CN104462959B - A kind of method for reinforcing and protecting, server and the system of Android application - Google Patents
A kind of method for reinforcing and protecting, server and the system of Android application Download PDFInfo
- Publication number
- CN104462959B CN104462959B CN201410734372.7A CN201410734372A CN104462959B CN 104462959 B CN104462959 B CN 104462959B CN 201410734372 A CN201410734372 A CN 201410734372A CN 104462959 B CN104462959 B CN 104462959B
- Authority
- CN
- China
- Prior art keywords
- apk
- reinforcing
- encryption
- reinforcement protection
- decryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 227
- 230000003014 reinforcing effect Effects 0.000 title claims abstract description 99
- 230000002787 reinforcement Effects 0.000 claims abstract description 121
- 238000009434 installation Methods 0.000 claims abstract description 40
- 239000000284 extract Substances 0.000 claims abstract description 20
- 238000000605 extraction Methods 0.000 claims description 24
- 238000012360 testing method Methods 0.000 claims description 14
- 238000012856 packing Methods 0.000 claims description 13
- 238000012545 processing Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 description 15
- 238000011161 development Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 8
- 230000001012 protector Effects 0.000 description 6
- 230000006399 behavior Effects 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001035 drying Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses method for reinforcing and protecting, server and the system of a kind of Android application, this method includes:Obtain the original Android installation kit APK of Android application;Original APK described in decompiling, therefrom extracts shielded method code, and filled position is extracted with nop;The shielded method code extracted is encrypted according to specified encryption and decryption strategy, configuration file is reinforced in generation;The specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program are added in the APK after decompiling, the reinforcing APK of the compiling generation Android application.The technical scheme that the present invention is provided realizes the dynamic encryption and decryption to protected method; make any time in internal memory that complete dex images are all not present; so as to prevent from obtaining complete dex files by way of internal memory Dump; applied so as to substantially reduce Android by conversed analysis, and then beat again the possibility that bag is distributed again.
Description
Technical field
The present invention relates to data security arts, and in particular to the method for reinforcing and protecting of Android application a kind of, server and is
System.
Background technology
The fast development and the rapid growth of equipment of Android system, generate substantial amounts of third party application, with it
He compares operating system, and the increasing income property of Android system provides more functional interfaces for application developer, these functional interfaces
Also provided convenience while the scalability for the system that improves for Malware, illegal copies, reverse-engineering, decompiling,
Debug, crack, secondary packing, the means such as internal memory interception constantly threaten the safety of Android system, not only compromise user,
Serious infringement is caused to normal use developer.
The Scheme of Strengthening of existing Android software installation bag is broadly divided into three kinds:The first is that whole dex files are carried out
Complete encryption;Bytecode deformation is done to dex files when being for second operation, the dex for preventing direct Dump complete, existing mode
Can not be self-defined well, the program needs to do the function of bytecode deformation;The third is to be used in mixed way first two scheme.But
Because such scheme has complete dex images in the sometime internal memory that APK is run, shielded dex can pass through
Internal memory Dump mode is restored by complete, causes existing scheme can not be fully solved the peace that Android installation kit faces all the time
Full problem, people are also seeking more effective solution always.
The content of the invention
In view of the above problems, it is proposed that the present invention so as to provide one kind overcome above mentioned problem or at least in part solve on
State method for reinforcing and protecting, server and the system of a kind of Android application of problem..
According to one aspect of the present invention there is provided the method for reinforcing and protecting that a kind of Android is applied, this method includes:
Obtain the original Android installation kit APK of Android application;
Original APK described in decompiling, therefrom extracts shielded method code, and filled position is extracted with nop;
The shielded method code extracted is encrypted according to specified encryption and decryption strategy, configuration is reinforced in generation
File;
The specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program are added to after decompiling
In APK, the reinforcing APK of the compiling generation Android application;
Wherein, the reinforcement protection program performs following behaviour when the reinforcing APK that the Android is applied is mounted and is run
Make:According to the situation of calling of shielded method, dynamic application space, when shielded method is called, adds according to described
The shielded method code of acquisition is decrypted to reinforcing the correlation method in configuration file in decryption policy;When shielded method
Call after end, according to the encryption and decryption strategy to decryption obtain shielded method code re-start encryption.
