobile devices: mobile device hanging horse vulnerability detection, detection of whether cloud scanning and killing is enabled, detection of dangerous software, detection of virus database update, Detect whether the security service is enabled, detect whether the mobile device has counterfeit applications, detect whether there are malicious advertising applications on the mobile device, and detect whether the active defense function is enabled.

Optionally, the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, garbage data cleaning detection, cache cleaning detection, application cleaning Residual file detection after uninstallation, installation package cleaning detection, large file cleaning, and privacy trace cleaning detection.

Optionally, the safety detection result information includes safety detection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

Optionally, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, cloud scanning and killing, risk software repair, virus database update , Enable security services, repair counterfeit apps, repair malicious advertising apps, and enable active defense functions.

Optionally, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software shutdown, automatic startup software shutdown, garbage data cleaning, cache cleaning , Clean up residual files that exist after app uninstallation, clean up installation packages, clean up large files, and clean up privacy traces.

Compared with the background technology, the present invention has the following beneficial effects:

In the present invention, when the mobile device is connected to the computing device, the security detection of the specified detection object of the mobile device can be realized on the computing device side, and when the computing device receives the security detection result returned by the mobile device, the computing device can Sending an execution command to the mobile device prompts the mobile device to perform relevant operations on the security detection result, so that the user can implement security detection on the mobile device at the computing device side, thereby improving the security of the mobile device.

The above description is only an overview of the technical solution of the present invention. In order to better understand the technical means of the present invention, it can be implemented according to the contents of the description, and in order to make the above and other purposes, features and advantages of the present invention more obvious and understandable , the specific embodiments of the present invention are enumerated below.

Description of drawings

Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiment. The drawings are only for the purpose of illustrating a preferred embodiment and are not to be considered as limiting the invention. Also throughout the drawings, the same reference numerals are used to designate the same parts. In the attached picture:

FIG. 1 shows a flow chart of the steps of Embodiment 1 of a method for safety detection of equipment according to the present invention;

Fig. 2 shows a flow chart of the steps of Embodiment 2 of a method for safety detection of equipment according to the present invention;

FIG. 3 shows a flow chart of steps in Embodiment 3 of a method for safety detection of equipment according to the present invention;

FIG. 4 shows a flow chart of the steps of Embodiment 4 of a method for safety detection of equipment according to the present invention;

FIG. 5 shows a structural block diagram of Embodiment 1 of an apparatus for safety detection of equipment according to the present invention;

FIG. 6 shows a structural block diagram of Embodiment 2 of an apparatus for safety detection of equipment according to the present invention.

Detailed ways

Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

Referring to FIG. 1 , it shows a flow chart of the steps of Embodiment 1 of a method for security detection of a device according to the present invention. The embodiment of the present invention is described from the side of the mobile device, and may include the following steps:

Step 101, when the mobile device is connected to the computing device, receiving a security detection request for the mobile device sent by the computing device side at the mobile device side, the security detection request including a specified detection object;

In a preferred embodiment of the present invention, the specified detection object includes one or more of the following services for mobile devices: detection of mobile device hanging horse vulnerabilities, detection of whether cloud scanning and killing is enabled, detection of dangerous software, Detect whether the virus database has been updated, detect whether the security service is enabled, detect whether there are counterfeit applications on the mobile device, detect whether there are malicious advertising applications on the mobile device, detect whether the active defense function is enabled, detect memory optimization, detect whether there is background software, and automatically start Software detection, junk data cleanup detection, cache cleanup detection, residual file detection after app uninstallation, installation package cleanup detection, large file cleanup, privacy trace cleanup detection.

Step 102: Acquiring security testing result information corresponding to the specified testing object on the mobile device side, and sending the security testing result information to the computing device side;

Step 103, receiving, at the mobile device side, an execution instruction sent by the computing device side, the execution instruction being generated by the computing device according to the security detection result information;

In a preferred embodiment of the present invention, the safety inspection result information may include safety inspection progress information, and correspondingly, the execution instruction may include a stop instruction, a pause instruction, and a continue execution instruction.

In another preferred embodiment of the present invention, the security detection result information includes the security detection result, and correspondingly, the execution instruction may include one or more of the following: mobile device hanging horse vulnerability repair, enabling cloud checking Kill, repair dangerous software, update virus database, enable security services, repair copycat apps, repair malicious advertising apps, enable active defense, optimize memory, close background software, turn off auto-starting software, clean junk data, clear cache, clean apps Residual files after uninstallation, installation package cleanup, large file cleanup, and privacy trace cleanup.

Step 104, execute the execution instruction on the mobile device side.

In a preferred embodiment of the present invention, before the step 101, it may also include:

The mobile device side receives the third-party application installation package sent by the computing device side, and the third-party application installation package is sent from the server when the computing device side detects that no third-party application is installed on the mobile device side. downloaded;

The mobile device side installs a third-party application according to the third-party application installation package.

In a preferred embodiment of the present invention, before the step 101, it may also include:

A SOCKET connection channel between the mobile device and the computing device is established, and the mobile device receives a security detection request, sends security detection result information, and receives an execution instruction through the SOCKET connection channel.

In a preferred embodiment of the present invention, the step 101 may specifically be:

Using the third-party application on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The step 102 may include the following sub-steps:

Using the third-party application on the mobile device side to perform a security testing operation on a designated testing object according to the security testing request, and obtain security testing result information;

returning the security detection result information to the computing device side by the third-party application;

The step 103 may specifically be:

Using the third-party application on the mobile device side to receive the execution instruction sent by the computing device side;

The step 104 may specifically be:

The execution instruction is executed by using the third-party application on the mobile device side.

Specifically, the mobile device side may receive a security detection request for the mobile device from the computing device side through the third-party application, and the third-party application performs a security detection operation on a specified detection object according to the security detection request , obtain the security detection result information and return to the computing device side.

In another preferred embodiment of the present invention, the first client program is installed on the mobile device side, and the step 101 may be:

Using the first client program on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The step 102 may include the following sub-steps:

Using the first client program on the mobile device side to send the security detection request to the third-party application, and the third-party application performs a security detection operation on a designated detection object according to the security detection request, Obtain the security detection result information and return it to the first client program;

The first client program returns the security detection result information to the computing device side;

The step 103 can be:

Using the first client program on the mobile device side to receive an execution instruction sent by the computing device side;

The step 104 can be:

The first client program is used on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction.

Specifically, the mobile device may receive a security detection request for the mobile device from the computing device side through the first client program, and the first client program sends the security detection request to the third party application, receiving the security detection result information returned by the third-party application and returning it to the computing device side, wherein the security detection result information is obtained by the third-party application performing a security detection operation on a specified detection object according to the security detection request .

In a preferred embodiment of the present invention, the step of the first client program sending the security detection request to the third-party application may include:

The first client program calls the service interface of the third-party application according to the specified detection object, and sends the security detection request to the third-party application.

In the embodiment of the present invention, when the mobile device is connected to the computing device, the security detection of the designated detection object of the mobile device can be realized on the computing device side, and when the computing device receives the security detection result returned by the mobile device, it can The computing device side issues an execution command to the mobile device to prompt the mobile device to perform related operations on the security detection result, so that the user can implement the security detection of the mobile device on the computing device side, thereby improving the security of the mobile device.

Referring to FIG. 2 , it shows a flow chart of the steps of Embodiment 2 of a method for security detection of equipment according to the present invention. The embodiment of the present invention is described from the side of the computing device. The embodiment of the present invention may include the following steps:

Step 201, when the computing device side detects that there is a mobile device access, the computing device side sends a security detection request to the mobile device to the mobile device side, and the security detection request includes a specified detection object;

In a preferred embodiment of the present invention, the specified detection object may include one or more of the following services for mobile devices: detection of mobile device hanging horse vulnerabilities, detection of whether cloud scanning and killing is enabled, detection of dangerous software , Detect whether the virus database has been updated, detect whether the security service is enabled, detect whether there are counterfeit applications on the mobile device, detect whether there are malicious advertising applications on the mobile device, detect whether the active defense function is enabled, detect memory optimization, detect whether there is background software, and automatically start Software detection, junk data cleanup detection, cache cleanup detection, residual file detection after app uninstallation, installation package cleanup detection, large file cleanup, privacy trace cleanup detection.

Step 202, receiving, on the computing device side, security testing result information for the security testing request returned by the mobile device side, the security testing result information being obtained by the mobile device side according to the designated testing object;

Step 203: Generate a corresponding execution instruction on the computing device side according to the security detection result information and send it to the mobile device side, and the mobile device side executes the execution instruction.

In a preferred embodiment of the present invention, the safety detection result information may include safety detection progress information, and correspondingly, the execution instruction may include a stop instruction, a pause instruction, and a continue execution instruction.

In a preferred embodiment of the present invention, the security detection result information may include the security detection result, and correspondingly, the executable instruction includes one or more of the following: mobile device hanging horse vulnerability repair, enabling cloud checking Kill, repair dangerous software, update virus database, enable security services, repair copycat apps, repair malicious advertising apps, enable active defense, optimize memory, close background software, turn off auto-starting software, clean junk data, clear cache, clean apps Residual files after uninstallation, installation package cleanup, large file cleanup, and privacy trace cleanup.

In a preferred embodiment of the present invention, before the step 201, it may also include:

Reading installation package information of all installed applications on the mobile device side at the computing device side, where the installation package information includes an installation package identifier;

When the computing device side judges that there is no third-party application installation package identification in the installation package identification, obtain the download address of the third-party application installation package from the server;

The computing device side downloads the third-party application installation package according to the download address of the third-party application installation package and sends it to the mobile device side.

In a preferred embodiment of the present invention, before the step 201, it may also include:

A SOCKET connection channel between the mobile device and the computing device is established, and the computing device sends a security detection request, receives security detection result information, and sends an execution instruction through the connection channel.

In a preferred embodiment of the present invention, the security detection result information has type identification information, and the step 203 may include the following sub-steps:

In sub-step S11, the computing device side looks up the execution suggestion information corresponding to the type identifier in the preset mapping table, and the preset mapping table stores the mapping between the type identifier and the execution suggestion information pre-agreed between the computing device and the mobile device relation;

Sub-step S12, displaying the safety detection result information and corresponding execution suggestion information on the computing device side;

Sub-step S13, receiving a user's selected instruction on the one or more execution suggestion information at the computing device side;

In sub-step S14, one or more execution instructions corresponding to the execution suggestion information are generated according to the selected instruction and sent to the mobile device side.

Referring to FIG. 3 , it shows a flow chart of steps in Embodiment 3 of a method for safety detection of equipment according to the present invention, wherein the computing equipment is an intelligent electronic device capable of running according to a program and processing massive amounts of data automatically and at high speed. Devices such as desktops, laptops, etc. The mobile device is a computing device that can be used on the move, such as a mobile phone. This embodiment takes a mobile device installed with an Android operating system as an example. Of course, the present invention is not limited to a mobile device installed with an Android system, and the principles of the present invention are also applicable to mobile devices installed with other operating systems.

In this embodiment of the present invention, a first client program is installed on the mobile device side, a second client program is installed on the computing device side, and the mobile device and the computing device pass the first client program and the second client program The two client programs communicate, and when the first client program is not started, the second client program can start the first client program by sending an activation command to the first client program, thereby opening the communication between the two. communication process.

The method may include the steps of:

Step 301, when the mobile device is connected to the computing device, the second client program detects whether the mobile device has a third-party application installed, if not, execute step 302, and if yes, execute step 304;

In a specific implementation, when the second client program on the computing device side detects that the mobile device is successfully connected to the computing device, it can read the installation package information of all installed applications on the mobile device side, wherein the installation package information carries Package ID. The second client program searches all the installation package identifiers for the installation package identifier of the third-party application. If it exists, it means that the third-party application is installed on the mobile device side; otherwise, it means that the third-party application is not installed on the mobile device side. application.

Further, the installation package information may also carry the version number of each application. If the computing device searches and finds that the mobile device has a third-party application installed, but the version number of the third-party application is smaller than the third-party application stored on the computing device side. The latest version number of the application, the computing device also determines that no third-party application is installed on the mobile device side.

Step 302, the second client program downloads the third-party application installation package and sends it to the mobile device;

In a specific implementation, the mobile device can be connected to the computing device through a data line or wirelessly (such as wireless network communication technology WIFI). When the mobile device accesses the computing device through a data line, if the second client program detects that the If the mobile device does not have a third-party application installed, then search the server for the installation package identification of the third-party application, and obtain the download address of the third-party application installation package when the installation package identification of the third-party application is found, from The third-party application installation package is downloaded from the download address, and the third-party application installation package is transmitted to the mobile device side through a data cable.

Furthermore, when the mobile device is an Android device with an Android system installed, the second client program can drive the third-party application installation package through ADB (Android Debug Bridge, which acts as a debug bridge) To the mobile device side, wherein, ADB is a client-server program, wherein the client is a computing device, the server is an Android device, and the ADB driver is the client driver for the communication between the computing device and the Android device, and ADB is the androidsdk A tool in , with which you can directly operate and manage Android emulators or real Android devices (such as mobile phones). Its main functions are: run the shell (command line) of the device; manage the port mapping of the emulator or device; upload/download files between the computing device and the Android device; install the local Android installation package apk to the emulator or Android device, etc. .

When the mobile device establishes a connection with the computing device in a wireless manner, if the second client program detects that the mobile device does not have a third-party application installed, it searches the server for the installation package identifier of the third-party application, and finds When the installation package of the third-party application is identified, the download address of the third-party application installation package is obtained, the third-party application installation package is downloaded from the download address, and the third-party application installation package is transmitted to the mobile device through a wireless channel side. In practice, the second client program may also directly send the download address of the third-party application installation package to the mobile device, and the mobile device may download and install it.

Specifically, the process of establishing a connection between a mobile device and a computing device in a wireless manner may be as follows:

When the computing device is about to connect with the mobile device, the computing device will first send a connection request to the server. Wherein, the connection request includes the device identifier and the terminal data of the mobile device requesting the connection.

The device identifier is used to identify a computing device, such as the computing device's IP address, network card address, and MID value. Wherein, the MID (Mobile Internet Device, mobile Internet device) value is a unique feature value calculated through the serial number of the hardware.

The terminal data is relevant data of the mobile device, such as the name of the mobile device, the International Mobile Equipment Identity (IMEI) of the mobile device, the model of the mobile device, etc. In addition, if the mobile device is a mobile phone, the corresponding The terminal data can also include the mobile phone number of the mobile phone. Wherein, the IMEI can uniquely identify a mobile device.

Then the server can receive the connection request, obtain the device identification of the computing device from the connection request, thereby determine the computing device to be connected, and obtain the terminal data of the mobile device that the computing device requests to connect.

The server records the terminal data (or device data) of the mobile device (or computing device) that has communicated with it, so the mobile device can be searched based on the terminal data, that is, the terminal data and any mobile device stored in the server can be detected. Whether the terminal data of the device matches, if it matches, it means that the mobile device can be found, and then constructs a mapping relationship between the device identifier and the terminal data to establish an association between the mobile device and the computing device; If not, it means that the mobile device is not found, that is, the mobile device cannot communicate with the server temporarily.

Step 303, install the third-party application on the mobile device side according to the third-party application installation package, and continue to execute step 304;

Specifically, after the mobile device receives the third-party application installation package, it installs the third-party application according to the third-party application installation package; in another case, when the mobile device receives the third-party application installation package When downloading the address, download the third-party application installation package according to the download address of the third-party application installation package and install the third-party application. After the third-party application is installed, the mobile device returns an installation completion message to The computing device is configured to notify the computing device that the third-party application has been installed.

In the embodiment of the present invention, whether a third-party application is installed on the mobile device side can be detected on the computing device side, and when no third-party application is installed on the mobile device side, the computing device automatically downloads the third-party application installation package and sends it to the mobile device Installing, in this process, the mobile device can successfully install the third-party application without connecting to the Internet, which saves the resources of the mobile device, enriches the channels for the security protection of the mobile device, and improves the security of the mobile device; Moreover, the user can install third-party applications (or other applications) on the mobile device side without any operation, which is convenient and quick, and improves user experience.

Applied to the embodiment of the present invention, the third-party application may be a security detection service application, such as 360 Mobile Guard, Jinshan Guardian, etc. The embodiment of the present invention does not need to limit the specific type of the third-party application.

Step 304, establishing a SOCKET connection channel between the mobile device and the computing device;

Specifically, the process of establishing a SOCKET (socket) connection channel between the mobile device and the computing device actually uses the mobile device as the server and the computing device as the client server-client The end SOCKET connection process can be divided into three steps: server monitoring, client request, and connection confirmation. Among them, server monitoring means that the server-side socket does not locate a specific client socket, but is waiting for a connection. The state of the network is monitored in real time; the client request refers to the connection request made by the socket of the client, and the target to be connected is the socket of the server. To this end, the client's socket must first describe the socket of the server it wants to connect to, point out the address and port number of the server-side socket, and then make a connection request to the server-side socket; connection confirmation means when When the server-side socket listens to or receives the connection request of the client-side socket, it responds to the request of the client-side socket, creates a new thread, and sends the description of the server-side socket to the client. Once the client confirms the description, the connection (or connection channel) is established, and a series of data transmissions between the first client program and the second client program can be performed at this time.

In a specific implementation, the server establishes a socket for monitoring connections by calling the socket function, and then calls the bind function to associate the socket with address information. Call the listen function to monitor the port. When there is a connection request, establish a connection with the client by calling the accept function. Finally, call the read function to read the message sent by the client. Of course, you can also use the recv function to achieve the same Function.

Step 305, the second client program sends a security detection request to the mobile device to the first client program through the SOCKET connection channel, and the security detection request includes a specified detection object;

The security detection request is a detection request to ensure the security of the mobile device. As a preferred example of this embodiment, the security detection request may include a specified detection object, and the specified detection object is an item for security detection of the mobile device. It can include one or more of the following services for mobile devices: mobile device Trojan vulnerability detection, detection of cloud scanning and killing, detection of dangerous software, detection of virus database update, detection of security services, detection of mobile Whether the device has counterfeit applications, detect whether there are malicious advertising applications on the mobile device, detect whether the active defense function is enabled, and so on.

As another preferred example of this embodiment, the security detection request may include a specified detection object, and the specified detection object is an item for optimization and garbage cleaning for mobile devices, and may include one of the following services for mobile devices Or more: memory optimization detection, detection of background software, automatic startup software detection, junk data cleaning detection, cache cleaning detection, residual file detection after uninstalling applications, installation package cleaning detection, large file sorting, privacy traces Clean detection, etc.

Step 306, the first client program sends the security detection request to a third-party application;

In practice, during the installation process of the third-party application on the mobile device side, various services (services) can be established, and the first client program locates the third-party application according to the specified detection object after receiving the security detection request For the corresponding service, for example, if the specified detection object is junk data security detection, the corresponding service of the third-party application is a cleaning service. The first client program sends the security detection request to the third-party application by calling the interface of the service corresponding to the third-party application.

