Automated classification of applications for mobile devices

US 9,152,694 B1
Filed: 02/19/2014
Issued: 10/06/2015
Est. Priority Date: 06/17/2013
Status: Active Grant

First Claim

Patent Images

1. A system for automated classification of applications (“

apps”

) for mobile devices, comprising;

a processor configured to;

receive an application (“

app”

);

perform an analysis of the app using a classification engine, wherein the performing of the analysis of the app comprises;

extract data from the app, the data including an image, a string, a keyword and phrase, an uniform resource locator (URL), an email address, a phone number, a database, a Software Development Kit (SDK) in use, or any combination thereof; and

classify the app based on the extracted data and app behavior, the app behavior including perform location tracking, access a contact or address book on a mobile device, access a social app or Application Programming Interface (API), access a device microphone or camera, access a feature or function of the mobile device or operating system platform in a manner that is not consistent or in compliance with permissions granted to the app by a user or the mobile device, or any combination thereof;

determine an app category for the app based on the analysis performed using the classification engine, comprising;

determine whether a network activity of the app matches a network activity of another app, wherein the network activity includes hostname, the URL, Internet Protocol (IP), or any combination thereof; and

in the event that the network activity of the app matches the network activity of the other app, classify the app category for the app to be a category of the other app;

determine whether the app is to be placed on a blacklist with respect to the determined app category based on the determined app category, comprising;

compare the app behavior with a list of unsafe behaviors associated the app category, wherein one behavior is in a list of unsafe behaviors associated with a first app category and the same one behavior is in a list of safe behaviors associated with a second app category; and

in the event that the app behavior matches a behavior on the list of unsafe behaviors associated the app category, classify the app to be placed on the blacklist with respect to the app category; and

in the event that a new version of the app has new content or behavior that changes a classification of the app, violates an app policy, or a combination thereof, create a new entry within a database to record how the app has changed in the new version and how the new content or behavior has triggered a new or additional app classification, a new or additional app policy violation, or a combination thereof; and

a memory coupled to the processor and configured to provide the processor with instructions.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Automated classification of applications (“apps”) for mobile devices is provided. In some embodiments, automated classification of apps for mobile devices includes receiving an application (“app”); performing an analysis of the app using a classification engine; and determining an app category for the app based on the analysis performed using the classification engine.

Citations

14 Claims

1. A system for automated classification of applications (“
- apps”
  
  ) for mobile devices, comprising;
  
  a processor configured to;
  
  receive an application (“
  
  app”
  
  );
  
  perform an analysis of the app using a classification engine, wherein the performing of the analysis of the app comprises;
  
  extract data from the app, the data including an image, a string, a keyword and phrase, an uniform resource locator (URL), an email address, a phone number, a database, a Software Development Kit (SDK) in use, or any combination thereof; and
  
  classify the app based on the extracted data and app behavior, the app behavior including perform location tracking, access a contact or address book on a mobile device, access a social app or Application Programming Interface (API), access a device microphone or camera, access a feature or function of the mobile device or operating system platform in a manner that is not consistent or in compliance with permissions granted to the app by a user or the mobile device, or any combination thereof;
  
  determine an app category for the app based on the analysis performed using the classification engine, comprising;
  
  determine whether a network activity of the app matches a network activity of another app, wherein the network activity includes hostname, the URL, Internet Protocol (IP), or any combination thereof; and
  
  in the event that the network activity of the app matches the network activity of the other app, classify the app category for the app to be a category of the other app;
  
  determine whether the app is to be placed on a blacklist with respect to the determined app category based on the determined app category, comprising;
  
  compare the app behavior with a list of unsafe behaviors associated the app category, wherein one behavior is in a list of unsafe behaviors associated with a first app category and the same one behavior is in a list of safe behaviors associated with a second app category; and
  
  in the event that the app behavior matches a behavior on the list of unsafe behaviors associated the app category, classify the app to be placed on the blacklist with respect to the app category; and
  
  in the event that a new version of the app has new content or behavior that changes a classification of the app, violates an app policy, or a combination thereof, create a new entry within a database to record how the app has changed in the new version and how the new content or behavior has triggered a new or additional app classification, a new or additional app policy violation, or a combination thereof; and
  
  a memory coupled to the processor and configured to provide the processor with instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system recited in claim 1, wherein the processor is further configured to:
    - generate a report with at least one app categorization for the app.
  - 3. The system recited in claim 1, wherein the processor is further configured to:
    - generate a report with at least one app categorization for the app, wherein the report includes at least one suggested app for the app category as an alternative to the app that is not approved for the app category.
  - 4. The system recited in claim 1, wherein the processor is further configured to:
    - generate a report with at least one app categorization, wherein the app is not approved based on an app policy, and wherein the report includes at least one suggested app for the app category based on the app policy.
  - 5. The system recited in claim 1, wherein the processor is further configured to:
    - generate a report with at least one app categorization, wherein the app is not approved based on an enterprise app policy, and wherein the report includes at least one suggested app for the app category based on the enterprise app policy.
  - 6. The system recited in claim 1, wherein the processor is further configured to:
    - generate a report with at least one app categorization, wherein the app is not approved based on an enterprise app policy, wherein the report includes at least one suggested app for the app category based on the enterprise app policy, and wherein the enterprise app policy is configurable by an enterprise for managing apps on mobile devices associated with the enterprise.
  - 7. The system recited in claim 1, wherein the processor is further configured to:
    - generate a report with at least one app categorization, wherein the app is not approved based on an app policy, wherein the report includes at least one suggested app for the app category based on the app policy, wherein the app is a blacklisted app for the app category based on the app policy, and the at least one suggested app for the app category is a whitelisted app for the app category based on the app policy.
  - 8. The system recited in claim 1, wherein the app category includes business, calendar, electronic mail (e-mail), file sharing, cloud storage, games, maps, messaging, music, office productivity, photo, social video, web browser, or any combination thereof.
  - 9. The system recited in claim 1, wherein:
    - the performing of the analysis of the app further comprises;
      
      compare a category of an associated market page from which the app was downloaded from an app store and the determined app category for the app; and
      
      in the event that the category of the associated market page and the determined app category for the app are different, send a request to the app store to re-categorize the category of the associated market page in the app store to the determined app category.
  - 10. The system recited in claim 1, wherein in the event that the app behavior matches a behavior on the list of safe behaviors associated the app category, classifying the app to be placed on a whitelist with respect to the app category.