Alternatively, shielded method code is identified by explaining in the original APK;
Original APK described in the decompiling, therefrom extracting shielded method code includes:It is original described in decompiling
APK, explains according to method therein and therefrom extracts shielded method code.
Alternatively, the one or more during the specified encryption and decryption strategy is included as follows:
Anti-debug strategy;
Anti- Dump strategies;
Bob-weight packing strategy;
Character string encryption and decryption strategy.
Alternatively, the specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program are added to anti-volume
APK after translating includes:
The APK that the specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program are write after decompiling
Lib catalogues under SO files in.
Alternatively, the core in dex files in the original APK that the shielded method code is applied for the Android
Content.
Alternatively, the original Android installation kit APK for obtaining Android application includes:Receive user and pass through reinforcement protection visitor
The original APK for the Android application that family end is uploaded;
This method further comprises:There is provided the interface downloaded and reinforce APK so that user can utilize reinforcement protection visitor
Downloaded by the interface and reinforce APK in family end.
Alternatively, this method further comprises:
The encryption and decryption policy selection that reception user is uploaded by reinforcement protection client is instructed, Crypted password and decryption are close
Code, and to specify encryption and decryption strategy described in this determination.
Alternatively, this method further comprises:
The identity that user is uploaded by reinforcement protection client is received, and is reinforced using the identity to described
APK is signed.
Alternatively, this method further comprises:
Automatic installation test is carried out to reinforcing APK.
According to another aspect of the present invention, there is provided the reinforcement protection server that a kind of Android is applied, the server bag
Include:
Acquiring unit, the original Android installation kit APK suitable for obtaining Android application;
Decompiling extraction unit, suitable for original APK described in decompiling, therefrom extracts shielded method code, and will
Position is extracted to be filled with nop;
Ciphering unit, suitable for place is encrypted to the shielded method code extracted according to specified encryption and decryption strategy
Configuration file is reinforced in reason, generation;
Compilation unit is added, suitable for by the specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program
It is added in the APK after decompiling, the reinforcing APK of the compiling generation Android application;
Wherein, the reinforcement protection program performs following behaviour when the reinforcing APK that the Android is applied is mounted and is run
Make:According to the situation of calling of shielded method, dynamic application space, when shielded method is called, adds according to described
The shielded method code of acquisition is decrypted to reinforcing the correlation method in configuration file in decryption policy;When shielded method
Call after end, according to the encryption and decryption strategy to decryption obtain shielded method code re-start encryption.
Alternatively, shielded method code is identified by explaining in the original APK that the acquiring unit is obtained;
The decompiling extraction unit, suitable for original APK described in decompiling, explains according to method therein and therefrom extracts
Shielded method code.
Alternatively, the ciphering unit is suitable to according to one or more of strategy to extracting by the method generation for protecting guarantor
Code is encrypted:
Anti-debug strategy;
Anti- Dump strategies;
Bob-weight packing strategy;
Character string encryption and decryption strategy.
Alternatively, the addition compilation unit, suitable for by the specified encryption and decryption strategy, the reinforcing configuration file and add
Gu in the SO files under the lib catalogues of the APK after defence program write-in decompiling.
Alternatively, the decompiling extraction unit, suitable for being extracted after original APK described in decompiling in dex files therein
Core content.
Alternatively, the acquiring unit, the original that the Android uploaded suitable for receiving user by reinforcement protection client is applied
Beginning APK.
The server further comprises:Download unit, is adapted to provide for downloading the interface for reinforcing APK so that user can
Downloaded using the reinforcement protection client by the interface and reinforce APK.
Alternatively, the acquiring unit, is further adapted for receiving the encryption and decryption that user is uploaded by reinforcement protection client
Policy selection instruction, Crypted password and clear crytpographic key, and it is sent to ciphering unit;
The ciphering unit, suitable for according to encryption and decryption policy selection instruction, Crypted password and clear crytpographic key, determining institute
State specified encryption and decryption strategy.
Alternatively, the acquiring unit, is further adapted for receiving the identity mark that user is uploaded by reinforcement protection client
Know;
The server further comprises:Signature unit, suitable for being signed using the identity to the reinforcing APK
Name.
