[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN108092970B - Wireless network maintenance method and equipment, storage medium and terminal thereof - Google Patents

Wireless network maintenance method and equipment, storage medium and terminal thereof Download PDF

Info

Publication number
CN108092970B
CN108092970B CN201711330383.9A CN201711330383A CN108092970B CN 108092970 B CN108092970 B CN 108092970B CN 201711330383 A CN201711330383 A CN 201711330383A CN 108092970 B CN108092970 B CN 108092970B
Authority
CN
China
Prior art keywords
network
information
risk
application
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711330383.9A
Other languages
Chinese (zh)
Other versions
CN108092970A (en
Inventor
林龙润
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201711330383.9A priority Critical patent/CN108092970B/en
Publication of CN108092970A publication Critical patent/CN108092970A/en
Application granted granted Critical
Publication of CN108092970B publication Critical patent/CN108092970B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention discloses a wireless network maintenance method and equipment, a storage medium and a terminal thereof, wherein the method comprises the following steps: acquiring network quality information of a wireless network connected with a terminal; acquiring a network operation state corresponding to the wireless network according to the network quality information; acquiring network operation information of application software installed on the terminal based on the network running state; and when the network operation information does not meet the network operation reference information, adjusting the network use permission of the application software according to the software type of the application software, and adjusting the network configuration information of the wireless network according to the software type of the application software. By adopting the invention, the risk of network rubbing can be fundamentally solved, the realization of the anti-network rubbing technology is achieved, the anti-network rubbing risk can be actively detected at a specific time, the intelligence and the accuracy of the anti-network rubbing detection are improved, and the waste of scanning resources when the risk of network rubbing is not generated is also reduced.

