CN103544046A - Mobile application software reinforcement method - Google Patents
Mobile application software reinforcement method Download PDFInfo
- Publication number
- CN103544046A CN103544046A CN201310509543.1A CN201310509543A CN103544046A CN 103544046 A CN103544046 A CN 103544046A CN 201310509543 A CN201310509543 A CN 201310509543A CN 103544046 A CN103544046 A CN 103544046A
- Authority
- CN
- China
- Prior art keywords
- application program
- virtual machine
- application
- miniature virtual
- design method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a mobile application software reinforcement method which includes the steps of firstly, customizing a Dalvik miniature virtual machine according to preset safety requirements; secondly, integrating the miniature virtual machine to an application program to allow the miniature virtual machine to be part of the application program and have the highest operation priority; thirdly, operating the miniature virtual machine before operating the application program to perform safety check or verification on the whole application program, and operating the functional modules of the application program after the safety check or verification is passed. By the method, the customized miniature virtual machine integrated in the application program preferentially detects safety of the application program and the operation environments, the application program can be effectively prevented from being illegally cracked or reversed, application program safety under an Android system is increased, personal sensitive data of a user is protected, and confidentiality of commercial software is guaranteed.
Description
Technical field
The present invention relates to the resist technology of application program in a kind of Android system; by customizing virtual machine technology, ensure the safety of application program running environment; and then realizing the safety of application program itself, the method can be applicable in the application development flow process of Android system.
Background technology
Dalvik virtual machine is the basis of application program operation in Android.By Android system-specific, and be one of core component of Android system, its instruction set, based on register framework, is supported the operation of the java application of dex form.Wherein dex file is the file layout that aims at a kind of compression of Dalvik virtual machine design, for embedded system, is optimized, and has shared a lot of class titles, constant character string, makes its volume smaller, and operational efficiency is also higher.Based on register, realize, make it when program compiler, can shift to an earlier date Optimized code rather than be deferred to while carrying out.
The core of Dalvik virtual machine is to realize storehouse libdvm.so, mainly by C language, is completed.Its operation depends on the threading mechanism of linux kernel and memory management mechanism waits partial function, can effective use internal memory, and with high-performance, on low speed CPU, move therefore applicable internal memory and the limited system of processor speed.Dalvik virtual machine is after optimizing, permission moves the example of a plurality of virtual machines in limited internal memory simultaneously, and each Dalvik virtual machine, as an independently Linux process execution, can prevent that all programs are all closed in virtual machine crashes.Meanwhile, each Android be applied in bottom can be corresponding a Dalvik virtual machine instance independently, its code is carried out under the explanation of virtual machine.
Yet after all, Dalvik is also the Java Virtual Machine of a customization, only realized a set of instruction set of oneself and virtual machine has been carried out to a series of optimization to embedded device, can meet the multiple virtual machine instance of efficient operation.Wherein have a special virtual machine process Zygote, as the incubator of virtual machine instance, it will produce when system starts, and it can complete the initialization of virtual machine, the loading in storehouse and prefabricated class libraries and initialized operation.If system needs a new virtual machine instance, it can copy rapidly self, with the fastest data, offers system.For some read-only system libraries, all virtual machine instance are all shared a region of memory with Zygote.As the middleware between operating system and application program, the security relationship of its safety problem and application program and operating system is very tight.
Along with the development of Mobile operating system, Android has captured most Mobile Market.But because the more fragmentation that causes of Android system version branch is serious, and itself in different editions, there are a lot of different leaks, the version of whole Android system is chaotic in fact, cause the Dalvik virtual machine moving on its system also very dangerous, the applications security operating in virtual machine more cannot be guaranteed.
Summary of the invention
Object of the present invention is intended to propose a kind of Software hardening design method that moves application, and the application program operating in Mobile operating system is protected.