Alternatively, the server further comprises:
Test cell, suitable for carrying out automatic installation test to reinforcing APK.
According to having on one side there is provided a kind of reinforcement protection system of Android application for the present invention, including:Reinforcement protection
Reinforcement protection server described in client and as above any one.
From the foregoing, the technical scheme that provides of the present invention is by encryption and decryption strategy, reinforcement protection program and shielded
The reinforcing configuration file that method code is obtained after being encrypted is added in the APK after decompiling, the reinforcing of generation Android application
APK, because reinforcement protection program is dynamically decoded when protected method is called to it, and in protected method call
It is encrypted after end, the dynamic encryption and decryption to protected method is realized, any time in internal memory has all been not present
Whole dex images, so as to prevent from obtaining complete dex files by way of internal memory Dump, so as to substantially reduce Android application
By conversed analysis, and then beat again the possibility that bag is distributed again.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And can be practiced according to the content of specification, and in order to allow above and other objects of the present invention, feature and advantage can
Become apparent, below especially exemplified by the embodiment of the present invention.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit is common for this area
Technical staff will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention
Limitation.And in whole accompanying drawing, identical part is denoted by the same reference numerals.In the accompanying drawings:
Fig. 1 shows a kind of flow chart of the method for reinforcing and protecting of Android application according to an embodiment of the invention;
Fig. 2 shows a kind of flow chart of the method for reinforcing and protecting of Android application in accordance with another embodiment of the present invention;
Fig. 3 shows a kind of schematic diagram of the reinforcement protection server of Android application according to an embodiment of the invention;
Fig. 4 shows a kind of signal of the reinforcement protection server of Android application in accordance with another embodiment of the present invention
Figure;
Fig. 5 shows the signal for the reinforcement protection server applied according to a kind of Android of another embodiment of the invention
Figure;
Fig. 6 shows the signal for the reinforcement protection server applied according to a kind of Android of further embodiment of the present invention
Figure;
Fig. 7 A show the flow chart of the development process of Android installation kit according to an embodiment of the invention;
Fig. 7 B show the flow chart of the reinforcement protection process of Android installation kit according to an embodiment of the invention;
Fig. 7 C show the flow chart of the running of Android installation kit according to an embodiment of the invention.
Embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
Limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
Fig. 1 shows a kind of flow chart of the method for reinforcing and protecting of Android application according to an embodiment of the invention.Such as
Shown in Fig. 1, this method includes:
Step S110, obtains the original Android installation kit APK of Android application.
On Android system, one can install, the application that runs is, it is necessary to be packaged into Android installation kit, i.e. APK
Original Android installation kit APK in (Android application package file) file format, this step is by opening
Originator exploitation generation.
Step S120, the original APK of decompiling, therefrom extract shielded method code, and filled out position is extracted with nop
Fill.
Nop fillings in this step refer to:Nop instructions are filled at extraction position.Equivalent to the original after decompiling
In beginning APK, first protected method code is plucked out, is then filled with nop instructions.
Step S130, the shielded method code extracted is encrypted according to specified encryption and decryption strategy, raw
Into reinforcing configuration file.
Encryption in this step can be symmetrical plus or asymmetric encryption.Here encryption and decryption strategy includes encryption plan
Slightly with corresponding decryption policy.
Step S140, specified encryption and decryption strategy, reinforcing configuration file and reinforcement protection program are added to after decompiling
In APK, the reinforcing APK of compiling generation Android application.
Reinforcement protection program in this step is used to dynamically carry out encryption and decryption, reinforcement protection program to reinforcing configuration file
Following operation is performed when the reinforcing APK applied in Android is mounted and run:According to the situation of calling of shielded method, dynamic
Apply for space, when shielded method is called, the correlation method reinforced in configuration file is carried out according to encryption and decryption strategy
Decryption obtains shielded method code;The called operation of shielded method code;End is called when shielded method
Afterwards, the shielded method code obtained according to encryption and decryption strategy to decryption re-starts encryption.