11. A method of automated classification of applications (“
- apps”
  
  ) for mobile devices, comprising;
  
  receiving an application (“
  
  app”
  
  );
  
  performing an analysis of the app using a classification engine executed on a processor, wherein the performing of the analysis of the app comprises;
  
  extracting data from the app, the data including an image, a string, a keyword and phrase, an uniform resource locator (URL), an email address, a phone number, a database, a Software Development Kit (SDK) in use, or any combination thereof; and
  
  classifying the app based on the extracted data and app behavior, the app behavior including perform location tracking, access a contact or address book on a mobile device, access a social app or Application Programming Interface (API), access a device microphone or camera, access a feature or function of the mobile device or operating system platform in a manner that is not consistent or in compliance with permissions granted to the app by a user or the mobile device, or any combination thereof; and
  
  determining an app category for the app based on the analysis performed using the classification engine, comprising;
  
  determining whether a network activity of the app matches a network activity of another app, wherein the network activity includes hostname, the URL, Internet Protocol (IP), or any combination thereof;
  
  in the event that the network activity of the app matches the network activity of the other app, classifying the app category for the app to be a category of the other app;
  
  determining whether the app is to be placed on a blacklist with respect to the determined app category based on the determined app category, comprising;
  
  comparing the app behavior with a list of unsafe behaviors associated the app category, wherein one behavior is in a list of unsafe behaviors associated with a first app category and the same one behavior is in a list of safe behaviors associated with a second app category; and
  
  in the event that the app behavior matches a behavior on the list of unsafe behaviors associated the app category, classifying the app to be placed on the blacklist with respect to the app category; and
  
  in the event that a new version of the app has new content or behavior that changes a classification of the app, violates an app policy, or a combination thereof, creating a new entry within a database to record how the app has changed in the new version and how the new content or behavior has triggered a new or additional app classification, a new or additional app policy violation, or a combination thereof.
- View Dependent Claims (12)
- - 12. The method of claim 11, further comprising:
    - generating a report with at least one app categorization for the app.

13. A computer program product for automated classification of applications (“
- apps”
  
  ) for mobile devices, the computer program product being embodied in a tangible non-transitory computer readable storage medium and comprising computer instructions for;
  
  receiving an application (“
  
  app”
  
  );
  
  performing an analysis of the app using a classification engine, wherein the performing of the analysis of the app comprises;
  
  extracting data from the app, the data including an image, a string, a keyword and phrase, an uniform resource locator (URL), an email address, a phone number, a database, a Software Development Kit (SDK) in use, or any combination thereof; and
  
  classifying the app based on the extracted data and app behavior, the app behavior including perform location tracking, access a contact or address book on a mobile device, access a social app or Application Programming Interface (API), access a device microphone or camera, access a feature or function of the mobile device or operating system platform in a manner that is not consistent or in compliance with permissions granted to the app by a user or the mobile device, or any combination thereof; and
  
  determining an app category for the app based on the analysis performed using the classification engine, comprising;
  
  determining whether a network activity of the app matches a network activity of another app, wherein the network activity includes hostname, the URL, Internet Protocol (IP), or any combination thereof;
  
  in the event that the network activity of the app matches the network activity of the other app, classifying the app category for the app to be a category of the other app;
  
  determining whether the app is to be placed on a blacklist with respect to the determined app category based on the determined app category, comprising;
  
  comparing the app behavior with a list of unsafe behaviors associated the app category, wherein one behavior is in a list of unsafe behaviors associated with a first app category and the same one behavior is in a list of safe behaviors associated with a second app category; and
  
  in the event that the app behavior matches a behavior on the list of unsafe behaviors associated the app category, classifying the app to be placed on the blacklist with respect to the app category; and
  
  in the event that a new version of the app has new content or behavior that changes a classification of the app, violates an app policy, or a combination thereof, creating a new entry within a database to record how the app has changed in the new version and how the new content or behavior has triggered a new or additional app classification, a new or additional app policy violation, or a combination thereof.
- View Dependent Claims (14)
- - 14. The computer program product recited in claim 13, further comprising computer instructions for:
    - generating a report with at least one app categorization for the app.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Appthority Incorporated (Gen Digital Inc.)
Inventors
Watkins, Kevin, Padidar, Sasan, Hanna, Steve
Primary Examiner(s)
Vy, Hung T

Application Number

US14/184,353
Time in Patent Office

594 Days
Field of Search

707/740, 707/737, 709/224, 709/203, 709/223, 706/12, 723/22, 726/22, 726/23, 726/25
US Class Current

1/1
CPC Class Codes

G06F 16/285   Clustering or classification

G06F 21/51   at application loading time...

G06F 2221/033   Test or assess software

H04L 63/101   Access control lists [ACL]

H04L 63/105   Multiple levels of security

H04L 63/1425   Traffic logging, e.g. anoma...

Automated classification of applications for mobile devices

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Automated classification of applications for mobile devices

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links