摘要 |
A method and device for identifying security of an application process. The method comprises: a feature server end receives an identification request of a first feature terminal with respect to the security of an application process (101); an acquisition request for an executable file corresponding to the application process is transmitted to at least one second feature terminal, where the acquisition request carries unique identification information of the application process, the executable file records operational behaviors of the application process when running, and the feature server end is a service end for intranet-based security management for the first feature terminal and for the second feature terminal (102); and, finding the executable file corresponding to the application process on the basis of the unique identification information, and identifying the security of the application process according to the executable file (103). Obviated is the need for a terminal to upload all executable files of application processes of unknown security, and uploading is done only when needed, thus conserving network bandwidth and server disk space. |