Install-Time Security Analysis of Mobile Applications

US 20180039774A1
Filed: 08/08/2016
Published: 02/08/2018
Est. Priority Date: 08/08/2016
Status: Active Grant

First Claim

Patent Images

1. A method for performing online security analysis, the method comprising:

installing an analysis agent on a mobile device;

the analysis agent monitoring the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device;

in response to the initiation of installation, the analysis agent;

quarantining a set of resources corresponding to the new application;

analyzing the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and

,in response to determining that at least one of the potential security threat or the security misconfiguration exists, generating an alert for informing a user that the potential security threat or the security misconfiguration exists.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Online security analysis is provided by installing an analysis agent on a mobile device. The analysis agent monitors the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device. In response to the initiation of installation, the analysis agent quarantines a set of resources corresponding to the new application; analyzes the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and, in response to determining that at least one of the potential security threat or the security misconfiguration exists, generates an alert for informing a user that the potential security threat or the security misconfiguration exists.

Citations

20 Claims

1. A method for performing online security analysis, the method comprising:
- installing an analysis agent on a mobile device;
  
  the analysis agent monitoring the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device;
  
  in response to the initiation of installation, the analysis agent;
  
  quarantining a set of resources corresponding to the new application;
  
  analyzing the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and
  
  ,in response to determining that at least one of the potential security threat or the security misconfiguration exists, generating an alert for informing a user that the potential security threat or the security misconfiguration exists.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 further comprising the mobile device executing the analysis agent as a background service.
  - 3. The method of claim 1 wherein analyzing the set of resources further comprises using a model number for the mobile device.
  - 4. The method of claim 1 wherein analyzing the set of resources further comprises determining a set of existing applications that are already installed on the mobile device.
  - 5. The method of claim 1 further comprising, in response to the alert, receiving a response from a user indicative that the new application should be installed.
  - 6. The method of claim 5 further comprising the analysis agent editing one or more portions of software code of the new application, or editing the quarantined set of resources, to remove the potential security threat or the security misconfiguration.
  - 7. The method of claim 1 wherein analyzing the quarantined set of resources further comprises determining at least one of whether or not a confidentiality of data is protected within the new application, whether or not the new application will be available on demand, or whether or not data integrity is preserved within the new application.

8. A computer program product for performing online security analysis comprises a computer-readable storage medium having a computer-readable analysis agent program stored therein, wherein the computer-readable analysis agent program, when executed on a mobile device, causes the mobile device to perform:
- monitoring to detect an initiation of installation for a new application that is to be installed on the mobile device;
  
  in response to the initiation of installation, the analysis agent program;
  
  quarantining a set of resources corresponding to the new application;
  
  analyzing the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and
  
  ,in response to determining that at least one of the potential security threat or the security misconfiguration exists, generating an alert for informing a user that the potential security threat or the security misconfiguration exists.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product of claim 8 further configured for execution as a background service.
  - 10. The computer program product of claim 8 further configured for analyzing the set of resources using a model number for the mobile device.
  - 11. The computer program product of claim 8 further configured for analyzing the set of resources by determining a set of existing applications that are already installed on the mobile device.
  - 12. The computer program product of claim 8 further configured for receiving a response from a user, in response to the alert, indicative that the new application should be installed.
  - 13. The computer program product of claim 12 further configured for editing one or more portions of software code of the new application, or editing the quarantined set of resources, to remove the potential security threat or the security misconfiguration.
  - 14. The computer program product of claim 8 further configured for analyzing the quarantined set of resources by determining at least one of whether or not a confidentiality of data is protected within the new application, whether or not the new application will be available on demand, or whether or not data integrity is preserved within the new application.

15. An apparatus for performing online security analysis, the apparatus comprising a processor and a memory coupled to the processor, wherein the memory comprises instructions which, when executed by the processor, cause the processor to perform:
- installing an analysis agent on a mobile device;
  
  the analysis agent monitoring the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device;
  
  in response to the initiation of installation, the analysis agent;
  
  quarantining a set of resources corresponding to the new application;
  
  applying the analysis agent to the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and
  
  in response to determining that at least one of the potential security threat or the security misconfiguration exists, generating an alert for informing a user that the potential security threat or the security misconfiguration exists.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The apparatus of claim 15 further configured for execution as a background service, and further configured for analyzing the set of resources using a model number for the mobile device.
  - 17. The apparatus of claim 15 further configured for analyzing the set of resources by determining a set of existing applications that are already installed on the mobile device.
  - 18. The apparatus of claim 15 further configured for receiving a response from a user, in response to the alert, indicative that the new application should be installed.
  - 19. The apparatus of claim 18 further configured for editing one or more portions of software code of the new application, or editing the quarantined set of resources, to remove the potential security threat or the security misconfiguration.
  - 20. The apparatus of claim 15 further configured for analyzing the quarantined set of resources by determining at least one of whether or not a confidentiality of data is protected within the new application, whether or not the new application will be available on demand, or whether or not data integrity is preserved within the new application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Dolby, Julian T., Ferrara, Pietro, Pistoia, Marco, Tripp, Omer

Granted Patent

US 10,621,333 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/51 at application loading time...

G06F 2221/033 Test or assess software

Install-Time Security Analysis of Mobile Applications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Install-Time Security Analysis of Mobile Applications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links