Reinforcing configuration file that method shown in Fig. 1 is obtained after shielded method code is encrypted, encryption and decryption plan
Omit and reinforcement protection program is imported into APK, the reinforcing APK of generation Android application;Because reinforcement protection program dynamically exists
Shielded method is decoded when called to it, and it is encrypted after shielded method call terminates, real
The dynamic encryption and decryption to protected method is showed, has made any time in internal memory that complete dex images are all not present, so as to prevent from leading to
The mode for crossing internal memory Dump obtains complete dex files, is applied so as to substantially reduce Android by conversed analysis, and then beat again bag again
The possibility of secondary distribution.
Generally, due to Android installation kit APK developer and for APK provide protection service Protector be not
Tongfang, therefore developer can identify developer by explaining and intentionally get protection during original APK is developed
Method, Protector and then extracts shielded method code according to explaining from original APK source code, " note " herein
Refer to that JAVA provides the entitled annotation functions of (note) since J2SE5, for by any information or metadata and journey
Order elements (class, method, member variable etc.) are associated, and itself source code or class etc. execution will not be produced any
Influence.
In one embodiment of the invention, in the method shown in Fig. 1, pass through in the original APK that step S110 is got
Explain to identify shielded method code;Accordingly, the original APK of decompiling in step S120, therefrom extracts and is protected
The method code of shield can be:The original APK of decompiling, explains according to method therein and therefrom extracts shielded method generation
Code.
Fig. 7 A show the flow chart of the development process of Android installation kit according to an embodiment of the invention, in this implementation
In example, for developer, as shown in Figure 7 A, step S710 describes following mistake to the development process of Android installation kit to step S750
Journey:Start to develop Android installation kit APK, whether be shielded method, be then to shielded method generation if judging a method
Code addition is explained, otherwise without note, generates original Android installation kit APK.Fig. 7 B are shown according to one implementation of the present invention
The flow chart of the reinforcement protection process of the Android installation kit of example, the Protector for providing protection service for APK, Android installation kit
Reinforcement protection process as shown in figure 7b, step S810 describes procedure below to step S870:Get original Android installation kit
After APK, the decompiling original APK selects the encryption and decryption strategy specified, the note then provided according to developer is come to protected
Method code be encrypted, configuration file is reinforced in generation, will reinforce configuration file, encryption and decryption strategy and reinforcement protection program
Import in APK, APK is reinforced in generation.Fig. 7 B step S880 further signs to reinforcing APK, will on step S880
It can illustrate in detail below.
For example, developer is when a instant messaging of exploitation is applied, it is desirable to transmit picture function to it and protect, because
This, method code addition of the developer on stream to transmitting picture function is corresponding to explain, and mark this method is to be protected
The method of shield, original APK is generated by the packing of the files such as shielded method, not protected method and relevant configuration information.Protect
Shield person is obtained during reinforcement protection after original APK, and decompiling APK, according to above-mentioned note transmission picture function
Method code is extracted, and selection specifies encryption and decryption strategy to be encrypted, and generates the above reinforcing configuration file;
Configuration file, encryption and decryption strategy and reinforcement protection program will be reinforced again to be put into the APK after decompiling, it is instant that compiling obtains this
The reinforcing APK of communication applications.
In one embodiment of the invention, the finger that encryption and decryption processing is used is carried out during the reinforcement protection shown in Fig. 1
Determine encryption and decryption strategy, the one or more in can including as follows:Anti-debug strategy;Anti- Dump strategies;Bob-weight packing strategy;Word
Symbol serially adds decryption policy.Wherein, anti-debug strategy can prevent dynamic debugging;Anti- Dump strategies can anti-dynamic Dump it is complete
dex;Bob-weight packing can prevent APK by secondary packing;Character string encryption and decryption strategy can be realized to be added to character string in dex
It is close, prevent from being immediately seen plaintext program by static analysis.
In one embodiment of the invention, described in the step S140 of method shown in Fig. 1 by specified encryption and decryption strategy, plus
Gu configuration file and reinforcement protection program, which are added to the APK after decompiling, to be included:By specified encryption and decryption strategy, reinforce configuration text
In SO files under the lib catalogues of APK after part and the write-in decompiling of reinforcement protection program.