Step 307, the third-party application performs a corresponding security detection operation on the specified detection object, and obtains security detection result information;

Specifically, the specified detection object in the security detection request includes information of a type identification, the information of the type identification is the information indicating the detection type of the specified detection object agreed between the third-party application and the server, and the information of different type identifications Different operations are identified, and the third-party application can know what kind of detection the detection object is based on the information identified by the type, so as to perform corresponding operations and obtain security detection result information. E.g,

The type identification information of the physical examination is CMD_SYSTEM_EXAM_SCAN;

The information identified by the type of garbage cleaning is CMD_CLEAR_GARBAGE_SCAN;

The information identified by the antivirus type is CMD_SECURITY_SCAN.

As a preferred example of the embodiment of the present invention, if the detection object is the active defense function detection, the specific detection rule can be: the third-party application first detects that the mobile device has the active defense function, and if so, then detects the active defense function. Whether the defense function is enabled; if not, the third-party device detects whether the first client program has enabled the active defense function.

As another example of this embodiment, if the specified detection object is to detect whether the mobile device has counterfeit applications, the specific detection rule may be: a third-party application scans the APP (application, application) list of the mobile device to obtain all The developer signature or MD5 value of each application in the above application list, and compare the application in the application list with the application in the application white list, if an application is in the application white list, then the development of the application Compare the developer signature or MD5 value with the developer signature or MD5 value of the corresponding application in the whitelist. If the developer signature or MD5 value of the application is inconsistent with the developer signature or MD5 value of the corresponding application in the whitelist, then It is determined that the application is a copycat application; if an application is not in the application whitelist, scan the virus database or (perform cloud scanning and killing), if the application is in the virus database, report a virus or Trojan horse.

As another example of this embodiment, if the specified detection object is to detect whether there is dangerous software or malicious advertising application in the mobile device, the specific detection rule may be: a third-party application scans the APP (application, application) list, and match the applications in the application list with the black and white lists in the server. Wherein, the white list is a list for recording safe processes, and the black list is a list for recording dangerous processes. The type of process in the white list is a white process, the type of process in the black list is a black process, and all unknown processes outside the white list and black list are gray processes. When the process of the application is a white process (such as the process called by 360 mobile assistant, 91 mobile assistant or pea pod, etc.), confirm that the application related to the process is a trusted application (or safe application), and allow the operation of the process; When the application process is a black process (such as a process called by an application that maliciously promotes APK, etc.), confirm that the application related to the process is an untrusted application, and immediately block the operation of the process after judging the type of the process ( Such as intercepting the process by disconnecting the process from port 5037), prohibiting the application related to the process from performing any operations on the mobile device (such as enumerating Android devices connected to the system), and sending successful interception information to The first client program is returned to the computing device side by the first client program.

In addition, this example can also collect program behaviors through the client and associate them with program features, so as to record program features and their corresponding program behaviors in the database. According to the association between the collected program behaviors and program features, the The samples are analyzed and summarized, which helps to judge whether the software or program belongs to the blacklist or whitelist. Since the program characteristics and the corresponding behavior records of the characteristics are recorded in the database, unknown programs can be analyzed in combination with the known white list. For example, if the unknown program signature is the same as the known program signature in the existing whitelist, both the unknown program signature and its program behavior are whitelisted. If the unknown program behavior is the same as or similar to the known program behavior in the existing whitelist, the unknown program behavior and its program characteristics are both included in the whitelist.

For example, taking antivirus as an example, a third-party application (such as Mobile Defender) obtains virus results in the following ways:

(1) Scan the Android installation package, and extract specified feature information from the Android installation package;

The feature information extracted in this example may include:

1) Android installation package name: packageName

2) Android installation package version number: versionCode

3) MD5 of the digital signature of the Android installation package: signature[0]

4) Android component receiver

5) Instructions in classes.dex

6) Strings in the ELF file

7) MD5 of each file in the assets, res, lib and other directories

8) Android component service, activity

(2) Search for feature records that match the specified single feature information or its combination in the preset security identification library; wherein, the security identification library contains feature records and the security level corresponding to the feature records, and each feature record Contains a single feature information or a combination of feature information;

(3) Include and display the security level corresponding to the found feature record in the security detection result of the Android installation package.

This example lists four security levels: Safe, Dangerous, Cautious, and Trojan. Among them, the definitions of various security levels are as follows:

Security: The application is a normal application, without any behavior that threatens the security of the user's mobile phone;

Dangerous: This application has security risks. It is possible that the application itself is malicious software; it is also possible that the application is originally a normal software released by a regular company, but because of security holes, the user's privacy and mobile phone security are threatened;

Cautious: The app is a normal app, but there are some problems, such as users being charged accidentally, or complaints about unfriendly advertisements, etc.; when such an app is found, the user will be prompted to use it with caution and inform possible behavior of the app, but it is at the user's discretion whether to clear the app;

Trojan horse: The application is a virus, Trojan horse or other malicious software, which is collectively referred to as a Trojan horse here for simplicity, but it does not mean that the application is just a Trojan horse.

Therefore, when setting up the security identification library, the Android installation packages under the four levels of security, danger, caution, and Trojan horses can be used as sample Android installation packages, so that the feature records obtained from a single feature or a combination of features in the sample can correspond to Information such as a security level and its associated behavior and description.

For example, there are four feature records in the security identification database, the security levels corresponding to the first feature record and the fourth feature record are both Trojan level, and the security levels corresponding to the second feature record and the third feature record are both for the security level.

Of course, a feature record can also be set in the security identification library to list the version number of the Android installation package of a certain Trojan horse and the MD5 value of its digital signature, although the feature combination used by this feature record is the same as that of the second feature record. The combination of version number and digital signature MD5 value is used, but the security level corresponding to this feature record is "Trojan horse".

Therefore, the security level does not correspond to a specific feature or feature combination, but corresponds to the value of a specific feature or feature combination. Therefore, for the same feature or feature combination, the specific values are different, and the corresponding security levels are also different.

Moreover, the definitions of the above four levels of security, danger, caution and Trojan horse are only for illustration. According to actual applications, of course, there may be other classifications and definitions of security levels, and the protection scope of this example is not limited thereto.

Then, the feature record matching the specified single feature information or its combination is searched in the preset security identification library, and the security level corresponding to the found feature record is included in the security detection result of the Android installation package. The steps can be understood as:

Search the feature record in the security identification library. If the extracted specified single feature matches the first feature record, it can be determined that the current Android installation package is at the Trojan level; if the extracted specified feature is combined with the second feature record or the third feature record, it can be determined that the current Android installation package is a security level; if the extracted specified features are combined and matched with the fourth feature record, it can be determined that the current Android installation package is also safe. It is Trojan level.

Therefore, the security detection result for a certain Android installation package may contain four information indicating security levels: safety, danger, caution, or Trojan horse. In addition, the security detection result may also include behavior descriptions and software descriptions related to the security level. , timestamp and at least one item of prompt information, for example, the prompt information corresponding to the level of "cautious" may be "may result in fee deduction, whether to choose to delete the application".

More specifically, the security detection result may include security level, behavior description information, software description information and time stamp information. in:

Security level: It can be represented by a 32-bit integer, which can represent four security levels of security, danger, caution, or Trojan horse. The definition of each security level is as described above.

Behavior description information: It can also be represented by a 32-bit (0-31) integer, which can represent the software behavior description of each security level. Among them, one bit can be selected to indicate the flag bit, and the flag bit is 0, which means there is no malicious behavior. If there is malicious behavior, you can define: the first bit represents "secretly downloading in the background", the second bit represents "privately sending SMS", and the third bit represents bit for "contains ads", etc. That is, each bit can independently represent a behavioral description of a software.

For example, for an Android application detected as a "Trojan horse level", if the malicious behavior = 3, the binary translation is 11, the first bit = 1, and the second bit = 1, which means that the malicious behavior is: both secretly downloading in the background and The act of sending text messages privately.

For another example, for an Android application detected as "cautious level", if the behavior description = 4, the binary translation is 100, the first bit = 0, the second bit = 0, the second bit = 1, and the indicated behavior is: Contains advertisements. Since this advertisement may or may not be allowed by the user, the user will be prompted to use it with caution, and it is up to the user to decide whether to clear it.

Software description information: usually expressed as a character string, which is a description of the Android application, such as the publisher, release time and other information.

Timestamp information: indicates when the feature information (such as normal feature, Trojan horse feature, etc.) of the Android application was stored.

It should be noted that the detection rules for detecting whether the active defense function is turned on, detecting whether there are counterfeit applications on the mobile device, and detecting whether there are dangerous software or malicious advertising applications on the mobile device are only examples of this embodiment, and those skilled in the art can use other Any method that can achieve the purpose of detecting whether there is dangerous software or whether there is malicious advertising application or whether there is fake application in the mobile device is all possible. In addition, for the detection of other designated detection objects, those skilled in the art can use existing methods that can achieve The purpose of any technology for detection, the present invention need not be limited to this.

Step 308, the third-party application returns the security detection result information to the first client program, and the first client program forwards the security detection result information to the second client program through the SOCKET connection channel;

Specifically, after the third-party application performs the corresponding security detection operation, it obtains the security detection result information and returns to the first client program. In practice, the third-party application can call the first client program in the The first registered callback function returns the security detection result information to the first client program. Further, when the third-party application returns the security detection result information to the first client program, it may mark the security detection result information with a type identifier, and the type identifier is the third-party application and the second client program or the mobile The identifier pre-agreed by the device to identify the information type of the security detection result.

