Method and system for network access control based on traffic monitoring and vulnerability detection using process related information
US-2019306181-A1 · Oct 3, 2019 · US
Information interception processing method, terminal, and computer storage medium
US10567841B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10567841-B2 |
| Application number | US-201715707414-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 18, 2017 |
| Priority date | Dec 30, 2015 |
| Publication date | Feb 18, 2020 |
| Grant date | Feb 18, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An information interception method, a terminal, and a computer storage medium are disclosed. The method includes: starting a first application, extracting an application list of applications that need to be intercepted, and separately configuring an interception policy for each to-be-intercepted application in the application list; obtaining a network request sent by a to-be-intercepted application, and monitoring, when the first application enters an interception mode, according to the configured interception policy, the network request sent by the to-be-intercepted application, to obtain, through matching, communication information that conforms to the interception policy, where the communication information is associated with the network request; and matching the communication information with a preset policy, when the communication information is specified target information corresponding to the preset policy, intercepting the network request and locating and tracing the to-be-intercepted application that sends the network request.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for information interception processing, the method comprising: starting, by a device comprising a memory and a processor in communication with the memory, a first application; extracting, by the device, an application list of applications that need to be intercepted; separately configuring, by the device, an interception policy for each respective to-be-intercepted application in the application list; obtaining, by the device, a network request sent by a respective to-be-intercepted application; when the first application enters an interception mode: monitoring, by the device, according to an interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application, obtaining, by the device, through matching, communication information that conforms to the interception policy, the communication information being associated with the network request, matching, by the device, the communication information with a preset policy, and when it is determined, through matching, that the communication information is specified target information corresponding to the preset policy: intercepting, by the device, the network request, and locating and tracing, by the device, the respective to-be-intercepted application that sends the network request; and wherein, when the first application enters the interception mode, monitoring, by the device according to the interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application and obtaining, by the device through matching, the communication information being associated with the network request comprise: monitoring, by the device, interactions of network requests in X target processes, to capture the network request, X being a natural number greater than 1, setting, by the device, hook functions in a first function sendto and a second function recvfrom that are used for representing a request message forwarding node, generating, by the device, a first monitoring function hook_sendto and a second monitoring function hook_recvfrom that are used for monitoring interactions of network requests, using, by the device, the first monitoring function hook_sendto and the second monitoring function hook_recvfrom as a monitoring detection interface, and obtaining, by the device, the communication information according to the monitoring detection interface. 2. The method according to claim 1 , wherein: the preset policy comprises specifically a multi-feature audit policy; and the matching, by the device, the communication information with the preset policy and, when it is determined, through matching, that the communication information is the specified target information corresponding to the preset policy, the intercepting, by the device, the network request and locating and tracing, by the device, the respective to-be-intercepted application that sends the network request comprise: parsing out, by the device, first information corresponding to the network request and second information corresponding to the respective to-be-intercepted application that sends the network request, using, by the device, the first information and the second information as the communication information, extracting, by the device, multiple advertising feature parameters comprised in an advertising cloud list database, comparing, by the device, the multiple advertising feature parameters with the communication information according to the multi-feature audit policy, and when the comparison is successful: determining, by the device, that the communication information is advertising information, locating, by the device, the respective to-be-intercepted application that sends the network request, intercepting, by the device, the network request, and sending, by the device, prompt information to a terminal user, the prompt information being used for representing an information security risk that exists in the respective to-be-intercepted application. 3. The method according to claim 2 , wherein the separately configuring the interception policy for each respective to-be-intercepted application in the application list comprises: separately configuring, by the device, the interception policy for each respective to-be-intercepted application in the application list, the interception policy being a same policy or a different policy. 4. The method according to claim 1 , wherein the separately configuring the interception policy for each respective to-be-intercepted application in the application list comprises: separately configuring, by the device, the interception policy for each respective to-be-intercepted application in the application list, the interception policy being a same policy or a different policy. 5. The method according to claim 1 , further comprising: establishing, by the device, an association between the first application and the X target processes of each respective to-be-intercepted application in the application list; and making, by the device, the first application enter the X target processes according to the established association, to monitor the X target processes. 6. A terminal, comprising: a memory storing instructions; a processor in communication with the memory, wherein, when the processor executes the instructions, the processor is configured to cause the terminal to: start a first application, extract an application list of applications that need to be intercepted, separately configure an interception policy for each respective to-be-intercepted application in the application list, obtain a network request sent by a respective to-be-intercepted application, when the first application enters an interception mode: monitor, according to an interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application, obtain, through matching, communication information that conforms to the interception policy, the communication information being associated with the network request, match the communication information with a preset policy, and when it is determined, through matching, that the communication information is specified target information corresponding to the preset policy: intercept the network request, and locate and trace the respective to-be-intercepted application that sends the network request; and wherein, when the first application enters the interception mode, and the processor is configured to cause the terminal to monitor, according to the interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application and obtain, through matching, the communication information being associated with the network request, the processor is configured to cause the terminal to: monitor interactions of network requests in X target processes, to capture the network request, X being a natural number greater than 1, set hook functions in a first function sendto and a second function recvfrom that are used for representing a request message forwarding node, generate a first monitoring function hook_sendto and a second monitoring function hook_recvfrom that are used for monitoring interactions of network requests, use the first monitoring function hook_sendto and the second monitoring function hook_recvfrom as a monitoring detection interface, and obtain the communication information according to the monitoring detection interface. 7. The terminal according to claim 6 , wherein: when the processor executes the instructions, the processor is further configured to cause the ter
Assignees
Inventors
Classifications
End-user applications, e.g. Web browser, game · CPC title
involving advertisement data (advertising per se G06Q30/02) · CPC title
- H04N21/454Primary
Content {or additional data} filtering, e.g. blocking advertisements · CPC title
Rule management · CPC title
Integrity · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10567841B2 cover?
- An information interception method, a terminal, and a computer storage medium are disclosed. The method includes: starting a first application, extracting an application list of applications that need to be intercepted, and separately configuring an interception policy for each to-be-intercepted application in the application list; obtaining a network request sent by a to-be-intercepted applica…
- Who is the assignee on this patent?
- Tencent Tech Shenzhen Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04N21/454. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 18 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).