Description

Wireless network maintenance method and equipment, storage medium and terminal thereof
Technical Field
The invention relates to the technical field of internet, in particular to a wireless network maintenance method and equipment, a storage medium and a terminal thereof.
Background
With the increasing popularity of application software (such as "Wi-Fi master key") for breaking Wi-Fi (Wireless-Fidelity) network authentication information, it has become more and more common that Wi-Fi is freely enjoyed by others. The applications for cracking the Wi-Fi network authentication information can be connected with other Wi-Fi without authorization so as to perform 'network rubbing'. And the network-rubbing user often occupies the bandwidth, thereby influencing the normal use of the wireless network by the Wi-Fi owner.
In the prior art, in order to prevent a stranger from stealing, whether the connection of a stranger device is arranged at a network gateway is used as a judgment basis for judging whether the risk of stealing the network is existed, and when the risk of stealing the network is detected, the configuration information of the gateway is modified to prohibit the stranger device from connecting the network. However, the method does not fundamentally solve the network-stealing risk, the modified gateway configuration information can be completely cracked again, and the realization of the network-stealing prevention technology is not really achieved.
Disclosure of Invention
The embodiment of the invention provides a wireless network maintenance method, a device, a storage medium and a terminal thereof, which can fundamentally solve the risk of network rubbing, achieve the realization of the anti-network rubbing technology, actively detect the risk of network rubbing at a specific time, improve the intelligence and the accuracy of the anti-network rubbing detection and reduce the waste of scanning resources when no risk of network rubbing exists.
A first aspect of an embodiment of the present invention provides a method for maintaining a wireless network, where the method may include:
acquiring network quality information of a wireless network connected with a terminal;
acquiring a network operation state corresponding to the wireless network according to the network quality information;
acquiring network operation information of application software installed on the terminal based on the network running state;
and when the network operation information does not meet the network operation reference information, adjusting the network use permission of the application software according to the software type of the application software, and adjusting the network configuration information of the wireless network according to the software type of the application software.
A second aspect of the embodiments of the present invention provides a wireless network maintenance device, which may include:
the quality acquisition unit is used for acquiring network quality information of a wireless network connected with the terminal;
the state acquisition unit is used for acquiring a network operation state corresponding to the wireless network according to the network quality information;
the information acquisition unit is used for acquiring the network operation information of the application software installed on the terminal based on the network operation state;
and the information adjusting unit is used for adjusting the network use permission of the application software according to the software type of the application software and adjusting the network configuration information of the wireless network according to the software type of the application software when the network operation information does not meet the network operation reference information.
A third aspect of embodiments of the present invention provides a computer storage medium storing a plurality of instructions adapted to be loaded by a processor and to perform the method steps of the first aspect.
A fourth aspect of an embodiment of the present invention provides a terminal, which may include: a processor and a memory; wherein the memory stores a computer program adapted to be loaded by the processor and to perform the steps of:
acquiring network quality information of a wireless network connected with a terminal;
acquiring a network operation state corresponding to the wireless network according to the network quality information;
acquiring network operation information of application software installed on the terminal based on the network running state;
and when the network operation information does not meet the network operation reference information, adjusting the network use permission of the application software according to the software type of the application software, and adjusting the network configuration information of the wireless network according to the software type of the application software.
In the embodiment of the invention, the network operation state of the wireless network is determined by acquiring the network quality information of the wireless network connected with the terminal, the network operation information of the application software installed on the terminal is acquired based on the network operation state, and when the network operation information does not meet the network operation reference information, the network use permission of the application software and the network configuration information of the wireless network are adjusted. By combining the detection of the network rubbing terminal and the detection of the risk application software and respectively adjusting the network configuration information and the network use permission of the risk application software, the cracking of the network configuration information by the risk application software is fundamentally prevented, the network rubbing risk is solved, and the realization of the network rubbing prevention technology is achieved. And can prevent rubbing the net risk at specific opportunity initiative detection, when having improved prevent rubbing the net intelligence and the accuracy that detect, also reduced the waste of scanning resource when not having the risk of rubbing the net.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart illustrating a method for maintaining a wireless network according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating another method for maintaining a wireless network according to an embodiment of the present invention;
fig. 3a is an interface schematic diagram of a wireless network detection scenario according to an embodiment of the present invention;
fig. 3b is a schematic interface diagram of another wireless network detection scenario provided in the embodiment of the present invention;
fig. 3c is a schematic interface diagram of another wireless network detection scenario provided in the embodiment of the present invention;
FIG. 4 is a schematic interface diagram of a network operating state according to an embodiment of the present invention;
fig. 5 is a flowchart illustrating another method for maintaining a wireless network according to an embodiment of the present invention;
FIG. 6 is a flowchart illustrating another software network maintenance method according to an embodiment of the present invention;
fig. 7a is a schematic interface diagram of malicious web-surfing application software according to an embodiment of the present invention;
fig. 7b is a schematic interface diagram of a potential web-surfing application software provided in an embodiment of the present invention;
fig. 8 is a schematic interface diagram of a network-gramming terminal process according to an embodiment of the present invention;
fig. 9 is a schematic interface diagram of a terminal application security scan according to an embodiment of the present invention;
FIG. 10 is a schematic interface diagram of a monitoring result of application software according to an embodiment of the present invention;
fig. 11 is a schematic structural diagram of a wireless network maintenance device according to an embodiment of the present invention;
fig. 12 is a schematic structural diagram of another wireless network maintenance device according to an embodiment of the present invention;
fig. 13 is a schematic structural diagram of a state obtaining unit according to an embodiment of the present invention;
fig. 14 is a schematic structural diagram of another status acquisition unit according to an embodiment of the present invention;
fig. 15 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The wireless network maintenance method provided by the embodiment of the invention can be applied to the scenes of preventing from network rubbing and solving the problem of network rubbing of the wireless network after the network rubbing occurs, the network running state of the wireless network is determined by acquiring the network quality information of the wireless network connected with the terminal, the network operation information of the application software installed on the terminal is acquired based on the network running state, and when the network operation information does not meet the network operation reference information, the network use authority of the application software and the network configuration information of the wireless network are adjusted. By combining the detection of the network rubbing terminal and the detection of the risk application software and respectively adjusting the network configuration information and the network use permission of the risk application software, the cracking of the network configuration information by the risk application software is fundamentally prevented, the network rubbing risk is solved, and the realization of the network rubbing prevention technology is achieved. And can prevent rubbing the net risk at specific opportunity initiative detection, when having improved prevent rubbing the net intelligence and the accuracy that detect, also reduced the waste of scanning resource when not having the risk of rubbing the net.
The execution of the wireless network maintenance method according to the embodiment of the present invention depends on a computer program, and the wireless network maintenance device can be operated on a computer system of a von-Ruhman system. The wireless network maintenance device may include a tablet computer, a Personal Computer (PC), a smart phone, a palm computer, a Mobile Internet Device (MID), and other terminal devices.
The following describes a wireless network maintenance method according to an embodiment of the present invention in detail with reference to fig. 1 to 10.
Referring to fig. 1, a flow chart of a wireless network maintenance method according to an embodiment of the present invention is shown. As shown in fig. 1, the method of the embodiment of the present invention may include the following steps S101 to S104.
S101, acquiring network quality information of a wireless network connected with a terminal;
it is understood that the network quality information may include network channel quality, the number of terminal devices connected to the wireless network, network speed size, configuration information of a network gateway, and the like.
In specific implementation, in various scenarios, for example, when the wireless network maintenance device performs network security detection, or performs detection and protection of potential network-grazing risks, or detects a behavior that causes the potential network-grazing risks due to application software installed on a terminal, the wireless network maintenance device is triggered to acquire or detect network quality information of the wireless network. Optionally, the wireless network maintenance device may also be triggered periodically or in real time to acquire the network quality information of the wireless network.
S102, acquiring a network running state corresponding to the wireless network according to the network quality information;
it can be understood that the network operating state of the wireless network can be determined by comparing the network quality information with the quality reference information, for example, determining the network operating state of the wireless network by judging the network speed and the network speed reference size, and for example, detecting whether the configuration information of the network gateway is matched with the set configuration information to determine whether the configuration information of the network gateway is changed, thereby determining the network operating state of the wireless network. The network operation state comprises a network operation state containing a terminal identifier of the network-swiping terminal, namely indicating that a strange terminal is connected with the wireless network; and the network running state containing the risk application prompt information, namely indicating that the risk application possibly exists and the risk application detection is necessary.
In the specific implementation, the wireless network maintenance equipment judges whether the network quality information meets the quality reference information by comparing the network quality information with the quality reference information, when the network quality information does not meet the quality reference information, namely when the network quality information exceeds the normal use range of the network quality, the terminal identification of the network-rubbing terminal existing in the wireless network is obtained, the network operation state containing the terminal identification is generated, when the network quality information meets the quality reference information, although the network quality is currently in the normal use range, whether the risk application prompting information exists is inquired based on a risk application record set, and when the risk application prompting information exists, the network operation state containing the risk application prompting information is generated. Optionally, the wireless network maintenance device may also be triggered periodically or in real time to acquire the network quality information of the wireless network. The network-stealing terminal is other malicious illegal authorized terminal equipment connected with a wireless network, the terminal identification is used for uniquely identifying the network-stealing terminal, and can be a Media Access Control (MAC) address, a terminal code, an Internet Protocol (IP) address and the like of the network-stealing terminal.
S103, acquiring network operation information of application software installed on the terminal based on the network running state;
it is understood that the network operation information may include occupied traffic, network connection times, network connection frequency, access rights, whether there is an action to acquire sensitive data related to the network, whether there is an abnormal operation to backup or upload data, and a problem code in the abnormal operation, etc.
TABLE 1
Figure BDA0001506515180000051
In specific implementation, when the network running state including the terminal identifier is generated, it indicates that there is a network-off terminal, or when the network running state including the risk application prompt information is generated, it indicates that there may be risk application software in application software installed on the terminal, and it is necessary to acquire network operation information of the application software installed on the terminal from an operation information set.
The operation information set stores application identifiers and network operation information, and the stored information can be stored in a subset form or a list form.
As shown in table 1, the operation information set in a list form traverses application software a1, a2, A3, a4 and a5 installed on the terminal, matches a1 with the application identifier in table 1 when traversing to a1, and acquires network operation information of B if matching with B. The network operation information of a2, A3, a4, and a5 is acquired in the same manner, respectively.