Step 309, the second client program obtains corresponding execution suggestion information according to the security detection result information;

Applied to the embodiment of the present invention, after receiving the security detection result information, the second client program parses the security detection result information to obtain the corresponding type identifier, and then the second client program searches the preset mapping table for the type identifier , to obtain the execution suggestion information corresponding to the type identifier. Wherein, the preset mapping table stores a mapping relationship between each type identifier and corresponding one or more execution suggestion information.

In a preferred embodiment of the present invention, the safety inspection result information may include safety inspection progress information. The service corresponding to the third-party application may return the security detection progress information to the first client program during the security detection process of the specified detection object, and the first client program returns the security detection progress information to the first client program through the SOCKET connection channel. Two client programs. After receiving the safety inspection progress, the second client program parses the safety inspection progress information to obtain the corresponding type identification and safety inspection progress, searches the type identification from the preset mapping table, and obtains the information corresponding to the safety inspection progress. Execution suggestion information, wherein the execution suggestion information corresponding to the type identifier of the security inspection progress may include a suggestion to stop execution, a suggestion to suspend execution, a suggestion to continue execution, and the like.

In another preferred embodiment of the present invention, the safety detection result information may include the safety detection result, which is the final result obtained after the safety detection of the specified detection object is completed, and the second client program receives After the security detection result, analyze the security detection result to obtain the corresponding type identifier, search the type identifier from the preset mapping table, and obtain the execution suggestion information corresponding to the security detection result, wherein, for the security detection structure The execution suggestion information corresponding to the type identifier can include suggestions for repairing vulnerabilities in mobile devices, enabling cloud scanning and killing, suggestions for repairing risky software, suggestions for updating virus databases, suggestions for enabling security services, suggestions for repairing counterfeit applications, and suggestions for repairing malicious advertising applications. , suggestions for memory optimization, suggestions for closing background software, suggestions for disabling auto-start software, suggestions for cleaning junk data, suggestions for cleaning cache, suggestions for cleaning residual files after app uninstallation, suggestions for cleaning installation packages, suggestions for organizing large files, and suggestions for cleaning privacy traces . and many more.

Step 310, the second client program displays the security detection result information and corresponding execution suggestion information;

After obtaining the execution suggestion information, the second client program may display the security detection result information and its corresponding execution suggestion information to the user on the computing device side. The display form may be displayed in the form of a pop-up window, or directly displayed in the current window of the second client program, and the displayed content may include mobile The embodiment of the present invention does not need to limit the display form of the device identifier, file path, file size, and so on.

Step 311: After receiving the user's selected instruction for one or more execution suggestion information, the second client program generates an execution instruction corresponding to the one or more execution suggestion information according to the selected instruction and sending to the first client program, and the first client program sends the execution instruction to the third application;

Specifically, the user can issue a willingness to process the security inspection results by selecting one or more execution suggestion information, and the one or more execution suggestions will be generated when the user selects one or more execution suggestion information Information selection instruction, after the second client program receives the selection instruction, it generates a corresponding execution instruction and sends it to the first client program through the SOCKET connection channel, and the first client program sends it to a third-party application .

For example, the execution instruction corresponding to the stop execution suggestion is a stop execution instruction, the execution instruction corresponding to the suspend execution suggestion is a suspend execution instruction, and the execution instruction corresponding to the continue execution suggestion is a continue execution instruction; Vulnerability repair advice, cloud scanning and killing advice, risk software repair advice, virus database update advice, security service advice, counterfeit application repair advice, malicious advertising application repair advice, active defense function enabling advice, memory optimization advice, background software closing advice , Suggestions for turning off auto-start software, suggestions for cleaning junk data, suggestions for cleaning cache, suggestions for cleaning residual files after app uninstallation, suggestions for cleaning installation packages, suggestions for organizing large files, and suggestions for cleaning privacy traces. Horse vulnerability repair, enable cloud scanning and killing, risk software repair, virus database update, enable security services, counterfeit application repair, malicious advertising application repair, enable active defense function, memory optimization, background software shutdown, turn off auto-start software, junk data Clean up, clean up cache, clean up residual files after app uninstallation, clean up installation packages, clean up large files, clean up privacy traces.

Step 312, the third-party application executes the execution instruction.

Specifically, the execution instruction carries an instruction identifier, and different instruction identifiers instruct third-party applications to perform different operations, that is, after receiving the execution instruction, the third-party application executes a corresponding repair operation according to the instruction identifier.

For example, if the execution instruction received by the third-party application is to enable the active defense function, if the mobile device has the active defense function, then enable the active defense function on the mobile device; otherwise, enable the active defense function of the first client program . Specifically, after the active defense function is enabled, the identity of the application program can be judged by comparing the name or information of the application program with the information in the predefined database, and then corresponding processing can be taken, wherein the pre-defined The defined database can contain application whitelists, blacklists, and signature data. The white list may contain the names of known trusted applications (including the UID (unique identifier) of the program and the package name of the program), and the blacklist may contain the names of known malicious applications (including the program UID (Unique Identifier) and package name of the program), the feature data may contain data of known malicious features (such as advertising features).

When judging the identity of the application by using the name of the application: when the name of the application is included in the white list in the predefined database, execute the call according to the address of the service called by the application. the above call, and return the actual service result to the application; or, when the name of the application is included in the blacklist in the predefined database, return the predefined service result to the application; or, When the name of the application program is not included in the white list and black list in the predefined database, display the name and information of the application program and the information of the call, and according to the mobile device through the operating system for The selection of the call to perform processing.

That is to say, when the name of the application program is included in the white list, it is determined that the application program is a trusted application program, and its call to the service is allowed, so as to execute the call according to the address of the service, and return to the application program The actual service result; when the name of the application program is included in the blacklist, it is determined that the application software is a malicious application program, its call to the service is rejected, and a false service result is returned directly to it, making it think that the call has been successful; When the name of the application program is neither included in the white list nor in the black list, the name and information of the application program and the information of the call are displayed, and according to the call via the operating system on the mobile device option to perform processing. Specifically, in the case of allowing the application to call the service, execute the call according to the address of the service, and return the actual service result to the application; or choose not to allow When the application program calls the service, a predefined service result is returned to the application program.

When using the information of the application to judge the identity of the application: when the information of the application contains the feature data in the predefined database, return the predefined service result to the application or, when the information of the application program does not contain the feature data in the predefined database, display the name and information of the application program and the information of the call, and according to the mobile device through the operating system for The selection of the call to perform processing.

For another example, when the execution instruction received by the third-party application is a counterfeit application repair instruction, the third-party application matches the official application installation package corresponding to the counterfeit application from the server, pushes the matching official application installation package to the user, and prompts the user Whether to choose to install (that is, whitewash); when the execution command is a garbage data cleaning command, the third-party application cleans up the junk data obtained by the security detection on the mobile device side; if the execution command is to close the background software or automatically start the software, Then the third-party application closes the background software or automatically started software.

It should be noted that in the embodiment of the present invention, performing security detection on the mobile device on the computing device refers to performing security detection on the connected mobile device on the computing device, and the specific detection operation and execution operation are performed on the mobile device. The security detection application performed by the security detection application is not the same as the security detection of the USB disk on the computing device side.

In the embodiment of the present invention, by performing security detection on the mobile device on the computing device, it is possible to intercept malicious applications peeping at the mobile device user's private information (including contact information, call records, SMS, MMS, various accounts and passwords, etc.), Prevent malicious applications from making fee-deducting calls, sending fee-deducting text messages, visiting websites that consume network traffic, preventing malicious applications from installing Trojan horses and virus programs, preventing malicious applications from recording users' GPS or network location, blocking malicious applications from popping up harassing advertisements, etc. Any malicious application's call to the service can be intercepted, thereby improving the security of the mobile device.

In addition, in the embodiment of the present invention, by performing security detection on the mobile device on the computing device, when background software or automatically started software is detected, the background software or automatically started software can be closed, thereby saving the mobile device. Network traffic; the performance of mobile devices can be improved by memory optimization, garbage cleaning, etc. for mobile devices.

Referring to FIG. 4 , it shows a flow chart of the steps of Embodiment 4 of a method for security detection of a device according to the present invention. This embodiment takes a mobile device installed with an Android operating system as an example. Of course, the present invention is not limited to the installation of For mobile devices with an Android system, the principle of the present invention is also applicable to mobile devices with other operating systems installed.

In the embodiment of the present invention, if the service of the first client program is embedded in the service of the third-party application, the third-party application can directly communicate with the second client program of the computing device, and the method can Including the following steps:

Step 401, when the mobile device is connected to the computing device, the second client program detects whether the mobile device has a third-party application installed, if not, execute step 402, and if yes, execute step 404;

Step 402, the second client program downloads the third-party application installation package and sends it to the mobile device;

Step 403, the mobile device side installs the third-party application according to the third-party application installation package, and proceeds to step 404;

Applied to the embodiment of the present invention, the third-party application may be a security detection service application, such as 360 Mobile Guardian, Jinshan Guardian, etc. The embodiment of the present invention does not need to limit the specific type of the third-party application.

Step 404, establishing a SOCKET connection channel between the mobile device and the computing device;

Step 405, the SOCKET connection channel of the second client program sends a security detection request to the mobile device to the third-party application, and the security detection request includes a specified detection object;

As a preferred example of this embodiment, the security detection request may include a specified detection object, which is an item for security detection of mobile devices, and may include one or more of the following services for mobile devices : Mobile device hanging horse vulnerability detection, detection whether cloud scanning and killing is enabled, detection of dangerous software, detection of virus database update, detection of security service is enabled, detection of mobile devices with counterfeit applications, detection of malicious advertisements on mobile devices Application, active defense function activation detection, memory optimization detection, detection of background software, automatic startup software detection, junk data cleaning detection, cache cleaning detection, residual file detection after uninstalling applications, installation package cleaning detection, large files Organize, clean up and detect privacy traces, etc.

