| 发明名称 | Detection and prevention of installation of malicious mobile applications | ||
| 摘要 | A combination of shim and back-end server applications may be used to identify and block the installation of malicious applications on mobile devices. In practice, a shim application registers with a mobile device's operating system to intercept application installation operations. Upon intercepting an attempted installation operation, the shim application identifies the application seeking to be installed, generates a key uniquely identifying the application, and transmits the key over a network connection to a back-end server. The back-end server may be configured to crawl the Internet to identify malicious applications and compile and maintain a database of such applications. Upon receiving a key from the shim application, the back-end server can search its database to locate a matching application and, if found, respond to the mobile device with the application's status (e.g., malicious or not). The shim application can utilize this information to allow or block installation of the application. | ||
| 申请公布号 | US9596257(B2) | 申请公布日期 | 2017.03.14 |
| 申请号 | US201514851619 | 申请日期 | 2015.09.11 |
| 申请人 | McAfee, Inc. | 发明人 | Das Sudeep;Divakarla Jayasankar;Sharma Pramod |
| 分类号 | G08B23/00;G06F12/16;G06F12/14;G06F11/00;H04L29/06;G06F21/51;H04W12/12;G06F17/30 | 主分类号 | G08B23/00 |
| 代理机构 | Patent Capital Group | 代理人 | Patent Capital Group |
| 主权项 | 1. At least one non-transitory computer readable medium comprising computer executable instructions stored thereon that, when executed, cause at least one processor to: receive an application identifier from a mobile device over a network connection, the application identifier comprising a key uniquely identifying an application for which a call to an installation operation has been intercepted on the mobile device, wherein the key is a hash computed from at least a portion of a mobile application setup file associated with the application; utilize at least a portion of the application identifier to determine a status of the application from a database of records including statuses of a plurality of analyzed applications, wherein the application identifier comprises metadata associated with the application; and send the status of the application and one or more properties of the application to the mobile device over the network connection, wherein the one or more properties indicate functionality of the application to be enabled when the application is installed on the mobile device. | ||
| 地址 | Santa Clara CA US | ||