Above-mentioned purpose of the present invention, its technical solution being achieved is: a kind of Software hardening design method that moves application, for the application program in Android system, do consolidation process, it is characterized in that: described Software hardening design method comprises step I, by default safety requirements, customize miniature virtual machine, II is incorporated into miniature virtual machine in application program, make miniature virtual machine become the part that application program can operating component and there is the highest precedence in running, III, when moving, application program first moves miniature virtual machine, application programs integral body is carried out security inspection or checking, and security verification by after the rerun functional module of application program, described default safety requirements comprises the signature verification of application program, illegal command in application program, the removal of disable instruction and the deciphering of enciphered message.
Further, the Integration Mode of described miniature virtual machine is for adopting NDK mode, in application program installation kit, use the primary programming external member of Android and carry out integrated customization with C or C Plus Plus, making miniature virtual machine become the part that application program can operating component.
Further, the Integration Mode of described miniature virtual machine is for to get back to this locality by RPC technology from far-end before application program is moved first, and dynamic load becomes the part that application program can operating component.
Further, it is basis that the miniature virtual machine of take has been incorporated in application program, and the operation of described miniature virtual machine starts in the execution of real-time listening application program corresponding to mobile terminal-opening.
Further, the signature verification function of described miniature virtual machine executive utility utilizes the PKI leaving on far-end server to verify after application program installs, terminator operation or prompting unloading in the situation that checking cannot be passed through.
Further, the removing function of illegal command, disable instruction in described miniature virtual machine executive utility, is inserted under the code or instruction situation that illegally obtains system or user profile in application program, and miniature virtual machine moves and delete those codes or instruction.
Further, described miniature virtual machine is carried out the decipher function of enciphered message, and the enciphered message of process of exchange and Transaction Information in an application of processing mobile payment is decrypted and the server interaction relevant to mobile payment by the miniature virtual machine of correspondence.
The technical scheme of application Software hardening design of the present invention: by integrate the miniature virtual machine of customization in application program; and preferential application programs itself and running environment are carried out safety detection in application program; can effectively prevent that application program from illegally being cracked or reverse; improved the security of application program under Android system; protect user's individual sensitive data, also ensured the confidentiality of business software.
Accompanying drawing explanation
Fig. 1 is the Software hardening design method flow diagram that the present invention moves application.
Embodiment
The present invention is the client secure of the day by day serious Mobile operating system of reply, has proposed to innovation a kind of resist technology for application program in Android system.This technical scheme can break through common, the traditional protection scheme based on other application program at present; using for reference the Dalvik virtual machine of Android system own realizes; for the miniature virtual machine of application customization; in the whole or a part of virtual machine that operates in customization of application program; thereby can effectively prevent that application program from illegally being cracked or reverse, the security that has improved application program in Android system.
Summary from Software hardening design method, as shown in Figure 1, this Software hardening design method comprises step I, by default safety requirements, customize miniature virtual machine, II is incorporated into miniature virtual machine in application program, make miniature virtual machine become the part that application program can operating component and there is the highest precedence in running, III, when moving, application program first moves miniature virtual machine, application programs integral body is carried out security inspection or checking, and the functional module of the application program of reruning after safety, described default safety requirements comprises the signature verification of application program, illegal command in application program, the removal of disable instruction and the deciphering of enciphered message, can select one chooses, also can have concurrently all.
The further refinement of such scheme, wherein the Integration Mode of miniature virtual machine can adopt NDK mode, in application program installation kit, use the primary programming external member of Android and carry out integrated customization with C or C Plus Plus, making miniature virtual machine become the part that application program can operating component.Also can be by RPC technology, from far-end, to get back to this locality before application program is moved first, and dynamic load become the part that application program can operating component.
For the miniature virtual machine of customization, should be noted that the problem of following several respects.
1, the miniature virtual machine of customization need to be incorporated into application program the inside, makes the application program of moving customizing virtual machine become in fact a new application program.After application program is installed by system, customizing virtual machine becomes the part that program can operating component, and each miniature virtual machine all will operation before real program operation, and program can be moved all the time in the environment of own subsidiary safety.