Step 406, the third-party application performs a corresponding security testing operation on the specified testing object, and obtains security testing result information;

Step 407, the third-party application returns the security detection result information to the second client program;

Step 408, the second client program obtains corresponding execution suggestion information according to the security detection result information;

Step 409, the second client program displays the security detection result information and corresponding execution suggestion information;

Step 410: After receiving the user's selected instruction for one or more execution suggestion information, the second client program generates an execution instruction corresponding to the one or more execution suggestion information according to the selected instruction and sent to the third application;

In a preferred embodiment of the present invention, the safety inspection result information may include safety inspection progress information, and correspondingly, the execution instruction may include a stop instruction, a pause instruction, and a continue execution instruction.

In another preferred embodiment of the present invention, the security detection result information includes the security detection result, and correspondingly, the execution instruction may include one or more of the following: mobile device hanging horse vulnerability repair, enabling cloud checking Kill, repair dangerous software, update virus database, enable security services, repair copycat apps, repair malicious advertising apps, enable active defense, optimize memory, close background software, turn off auto-starting software, clean junk data, clear cache, clean apps Residual files after uninstallation, installation package cleanup, large file cleanup, and privacy trace cleanup.

Step 411, the third-party application executes the execution instruction.

As for the method embodiment in FIG. 4 , since it is basically similar to the above method embodiment in FIG. 3 , the description is relatively simple, and for relevant parts, please refer to part of the description of the method embodiment.

For the method embodiment, for the sake of simple description, it is expressed as a series of action combinations, but those skilled in the art should know that the present invention is not limited by the described action sequence, because according to the present invention, certain steps Other sequences or concurrently may be used. Secondly, those skilled in the art should also know that the embodiments described in the specification belong to preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.

Referring to FIG. 5 , it shows a structural block diagram of Embodiment 1 of an apparatus for safety detection of equipment according to the present invention. The apparatus may include the following modules:

The security detection request receiving module 501 is adapted to receive, on the mobile device side, a security detection request for the mobile device sent by the computing device side when the mobile device is connected to the computing device, and the security detection request includes a designated detection object;

The security detection result information sending module 502 is adapted to obtain the security detection result information corresponding to the specified detection object on the mobile device side, and send the security detection result information to the computing device side;

The execution command receiving module 503 is adapted to receive the execution command sent by the computing device side at the mobile device side, the execution command is generated by the computing device according to the security detection result information;

The execution instruction execution module 504 is adapted to execute the execution instruction on the side of the mobile device.

In a preferred embodiment of the present invention, the device may also include:

The installation package receiving module is adapted to receive the third-party application installation package sent by the computing device side before the mobile device side receives the security detection request for the mobile device sent by the computing device side, The third-party application installation package is downloaded from the server when the computing device side detects that no third-party application is installed on the mobile device side;

The installation package installation module is adapted to install a third-party application on the mobile device side according to the third-party application installation package.

In a preferred embodiment of the present invention, the device may also include:

The channel establishment module is adapted to establish a SOCKET connection channel between the mobile device and the computing device before the mobile device side receives the security detection request for the mobile device sent by the computing device side, and the mobile device passes through the The SOCKET connection channel receives security testing requests, sends security testing result information, and receives execution instructions.

In a preferred embodiment of the present invention, the safety detection request receiving module 501 is also adapted to:

Using the third-party application on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The safety detection result information sending module 502 is also suitable for:

Using the third-party application on the mobile device side to perform a security testing operation on a designated testing object according to the security testing request, and obtain security testing result information;

returning the security detection result information to the computing device side by the third-party application;

The execution instruction receiving module 503 is also adapted to:

Using the third-party application on the mobile device side to receive the execution instruction sent by the computing device side;

The execution instruction execution module 504 is also adapted to:

The execution instruction is executed by using the third-party application on the mobile device side.

In another preferred embodiment of the present invention, the first client program is installed on the mobile device side, and the safety detection request receiving module 501 is further adapted to:

Using the first client program on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The safety detection result information sending module 502 is also suitable for:

Using the first client program on the mobile device side to send the security detection request to the third-party application, and the third-party application performs a security detection operation on a designated detection object according to the security detection request, Obtain the security detection result information and return it to the first client program;

The first client program returns the security detection result information to the computing device side;

The execution instruction receiving module 503 is also adapted to:

Using the first client program on the mobile device side to receive an execution instruction sent by the computing device side;

The execution instruction execution module 504 is also adapted to:

The first client program is used on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction.

In a preferred embodiment of the present invention, the first client program sends the security detection request to the third-party application, specifically:

The first client program calls the service interface of the third-party application according to the specified detection object, and sends the security detection request to the third-party application.

As a preferred example of the embodiment of the present invention, the specified detection object may include one or more of the following services for mobile devices: detection of mobile device hanging horse vulnerabilities, detection of whether cloud scanning and killing is enabled, detection of dangerous software , Detect whether the virus database has been updated, detect whether the security service is enabled, detect whether there are counterfeit applications on the mobile device, detect whether there are malicious advertising applications on the mobile device, detect whether the active defense function is enabled, detect memory optimization, detect whether there is background software, and automatically start Software detection, junk data cleanup detection, cache cleanup detection, residual file detection after app uninstallation, installation package cleanup detection, large file cleanup, privacy trace cleanup detection.

As a preferred example of the embodiment of the present invention, the safety detection result information includes safety detection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

As another preferred example of the embodiment of the present invention, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, enabling cloud scanning and killing , Dangerous software repair, virus database update, enable security services, counterfeit application repair, malicious advertising application repair, enable active defense function, memory optimization, background software shutdown, turn off auto-start software, junk data cleaning, cache cleaning, app uninstall cleaning Clean up residual files, installation packages, large files, and privacy traces.

As for the device embodiment in FIG. 5 , since it is basically similar to the method embodiment above, the description is relatively simple, and for relevant parts, please refer to part of the description of the method embodiment.

Referring to FIG. 6 , it shows a structural block diagram of Embodiment 2 of an apparatus for safety detection of equipment according to the present invention. The apparatus may include the following modules:

The security detection request sending module 601 is adapted to send a security detection request to the mobile device from the computing device side to the mobile device side when the computing device side safely detects that there is a mobile device access, and the security detection request includes a specified detection object;

The security detection result information receiving module 602 is adapted to receive, on the computing device side, the security detection result information for the security detection request returned by the mobile device, and the security detection result information is provided by the mobile device according to the Obtain the designated test object mentioned above;

The execution instruction sending module 603 is adapted to generate a corresponding execution instruction on the computing device side according to the security detection result information and send it to the mobile device side, and the mobile device side executes the execution instruction.

In a preferred embodiment of the present invention, the device may also include:

The installation package information acquisition module is adapted to read the installation package information of all installed applications on the mobile device side before the computing device side sends a security detection request to the mobile device side to the mobile device side , the installation package information includes an installation package identifier;

The search module is adapted to obtain the download address of the third-party application installation package from the server when the computing device side judges that there is no third-party application installation package identification in the installation package identification;

The installation package sending module is adapted to download the third-party application installation package on the computing device side according to the download address of the third-party application installation package and send it to the mobile device side.

In a preferred embodiment of the present invention, the device may also include:

A connection channel establishment module, adapted to establish a SOCKET connection channel between the mobile device and the computing device before the computing device side sends a security detection request to the mobile device side, and the computing device passes the The above connection channel sends a security detection request, receives security detection result information, and sends an execution instruction.

In a preferred embodiment of the present invention, the security detection result information has type identification information, and the execution instruction sending module 603 is further adapted to:

The computing device side looks up the execution suggestion information corresponding to the type identifier in a preset mapping table, and the preset mapping table stores a mapping relationship between the type identifier and the execution suggestion information pre-agreed between the computing device and the mobile device;

Displaying the security detection result information and corresponding execution suggestion information on the computing device side;

receiving, at the computing device side, user selected instructions for the one or more implementation suggestion messages;

One or more execution instructions corresponding to the execution suggestion information are generated according to the selected instruction and sent to the mobile device side.

As a preferred example of the embodiment of the present invention, the specified detection object may include one or more of the following services for mobile devices: detection of mobile device hanging horse vulnerabilities, detection of whether cloud scanning and killing is enabled, detection of dangerous software , Detect whether the virus database has been updated, detect whether the security service is enabled, detect whether there are counterfeit applications on the mobile device, detect whether there are malicious advertising applications on the mobile device, detect whether the active defense function is enabled, detect memory optimization, detect whether there is background software, and automatically start Software detection, junk data cleanup detection, cache cleanup detection, residual file detection after app uninstallation, installation package cleanup detection, large file cleanup, privacy trace cleanup detection.

In a preferred embodiment of the present invention, the safety detection result information may include safety detection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

In another preferred embodiment of the present invention, the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, enabling cloud scanning and killing , Dangerous software repair, virus database update, enable security services, counterfeit application repair, malicious advertising application repair, enable active defense function, memory optimization, background software shutdown, turn off auto-start software, junk data cleaning, cache cleaning, app uninstall cleaning Clean up residual files, installation packages, large files, and privacy traces. As for the device embodiment in FIG. 6 , since it is basically similar to the method embodiment above, the description is relatively simple, and for the related parts, please refer to the part of the description of the method embodiment.