And S104, when the network operation information does not meet the network operation reference information, adjusting the network use permission of the application software according to the software type of the application software, and adjusting the network configuration information of the wireless network according to the software type of the application software.
It is understood that the network usage right includes an access right of the application software to the wireless network, and the adjusting the network usage right of the application software may include uninstalling or isolating the application software, or managing a network sensitive right of the application software to access the wireless network, and the like. All rights that request proper usage rights and network authentication information may be referred to as network sensitive rights because it involves personal privacy and information security issues.
The network configuration information may include an IP address, a subnet mask, a gateway address, a DNS server address, a network authentication password, a gateway management authentication password, terminal information of a connection gateway, and the like.
In a specific implementation, when the network operation information does not satisfy the network operation reference information, it indicates that the application software is risk application software or risk application software exists in the application software, the network handover prevention processing needs to be performed on the risk application software, that is, the network use permission of the application software is adjusted according to the software type of the application software, where the software type includes malicious risk application software and potential risk application software, and for example, when the software type of the application software is malicious risk application software, the application software is uninstalled or isolated to interrupt the connection between the application software and the wireless network, and when the software type of the application software is potential risk application software, the network sensitivity permission of the application software is adjusted. Meanwhile, network configuration information of the wireless network needs to be adjusted to prevent other malicious and illegal authorized terminals from connecting the wireless network. By combining the setting of the wireless network and the setting of the access authority of the application software installed on the terminal on the wireless network, the network rubbing behavior is further prevented. The network operation reference information comprises normal use flow of application software, various authority information of a normal use network and the like.
It should be noted that, the adjusting of the network configuration information of the wireless network may be performed after S101. That is to say, when the network running state containing the terminal identifier is generated, the network configuration information of the wireless network can be immediately adjusted to prohibit the connection of the network setoff terminal.
In an optional embodiment, the method can monitor information such as abnormal networking condition, abnormal traffic use condition, and acquisition condition of network sensitive authority of application software installed on the terminal in real time, and when abnormal information is detected, network use data of each application software installed on the terminal is acquired, and whether the network use data exceeds a network use threshold range is judged, so that risk application in the application software is detected, the network use authority of the application software is adjusted, and network configuration information of the wireless network is adjusted.
In an optional embodiment, when it is detected that newly installed application software or application software installed on a terminal is abnormal in networking, or when the application software installed on the terminal acquires special authority, and the like, network operation information of each application software installed on the terminal is acquired, and whether the network operation information meets network operation reference information is judged, so that risk application in the application software is detected, the network use authority of the risk application is adjusted, and the network configuration information of the wireless network is adjusted.
In an optional embodiment, the wireless network maintenance equipment can record and count the behavior rules of the wireless network, and select a proper time to trigger the detection of the network quality information and the detection of the network-rubbing application in the application software based on the statistical result, so that the network-rubbing detection efficiency is improved, and the resource is saved.
In the embodiment of the invention, the network operation state of the wireless network is determined by acquiring the network quality information of the wireless network connected with the terminal, the network operation information of the application software installed on the terminal is acquired based on the network operation state, and when the network operation information does not meet the network operation reference information, the network use permission of the application software and the network configuration information of the wireless network are adjusted. By combining the detection of the network rubbing terminal and the detection of the risk application software and respectively adjusting the network configuration information and the network use permission of the risk application software, the cracking of the network configuration information by the risk application software is fundamentally prevented, the network rubbing risk is solved, and the realization of the network rubbing prevention technology is achieved. And can prevent rubbing the net risk at specific opportunity initiative detection, when having improved prevent rubbing the net intelligence and the accuracy that detect, also reduced the waste of scanning resource when not having the risk of rubbing the net.
Referring to fig. 2, a flow chart of another wireless network maintenance method according to an embodiment of the present invention is shown. As shown in fig. 2, the method of the embodiment of the present invention may include the following steps S201 to S210.
S201, acquiring network quality information of a wireless network connected with a terminal;
it is understood that the network quality information may include network channel quality, the number of terminal devices connected to the wireless network, network speed size, configuration information of a network gateway, and the like.
In specific implementation, in various scenarios, for example, when the wireless network maintenance device performs network security detection, or performs detection and protection of potential network-grazing risks, or detects a behavior that causes the potential network-grazing risks due to application software installed on a terminal, the wireless network maintenance device is triggered to acquire or detect network quality information of the wireless network. Optionally, the wireless network maintenance device may also be triggered periodically or in real time to acquire the network quality information of the wireless network.
For example, in a Wi-Fi acceleration scenario shown in fig. 3a, a security check-up scenario shown in fig. 3b, and a scenario shown in fig. 3c where a risk of disclosure and network disconnection is detected, the wireless network maintenance device is triggered to acquire the network quality information of the wireless network.
S202, when the network quality information does not meet the quality reference information, acquiring a terminal identifier of a network-rubbing terminal existing in the wireless network, and generating a network running state containing the terminal identifier;
it can be understood that the network-gramming terminal refers to other malicious and illegal authorized terminal devices connected with the wireless network, and the terminal identifier is used for uniquely identifying the network-gramming terminal, and can be an MAC address, a terminal code or an IP address of the network-gramming terminal.
In the concrete implementation, when the network quality information is detected to be not satisfied when the quality reference information, it is indicated that a network rubbing terminal exists, that is, the network rubbing terminal is connected to the wireless network, the identifier of the network rubbing terminal is obtained, the network running state containing the terminal identifier is generated, and the network running state is further displayed. The network operation state is shown in fig. 4, in which "LG Electronics, IP 10.9.84.73" is the terminal identifier of the network-gramming terminal.
S203, when the network quality information meets the quality reference information, acquiring risk application prompt information based on a risk application record set, and generating a network running state containing the risk application prompt information.
It can be understood that the risk application record set is a set storing risk application record information, and the risk application record information may include attribute information such as a current geographical location of a terminal reporting the risk application software, an age level of a user using the risk application software, an attribute of a network (such as a campus network and the internet) used when the risk application software is detected as the risk application software, environment information, a time period for reporting the risk application software, and the like, and may further include an application identifier, a risk index, a risk level, and the like. The risk application record set can be stored in a list form or a subset form, and application record information is stored in each subset respectively.
For example, as shown in table 2, a set of risk application records in the form of a list. The application information stored in the risk application record set can be updated periodically, and the updating time can be selected based on the statistical result after big data statistics is carried out by combining the application information reported by other terminals.
It should be noted that, the risk application record set may be stored locally in the wireless network maintenance device, and the risk application record set stored locally is pulled to the server by the wireless network maintenance device in advance, and may periodically request the server for updating; the set of risk application records may also be stored on the server side.
TABLE 2
Figure BDA0001506515180000091
In a possible implementation manner, as shown in fig. 5, the obtaining risk application prompt information based on the risk application record set, and generating a network operating state including the risk application prompt information includes the following steps:
s301, analyzing a risk application record set acquired from a server in advance to acquire first risk application record information matched with terminal attribute information of the terminal;
it can be understood that the risk application record set on the wireless network maintenance device is obtained from the server in advance, and a plurality of pieces of risk application record information are stored in the risk application record set. And when the wireless network maintenance equipment receives the network quality detection and then does not have the connection of the network-rubbing terminal, acquiring the terminal attribute information of the terminal, matching the terminal attribute information with the analyzed risk application record information, and if the first risk application record information is matched, indicating that risk application software possibly exists, generating first risk application prompt information.
S302, first risk application prompt information is generated based on the first risk application record information, and the first risk application prompt information is added to a network running state.
It will be appreciated that the network operational status at this point indicates the necessity of at-risk application detection.
In another possible implementation manner, as shown in fig. 6, the obtaining risk application prompt information based on the risk application record set, and generating a network operating state including the risk application prompt information includes the following steps:
s401, sending a risk prompt query request carrying terminal attribute information of the terminal to a server, so that when the server analyzes a risk application record set and finds second risk application record information matched with the terminal attribute information, second risk application prompt information is generated and fed back based on the second risk application record information;
it can be understood that the risk application record set is stored on the server, and a plurality of pieces of risk application record information are stored in the risk application record set, and the risk application record information is reported by other terminals. And when the wireless network maintenance equipment receives the condition that the network quality detection is not carried out and the network-rubbing terminal is not connected, the wireless network maintenance equipment requests the server to match the terminal attribute information with the analyzed risk application record information based on the terminal, and if the second risk application record information is matched to indicate that the risk application possibly exists, second risk application prompt information is generated and fed back to the wireless network maintenance equipment.
S402, generating a network running state containing the second risk application prompt information.
It is understood that the wireless network maintenance device generates a network operation state containing the second risk application prompt message to trigger the execution of the detection of the application software installed on the terminal.
It should be noted that the first risk application record information and the second risk application record information may be the same or different, and are only used for distinguishing the matching result between the local and the server. The first risk application prompt message and the second risk application prompt message are the same.
Optionally, the application identifier of the application software installed in the terminal is matched with the application identifier of the risk application software in the risk application set, if the application software successfully matched exists, it is indicated that the network-stealing application exists in the application software, on one hand, the successfully matched application software can be determined as malicious network-stealing application software, the network use permission of the malicious network-stealing application software on the wireless network is adjusted, meanwhile, the network use data of the application software which is not successfully matched in the application software is inquired, and whether the application software is potential network-stealing application software is judged based on the network use data; on the other hand, the network use data of all the installed application software can be searched based on the matching result of the application software with successful matching, so that the network-surfing application software is determined. And then acquiring an application identifier of the network-rubbing application, and generating a network running state containing the application identifier.
And S204, when the network running state containing the terminal identification is generated or the network running state containing the risk application prompt information is generated, acquiring the network operation information of the application software in an operation information set.