To this, consider that customizing virtual machine need to integrate with mobile application, therefore a functional module that can be using the miniature virtual machine of customization as application program, and this miniature virtual machine need to be prior to operation before program operation, therefore placing it in the execution of starting up's real-time listening application program is reasonable selection, this is to realize in miniature virtual machine is incorporated into application program by certain approach in the situation that certainly.If operation for the first time also needs first to go from far-end or the local virtual machine of customization that obtains.
2, miniature virtual machine, when executive utility, application programs to do security inspection.Such as whether the signature of verifying application programs is correct again, and then determine whether in the virtual machine environment of oneself, to move this application program.
To this, each application program has signature separately, and signature oneself is controlled in application developer hand, if signature is not revealed, the puppet of application program brings up and is easy to differentiate so.The virtual machine of customization increases security inspection, it is the checking again that application programs is carried out after system is installed application, PKI corresponding to application can be left in to far-end server, verify with mounted application, if checking, not by operation or the prompting unloading of terminator, has guaranteed the legitimacy of application program better.
3, can in virtual machine, increase the functional module oneself defining.Such as before program is carried out, by the dex file of virtual machine application programs, checked, filter out illegal command or disable instruction wherein, promote whereby the operational efficiency of program, heighten the robustness of program.
To this, the functional module increasing in virtual machine can according to different application need to carry out self-defined.Below two functions for example only, reference only for reference: (1) illegally obtains code or the instruction of system or user profile if an application program has been inserted some, can in customizing virtual machine, increase a module for deleting these disable instructions, make application program reduce as much as possible harm; (2) if an application program of processing mobile payment need to be by the Information hiding of process of exchange and trading time period, can be by these information encryptions in mobile application, only the processing via customizing virtual machine just can be decrypted these data and carry out alternately, having ensured the safety in process of exchange with server.
4, the virtual machine of customization can have two kinds of existing waies in application program: a kind of is in installation kit, to use the primary programming external member of Android to realize with C/C++ language; Another kind is to be placed on far-end server by RPC technology; in application, before operation, fetch this locality for the first time; in when operation dynamic load, its object is all in order to protect customizing virtual machine itself not by reverse or crack, just inherently safe likely guarantees that the application program of moving it on is also safe.
As seen from Figure 1, the miniature virtual machine of the present invention's customization and the functional module in application program are to be present in side by side mobile application, before the real operation of mobile application, start the miniature virtual machine of customization, application programs is carried out security verification, and some self-defining functional modules, such as the encryption and decryption for sensitive data or for the scanning of disable instruction in program etc., after executing the custom feature module of these virtual machines, just can start application program, go the functional module of executive routine itself.The movement that has increased customizing virtual machine is applied as this program operation itself and has created safe running environment, and this environment also carries out alternately, having protected the sensitive data of application program with this program.
Implement situation one: when certain leak of Android system, by hacker, seized, hacker can itself launch a offensive to the virtual machine of Android system by this leak, and then affects the application program in virtual machine.If but this application program has been carried out customizing virtual machine, even if assault virtual machine, but have need to carrying out with virtual machine alternately of some application programs, when virtual machine environment is no longer safe, application program can out of servicely prevent private data leakage.
Implement situation two: if hacker has taken the application program installation kit of processing through customizing virtual machine, want repacking and issue after this program insertion fee suction or wooden horse code.Perhaps, program can be utilized system vulnerability successful installation, but the miniature virtual machine of customization can carry out also will carrying out with ciphertext form and virtual machine alternately of security inspection and some data of application program again in operation, may improve the objective threshold of attacking therefore very greatly.
Visible in sum; the technical scheme of application Software hardening design of the present invention; by integrate the miniature virtual machine of customization in application program; and preferential application programs itself and running environment are carried out safety detection in application program; can effectively prevent that application program from illegally being cracked or reverse; improve the security of application program under Android system, protected user's individual sensitive data, also ensured the confidentiality of business software.
