Install-time security analysis of mobile applications

US 10,621,333 B2
Filed: 08/08/2016
Issued: 04/14/2020
Est. Priority Date: 08/08/2016
Status: Active Grant

First Claim

Patent Images

1. A method for performing online security analysis, the method comprising:

installing, using a hardware processor of a mobile device, an analysis agent on a mobile device;

the analysis agent configuring the hardware processor for monitoring the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device;

in response to the initiation of installation, the hardware processor;

quarantining, at the mobile device, a set of resources corresponding to the new application;

analyzing, at the mobile device, the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists, said analyzing the set of resources further comprising;

determining a set of existing applications that are already installed and running on the mobile device at a time of analysis and that interact, and further determining, at the mobile device, presence of any restraints in handling unexpected text, data or numbers rendering the new application at the mobile device unavailable to rapidly process inbound and outbound transactions on demand; and

in response to determining that the new application is unavailable on demand, generating, by the hardware processor, an alert via user interface at said mobile device for informing a user that the potential security threat or the security misconfiguration exists.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Online security analysis is provided by installing an analysis agent on a mobile device. The analysis agent monitors the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device. In response to the initiation of installation, the analysis agent quarantines a set of resources corresponding to the new application; analyzes the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and, in response to determining that at least one of the potential security threat or the security misconfiguration exists, generates an alert for informing a user that the potential security threat or the security misconfiguration exists.

66 Citations

17 Claims

1. A method for performing online security analysis, the method comprising:
- installing, using a hardware processor of a mobile device, an analysis agent on a mobile device;
  
  the analysis agent configuring the hardware processor for monitoring the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device;
  
  in response to the initiation of installation, the hardware processor;
  
  quarantining, at the mobile device, a set of resources corresponding to the new application;
  
  analyzing, at the mobile device, the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists, said analyzing the set of resources further comprising;
  
  determining a set of existing applications that are already installed and running on the mobile device at a time of analysis and that interact, and further determining, at the mobile device, presence of any restraints in handling unexpected text, data or numbers rendering the new application at the mobile device unavailable to rapidly process inbound and outbound transactions on demand; and
  
  in response to determining that the new application is unavailable on demand, generating, by the hardware processor, an alert via user interface at said mobile device for informing a user that the potential security threat or the security misconfiguration exists.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 further comprising the mobile device executing the analysis agent as a background service.
  - 3. The method of claim 1 wherein analyzing the set of resources further comprises using a model number for the mobile device.
  - 4. The method of claim 1 further comprising, in response to the alert, receiving a response from a user indicative that the new application should be installed.
  - 5. The method of claim 4 further comprising the analysis agent editing one or more portions of software code of the new application, or editing the quarantined set of resources, to remove the potential security threat or the security misconfiguration.
  - 6. The method of claim 1 wherein analyzing the quarantined set of resources further comprises determining at least one of whether or not a confidentiality of data is protected within the new application, or whether or not data integrity is preserved within the new application.

7. A computer program product for performing online security analysis comprises a computer-readable storage medium having a computer-readable analysis agent program stored therein, wherein the computer-readable analysis agent program, when executed on a mobile device, causes the mobile device to perform:
- monitoring to detect an initiation of installation for a new application that is to be installed on the mobile device;
  
  in response to the initiation of installation, the analysis agent program;
  
  quarantining, at the mobile device, a set of resources corresponding to the new application;
  
  analyzing, at the mobile device, the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists, said analyzing the set of resources further comprising;
  
  determining a set of existing applications that are already installed and running on the mobile device at a time of analysis and that interact, and further determining, at the mobile device, presence of any restraints in handling unexpected text, data or numbers rendering the new application at the mobile device unavailable to rapidly process inbound and outbound transactions on demand; and
  
  in response to determining that the new application is unavailable on demand, generating an alert for informing a user that the potential security threat or the security misconfiguration exists.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The computer program product of claim 7 further configured for execution as a background service.
  - 9. The computer program product of claim 7 further configured for analyzing the set of resources using a model number for the mobile device.
  - 10. The computer program product of claim 7 further configured for receiving a response from a user, in response to the alert, indicative that the new application should be installed.
  - 11. The computer program product of claim 10 further configured for editing one or more portions of software code of the new application, or editing the quarantined set of resources, to remove the potential security threat or the security misconfiguration.
  - 12. The computer program product of claim 7 further configured for analyzing the quarantined set of resources by determining at least one of whether or not a confidentiality of data is protected within the new application, or whether or not data integrity is preserved within the new application.

13. An apparatus for performing online security analysis, the apparatus comprising a processor and a memory coupled to the processor, wherein the memory comprises instructions which, when executed by the processor, cause the processor to perform:
- installing an analysis agent on a mobile device;
  
  the analysis agent monitoring the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device;
  
  in response to the initiation of installation, the analysis agent;
  
  quarantining, at the mobile device, a set of resources corresponding to the new application;
  
  applying, at the mobile device, the analysis agent to the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists, said analyzing the set of resources further comprising;
  
  determining a set of existing applications that are already installed and running on the mobile device at a time of analysis and that interact, and further determining, at the mobile device, presence of any restraints in handling unexpected text, data or numbers rendering the new application at the mobile device unavailable to rapidly process inbound and outbound transactions on demand; and
  
  in response to determining that the new application is unavailable on demand, generating an alert for informing a user that the potential security threat or the security misconfiguration exists.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The apparatus of claim 13 further configured for execution as a background service, and further configured for analyzing the set of resources using a model number for the mobile device.
  - 15. The apparatus of claim 13 further configured for receiving a response from a user, in response to the alert, indicative that the new application should be installed.
  - 16. The apparatus of claim 15 further configured for editing one or more portions of software code of the new application, or editing the quarantined set of resources, to remove the potential security threat or the security misconfiguration.
  - 17. The apparatus of claim 13 further configured for analyzing the quarantined set of resources by determining at least one of whether or not a confidentiality of data is protected within the new application, or whether or not data integrity is preserved within the new application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Dolby, Julian T., Ferrara, Pietro, Pistoia, Marco, Tripp, Omer
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Ahmed, Mahabub S

Application Number

US15/231,093
Publication Number

US 20180039774A1
Time in Patent Office

1,345 Days
Field of Search

726 23
US Class Current
CPC Class Codes

G06F 21/51 at application loading time...

G06F 2221/033 Test or assess software

Install-time security analysis of mobile applications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

66 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Install-time security analysis of mobile applications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links