It is understood that the network operation information may include data related to the network, such as occupied traffic, network connection times, network connection frequency, access authority, whether there is an action of acquiring sensitive data related to the network, whether there is an abnormal operation for data backup or data upload, and a problem code in the abnormal operation, etc.
In specific implementation, when the network running state including the terminal identifier is generated, it indicates that there is a network-off terminal, or when the network running state including the risk application prompt information is generated, it indicates that there may be risk application software in application software installed on the terminal, and it is necessary to acquire network operation information of the application software installed on the terminal from an operation information set.
The operation information set stores application identifiers and network operation information, and the stored information can be stored in a subset form or a list form.
As shown in table 1, the operation information set in a list form traverses application software a1, a2, A3, a4 and a5 installed on the terminal, matches a1 with the application identifier in table 1 when traversing to a1, and acquires network operation information of B if matching with B. The network operation information of a2, A3, a4, and a5 is acquired in the same manner, respectively.
S205, acquiring an application risk level corresponding to the network operation information;
in one possible implementation manner, the risk level corresponding to the network operation information is searched in the network operation set, and in another possible implementation manner, the target application risk level corresponding to the network operation information of the risk application is searched based on the mapping relationship between the application risk level and the network operation information.
S206, when the application risk level exceeds the second risk level threshold range, determining that the software type of the application software is malicious risk application software;
it is understood that setting the application risk level includes three levels, security, potential risk and malicious risk, respectively, with corresponding threshold ranges being no more than a first risk level threshold, more than the first risk level threshold range and no more than a second risk level threshold, and more than the second risk level threshold range.
Further, when the application software is determined to be malicious risk application software, the risk item details of the malicious risk application software are presented, as shown in fig. 7a, including information such as an application name, a risk level, risk details, and an application classification.
And S207, acquiring a third risk application record of the malicious risk application software, and storing the third risk application record into a risk application record set.
It can be understood that the third risk application record may report the current geographical location of the terminal of the risk application software, the age group of the user using the risk application software, the attribute of the network used when the risk application software is detected, and other relevant information. If the risk application record set is stored locally, the application information can be directly stored in the risk application set, and the application information is processed by combining the local historical risk application record information by using algorithms such as weighted averaging and the like, or can be directly reported to a server, and the server returns to the local storage after counting; and if the risk application record set is stored in the server, reporting the application information to the server so as to enable the server to carry out big data statistics.
S208, unloading or isolating the application software to interrupt the connection between the application software and the wireless network and adjust the network configuration information of the wireless network;
for example, as shown in fig. 7a, the malicious onboarding application software is uninstalled by selecting a control button "uninstall" in the display interface of the detected malicious onboarding application software, so that the connection of the malicious application software with the wireless network is interrupted. Meanwhile, network configuration information of the wireless network, such as an IP address, a subnet mask, a gateway address, a DNS server address, a network authentication password, a gateway management authentication password, and terminal information for connecting a gateway, needs to be adjusted and set to prevent a network-pass terminal that has cracked the network configuration information of the wireless network from connecting the wireless network again.
Optionally, after the network running state including the terminal identifier of the network grabing terminal is generated, the network grabing terminal corresponding to the terminal identifier may be processed (for example, the unknown device in fig. 8), such as "forbidding networking" to process the network grabing risk in time.
S209, when the application risk level exceeds a first risk level threshold range and does not exceed a second risk level threshold range, determining that the software type of the application software is potential risk application software;
further, when the application software is determined to be a risk potential application software, the risk item details of the risk potential application software are presented, as shown in fig. 7b, which includes information such as application name, risk level, risk details, and application classification.
S210, adjusting the network sensitivity authority of the application software, and adjusting the network configuration information of the wireless network.
It will be appreciated that whatever authority is required to rightfully use the authority and to authenticate the information to the network may be referred to as a network-sensitive authority because it involves personal privacy and information security issues.
For example, as shown in fig. 7B, it is detected that the application software "B application" is a potential network-surfing risk application software, and the "management sensitive permission" is selected for setting and adjusting by selecting the control key in the displayed interface. Meanwhile, network configuration information of the wireless network, such as an IP address, a subnet mask, a gateway address, a DNS server address, a network authentication password, a gateway management authentication password, and terminal information for connecting a gateway, needs to be adjusted and set to prevent a network-pass terminal that has cracked the network configuration information of the wireless network from connecting the wireless network again.
In an optional embodiment, when the security scanning operation of the application software is performed, as shown in fig. 9, if the network-gramming risk related application is found, the network-gramming risk related application also performs related processing on the application, and after the processing is completed, the network-gramming risk related application is triggered to perform network-gramming terminal detection and network-gramming application detection based on the network quality information.
In an optional embodiment, when it is detected that newly installed application software or installed application software is abnormal in networking, or network-surfing application software exists under the condition that the application software installed on the terminal obtains a special authority, relevant risk prompt information is displayed, as shown in fig. 10, when a touch instruction input by a user aiming at an "immediate processing" control of the display interface is received, the detailed page shown in fig. 3c is skipped to, and two operations of "processing risk application" and "network detection" can be executed.
In the embodiment of the invention, the network operation state of the wireless network is determined by acquiring the network quality information of the wireless network connected with the terminal, the network operation information of the application software installed on the terminal is acquired based on the network operation state, and when the network operation information does not meet the network operation reference information, the network use permission of the application software and the network configuration information of the wireless network are adjusted. By combining the detection of the network rubbing terminal and the detection of the risk application software and respectively adjusting the network configuration information and the network use permission of the risk application software, the cracking of the network configuration information by the risk application software is fundamentally prevented, the network rubbing risk is solved, and the realization of the network rubbing prevention technology is achieved. And can prevent rubbing the net risk at specific opportunity initiative detection, when having improved prevent rubbing the net intelligence and the accuracy that detect, also reduced the waste of scanning resource when not having the risk of rubbing the net.
The wireless network maintenance device provided by the embodiment of the invention will be described in detail with reference to fig. 11 to 13. It should be noted that, the wireless network maintenance device shown in fig. 11 is used for executing the method according to the embodiment of the present invention shown in fig. 1 to fig. 10, for convenience of description, only the portion related to the embodiment of the present invention is shown, and details of the technology are not disclosed, please refer to the embodiment of the present invention shown in fig. 1 to fig. 10.
Fig. 11 is a schematic structural diagram of a wireless network maintenance device according to an embodiment of the present invention. As shown in fig. 11, the wireless network maintenance device 10 according to the embodiment of the present invention may include: a quality acquisition unit 101, a state acquisition unit 102, an information acquisition unit 103, and an information adjustment unit 104.
A quality acquisition unit 101 configured to acquire network quality information of a wireless network to which a terminal is connected;
it is understood that the network quality information may include network channel quality, the number of terminal devices connected to the wireless network, network speed size, configuration information of a network gateway, and the like.
In specific implementation, in various scenarios, for example, when the quality acquisition unit 101 performs network security detection, or performs detection and protection of a potential network-grazing risk, or detects a behavior that causes the potential network-grazing risk due to application software installed on a terminal, the quality acquisition unit 101 is triggered to acquire or detect network quality information of a wireless network. Optionally, the quality obtaining unit 101 may also be triggered periodically or in real time to obtain the network quality information of the wireless network.
A state obtaining unit 102, configured to obtain a network operation state corresponding to the wireless network according to the network quality information;
it can be understood that the network operating state of the wireless network can be determined by comparing the network quality information with the quality reference information, for example, determining the network operating state of the wireless network by judging the network speed and the network speed reference size, and for example, detecting whether the configuration information of the network gateway is matched with the set configuration information to determine whether the configuration information of the network gateway is changed, thereby determining the network operating state of the wireless network. The network operation state comprises a network operation state containing a terminal identifier of the network-stealing terminal, namely indicating that a strange terminal is possibly connected with the wireless network; and the network running state containing the risk application prompt information, namely indicating that the risk application possibly exists and the risk application detection is necessary.
In specific implementation, the state obtaining unit 102 determines whether the network quality information meets the quality reference information by comparing the network quality information with the quality reference information, obtains a terminal identifier of a network-off terminal existing in the wireless network when the network quality information does not meet the quality reference information, that is, when the network quality information exceeds a normal use range of the network quality, generates a network running state including the terminal identifier, and when the network quality information meets the quality reference information, although the network quality is currently in the normal use range, it is required to query whether risk application prompt information exists based on a risk application record set, and when the risk application prompt information exists, generates a network running state including the risk application prompt information. Optionally, the state obtaining unit 102 may be triggered periodically or in real time to obtain the network quality information of the wireless network. The network-rubbing terminal is other malicious illegal authorized terminal equipment connected with a wireless network, the terminal identification is used for uniquely identifying the network-rubbing terminal and can control the Media Access Control (MAC) address, the terminal code, the IP address and the like of the network-rubbing terminal.
An information obtaining unit 103, configured to obtain network operation information of application software installed on the terminal based on the network running state;
it is understood that the network operation information may include occupied traffic, network connection times, network connection frequency, access rights, whether there is an action to acquire sensitive data related to the network, whether there is an abnormal operation to backup or upload data, and a problem code in the abnormal operation, etc.
In specific implementation, when the network running state including the terminal identifier is generated, it indicates that there is a network-off terminal, or when the network running state including the risk application prompt information is generated, it indicates that there may be risk application software in application software installed on the terminal, and it is necessary to acquire network operation information of the application software installed on the terminal from an operation information set.
The application identifier and the network operation information are stored in the use operation information, and the stored information can be stored in a subset form or a list form.
As shown in table 1, the operation information set in the form of a list traverses the installed application software a1, a2, A3, a4 and a5, matches a1 with the application identifier in table 1 when traversing to a1, and obtains the network operation information of B if matching with B. The network operation information of a2, A3, a4, and a5 is acquired in the same manner, respectively.
And the information adjusting unit 104 is configured to, when the network operation information does not satisfy the network operation reference information, adjust the network usage right of the application software according to the software type of the application software, and adjust the network configuration information of the wireless network according to the software type of the application software.