The algorithms and displays presented herein are not inherently related to any particular computing device, virtual system, or other device. Various generic systems can also be used with the teachings based on this. The structure required to construct such a system is apparent from the above description. Furthermore, the present invention is not specific to any particular programming language. It should be understood that various programming languages can be used to implement the content of the present invention described herein, and the above description of specific languages is for disclosing the best mode of the present invention.

In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure the understanding of this description.

Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, in order to streamline this disclosure and to facilitate an understanding of one or more of the various inventive aspects, various features of the invention are sometimes grouped together in a single embodiment, figure, or its description. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention.

Those skilled in the art can understand that the modules in the device in the embodiment can be adaptively changed and arranged in one or more devices different from the embodiment. Modules or units or components in the embodiments may be combined into one module or unit or component, and furthermore may be divided into a plurality of sub-modules or sub-units or sub-assemblies. All features disclosed in this specification (including accompanying claims, abstract and drawings), as well as any method or method so disclosed, may be used in any combination, except that at least some of such features and/or processes or units are mutually exclusive. All processes or units of equipment are combined. Each feature disclosed in this specification (including accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.

Furthermore, those skilled in the art will understand that although some embodiments described herein include some features included in other embodiments but not others, combinations of features from different embodiments are meant to be within the scope of the invention. and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.

The various component embodiments of the present invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art should understand that a microprocessor or a digital signal processor (DSP) may be used in practice to implement some or all functions of some or all components in the device for performing security detection on the device according to the embodiment of the present invention. The present invention can also be implemented as an apparatus or apparatus program (eg, a computing device program and a computing device program product) for performing a part or all of the methods described herein. Such a program for realizing the present invention may be stored on a computing device readable medium, or may be in the form of one or more signals. Such a signal may be downloaded from an Internet site, or provided on a carrier signal, or provided in any other form.

It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computing device. In a unit claim enumerating several means, several of these means can be embodied by one and the same item of hardware. The use of the words first, second, and third, etc. does not indicate any order. These words can be interpreted as names.

Embodiments of the present invention disclose A1, a method for safety detection of equipment, including:

When the mobile device is connected to the computing device, a security detection request for the mobile device sent by the computing device side is received at the mobile device side, and the security detection request includes a specified detection object;

Obtaining security detection result information corresponding to the specified detection object at the mobile device side, and sending the security detection result information to the computing device side;

receiving, at the mobile device side, an execution instruction sent by the computing device side, the execution instruction being generated by the computing device according to the security detection result information;

Executing the execution instruction at the mobile device side.

A2. The method as described in A1, before the mobile device side receives the security detection request for the mobile device sent by the computing device side, it also includes:

The mobile device side receives the third-party application installation package sent by the computing device side, and the third-party application installation package is sent from the server when the computing device side detects that no third-party application is installed on the mobile device side. downloaded;

The mobile device side installs a third-party application according to the third-party application installation package.

A3. The method described in A1 or A2, before the mobile device side receives the security detection request for the mobile device sent by the computing device side, further includes:

A SOCKET connection channel between the mobile device and the computing device is established, and the mobile device receives a security detection request, sends security detection result information, and receives an execution instruction through the SOCKET connection channel.

A4. The method as described in A2, the step of receiving at the mobile device side the security detection request for the mobile device sent by the computing device side is:

Using the third-party application on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The step of obtaining the safety detection result information corresponding to the specified detection object at the mobile device side, and sending the safety detection result information to the computing device side includes:

Using the third-party application on the mobile device side to perform a security testing operation on a designated testing object according to the security testing request, and obtain security testing result information;

returning the security detection result information to the computing device side by the third-party application;

The step of receiving, at the mobile device side, the execution instruction sent by the computing device side is:

Using the third-party application on the mobile device side to receive the execution instruction sent by the computing device side;

The step of executing the execution instruction on the mobile device side is:

The execution instruction is executed by using the third-party application on the mobile device side.

A5, the method as described in A2, the first client program is installed on the mobile device side, and the step of receiving at the mobile device side the security detection request for the mobile device sent by the computing device side is:

Using the first client program on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The step of obtaining the safety detection result information corresponding to the specified detection object at the mobile device side, and sending the safety detection result information to the computing device side includes:

On the mobile device side, the first client program is used to send the safety detection request to the third-party application, and the third-party medical device performs a safety detection operation on a designated detection object according to the safety detection request, Obtain the security detection result information and return it to the first client program;

The first client program returns the security detection result information to the computing device side;

The step of receiving, at the mobile device side, the execution instruction sent by the computing device side is:

Using the first client program on the mobile device side to receive an execution instruction sent by the computing device side;

The step of executing the execution instruction on the mobile device side is:

The first client program is used on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction.

A6, the method as described in A5, the step of the first client program sending the security detection request to the third-party application includes:

The first client program calls the service interface of the third-party application according to the specified detection object, and sends the security detection request to the third-party application.

A7. The method as described in A1, the specified detection object includes one or more of the following services for mobile devices: mobile device hanging horse vulnerability detection, detection of cloud scanning and killing, detection of dangerous software, detection of whether The virus database has been updated, whether the security service is enabled, whether the mobile device has counterfeit applications, whether there are malicious advertising applications on the mobile device, and whether the active defense function has been enabled.

A8. The method as described in A1, the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, garbage data cleaning detection, cleaning Cache detection, cleaning residual file detection after app uninstallation, installation package cleaning detection, large file organization, privacy trace cleaning detection.

A9. The method described in A7 or A8, wherein the safety inspection result information includes safety inspection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

A10, the method as described in A7, the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, opening cloud scanning and killing, dangerous software Repair, update the virus database, enable security services, repair counterfeit applications, repair malicious advertising applications, and enable active defense functions.

A11. The method as described in A8, the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software closing, closing automatically started software, garbage Data cleaning, cache cleaning, residual files after app uninstallation, installation package cleaning, large file cleaning, and privacy trace cleaning.

The embodiment of the present invention also discloses B12, a method for safety detection of equipment, including:

When the computing device side detects that there is a mobile device access, the computing device side sends a security detection request to the mobile device to the mobile device side, and the security detection request includes a designated detection object;

receiving, at the computing device side, security detection result information for the security detection request returned by the mobile device side, where the security detection result information is obtained by the mobile device side according to the designated detection object;

A corresponding execution instruction is generated on the computing device side according to the security detection result information and sent to the mobile device side, and the execution instruction is executed by the mobile device side.

B13. The method as described in B12, before the step of sending the security detection request to the mobile device from the computing device side to the mobile device side, further comprising:

Reading installation package information of all installed applications on the mobile device side at the computing device side, where the installation package information includes an installation package identifier;

When the computing device side judges that there is no third-party application installation package identification in the installation package identification, obtain the download address of the third-party application installation package from the server;

The computing device side downloads the third-party application installation package according to the download address of the third-party application installation package and sends it to the mobile device side.

B14. The method as described in B12 or 13, before the step of sending the security detection request to the mobile device from the computing device side to the mobile device side, further comprising:

A SOCKET connection channel between the mobile device and the computing device is established, and the computing device sends a security detection request, receives security detection result information, and sends an execution instruction through the connection channel.

B15. The method as described in B12, wherein the safety detection result information has type identification information, and the step of generating a corresponding execution instruction according to the safety detection result information on the computing device side and sending it to the mobile device side includes :

The computing device side looks up the execution suggestion information corresponding to the type identifier in a preset mapping table, and the preset mapping table stores a mapping relationship between the type identifier and the execution suggestion information pre-agreed between the computing device and the mobile device;

Displaying the security detection result information and corresponding execution suggestion information on the computing device side;

receiving, at the computing device side, user selected instructions for the one or more implementation suggestion messages;

One or more execution instructions corresponding to the execution suggestion information are generated according to the selected instruction and sent to the mobile device side.

B16, the method as described in B12, the specified detection object includes one or more of the following services for mobile devices: mobile device hanging horse vulnerability detection, detection of whether to open cloud killing, detection of dangerous software, detection of whether The virus database has been updated, whether the security service is enabled, whether the mobile device has counterfeit applications, whether there are malicious advertising applications on the mobile device, and whether the active defense function has been enabled.

B17, the method as described in B12, the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, garbage data cleaning detection, cleaning Cache detection, cleaning residual file detection after app uninstallation, installation package cleaning detection, large file organization, privacy trace cleaning detection.

B18. The method as described in B16 or B17, the safety detection result information includes safety detection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

B19, the method as described in B16, the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, opening cloud scanning and killing, dangerous software Repair, update the virus database, enable security services, repair counterfeit applications, repair malicious advertising applications, and enable active defense functions.

B20, the method as described in B17, the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software closing, closing automatically started software, garbage Data cleaning, cache cleaning, residual files after app uninstallation, installation package cleaning, large file cleaning, and privacy trace cleaning.

The embodiment of the present invention also discloses 21. A device for safety detection of equipment, comprising:

The embodiment of the present invention also discloses C21, a device for safety detection of equipment, including:

The security detection request receiving module is adapted to receive, on the mobile device side, a security detection request for the mobile device sent by the computing device side when the mobile device is connected to the computing device, and the security detection request includes a designated detection object;

The safety detection result information sending module is adapted to obtain the safety detection result information corresponding to the specified detection object on the mobile device side, and send the safety detection result information to the computing device side;

The execution command receiving module is adapted to receive the execution command sent by the computing device side at the mobile device side, the execution command is generated by the computing device according to the security detection result information;

The execution instruction execution module is adapted to execute the execution instruction on the side of the mobile device.

C22. The device as described in C21, further comprising:

The installation package receiving module is adapted to receive the third-party application installation package sent by the computing device side before the mobile device side receives the security detection request for the mobile device sent by the computing device side, The third-party application installation package is downloaded from the server when the computing device side detects that no third-party application is installed on the mobile device side;

The installation package installation module is adapted to install a third-party application on the mobile device side according to the third-party application installation package.

C23. The device as described in C21 or C22, further comprising:

The channel establishment module is adapted to establish a SOCKET connection channel between the mobile device and the computing device before the mobile device side receives the security detection request for the mobile device sent by the computing device side, and the mobile device passes through the The SOCKET connection channel receives security testing requests, sends security testing result information, and receives execution instructions.

C24. The device as described in C22, the safety detection request receiving module is also suitable for:

Using the third-party application on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The described safety detection result information sending module is also suitable for:

Using the third-party application on the mobile device side to perform a security testing operation on a designated testing object according to the security testing request, and obtain security testing result information;

returning the security detection result information to the computing device side by the third-party application;

The execution instruction receiving module is also suitable for:

Using the third-party application on the mobile device side to receive the execution instruction sent by the computing device side;

The execution instruction execution module is also suitable for:

The execution instruction is executed by using the third-party application on the mobile device side.

C25. The device as described in C22, the safety detection request receiving module is also suitable for:

Using the first client program on the mobile device side to receive a security detection request for the mobile device sent by the computing device side;

The described safety detection result information sending module is also suitable for:

On the mobile device side, the first client program is used to send the safety detection request to the third-party application, and the third-party medical device performs a safety detection operation on a designated detection object according to the safety detection request, Obtain the security detection result information and return it to the first client program;

The first client program returns the security detection result information to the computing device side;

The execution instruction receiving module is also suitable for:

Using the first client program on the mobile device side to receive an execution instruction sent by the computing device side;

The execution instruction execution module is also suitable for:

The first client program is used on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction.

C26. The device described in C25, wherein the first client program sends the security detection request to the third-party application, specifically:

The first client program calls the service interface of the third-party application according to the specified detection object, and sends the security detection request to the third-party application.

C27. The device as described in C21, the specified detection object includes one or more of the following services for mobile devices: mobile device hanging horse vulnerability detection, detection of whether cloud scanning and killing is enabled, detection of dangerous software, detection of whether The virus database has been updated, whether the security service is enabled, whether the mobile device has counterfeit applications, whether there are malicious advertising applications on the mobile device, and whether the active defense function has been enabled.

C28. The device as described in C21, the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, garbage data cleaning detection, cleaning Cache detection, cleaning residual file detection after app uninstallation, installation package cleaning detection, large file organization, privacy trace cleaning detection.

C29. The device described in C27 or C28, wherein the safety detection result information includes safety detection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

C30, the device as described in C27, the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, enabling cloud scanning and killing, dangerous software Repair, update the virus database, enable security services, repair counterfeit applications, repair malicious advertising applications, and enable active defense functions.

C31. The device as described in C28, the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software closing, closing automatically started software, garbage Data cleaning, cache cleaning, residual files after app uninstallation, installation package cleaning, large file cleaning, and privacy trace cleaning.

The embodiment of the present invention also discloses D32, a device for safety detection of equipment, including:

The security detection request sending module is adapted to send a security detection request to the mobile device from the computing device side to the mobile device side when the computing device side safely detects that there is a mobile device access, and the security detection request includes a specified detection object ;

The safety inspection result information receiving module is adapted to receive, on the computing device side, the safety inspection result information for the safety inspection request returned by the mobile device, and the safety inspection result information is sent by the mobile device according to the Obtained by specifying the detection object;

The execution instruction sending module is adapted to generate a corresponding execution instruction according to the security detection result information on the computing device side and send it to the mobile device side, and the mobile device side executes the execution instruction.

D33. The device as described in D32, further comprising:

The installation package information acquisition module is adapted to read the installation package information of all installed applications on the mobile device side before the computing device side sends a security detection request to the mobile device side to the mobile device side , the installation package information includes an installation package identifier;

The search module is adapted to obtain the download address of the third-party application installation package from the server when the computing device side judges that there is no third-party application installation package identification in the installation package identification;

The installation package sending module is adapted to download the third-party application installation package on the computing device side according to the download address of the third-party application installation package and send it to the mobile device side.

D34. The device as described in D32 or D33, further comprising:

A connection channel establishment module, adapted to establish a SOCKET connection channel between the mobile device and the computing device before the computing device side sends a security detection request to the mobile device side, and the computing device passes the The above connection channel sends a security detection request, receives security detection result information, and sends an execution instruction.

D35. The device as described in D32, the safety detection result information has type identification information, and the execution instruction sending module is also suitable for:

The computing device side looks up the execution suggestion information corresponding to the type identifier in a preset mapping table, and the preset mapping table stores a mapping relationship between the type identifier and the execution suggestion information pre-agreed between the computing device and the mobile device;

Displaying the security detection result information and corresponding execution suggestion information on the computing device side;

receiving, at the computing device side, user selected instructions for the one or more implementation suggestion messages;

One or more execution instructions corresponding to the execution suggestion information are generated according to the selected instruction and sent to the mobile device side.

D36. The device as described in D32, the specified detection object includes one or more of the following services for mobile devices: mobile device hanging horse vulnerability detection, detection of whether cloud scanning and killing is enabled, detection of dangerous software, detection of whether The virus database has been updated, whether the security service is enabled, whether the mobile device has counterfeit applications, whether there are malicious advertising applications on the mobile device, and whether the active defense function has been enabled.

D37. The device as described in D32, the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, junk data cleaning detection, cleaning Cache detection, cleaning residual file detection after app uninstallation, installation package cleaning detection, large file organization, privacy trace cleaning detection.

D38. The device as described in D36 or D37, wherein the safety inspection result information includes safety inspection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction.

D39. The device as described in D36, the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device hanging horse vulnerability repair, enabling cloud scanning and killing, dangerous software Repair, update the virus database, enable security services, repair counterfeit applications, repair malicious advertising applications, and enable active defense functions.

D40. The device as described in D37, the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software closing, closing automatically started software, garbage Data cleaning, cache cleaning, residual files after app uninstallation, installation package cleaning, large file cleaning, and privacy trace cleaning.

Claims (34)