Claims (7)
1. a Software hardening design method that moves application, for the application program in Android system, do consolidation process, it is characterized in that: described Software hardening design method comprises step I, by default safety requirements, customize miniature virtual machine, II is incorporated into miniature virtual machine in application program, make miniature virtual machine become the part that application program can operating component and there is the highest precedence in running, III, when moving, application program first moves miniature virtual machine, application programs integral body is carried out security inspection or checking, and the functional module of the application program of reruning after safety, described default safety requirements comprises the signature verification of application program, illegal command in application program, the removal of disable instruction and the deciphering of enciphered message.
2. move according to claim 1 the Software hardening design method of application, it is characterized in that: the Integration Mode of described miniature virtual machine is for adopting NDK mode, in application program installation kit, use the primary programming external member of Android and carry out integrated customization with C or C Plus Plus, making miniature virtual machine become the part that application program can operating component.
3. move according to claim 1 the Software hardening design method of application, it is characterized in that: the Integration Mode of described miniature virtual machine is for to get back to this locality by RPC technology from far-end before application program is moved first, and dynamic load becomes the part that application program can operating component.
4. move according to claim 1 the Software hardening design method of application, it is characterized in that: it is basis that the miniature virtual machine of take has been incorporated in application program, and the operation of described miniature virtual machine starts in the execution of real-time listening application program corresponding to mobile terminal-opening.
5. move according to claim 1 the Software hardening design method of application, it is characterized in that: the signature verification function of described miniature virtual machine executive utility, after installing, application program utilize the PKI leaving on far-end server to verify, terminator operation or prompting unloading in the situation that checking cannot be passed through.
6. move according to claim 1 the Software hardening design method of application, it is characterized in that: the removing function of illegal command, disable instruction in described miniature virtual machine executive utility, in application program, be inserted under the code or instruction situation that illegally obtains system or user profile, miniature virtual machine moves and deletes those codes or instruction.
7. move according to claim 1 the Software hardening design method of application, it is characterized in that: described miniature virtual machine is carried out the decipher function of enciphered message, the enciphered message of process of exchange and Transaction Information in an application of processing mobile payment, is decrypted and the server interaction relevant to mobile payment by the miniature virtual machine of correspondence.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310509543.1A CN103544046A (en) | 2013-10-25 | 2013-10-25 | Mobile application software reinforcement method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310509543.1A CN103544046A (en) | 2013-10-25 | 2013-10-25 | Mobile application software reinforcement method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103544046A true CN103544046A (en) | 2014-01-29 |
Family
ID=49967524
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310509543.1A Pending CN103544046A (en) | 2013-10-25 | 2013-10-25 | Mobile application software reinforcement method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103544046A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104615933A (en) * | 2015-01-27 | 2015-05-13 | 北京奇虎科技有限公司 | Method for preventing software decompilation and method and device for preventing decompilation software from starting |