It is understood that the network usage right includes an access right of the application software to the wireless network, and the adjusting the network usage right of the application software may include uninstalling or isolating the application software, or managing a network sensitive right of the application software to access the wireless network, and the like. All rights that request proper usage rights and network authentication information may be referred to as network sensitive rights because it involves personal privacy and information security issues.
The network configuration information may include an IP address, a subnet mask, a gateway address, a DNS server address, a network authentication password, a gateway management authentication password, terminal information of a connection gateway, and the like.
In a specific implementation, when the network operation information does not satisfy the network operation reference information, it indicates that the application software is risk application software or risk application software exists in the application software, the network handover prevention processing needs to be performed on the risk application software, that is, the network use permission of the application software is adjusted according to the software type of the application software, where the software type includes malicious risk application software and potential risk application software, and for example, when the software type of the application software is malicious risk application software, the application software is uninstalled or isolated to interrupt the connection between the application software and the wireless network, and when the software type of the application software is potential risk application software, the network sensitivity permission of the application software is adjusted. Meanwhile, network configuration information of the wireless network needs to be adjusted to prevent other malicious and illegal authorized terminals from connecting the wireless network. By combining the setting of the wireless network and the setting of the access authority of the application software installed on the terminal on the wireless network, the network rubbing behavior is further prevented. The network operation reference information comprises normal use flow of application software, various authority information of a normal use network and the like.
It should be noted that the adjusting of the network configuration information of the wireless network may be performed after 101. That is to say, when the network running state containing the terminal identifier is generated, the network configuration information of the wireless network can be immediately adjusted to prohibit the connection of the network setoff terminal.
In an optional embodiment, information such as an abnormal networking condition, an abnormal traffic use condition, and an acquisition condition of a network sensitive authority of application software installed on a terminal may be monitored in real time, and when it is detected that there is abnormal information, the information acquisition unit 103 is triggered to acquire network use data of each application software installed on the terminal, and determine whether the network use data exceeds a network use threshold range, thereby detecting a network-off terminal in the application software, adjusting the network use authority of the application software, and adjusting network configuration information of the wireless network.
In an optional embodiment, when it is detected that there is a newly installed application software or an application software installed on the terminal is abnormal in networking, or when the application software installed on the terminal acquires a special authority, the trigger information acquiring unit 103 acquires network operation information of each application software installed on the terminal, and determines whether the network operation information satisfies network operation reference information, thereby detecting a risk application in the application software, adjusting a network usage authority of the risk application, and adjusting network configuration information of the wireless network.
In an optional embodiment, the behavior rules of the wireless network can be recorded and counted, and based on the counting result, the state acquisition unit 102 is triggered at an appropriate time to detect the network quality information and the trigger information acquisition unit 103 detects the network-rubbing application in the application software, so that the network-rubbing detection efficiency is improved, and the resource is saved.
In the embodiment of the invention, the network operation state of the wireless network is determined by acquiring the network quality information of the wireless network connected with the terminal, the network operation information of the application software installed on the terminal is acquired based on the network operation state, and when the network operation information does not meet the network operation reference information, the network use permission of the application software and the network configuration information of the wireless network are adjusted. By combining the detection of the network rubbing terminal and the detection of the risk application software and respectively adjusting the network configuration information and the network use permission of the risk application software, the cracking of the network configuration information by the risk application software is fundamentally prevented, the network rubbing risk is solved, and the realization of the network rubbing prevention technology is achieved. And can prevent rubbing the net risk at specific opportunity initiative detection, when having improved prevent rubbing the net intelligence and the accuracy that detect, also reduced the waste of scanning resource when not having the risk of rubbing the net.
Referring to fig. 12, a schematic structural diagram of another wireless network maintenance device according to an embodiment of the present invention is provided. As shown in fig. 12, the wireless network maintenance device 10 according to the embodiment of the present invention may include: quality acquisition section 101, state acquisition section 102, information acquisition section 103, information adjustment section 104, rank acquisition section 105, malicious application determination section 106, potential application determination section 107, and information storage section 108.
A quality acquisition unit 101 configured to acquire network quality information of a wireless network to which a terminal is connected;
it is understood that the network quality information may include network channel quality, the number of terminal devices connected to the wireless network, network speed size, configuration information of a network gateway, and the like.
In specific implementation, in various scenarios, for example, when the quality acquisition unit 101 performs network security detection, or performs detection and protection of a potential network-grazing risk, or detects a behavior that causes the potential network-grazing risk due to application software installed on a terminal, the quality acquisition unit 101 is triggered to acquire or detect network quality information of a wireless network. Optionally, the quality obtaining unit 101 may also be triggered periodically or in real time to obtain the network quality information of the wireless network.
For example, in a Wi-Fi acceleration scenario shown in fig. 3a, a security check-up scenario shown in fig. 3b, and a scenario in which a risk of divulgence and network hacking is detected shown in fig. 3c, the quality acquisition unit 101 is triggered to acquire the network quality information of the wireless network.
A state obtaining unit 102, configured to obtain a network operation state corresponding to a wireless network based on network quality information of the wireless network;
optionally, the state obtaining unit 102 is specifically configured to, when the network quality information does not satisfy the quality reference information, obtain a terminal identifier of a network handover terminal existing in the wireless network, and generate a network running state including the terminal identifier;
it can be understood that the network-gramming terminal refers to other malicious and illegal authorized terminal devices connected with the wireless network, and the terminal identifier is used for uniquely identifying the network-gramming terminal, and can be an MAC address, a terminal code or an IP address of the network-gramming terminal.
In specific implementation, when it is detected that the network quality information does not satisfy the quality reference information, it indicates that a network-gramming terminal exists, that is, the network-gramming terminal is connected to a wireless network, acquires an identifier of the network-gramming terminal, generates a network operating state including the terminal identifier, and further shows the network operating state, such as the network operating state shown in fig. 4, where "LG Electronics, IP 10.9.84.73" is the terminal identifier of the network-gramming terminal.
Optionally, the state obtaining unit 102 is specifically configured to, when the network quality information meets the quality reference information, obtain risk application prompt information based on a risk application record set, and generate a network running state including the risk application prompt information.
It can be understood that the risk application record set is a set storing risk application record information, and the risk application record information may include attribute information such as a current geographical location of a terminal reporting the risk application software, an age level of a user using the risk application software, an attribute of a network (such as a campus network and the internet) used when the risk application software is detected as the risk application software, environment information, a time period for reporting the risk application software, and the like, and may further include an application identifier, a risk index, a risk level, and the like. The risk application record set can be stored in a list form or a subset form, and application record information is stored in each subset respectively.
For example, as shown in table 2, a set of risk application records in the form of a list. The application information stored in the risk application record set can be updated periodically, and the updating time can be selected based on the statistical result after big data statistics is carried out by combining the application information reported by other terminals.
It should be noted that the risk application record set may be stored locally in the state obtaining unit 102, and the risk application record set stored locally is pulled to the server by the state obtaining unit 102 in advance, and may periodically request the server for updating; the set of risk application records may also be stored on the server side.
Optionally, as shown in fig. 13, the state obtaining unit 102 includes:
a set analysis subunit 1021, configured to analyze a risk application record set acquired from a server in advance to acquire first risk application record information matched with the terminal attribute information of the terminal;
it is understood that the risk application record set on the state acquiring unit 102 is acquired from a server in advance, and a plurality of pieces of risk application record information are stored in the risk application record set. When the set analysis subunit 1021 receives the network quality detection and then does not have the network-off terminal connection, the terminal attribute information of the terminal is obtained, the terminal attribute information is matched with the analyzed risk application record information, and if the first risk application record information is matched, it indicates that risk application software may exist, first risk application prompt information is generated.
A state adding subunit 1022, configured to generate first risk application prompting information based on the first risk application recording information, and add the first risk application prompting information to a network running state.
It will be appreciated that the network operational status at this point indicates the necessity of at-risk application detection.
Optionally, as shown in fig. 14, the state obtaining unit 102 includes:
a request sending subunit 1023, configured to send a risk prompt query request carrying the terminal attribute information of the terminal to a server, so that when the server analyzes a risk application record set and finds second risk application record information matching the terminal attribute information, second risk application prompt information is generated and fed back based on the second risk application record information;
it can be understood that the risk application record set is stored on the server, and a plurality of pieces of risk application record information are stored in the risk application record set, and the risk application record information is reported by other terminals. When the request sending subunit 1023 receives the network quality detection and then does not have the network-handover terminal connection, the request server matches the terminal attribute information with the analyzed risk application record information based on the terminal attribute information of the terminal, and if the second risk application record information is matched, which indicates that risk application may exist, generates second risk application prompt information and feeds the second risk application prompt information back to the request sending subunit 1023.
And a state generating subunit 1024, configured to generate a network operating state including the second risk application prompt information.
It is understood that the state generating subunit 1024 then generates the network running state containing the second risk application prompting information to trigger execution of detection of the application software installed on the terminal.
It should be noted that the first risk application record information and the second risk application record information may be the same or different, and are only used for distinguishing the matching result between the local and the server. The first risk application prompt message and the second risk application prompt message are the same.
An information obtaining unit 103, configured to obtain network operation information of application software installed on the terminal based on the network running state;
it is understood that the network operation information may include data related to the network, such as occupied traffic, network connection times, network connection frequency, access authority, whether there is an action of acquiring sensitive data related to the network, whether there is an abnormal operation for data backup or data upload, and a problem code in the abnormal operation, etc.
Optionally, the information obtaining unit 103 is specifically configured to:
and when a network running state containing the terminal identification is generated or when a network running state containing the risk application prompt information is generated, acquiring the network operation information of the application software in an operation information set.
In specific implementation, when the network running state including the terminal identifier is generated, it indicates that there is a network-off terminal, or when the network running state including the risk application prompt information is generated, it indicates that there may be risk application software in application software installed on the terminal, and it is necessary to acquire network operation information of the application software installed on the terminal from an operation information set.
The operation information set stores application identification and network use data, and the stored information can be stored in a subset or a list.
As shown in table 1, the operation information set in a list form traverses application software a1, a2, A3, a4 and a5 installed on the terminal, matches a1 with the application identifier in table 1 when traversing to a1, and acquires network operation information of B if matching with B. The network operation information of a2, A3, a4, and a5 is acquired in the same manner, respectively.
And the information adjusting unit 104 is configured to, when the network operation information does not satisfy the network operation reference information, adjust the network usage right of the application software according to the software type of the application software, and adjust the network configuration information of the wireless network according to the software type of the application software.
Optionally, as shown in fig. 12, the apparatus 10 further includes:
a level obtaining unit 105, configured to obtain an application risk level corresponding to the network operation information;
in one feasible implementation manner, the risk level corresponding to the network operation information is searched in the operation information set, and in another feasible implementation manner, the target application risk level corresponding to the network operation information of the risk application is searched based on the mapping relationship between the application risk level and the network operation information.
A malicious application determining unit 106, configured to determine that the software type of the application software is malicious risk application software when the application risk level exceeds the second risk level threshold range;
a potential application determining unit 107, configured to determine that the software type of the application software is a potential risk application software when the application risk level exceeds the first risk level threshold range and does not exceed the second risk level threshold range.
It is understood that setting the application risk level includes three levels, security, potential risk and malicious risk, respectively, with corresponding threshold ranges being no more than a first risk level threshold, more than the first risk level threshold range and no more than a second risk level threshold, and more than the second risk level threshold range.
Further, when the application software is determined to be malicious risk application software, the risk item details of the malicious risk application software are presented, as shown in fig. 7a, including information such as an application name, a risk level, risk details, and an application classification.
Further, when the application software is determined to be a risk potential application software, the risk item details of the risk potential application software are presented, as shown in fig. 7b, which includes information such as application name, risk level, risk details, and application classification.
Further, the information adjusting unit 104 is specifically configured to:
when the software type of the application software is malicious risk application software, uninstalling or isolating the application software to interrupt the connection of the application software and the wireless network;
for example, as shown in fig. 7a, the malicious onboarding application software is uninstalled by selecting a control button "uninstall" in the display interface of the detected malicious onboarding application software, so that the connection of the malicious application software with the wireless network is interrupted. Meanwhile, network configuration information of the wireless network, such as an IP address, a subnet mask, a gateway address, a DNS server address, a network authentication password, a gateway management authentication password, and terminal information for connecting a gateway, needs to be adjusted and set to prevent a network-pass terminal that has cracked the network configuration information of the wireless network from connecting the wireless network again.
Optionally, after the network running state including the terminal identifier of the network grabing terminal is generated, the network grabing terminal corresponding to the terminal identifier may be processed (for example, the unknown device in fig. 8), such as "forbidding networking" to process the network grabing risk in time.
And when the software type of the application software is a potential risk application, adjusting the network sensitivity authority of the application software.
It will be appreciated that whatever authority is required to rightfully use the authority and to authenticate the information to the network may be referred to as a network-sensitive authority because it involves personal privacy and information security issues.
For example, as shown in fig. 7B, it is detected that the application software "B application" is a potential network-surfing risk application software, and the "management sensitive permission" is selected for setting and adjusting by selecting the control key in the displayed interface. Meanwhile, network configuration information of the wireless network, such as an IP address, a subnet mask, a gateway address, a DNS server address, a network authentication password, a gateway management authentication password, and terminal information for connecting a gateway, needs to be adjusted and set to prevent a network-pass terminal that has cracked the network configuration information of the wireless network from connecting the wireless network again.
Optionally, as shown in fig. 12, the apparatus 10 further includes:
an information saving unit 108, configured to obtain third risk application record information of the malicious risk application software, and save the third risk application record information to a risk application record set.
It is to be understood that, the third risk application record may report the current geographical location of the terminal of the risk application software, the age level of the user using the risk application software, the attribute of the network used when the risk application software is detected, and other relevant information. If the risk application record set is stored locally, the application information can be directly stored in the risk application set, and the application information is processed by combining the local historical risk application record information by using algorithms such as weighted averaging and the like, or can be directly reported to a server, and the server returns to the local storage after counting; and if the risk application record set is stored in the server, reporting the application information to the server so as to enable the server to carry out big data statistics.
In the embodiment of the invention, the network operation state of the wireless network is determined by acquiring the network quality information of the wireless network connected with the terminal, the network operation information of the application software installed on the terminal is acquired based on the network operation state, and when the network operation information does not meet the network operation reference information, the network use permission of the application software and the network configuration information of the wireless network are adjusted. By combining the detection of the network rubbing terminal and the detection of the risk application software and respectively adjusting the network configuration information and the network use permission of the risk application software, the cracking of the network configuration information by the risk application software is fundamentally prevented, the network rubbing risk is solved, and the realization of the network rubbing prevention technology is achieved. And can prevent rubbing the net risk at specific opportunity initiative detection, when having improved prevent rubbing the net intelligence and the accuracy that detect, also reduced the waste of scanning resource when not having the risk of rubbing the net.
An embodiment of the present invention further provides a computer storage medium, where the computer storage medium may store a plurality of instructions, where the instructions are suitable for being loaded by a processor and executing the method steps in the embodiments shown in fig. 1 to 10, and a specific execution process may refer to specific descriptions of the embodiments shown in fig. 1 to 10, which are not described herein again.
Fig. 15 is a schematic structural diagram of a terminal according to an embodiment of the present invention. As shown in fig. 15, the terminal 1000 can include: at least one processor 1001, such as a CPU, at least one network interface 1004, a user interface 1003, memory 1005, at least one communication bus 1002. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display) and a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface and a standard wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a non-volatile memory (non-volatile memory), such as at least one disk memory. The memory 1005 may optionally be at least one memory device located remotely from the processor 1001. As shown in fig. 15, a memory 1005, which is one type of computer storage medium, may include therein an operating system, a network communication module, a user interface module, and a wireless network maintenance application program.
In the terminal 1000 shown in fig. 15, the user interface 1003 is mainly used as an interface for providing input for a user, and acquiring data input by the user; the network interface 1004 is mainly used for data communication with the user terminal; and the processor 1001 may be configured to invoke the wireless network maintenance application stored in the memory 1005 and specifically perform the following operations:
acquiring network quality information of a wireless network connected with a terminal;
acquiring a network operation state corresponding to the wireless network according to the network quality information;
acquiring network operation information of application software installed on the terminal based on the network running state;
and when the network operation information does not meet the network operation reference information, adjusting the network use permission of the application software according to the software type of the application software, and adjusting the network configuration information of the wireless network according to the software type of the application software.
In an embodiment, when the processor 1001 acquires the network operating state corresponding to the wireless network according to the network quality information, the following operation is specifically performed:
and when the network quality information does not meet the quality reference information, acquiring a terminal identifier of a network rubbing terminal existing in the wireless network, and generating a network running state containing the terminal identifier.
In an embodiment, when the processor 1001 acquires the network operating state corresponding to the wireless network according to the network quality information, the following operation is specifically performed:
and when the network quality information meets the quality reference information, acquiring risk application prompt information based on a risk application record set, and generating a network running state containing the risk application prompt information.
In an embodiment, when the processor 1001 executes the steps of obtaining risk application prompt information based on a risk application record set and generating a network running state including the risk application prompt information, specifically:
analyzing a risk application record set acquired from a server in advance to acquire first risk application record information matched with terminal attribute information of the terminal;
and generating first risk application prompt information based on the first risk application record information, and adding the first risk application prompt information to a network running state.
In an embodiment, when the processor 1001 executes the steps of obtaining risk application prompt information based on a risk application record set and generating a network running state including the risk application prompt information, specifically:
sending a risk prompt query request carrying terminal attribute information of the terminal to a server, so that when the server analyzes a risk application record set and finds second risk application record information matched with the terminal attribute information, second risk application prompt information is generated and fed back based on the second risk application record information;
and generating a network running state containing the second risk application prompt information.
In one embodiment, when the processor 1001 acquires the network operation information of the application software installed on the terminal based on the network operation state, it specifically performs the following operations:
when generating the network running state containing the terminal identification or generating the network running state containing the risk application prompt information, acquiring the network operation information of the application software in an operation information set
In one embodiment, the processor 1001 further performs the following operations:
acquiring an application risk level corresponding to the network operation information;
determining the software type of the application software to be potential risk application software when the application risk level exceeds a first risk level threshold range and does not exceed a second risk level threshold range;
when the application risk level exceeds the second risk level threshold range, determining that the software type of the application software is malicious risk application software.
In one embodiment, when the processor 1001 adjusts the network usage right of the application software, the following operations are specifically performed:
when the software type of the application software is malicious risk application software, uninstalling or isolating the application software to interrupt the connection of the application software and the wireless network;
and when the software type of the application software is the potential risk application software, adjusting the network sensitivity authority of the application software.
In one embodiment, the processor 1001 further performs the following operations:
and acquiring third risk application record information of the malicious risk application software, and storing the third risk application record information into a risk application record set.
In the embodiment of the invention, the network operation state of the wireless network is determined by acquiring the network quality information of the wireless network connected with the terminal, the network operation information of the application software installed on the terminal is acquired based on the network operation state, and when the network operation information does not meet the network operation reference information, the network use permission of the application software and the network configuration information of the wireless network are adjusted. By combining the detection of the network rubbing terminal and the detection of the risk application software and respectively adjusting the network configuration information and the network use permission of the risk application software, the cracking of the network configuration information by the risk application software is fundamentally prevented, the network rubbing risk is solved, and the realization of the network rubbing prevention technology is achieved. And can prevent rubbing the net risk at specific opportunity initiative detection, when having improved prevent rubbing the net intelligence and the accuracy that detect, also reduced the waste of scanning resource when not having the risk of rubbing the net.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.