1. A method for safety detection of equipment, comprising: The mobile device side receives the third-party application installation package sent by the computing device side, and the third-party application installation package is downloaded from the server when the computing device side detects that no third-party application is installed on the mobile device side; The first client program is installed on the mobile device side; The mobile device side installs a third-party application according to the third-party application installation package; When the mobile device is connected to the computing device, using the first client program on the mobile device side to receive a security detection request for the mobile device sent by the computing device side, the security detection request includes a specified detection object; Using the first client program on the mobile device side to send the security detection request to the third-party application, and the third-party application performs a security detection operation on a designated detection object according to the security detection request, Obtain the security detection result information and return it to the first client program; The first client program returns the security detection result information to the computing device side; receiving, at the mobile device side, an execution instruction sent by the computing device side, the execution instruction being generated by the computing device according to the security detection result information; executing the execution instruction on the mobile device side; Wherein, the step of executing the execution instruction on the mobile device side is: The first client program is used on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction. 2. The method according to claim 1, further comprising: A SOCKET connection channel between the mobile device and the computing device is established, and the mobile device receives a security detection request, sends security detection result information, and receives an execution instruction through the SOCKET connection channel. 3. The method according to claim 1, wherein the step of receiving, at the mobile device side, the execution instruction sent by the computing device side is: The mobile device side adopts the first client program to receive the execution instruction sent by the computing device side. 4. The method according to claim 3, wherein the step of sending the security detection request to the third-party application by the first client program comprises: The first client program calls the service interface of the third-party application according to the specified detection object, and sends the security detection request to the third-party application. 5. The method according to claim 1, wherein the designated detection object includes one or more of the following services for mobile devices: mobile device hanging horse vulnerability detection, detecting whether to enable cloud scanning and killing, detecting whether There are dangerous software, whether the virus database has been updated, whether the security service is turned on, whether there are counterfeit applications on the mobile device, whether there are malicious advertising applications on the mobile device, and whether the active defense function is enabled. 6. The method according to claim 1, wherein the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, Junk data cleanup detection, cache cleanup detection, residual file detection after app uninstallation, installation package cleanup detection, large file cleanup, and privacy trace cleanup detection. 7. The method according to claim 5 or 6, wherein the safety inspection result information includes safety inspection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction. 8. The method according to claim 5, wherein the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device Trojan vulnerability repair, enabling Cloud scanning and killing, risk software repair, virus database update, enable security services, counterfeit application repair, malicious advertising application repair, enable active defense function. 9. The method according to claim 6, wherein the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software shutdown, shutdown Automatically started software, junk data cleaning, cache cleaning, residual files cleaning after app uninstallation, installation package cleaning, large file cleaning, privacy trace cleaning. 10. A method for safety detection of equipment, comprising: Reading installation package information of all installed applications on the mobile device side at the computing device side, where the installation package information includes an installation package identifier; When the computing device side judges that there is no third-party application installation package identification in the installation package identification, obtain the download address of the third-party application installation package from the server; Downloading the third-party application installation package on the computing device side according to the download address of the third-party application installation package and sending it to the mobile device side; When the computing device side detects that there is a mobile device access, the computing device side sends a security detection request to the mobile device to the mobile device side, and the security detection request includes a designated detection object; Receive, at the computing device side, security inspection result information for the security inspection request returned by the mobile device side, where the security inspection result information is obtained by the mobile device side according to the specified inspection object; The device side uses the first client program to send the security detection request to the third-party application, and the third-party application performs a security detection operation on the specified detection object according to the security detection request, obtains security detection result information and return to the first client program; the first client program returns the security detection result information to the computing device side; Generate a corresponding execution instruction on the computing device side according to the security detection result information and send it to the mobile device side, and execute the execution instruction on the mobile device side; Wherein, the first client program is installed on the mobile device side; The step of executing the execution instruction by the mobile device side is: The first client program is used on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction. 11. The method according to claim 10, further comprising: A SOCKET connection channel between the mobile device and the computing device is established, and the computing device sends a security detection request, receives security detection result information, and sends an execution instruction through the connection channel. 12. The method according to claim 10, wherein the security detection result information has type identification information, and the computing device side generates a corresponding execution instruction based on the security detection result information and sends it to the The steps on the mobile device side include: The computing device side looks up the execution suggestion information corresponding to the type identifier in a preset mapping table, and the preset mapping table stores a mapping relationship between the type identifier and the execution suggestion information pre-agreed between the computing device and the mobile device; Displaying the security detection result information and corresponding execution suggestion information on the computing device side; receiving, at the computing device side, user selected instructions for the one or more implementation suggestion messages; One or more execution instructions corresponding to the execution suggestion information are generated according to the selected instruction and sent to the mobile device side. 13. The method according to claim 10, wherein the specified detection object includes one or more of the following services for mobile devices: detection of mobile device hanging horse vulnerabilities, detection of whether cloud scanning and killing is enabled, detection of whether There are dangerous software, whether the virus database has been updated, whether the security service is turned on, whether there are counterfeit applications on the mobile device, whether there are malicious advertising applications on the mobile device, and whether the active defense function is enabled. 14. The method according to claim 10, wherein the specified detection objects include one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, Junk data cleanup detection, cache cleanup detection, residual file detection after app uninstallation, installation package cleanup detection, large file cleanup, and privacy trace cleanup detection. 15. The method according to claim 13 or 14, wherein the safety inspection result information includes safety inspection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction. 16. The method according to claim 13, wherein the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device Trojan vulnerability repair, enabling Cloud scanning and killing, risk software repair, virus database update, enable security services, counterfeit application repair, malicious advertising application repair, enable active defense function. 17. The method according to claim 14, wherein the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software shutdown, shutdown Automatically started software, junk data cleaning, cache cleaning, residual files cleaning after app uninstallation, installation package cleaning, large file cleaning, privacy trace cleaning. 18. A device for safety testing of equipment, comprising: The security detection request receiving module is adapted to use a first client program on the mobile device side to receive a security detection request for the mobile device sent by the computing device side when the mobile device is connected to the computing device, and the security detection request is It includes specifying the detection object; it is also suitable for using the first client program on the mobile device side to receive the security detection request for the mobile device sent by the computing device side; The safety detection result information sending module is adapted to use the first client program on the mobile device side to send the safety detection request to a third-party application, and the third-party application executes the specified security detection request according to the safety detection request. Detecting the safety detection operation of the object, obtaining the safety detection result information and returning it to the first client program; the first client program returns the safety detection result information to the computing device side; The execution command receiving module is adapted to receive the execution command sent by the computing device side at the mobile device side, the execution command is generated by the computing device according to the security detection result information; an execution instruction execution module, adapted to execute the execution instruction on the side of the mobile device; The installation package receiving module is adapted to receive, on the mobile device side, the third-party application installation package sent by the computing device side before the mobile device side receives the security detection request for the mobile device sent by the computing device side, The third-party application installation package is downloaded from the server when the computing device side detects that no third-party application is installed on the mobile device side; An installation package installation module, adapted to install a third-party application on the mobile device side according to the third-party application installation package; The execution instruction execution module is also suitable for: The first client program is used on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction. 19. The apparatus of claim 18, further comprising: The channel establishment module is adapted to establish a SOCKET connection channel between the mobile device and the computing device before the mobile device side receives the security detection request for the mobile device sent by the computing device side, and the mobile device passes through the The SOCKET connection channel receives security testing requests, sends security testing result information, and receives execution instructions. 20. The apparatus of claim 18, wherein The execution instruction receiving module is also suitable for: The mobile device side adopts the first client program to receive the execution instruction sent by the computing device side. 21. The device according to claim 20, wherein the first client program sends the security detection request to the third-party application, specifically: The first client program calls the service interface of the third-party application according to the specified detection object, and sends the security detection request to the third-party application. 22. The device according to claim 18, wherein the specified detection object includes one or more of the following services for mobile devices: detection of mobile device hanging horse vulnerabilities, detection of whether cloud scanning and killing is enabled, detection of whether There are dangerous software, whether the virus database has been updated, whether the security service is turned on, whether there are counterfeit applications on the mobile device, whether there are malicious advertising applications on the mobile device, and whether the active defense function is enabled. 23. The device according to claim 18, wherein the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, Junk data cleanup detection, cache cleanup detection, residual file detection after app uninstallation, installation package cleanup detection, large file cleanup, and privacy trace cleanup detection. 24. The device according to claim 22 or 23, wherein the safety inspection result information includes safety inspection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction. 25. The device according to claim 22, wherein the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device Trojan vulnerability repair, enabling Cloud scanning and killing, risk software repair, virus database update, enable security services, counterfeit application repair, malicious advertising application repair, enable active defense function. 26. The device according to claim 23, wherein the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software shutdown, shutdown Automatically started software, junk data cleaning, cache cleaning, residual files cleaning after app uninstallation, installation package cleaning, large file cleaning, privacy trace cleaning. 27. A device for safety testing of equipment, comprising: The security detection request sending module is adapted to send a security detection request to the mobile device from the computing device side to the mobile device side when the computing device side safely detects that there is a mobile device access, and the security detection request includes a specified detection object ; The safety inspection result information receiving module is adapted to receive, on the computing device side, the safety inspection result information for the safety inspection request returned by the mobile device, and the safety inspection result information is sent by the mobile device according to the Obtaining the specified detection object; using the first client program on the mobile device side to send the security detection request to a third-party application, and the third-party application performs a security detection operation on the specified detection object according to the security detection request , obtaining the security detection result information and returning it to the first client program; the first client program returns the security detection result information to the computing device side; The execution command sending module is adapted to generate a corresponding execution command on the computing device side according to the security detection result information and send it to the mobile device side, and the mobile device side executes the execution command; The installation package information acquisition module is adapted to read the installation package information of all installed applications on the mobile device side before the computing device side sends a security detection request to the mobile device side to the mobile device side , the installation package information includes an installation package identifier; The search module is adapted to obtain the download address of the third-party application installation package from the server when the computing device side judges that there is no third-party application installation package identification in the installation package identification; The installation package sending module is adapted to download the third-party application installation package on the computing device side according to the download address of the third-party application installation package and send it to the mobile device side; Wherein, the first client program is installed on the mobile device side; The mobile device side includes an execution instruction execution module adapted to use the first client program on the mobile device side to send the execution instruction to a third-party application, and the third-party application executes the execution instruction. 28. The apparatus of claim 27, further comprising: A connection channel establishment module, adapted to establish a SOCKET connection channel between the mobile device and the computing device before the computing device side sends a security detection request to the mobile device side, and the computing device passes the The above connection channel sends a security detection request, receives security detection result information, and sends an execution instruction. 29. The device according to claim 27, wherein the safety detection result information has type identification information, and the execution instruction sending module is further adapted to: The computing device side looks up the execution suggestion information corresponding to the type identifier in a preset mapping table, and the preset mapping table stores a mapping relationship between the type identifier and the execution suggestion information pre-agreed between the computing device and the mobile device; Displaying the security detection result information and corresponding execution suggestion information on the computing device side; receiving, at the computing device side, user selected instructions for the one or more implementation suggestion messages; One or more execution instructions corresponding to the execution suggestion information are generated according to the selected instruction and sent to the mobile device side. 30. The device according to claim 27, wherein the specified detection object includes one or more of the following services for mobile devices: detection of mobile device hanging horse vulnerabilities, detection of whether cloud scanning and killing is enabled, detection of whether There are dangerous software, whether the virus database has been updated, whether the security service is turned on, whether there are counterfeit applications on the mobile device, whether there are malicious advertising applications on the mobile device, and whether the active defense function is enabled. 31. The device according to claim 27, wherein the specified detection object includes one or more of the following services for mobile devices: memory optimization detection, detection of background software, automatic startup software detection, Junk data cleanup detection, cache cleanup detection, residual file detection after app uninstallation, installation package cleanup detection, large file cleanup, and privacy trace cleanup detection. 32. The device according to claim 30 or 31, wherein the safety inspection result information includes safety inspection progress information, and correspondingly, the execution instruction includes a stop instruction, a pause instruction, and a continue execution instruction. 33. The device according to claim 30, wherein the security detection result information includes the security detection result, and correspondingly, the execution instruction includes one or more of the following: mobile device Trojan vulnerability repair, enabling Cloud scanning and killing, risk software repair, virus database update, enable security services, counterfeit application repair, malicious advertising application repair, enable active defense function. 34. The device according to claim 31, wherein the safety detection result information includes the safety detection result, and correspondingly, the execution instruction includes one or more of the following: memory optimization, background software shutdown, shutdown Automatically started software, junk data cleaning, cache cleaning, residual files cleaning after app uninstallation, installation package cleaning, large file cleaning, privacy trace cleaning.