| CN104965712A (en) * | 2015-07-17 | 2015-10-07 | 北京奇虎科技有限公司 | Application reinforcing protection method and apparatus and mobile terminal |
| CN105320546A (en) * | 2015-11-27 | 2016-02-10 | 北京指掌易科技有限公司 | Method of utilizing efficient virtual machine technology for managing Android application software |
| WO2016019790A1 (en) * | 2014-08-04 | 2016-02-11 | 优视科技有限公司 | Verification method, client, server and system for installation package |
| CN106295262A (en) * | 2015-05-18 | 2017-01-04 | 腾讯科技(深圳)有限公司 | The processing method of a kind of executable file, device and system |
| CN107122629A (en) * | 2017-04-19 | 2017-09-01 | 山东省计算中心(国家超级计算济南中心) | It is a kind of that reinforcement means is cooperateed with based on the Android software obscured at random |
| CN107766342A (en) * | 2016-08-15 | 2018-03-06 | 中国移动通信集团公司 | A kind of recognition methods of application and device |
| CN108549555A (en) * | 2018-04-10 | 2018-09-18 | Tcl通力电子(惠州)有限公司 | Processing method, embedded system device and the storage medium of customized software |
| CN109558743A (en) * | 2018-11-27 | 2019-04-02 | 广州供电局有限公司 | Data guard method, device, computer equipment and the storage medium of mobile terminal |
| WO2019136859A1 (en) * | 2018-01-10 | 2019-07-18 | 武汉斗鱼网络科技有限公司 | Host environment identification method for target application program, apparatus, medium and device |
| CN110135163A (en) * | 2019-03-28 | 2019-08-16 | 江苏通付盾信息安全技术有限公司 | A kind of safety detection method based on target application, apparatus and system |
| CN110610097A (en) * | 2019-09-09 | 2019-12-24 | 杭州天宽科技有限公司 | File transmission security system based on android application |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080052691A1 (en) * | 2006-06-29 | 2008-02-28 | Naveen Neelakantam | Communicating with and recovering state information from a dynamic translator |
| CN102096782A (en) * | 2011-01-27 | 2011-06-15 | 中国科学院软件研究所 | Internet banking safety authentication method based on removable medium of virtual machine |
-
2013
- 2013-10-25 CN CN201310509543.1A patent/CN103544046A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080052691A1 (en) * | 2006-06-29 | 2008-02-28 | Naveen Neelakantam | Communicating with and recovering state information from a dynamic translator |
| CN102096782A (en) * | 2011-01-27 | 2011-06-15 | 中国科学院软件研究所 | Internet banking safety authentication method based on removable medium of virtual machine |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016019790A1 (en) * | 2014-08-04 | 2016-02-11 | 优视科技有限公司 | Verification method, client, server and system for installation package |
| WO2016119548A1 (en) * | 2015-01-27 | 2016-08-04 | 北京奇虎科技有限公司 | Method for preventing software decompilation, and method and apparatus for preventing decompilation software from starting |
| CN104615933B (en) * | 2015-01-27 | 2018-08-17 | 北京奇虎科技有限公司 | The method and apparatus that the method for anti-software decompilation, counnter attack composing software start |
| CN104615933A (en) * | 2015-01-27 | 2015-05-13 | 北京奇虎科技有限公司 | Method for preventing software decompilation and method and device for preventing decompilation software from starting |
| CN106295262A (en) * | 2015-05-18 | 2017-01-04 | 腾讯科技(深圳)有限公司 | The processing method of a kind of executable file, device and system |
| CN104965712B (en) * | 2015-07-17 | 2018-04-20 | 北京奇虎科技有限公司 | Application program method for reinforcing and protecting, device and mobile terminal |
| CN104965712A (en) * | 2015-07-17 | 2015-10-07 | 北京奇虎科技有限公司 | Application reinforcing protection method and apparatus and mobile terminal |
| CN105320546A (en) * | 2015-11-27 | 2016-02-10 | 北京指掌易科技有限公司 | Method of utilizing efficient virtual machine technology for managing Android application software |
| CN105320546B (en) * | 2015-11-27 | 2018-09-11 | 北京指掌易科技有限公司 | A method of managing Android application software using efficient virtual machine technique |
| CN107766342A (en) * | 2016-08-15 | 2018-03-06 | 中国移动通信集团公司 | A kind of recognition methods of application and device |
| CN107122629B (en) * | 2017-04-19 | 2017-12-26 | 山东省计算中心(国家超级计算济南中心) | It is a kind of that reinforcement means is cooperateed with based on the Android software obscured at random |