Claims (12)

1. A method for maintaining a wireless network, comprising:
acquiring network quality information of a wireless network connected with a terminal;
when the network quality information does not meet the quality reference information, acquiring a terminal identifier of a network-rubbing terminal existing in a wireless network, and generating a network running state containing the terminal identifier;
when the network quality information meets the quality reference information, acquiring risk application prompt information based on a risk application record set, and generating a network running state containing the risk application prompt information;
acquiring network operation information of application software installed on the terminal based on the network running state;
and when the network operation information does not meet the network operation reference information, adjusting the network use permission of the application software according to the software type of the application software, and adjusting the network configuration information of the wireless network according to the software type of the application software.
2. The method of claim 1, wherein obtaining risk application prompting information based on the risk application record set and generating a network operating state containing the risk application prompting information comprises:
analyzing a risk application record set acquired from a server in advance to acquire first risk application record information matched with terminal attribute information of the terminal;
and generating first risk application prompt information based on the first risk application record information, and adding the first risk application prompt information to a network running state.
3. The method of claim 1, wherein obtaining risk application prompting information based on the risk application record set and generating a network operating state containing the risk application prompting information comprises:
sending a risk prompt query request carrying terminal attribute information of the terminal to a server, so that when the server analyzes a risk application record set and finds second risk application record information matched with the terminal attribute information, second risk application prompt information is generated and fed back based on the second risk application record information;
and generating a network running state containing the second risk application prompt information.
4. The method according to claim 1, wherein the obtaining network operation information of the application software installed on the terminal based on the network running state comprises:
and when a network running state containing the terminal identification is generated or when a network running state containing the risk application prompt information is generated, acquiring the network operation information of the application software in an operation information set.
5. The method of claim 1, further comprising:
acquiring an application risk level corresponding to the network operation information;
determining the software type of the application software to be potential risk application software when the application risk level exceeds a first risk level threshold range and does not exceed a second risk level threshold range;
when the application risk level exceeds the second risk level threshold range, determining that the software type of the application software is malicious risk application software.
6. The method of claim 5, wherein the adjusting the network usage rights of the application software according to the software type of the application software comprises:
when the software type of the application software is malicious risk application software, uninstalling or isolating the application software to interrupt the connection of the application software and the wireless network;
and when the software type of the application software is the potential risk application software, adjusting the network sensitivity authority of the application software.
7. The method of claim 5, further comprising:
and acquiring third risk application record information of the malicious risk application software, and storing the third risk application record information into a risk application record set.
8. A wireless network maintenance device, comprising:
the quality acquisition unit is used for acquiring network quality information of a wireless network connected with the terminal;
a state obtaining unit, configured to obtain a network operating state corresponding to the wireless network according to the network quality information, where the state obtaining unit includes: when the network quality information does not meet the quality reference information, acquiring a terminal identifier of a network rubbing terminal existing in the wireless network, and generating a network running state containing the terminal identifier; when the network quality information meets the quality reference information, acquiring risk application prompt information based on a risk application record set, and generating a network running state containing the risk application prompt information;
the information acquisition unit is used for acquiring the network operation information of the application software installed on the terminal based on the network operation state;
and the information adjusting unit is used for adjusting the network use permission of the application software according to the software type of the application software and adjusting the network configuration information of the wireless network according to the software type of the application software when the network operation information does not meet the network operation reference information.
9. The apparatus of claim 8, wherein the status acquisition unit comprises:
the system comprises a set analysis subunit, a risk application record set analysis subunit and a risk application record analysis unit, wherein the set analysis subunit is used for analyzing a risk application record set which is acquired from a server in advance so as to acquire first risk application record information matched with terminal attribute information of the terminal;
and the state adding subunit is used for generating first risk application prompt information based on the first risk application record information and adding the first risk application prompt information to the network running state.
10. The apparatus of claim 8, wherein the status acquisition unit comprises:
the request sending subunit is configured to send a risk prompt query request carrying current terminal attribute information to a server, so that when the server analyzes a risk application record set and finds second risk application record information matched with the terminal attribute information, second risk application prompt information is generated and fed back based on the second risk application record information;
and the state generating subunit is used for generating a network running state containing the second risk application prompt information.
11. A computer storage medium, characterized in that it stores a plurality of instructions adapted to be loaded by a processor and to carry out the method steps according to any one of claims 1 to 7.
12. A terminal, comprising: a processor and a memory; wherein the memory stores a computer program adapted to be loaded by the processor and to perform the steps of:
acquiring network quality information of a wireless network connected with a terminal;
when the network quality information does not meet the quality reference information, acquiring a terminal identifier of a network rubbing terminal existing in a wireless network, and generating a network running state containing the terminal identifier;
when the network quality information meets the quality reference information, acquiring risk application prompt information based on a risk application record set, and generating a network running state containing the risk application prompt information;
acquiring network use data of application software installed on the terminal based on the network running state;
when the network usage data exceeds a network usage threshold range, adjusting the network usage rights of the application software and the network configuration information of the wireless network.
CN201711330383.9A 2017-12-13 2017-12-13 Wireless network maintenance method and equipment, storage medium and terminal thereof Active CN108092970B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711330383.9A CN108092970B (en) 2017-12-13 2017-12-13 Wireless network maintenance method and equipment, storage medium and terminal thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711330383.9A CN108092970B (en) 2017-12-13 2017-12-13 Wireless network maintenance method and equipment, storage medium and terminal thereof

