Install-Time Security Analysis of Mobile Applications
First Claim
1. A method for performing online security analysis, the method comprising:
- installing an analysis agent on a mobile device;
the analysis agent monitoring the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device;
in response to the initiation of installation, the analysis agent;
quarantining a set of resources corresponding to the new application;
analyzing the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and
,in response to determining that at least one of the potential security threat or the security misconfiguration exists, generating an alert for informing a user that the potential security threat or the security misconfiguration exists.
1 Assignment
0 Petitions
Accused Products
Abstract
Online security analysis is provided by installing an analysis agent on a mobile device. The analysis agent monitors the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device. In response to the initiation of installation, the analysis agent quarantines a set of resources corresponding to the new application; analyzes the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and, in response to determining that at least one of the potential security threat or the security misconfiguration exists, generates an alert for informing a user that the potential security threat or the security misconfiguration exists.
-
Citations
20 Claims
-
1. A method for performing online security analysis, the method comprising:
-
installing an analysis agent on a mobile device; the analysis agent monitoring the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device; in response to the initiation of installation, the analysis agent; quarantining a set of resources corresponding to the new application; analyzing the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and
,in response to determining that at least one of the potential security threat or the security misconfiguration exists, generating an alert for informing a user that the potential security threat or the security misconfiguration exists. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product for performing online security analysis comprises a computer-readable storage medium having a computer-readable analysis agent program stored therein, wherein the computer-readable analysis agent program, when executed on a mobile device, causes the mobile device to perform:
-
monitoring to detect an initiation of installation for a new application that is to be installed on the mobile device; in response to the initiation of installation, the analysis agent program; quarantining a set of resources corresponding to the new application; analyzing the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and
,in response to determining that at least one of the potential security threat or the security misconfiguration exists, generating an alert for informing a user that the potential security threat or the security misconfiguration exists. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for performing online security analysis, the apparatus comprising a processor and a memory coupled to the processor, wherein the memory comprises instructions which, when executed by the processor, cause the processor to perform:
-
installing an analysis agent on a mobile device; the analysis agent monitoring the mobile device to detect an initiation of installation for a new application that is to be installed on the mobile device; in response to the initiation of installation, the analysis agent; quarantining a set of resources corresponding to the new application; applying the analysis agent to the set of resources to determine whether or not at least one of a potential security threat or a security misconfiguration exists; and in response to determining that at least one of the potential security threat or the security misconfiguration exists, generating an alert for informing a user that the potential security threat or the security misconfiguration exists. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification