Information interception processing method, terminal, and computer storage medium
First Claim
1. A method for information interception processing, the method comprising:
- starting, by a device comprising a memory and a processor in communication with the memory, a first application;
extracting, by the device, an application list of applications that need to be intercepted;
separately configuring, by the device, an interception policy for each respective to-be-intercepted application in the application list;
obtaining, by the device, a network request sent by a respective to-be-intercepted application;
when the first application enters an interception mode;
monitoring, by the device, according to an interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application,obtaining, by the device, through matching, communication information that conforms to the interception policy, the communication information being associated with the network request,matching, by the device, the communication information with a preset policy, andwhen it is determined, through matching, that the communication information is specified target information corresponding to the preset policy;
intercepting, by the device, the network request, andlocating and tracing, by the device, the respective to-be-intercepted application that sends the network request; and
wherein, when the first application enters the interception mode, monitoring, by the device according to the interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application and obtaining, by the device through matching, the communication information being associated with the network request comprise;
monitoring, by the device, interactions of network requests in X target processes, to capture the network request, X being a natural number greater than 1,setting, by the device, hook functions in a first function sendto and a second function recvfrom that are used for representing a request message forwarding node,generating, by the device, a first monitoring function hook_sendto and a second monitoring function hook_recvfrom that are used for monitoring interactions of network requests,using, by the device, the first monitoring function hook_sendto and the second monitoring function hook_recvfrom as a monitoring detection interface, andobtaining, by the device, the communication information according to the monitoring detection interface.
1 Assignment
0 Petitions
Accused Products
Abstract
An information interception method, a terminal, and a computer storage medium are disclosed. The method includes: starting a first application, extracting an application list of applications that need to be intercepted, and separately configuring an interception policy for each to-be-intercepted application in the application list; obtaining a network request sent by a to-be-intercepted application, and monitoring, when the first application enters an interception mode, according to the configured interception policy, the network request sent by the to-be-intercepted application, to obtain, through matching, communication information that conforms to the interception policy, where the communication information is associated with the network request; and matching the communication information with a preset policy, when the communication information is specified target information corresponding to the preset policy, intercepting the network request and locating and tracing the to-be-intercepted application that sends the network request.
-
Citations
14 Claims
-
1. A method for information interception processing, the method comprising:
-
starting, by a device comprising a memory and a processor in communication with the memory, a first application; extracting, by the device, an application list of applications that need to be intercepted; separately configuring, by the device, an interception policy for each respective to-be-intercepted application in the application list; obtaining, by the device, a network request sent by a respective to-be-intercepted application; when the first application enters an interception mode; monitoring, by the device, according to an interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application, obtaining, by the device, through matching, communication information that conforms to the interception policy, the communication information being associated with the network request, matching, by the device, the communication information with a preset policy, and when it is determined, through matching, that the communication information is specified target information corresponding to the preset policy; intercepting, by the device, the network request, and locating and tracing, by the device, the respective to-be-intercepted application that sends the network request; and wherein, when the first application enters the interception mode, monitoring, by the device according to the interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application and obtaining, by the device through matching, the communication information being associated with the network request comprise; monitoring, by the device, interactions of network requests in X target processes, to capture the network request, X being a natural number greater than 1, setting, by the device, hook functions in a first function sendto and a second function recvfrom that are used for representing a request message forwarding node, generating, by the device, a first monitoring function hook_sendto and a second monitoring function hook_recvfrom that are used for monitoring interactions of network requests, using, by the device, the first monitoring function hook_sendto and the second monitoring function hook_recvfrom as a monitoring detection interface, and obtaining, by the device, the communication information according to the monitoring detection interface. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A terminal, comprising:
-
a memory storing instructions; a processor in communication with the memory, wherein, when the processor executes the instructions, the processor is configured to cause the terminal to; start a first application, extract an application list of applications that need to be intercepted, separately configure an interception policy for each respective to-be-intercepted application in the application list, obtain a network request sent by a respective to-be-intercepted application, when the first application enters an interception mode; monitor, according to an interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application, obtain, through matching, communication information that conforms to the interception policy, the communication information being associated with the network request, match the communication information with a preset policy, and when it is determined, through matching, that the communication information is specified target information corresponding to the preset policy; intercept the network request, and locate and trace the respective to-be-intercepted application that sends the network request; and wherein, when the first application enters the interception mode, and the processor is configured to cause the terminal to monitor, according to the interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application and obtain, through matching, the communication information being associated with the network request, the processor is configured to cause the terminal to; monitor interactions of network requests in X target processes, to capture the network request, X being a natural number greater than 1, set hook functions in a first function sendto and a second function recvfrom that are used for representing a request message forwarding node, generate a first monitoring function hook_sendto and a second monitoring function hook_recvfrom that are used for monitoring interactions of network requests, use the first monitoring function hook_sendto and the second monitoring function hook_recvfrom as a monitoring detection interface, and obtain the communication information according to the monitoring detection interface. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer readable storage medium storing instructions, the instructions, when executed by a processor, causing the processor to perform:
-
starting a first application; extracting an application list of applications that need to be intercepted; separately configuring an interception policy for each respective to-be-intercepted application in the application list; obtaining a network request sent by a respective to-be-intercepted application; when the first application enters an interception mode; monitoring according to an interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application, obtaining through matching, communication information that conforms to the interception policy, the communication information being associated with the network request, matching the communication information with a preset policy, and when it is determined, through matching, that the communication information is specified target information corresponding to the preset policy; intercepting the network request, and locating and tracing the respective to-be-intercepted application that sends the network request; and wherein, when the first application enters an interception mode, and the instructions cause the processor to perform monitoring according to an interception policy of the respective to-be-intercepted application, the network request sent by the respective to-be-intercepted application, and obtaining through matching, communication information that conforms to the interception policy, the communication information being associated with the network request, the instructions cause the processor to perform; monitoring interactions of network requests in X target processes, to capture the network request, X being a natural number greater than 1, setting hook functions in a first function sendto and a second function recvfrom that are used for representing a request message forwarding node, generating a first monitoring function hook_sendto and a second monitoring function hook_recvfrom that are used for monitoring interactions of network requests, using the first monitoring function hook_sendto and the second monitoring function hook_recvfrom as a monitoring detection interface, and obtaining the communication information according to the monitoring detection interface. - View Dependent Claims (12, 13, 14)
-
Specification