| CN107122629A (en) * | 2017-04-19 | 2017-09-01 | 山东省计算中心(国家超级计算济南中心) | It is a kind of that reinforcement means is cooperateed with based on the Android software obscured at random |
| WO2019136859A1 (en) * | 2018-01-10 | 2019-07-18 | 武汉斗鱼网络科技有限公司 | Host environment identification method for target application program, apparatus, medium and device |
| CN108549555A (en) * | 2018-04-10 | 2018-09-18 | Tcl通力电子(惠州)有限公司 | Processing method, embedded system device and the storage medium of customized software |
| CN109558743A (en) * | 2018-11-27 | 2019-04-02 | 广州供电局有限公司 | Data guard method, device, computer equipment and the storage medium of mobile terminal |
| CN110135163A (en) * | 2019-03-28 | 2019-08-16 | 江苏通付盾信息安全技术有限公司 | A kind of safety detection method based on target application, apparatus and system |
| CN110135163B (en) * | 2019-03-28 | 2021-11-05 | 江苏通付盾信息安全技术有限公司 | Security detection method, device and system based on target application |
| CN110610097A (en) * | 2019-09-09 | 2019-12-24 | 杭州天宽科技有限公司 | File transmission security system based on android application |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103544046A (en) | Mobile application software reinforcement method | |
| US10289842B2 (en) | Method and apparatus for protecting kernel control-flow integrity using static binary instrumentation | |
| US9141787B2 (en) | Interlocked binary protection using whitebox cryptography | |
| Strackx et al. | Efficient isolation of trusted subsystems in embedded systems | |
| Jackson et al. | Compiler-generated software diversity | |
| KR101504857B1 (en) | System and method for supporting jit in a secure system with randomly allocated memory ranges | |
| CN103748594B (en) | For ARM*TRUSTZONETMThe credible platform module based on firmware realized | |
| JP6227772B2 (en) | Method and apparatus for protecting a dynamic library | |
| CN106326694A (en) | Android application reinforcing method baed on C source code mixing | |
| You et al. | Reference hijacking: Patching, protecting and analyzing on unmodified and non-rooted android devices | |
| Giannetsos et al. | Arbitrary code injection through self-propagating worms in von neumann architecture devices | |
| Larsen et al. | Automatic software diversity | |
| KR101872104B1 (en) | System and method for integrity verification of banking application using APK file dynamic loading technique | |
| Benadjila et al. | Wookey: Designing a trusted and efficient USB device | |
| JP5575950B2 (en) | Wireless terminal device and system protection method | |
| KR101638257B1 (en) | Method for protecting source code of application and apparatus for performing the method | |
| CN102855439A (en) | Executable file self-checking method and device | |
| Msgna et al. | Secure application execution in mobile devices | |
| KR20150051835A (en) | Method and devices for fraud prevention of android-based applications | |
| Ribeiro et al. | DBStore: A TrustZone-backed Database Management System for Mobile Applications. | |
| JP6297149B2 (en) | Mobile device and method of operating the mobile device | |
| Pizzolotto et al. | Mitigating Debugger-based Attacks to Java Applications with Self-Debugging | |
| Jeong et al. | Preventing execution of unauthorized applications using dynamic loading and integrity check on android smartphones | |
| Gadyatskaya et al. | Load time code validation for mobile phone Java Cards | |
| Epifani | Control-Flow Integrity for Embedded Systems: Study Case of an FPGA-Based Solution |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: JIANGSU TONGFUDUN INFORMATION TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: SUZHOU PAYEGIS INFORMATION TECHNOLOGY CO., LTD. Effective date: 20141114 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20141114 Address after: Xinping Street Industrial Park of Suzhou city in Jiangsu province 215125 No. 388 takeoff Innovation Park Building 6 4F, 5F Applicant after: JIANGSU PAYEGIS INFORMATION TECHNOLOGY CO., LTD. Address before: Xinping Street Industrial Park of Suzhou city in Jiangsu province 215125 No. 388 takeoff Innovation Park Building 6 4F, 5F Applicant before: Suzhou PayEgis Information Technology Co., Ltd. |
|
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140129 |