Publications (2)

Publication Number Publication Date
CN108092970A CN108092970A (en) 2018-05-29
CN108092970B true CN108092970B (en) 2021-01-15

Family

ID=62175284

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711330383.9A Active CN108092970B (en) 2017-12-13 2017-12-13 Wireless network maintenance method and equipment, storage medium and terminal thereof

Country Status (1)

Country Link
CN (1) CN108092970B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110213281A (en) * 2019-06-10 2019-09-06 昆山顶象数据科技有限公司 Safety protecting method and device
CN110493786B (en) * 2019-10-15 2020-01-07 北京翼辉信息技术有限公司 Method and device for intelligently connecting electronic equipment with network and storage medium
CN112822681A (en) * 2019-10-29 2021-05-18 中移物联网有限公司 Network security detection method and device, floor sweeping robot and gateway
CN112995156B (en) * 2021-02-09 2023-05-26 江苏信息职业技术学院 Wireless network security detection device and method
CN114465789A (en) * 2022-01-21 2022-05-10 成都全景智能科技有限公司 Analysis method, device and equipment for network rubbing equipment and storage medium
CN114679738B (en) * 2022-03-24 2023-01-24 中咨数据有限公司 Network communication signal abnormity diagnosis and analysis method, equipment and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102318314A (en) * 2011-07-29 2012-01-11 华为技术有限公司 Method and devices for handling access authorities
CN103813368A (en) * 2012-11-12 2014-05-21 中国移动通信集团公司 Method, device and system for monitoring network running states
CN104038929A (en) * 2014-05-09 2014-09-10 宇龙计算机通信科技(深圳)有限公司 Network access anomaly identification method and network access anomaly identification device
CN105163335A (en) * 2015-07-31 2015-12-16 腾讯科技(深圳)有限公司 Network access management method, network access server, mobile terminal and network access management system
CN106412901A (en) * 2016-10-28 2017-02-15 上海斐讯数据通信技术有限公司 Network-loitering prevention wireless routing method and system
CN107094088A (en) * 2016-11-10 2017-08-25 腾讯科技(深圳)有限公司 A kind of loiter network device identification method, device and system
CN107182094A (en) * 2017-06-01 2017-09-19 深圳天珑无线科技有限公司 Wireless network connecting method, terminal and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9578583B2 (en) * 2013-08-12 2017-02-21 Telefonaktiebolaget Lm Ericsson (Publ) Handover improvement for high speed user equipment in LTE

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102318314A (en) * 2011-07-29 2012-01-11 华为技术有限公司 Method and devices for handling access authorities
CN103813368A (en) * 2012-11-12 2014-05-21 中国移动通信集团公司 Method, device and system for monitoring network running states
CN104038929A (en) * 2014-05-09 2014-09-10 宇龙计算机通信科技(深圳)有限公司 Network access anomaly identification method and network access anomaly identification device
CN105163335A (en) * 2015-07-31 2015-12-16 腾讯科技(深圳)有限公司 Network access management method, network access server, mobile terminal and network access management system
CN106412901A (en) * 2016-10-28 2017-02-15 上海斐讯数据通信技术有限公司 Network-loitering prevention wireless routing method and system
CN107094088A (en) * 2016-11-10 2017-08-25 腾讯科技(深圳)有限公司 A kind of loiter network device identification method, device and system
CN107182094A (en) * 2017-06-01 2017-09-19 深圳天珑无线科技有限公司 Wireless network connecting method, terminal and storage medium

Also Published As

Publication number Publication date
CN108092970A (en) 2018-05-29

Similar Documents

Publication Publication Date Title
CN108092970B (en) Wireless network maintenance method and equipment, storage medium and terminal thereof
US8832796B2 (en) Wireless communication terminal, method for protecting data in wireless communication terminal, program for having wireless communication terminal protect data, and recording medium storing the program
CN111274583A (en) Big data computer network safety protection device and control method thereof
US9369476B2 (en) System for detection of mobile applications network behavior-netwise
US10291630B2 (en) Monitoring apparatus and method
US20130333039A1 (en) Evaluating Whether to Block or Allow Installation of a Software Application
CN105939326B (en) Method and device for processing message
US20110314549A1 (en) Method and apparatus for periodic context-aware authentication
US20160065594A1 (en) Intrusion detection platform
KR101574027B1 (en) System for blocking harmful program of smartphones
US20140150049A1 (en) Method and apparatus for controlling management of mobile device using security event
US10965680B2 (en) Authority management method and device in distributed environment, and server
US11489832B2 (en) Communication control apparatus, communication control method, and communication control program
US20190028493A1 (en) Attack monitoring system and attack monitoring method
KR101964148B1 (en) Wire and wireless access point for analyzing abnormal action based on machine learning and method thereof
US20100223668A1 (en) Apparatus and method for managing terminal users
KR101731312B1 (en) Method, device and computer readable recording medium for searching permission change of application installed in user's terminal
JP2010026662A (en) Information leakage prevention system
US20220086645A1 (en) System and method for rogue device detection
US20170171188A1 (en) Non-transitory computer-readable recording medium, access monitoring method, and access monitoring apparatus
CN109547427B (en) Blacklist user identification method and device, computer equipment and storage medium
CN109815702B (en) Software behavior safety detection method, device and equipment
US10542434B2 (en) Evaluating as to whether or not a wireless terminal is authorized
US11843946B2 (en) Device-specific wireless access point password authentication
KR101915718B1 (en) PS-LTE terminal device and PS-LTE communication network security method and system thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant