DETECTION AND PREVENTION OF INSTALLATION OF MALICIOUS MOBILE APPLICATIONS
First Claim
1. A non-transitory computer readable medium comprising computer executable instructions stored thereon to cause a processor to:
- intercept a request to install an application on a mobile device;
generate a key that uniquely identifies the application;
send the key over a network connection to a server application;
receive a response over the network connection indicating a status of the application; and
block an installation of the application on the mobile device when the status indicates the application is malicious.
10 Assignments
0 Petitions
Accused Products
Abstract
A combination of shim and back-end server applications may be used to identify and block the installation of malicious applications on mobile devices. In practice, a shim application registers with a mobile device'"'"'s operating system to intercept application installation operations. Upon intercepting an attempted installation operation, the shim application identifies the application seeking to be installed, generates a key uniquely identifying the application, and transmits the key over a network connection to a back-end server. The back-end server may be configured to crawl the Internet to identify malicious applications and compile and maintain a database of such applications. Upon receiving a key from the shim application, the back-end server can search its database to locate a matching application and, if found, respond to the mobile device with the application'"'"'s status (e.g., malicious or not). The shim application can utilize this information to allow or block installation of the application.
95 Citations
20 Claims
-
1. A non-transitory computer readable medium comprising computer executable instructions stored thereon to cause a processor to:
-
intercept a request to install an application on a mobile device; generate a key that uniquely identifies the application; send the key over a network connection to a server application; receive a response over the network connection indicating a status of the application; and block an installation of the application on the mobile device when the status indicates the application is malicious. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method, comprising:
-
intercepting, utilizing a processor in a mobile device, a request to install an application on the mobile device; generating, utilizing the processor, a key that uniquely identifies the application; sending, utilizing the processor, the key over a network connection to a server application; receiving, utilizing the processor, a response over the network connection indicating a status of the application; and blocking, utilizing the processor, an installation of the application when the status indicates that the application is malicious. - View Dependent Claims (14, 15)
-
-
16. A mobile device, comprising:
-
a memory; a network interface; and a processor operatively coupled to the memory and the network interface, the processor adapted to execute program code stored in the memory to; intercept a request to install a mobile application on the mobile device; generate a key that uniquely identifies the mobile application; send the key, utilizing the network interface, to a server application; receive a response, utilizing the network interface, indicating a status of the mobile application; and block an installation of the mobile application on the mobile device when the status indicates that the mobile application is malicious.
-
-
17. A method to identify a status of an application, comprising:
-
receiving, at a server application executing on a back-end server processor, an application identifier from a mobile device over a network connection; utilizing, by the server application, the application identifier to determine a status of the application from a database of records including a plurality of analyzed applications; sending, by the server application, the status of the application to the mobile device over the network connection. - View Dependent Claims (18, 19, 20)
-
Specification