The internal file structure of APK after decompiling is as shown in table 1:
Table 1
Filename | Explanation |
META-INF\ | Certificate file |
res\ | Resource file |
assets\ | Extra resource file |
resources.arsc | Binary Resources file |
classes.dex | Source code resource file |
AndroidManifest.xml | Global configuration file |
lib\ | Add-on assemble |
Wherein, the general file for having MANIFEST.MF and being ended up with .RSA .SF under META-INF catalogues, have recorded other
The certificate signature of catalogue file, Android system can check whether each file records with this catalogue inside APK one by one when installing APK
Certificate signature it is consistent, if it is inconsistent, thinking that file has been tampered, refuse the installation and operation of the APK.
The storage of res catalogues is the files such as picture resource and interface layout.
Deposited under assets catalogues be extra resource and configuration file, such as TXT or HTML illustrate document, font file and
Picture resource etc..
Resources.arsc files are the Binary Resources files after compiling.
Class.dex files are the Java bytecode files generated after Java source codes are compiled, and .dex is Dalvik
Executable (Dalvik virtual machine executable file) abbreviation.
AndroidManifest.xml files are global description's files of Android installation kit, and this document have recorded application
The information such as bag name, version number, authority, library file, module inlet, the class of reference.
Lib catalogues are JNI (Java Native Interface) library files, are deposited typically in armeabi sub-folders
Some SO files.SO files are the library files under linux, are the dynamic link library files of ELF format, and the class file is transported in program
Row is just dynamically loaded into program when needs, and suffix is .so.In the present embodiment, it is by specified encryption and decryption strategy, reinforces
In SO files under configuration file and reinforcement protection program write-in APK the lib catalogues.When operation reinforce APK call it is protected
Method when, in the form of SO files carry out dynamic load.
In one embodiment of the invention, the shielded method code in the method shown in Fig. 1 is what Android was applied
The core content in dex files in original APK.
Fig. 2 shows a kind of flow chart of the method for reinforcing and protecting of Android application in accordance with another embodiment of the present invention.
As shown in Fig. 2 this method includes:
Step S210, receives the original APK for the Android application that user is uploaded by reinforcement protection client.In this step,
The original APK of user (i.e. developer) upload is received, the development process of the original APK will not be repeated here as shown in Figure 7 A.
Step S220, the original APK of decompiling, therefrom extract shielded method code, and filled out position is extracted with nop
Fill.
Step S230, the shielded method code extracted is encrypted according to specified encryption and decryption strategy, raw
Into reinforcing configuration file.
Step S240, specified encryption and decryption strategy, reinforcing configuration file and reinforcement protection program are added to after decompiling
In APK, the reinforcing APK of compiling generation Android application.
Above-mentioned steps S220, step S230, the step S120 of method shown in step S240 and Fig. 1, step S130, step
S140 correspondences are identical, describe the process that reinforcement protection is carried out to original APK, and Fig. 7 B also enter from the angle of Protector to the process
Displaying is gone, will not be repeated here.
Step S250 reinforces APK interface there is provided downloading so that user can pass through interface using reinforcement protection client
Download and reinforce APK.
From the foregoing, the scheme shown in Fig. 2 provides one for developer and is used to carry out reinforcement protection to Android application
Platform, receive the unprotected original APK of developer's upload, after reinforced protection processing, provided to developer download plus
Gu APK interface.
In one embodiment of the invention, the specified encryption and decryption strategy in method shown in Fig. 1 and Fig. 2, can be by using
The encryption and decryption relevant information that family (i.e. developer) is provided determines that is, user independently formulates encryption and decryption strategy and encryption and decryption password.
This method further comprises:Receive the instruction of encryption and decryption policy selection, Crypted password that user is uploaded by reinforcement protection client
And clear crytpographic key, and encryption and decryption strategy is specified with this determination.Wherein, the encryption and decryption information that user provides, which can also be labeled in, is protected
In the note of the method for shield.The program provides a great convenience for developer so that developer is real in the development phase of application
That now protects function facilitates configurability.
The APK each issued has a unique ID to identify the legitimacy of application, and this ID is exactly APK signature, is made
Can realize that covering is installed with the APK of same signature, therefore, in order to prevent hacker from the illegal of APK is distorted and usurped, pair plus
Gu APK is signed, the process signed to reinforcing APK of step S880 as shown in Figure 7 B.In the reality of the present invention
Apply in example, the method shown in Fig. 2 further comprises:Receive the identity that user is uploaded by reinforcement protection client, and profit
The reinforcing APK is signed with the identity.
In order to ensure validity that APK is reinforced, it is to avoid the APK caused due to error can not be installed, APK failed encryptions etc.
Phenomenon, before can reinforcing APK providing the user with download, is further tested it.In one embodiment of the present of invention
In, the method shown in Fig. 2 further comprises:Automatic installation test is carried out to reinforcing APK.
Fig. 3 shows a kind of schematic diagram of the reinforcement protection server of Android application according to an embodiment of the invention.
As shown in figure 3, the reinforcement protection server 300 of Android application includes:
Acquiring unit 310, the original Android installation kit APK suitable for obtaining Android application.
On Android system, one can install, the application that runs is, it is necessary to be packaged into Android installation kit, i.e. APK
(Android application package file) file format, this unit obtain original Android installation kit APK be by
Developer's exploitation generation.
Decompiling extraction unit 320, suitable for the original APK of decompiling, therefrom extracts shielded method code, and will carry
Fetch bit is put is filled with nop.
Nop fillings herein refer to:Nop instructions are filled at extraction position, make the code after filling and source code pair
Together.
Ciphering unit 330, suitable for the shielded method code extracted is encrypted according to specified encryption and decryption strategy
Configuration file is reinforced in processing, generation.
Compilation unit 340 is added, suitable for specified encryption and decryption strategy, reinforcing configuration file and reinforcement protection program are added to
In APK after decompiling, the reinforcing APK of compiling generation Android application.
Wherein, reinforcement protection program performs following operation when the reinforcing APK that Android is applied is mounted and is run:According to by
The method of protection calls situation, dynamic application space, when shielded method is called, according to encryption and decryption strategy to reinforcing
The shielded method code of acquisition is decrypted in correlation method in configuration file;When shielded method is after calling end,
Encryption is re-started according to the shielded method code that encryption and decryption strategy is obtained to decryption.
It can be seen that, reinforcement protection server 300 shown in Fig. 3 is by encryption and decryption strategy, reinforcement protection program and shielded
The reinforcing configuration file that method code is obtained after being encrypted is imported into APK, the reinforcing APK of generation Android application;Due to adding
Gu defence program is dynamically decoded when shielded method is called to it, and after shielded method call terminates
It is encrypted, makes any time in internal memory that complete dex images are all not present, so as to prevent by way of internal memory Dump
Complete dex files are obtained, are applied so as to substantially reduce Android by conversed analysis, and then beat again the possibility that bag is distributed again.
Protector is caused to extract developer according to the note and wish to be protected by explaining according to developer described above
The method code of shield, and the example of reinforcement protection, in one embodiment of the invention, server shown in Fig. 3 are carried out to it
Shielded method code is identified by explaining in the original APK that acquiring unit 310 is got;Decompiling extraction unit
320, suitable for the original APK of decompiling, explained according to method therein and therefrom extract shielded method code.
In one embodiment of the invention, the ciphering unit 330 of server shown in Fig. 3, suitable for according to following a kind of or
The shielded method code extracted is encrypted a variety of strategies:Anti-debug strategy;Anti- Dump strategies;Bob-weight is packed
Strategy;Character string encryption and decryption strategy.Wherein, anti-debug strategy can prevent dynamic debugging;Anti- Dump strategies can anti-dynamic
The complete dex of Dump;Bob-weight packing can prevent APK by secondary packing;Character string encryption and decryption strategy can be realized to character in dex
The encryption of string, prevents from being immediately seen plaintext program by static analysis.
In one embodiment of the invention, the addition compilation unit 340 of server shown in Fig. 3, suitable for that will specify plus solve
In SO files under the lib catalogues of APK after close strategy, reinforcing configuration file and the write-in decompiling of reinforcement protection program.This reality
Apply in example, be by the lib mesh of the APK shown in specified encryption and decryption strategy, reinforcing configuration file and reinforcement protection program write table 1
In SO files under record.
In one embodiment of the invention, the decompiling extraction unit 320 of server shown in Fig. 3, it is former suitable for decompiling
The core content in dex files therein is extracted after beginning APK.
Fig. 4 shows a kind of signal of the reinforcement protection server of Android application in accordance with another embodiment of the present invention
Figure.As shown in figure 4, the reinforcement protection server 400 of Android application includes:Acquiring unit 410, decompiling extraction unit 420,
Ciphering unit 430, addition compilation unit 440 and download unit 450.
Wherein, decompiling extraction unit 420, ciphering unit 430, addition compilation unit 440 respectively with server shown in Fig. 3
Decompiling extraction unit 320, ciphering unit 330, addition compilation unit 340 correspondence it is identical, perform and original APK added
Admittedly the process protected, and Fig. 7 B are also shown from the angle of Protector to the process, will not be repeated here.
Acquiring unit 410, the original APK that the Android uploaded suitable for receiving user by reinforcement protection client is applied.
This unit is suitable to receive the original APK that user (i.e. developer) uploads, development process such as Fig. 7 A institutes of the original APK
Show, will not be repeated here.
Download unit 450, is adapted to provide for downloading the interface for reinforcing APK so that user can utilize reinforcement protection client
Downloaded by the interface and reinforce APK.
From the foregoing, the server shown in Fig. 4 provides one for developer and is used to carry out reinforcing guarantor to Android application
The platform of shield, acquiring unit 410 receives the unprotected original APK of developer's upload, through decompiling extraction unit 420, adds
Close unit 430 and addition compilation unit 440 reinforcement protection processing after, then by download unit 450 to developer provide download plus
Gu APK interface.
In one embodiment of the invention, encryption and decryption strategy is specified in the ciphering unit of server shown in Fig. 3 and Fig. 4,
It can be determined by the encryption and decryption relevant information of user (i.e. developer) offer, i.e., user independently formulates encryption and decryption strategy and added
Clear crytpographic key.The acquiring unit 410 of server shown in Fig. 4, is further adapted for reception user and is uploaded by reinforcement protection client
The instruction of encryption and decryption policy selection, Crypted password and clear crytpographic key, and be sent to ciphering unit 430;Ciphering unit 430, is suitable to
According to the instruction of encryption and decryption policy selection, Crypted password and clear crytpographic key, it is determined that specifying encryption and decryption strategy.Wherein, user provides
Encryption and decryption information can also be labeled in the note of shielded method, and the program provides a great convenience for developer, made
Developer realizes that protection function facilitates configurability in the development phase of application.
Fig. 5 shows the signal for the reinforcement protection server applied according to a kind of Android of another embodiment of the invention
Figure.As shown in figure 5, the reinforcement protection server 500 of Android application includes:Acquiring unit 510, decompiling extraction unit 520,
Ciphering unit 530, addition compilation unit 540, download unit 550 and signature unit 560.
In the present embodiment, reinforcement protection server 500 is right in order to prevent hacker from the illegal of APK is distorted and usurped
Reinforce APK to be signed, therefore, compared with the server shown in Fig. 3,4, book server adds signature unit 560.Wherein,
Acquiring unit 510, decompiling extraction unit 520, ciphering unit 530, addition compilation unit 540, download unit 550 respectively with figure
The acquiring unit 410 of server shown in 4, decompiling extraction unit 420, ciphering unit 430, addition compilation unit 440, download are single
The correspondence of member 450 is identical, will not be repeated here.
Acquiring unit 510, is further adapted for receiving the identity that user is uploaded by reinforcement protection client.
Signature unit 560, suitable for being signed using the identity to reinforcing APK.
Fig. 6 shows the signal for the reinforcement protection server applied according to a kind of Android of further embodiment of the present invention
Figure.As shown in fig. 6, the reinforcement protection server 600 of Android application includes:Acquiring unit 610, decompiling extraction unit 620,
Ciphering unit 630, addition compilation unit 640, download unit 650, signature unit 660 and test cell 670.
In the present embodiment, reinforcement protection server 600 in order to ensure APK reinforce validity, it is to avoid due to error
The phenomenons such as the APK caused can not be installed, APK failed encryptions are further right before can reinforcing APK providing the user with download
It is tested, therefore, compared with server described above, and book server adds test cell 670.Wherein, obtain single
Member 610, decompiling extraction unit 620, ciphering unit 630, addition compilation unit 640, download unit 650,660 points of signature unit
Not with the acquiring unit 510 of server shown in Fig. 5, decompiling extraction unit 520, ciphering unit 530, addition compilation unit 540,
Download unit 550, the correspondence of signature unit 560 are identical, will not be repeated here.
Test cell 670, suitable for carrying out automatic installation test to reinforcing APK.
Based on the various embodiments described above, the reinforcing APK that reinforcement protection is completed is published to after Android application market by developer, is used
Family will download and run reinforcing APK.Fig. 7 C show the running of Android installation kit according to an embodiment of the invention
Flow chart, from the perspective of user, Android installation kit APK running as seen in figure 7 c, step S902 to step
S920 describes procedure below:The APK is run, operation authority is obtained by reading key first, APK configuration text is then read
Part, then calls the method in APK, judges whether the method currently called is shielded method, if the side currently called
Method is shielded method, then carries out dynamic decryption to the shielded method code, call the shielded method after decryption,
Call after end, dynamic decryption is carried out to the shielded method code again, the APK is continued to run with;If currently called
Method is not shielded method, then directly normal to transfer, and the APK is continued to run with after calling end;APK is run with this mechanism,
Until completing whole APK running.
A kind of reinforcement protection system of Android application is also disclosed in one embodiment of the present of invention, it includes reinforcement protection
Client and the reinforcement protection server as described in above-mentioned any embodiment.
In summary, the invention provides a kind of reinforcement protection scheme of Android application, by encryption and decryption strategy, reinforcement protection
The reinforcing configuration file that program and shielded method code are obtained after being encrypted is added in the APK after decompiling, raw
The reinforcing APK applied into Android, because reinforcement protection program is dynamically decoded when protected method is called to it, and
It is encrypted after protected method call terminates, the dynamic encryption and decryption to protected method is realized, makes to appoint in internal memory
The moment anticipate all in the absence of complete dex images, so that prevent from obtaining complete dex files by way of internal memory Dump, so that
Substantially reduce Android to apply by conversed analysis, and then beat again the possibility that bag is distributed again.
It should be noted that:
Algorithm and display be not inherently related to any certain computer, virtual bench or miscellaneous equipment provided herein.
Various fexible units can also be used together with based on teaching in this.As described above, construct required by this kind of device
Structure be obvious.In addition, the present invention is not also directed to any certain programmed language.It is understood that, it is possible to use it is various
Programming language realizes the content of invention described herein, and the description done above to language-specific is to disclose this hair
Bright preferred forms.
In the specification that this place is provided, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention
Example can be put into practice in the case of these no details.In some instances, known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help to understand one or more of each inventive aspect, exist
Above in the description of the exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:It is i.e. required to protect
The application claims of shield features more more than the feature being expressly recited in each claim.More precisely, such as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following embodiment are expressly incorporated in the embodiment, wherein each claim is in itself
All as the separate embodiments of the present invention.
Those skilled in the art, which are appreciated that, to be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment
Member or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or
Sub-component.In addition at least some in such feature and/or process or unit exclude each other, it can use any
Combination is disclosed to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so to appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power
Profit is required, summary and accompanying drawing) disclosed in each feature can or similar purpose identical, equivalent by offer alternative features come generation
Replace.
Although in addition, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments
In included some features rather than further feature, but the combination of the feature of be the same as Example does not mean in of the invention
Within the scope of and form different embodiments.For example, in the following claims, times of embodiment claimed
One of meaning mode can be used in any combination.
The present invention all parts embodiment can be realized with hardware, or with one or more processor run
Software module realize, or realized with combinations thereof.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) realize a kind of reinforcement protection of Android application according to embodiments of the present invention
The some or all functions of some or all parts in server and system.The present invention is also implemented as being used to perform
The some or all equipment or program of device of method as described herein are (for example, computer program and computer journey
Sequence product).It is such realize the present invention program can store on a computer-readable medium, or can have one or
The form of multiple signals.Such signal can be downloaded from internet website and obtained, either on carrier signal provide or
There is provided in any other form.
It should be noted that the present invention will be described rather than limits the invention for above-described embodiment, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol between bracket should not be configured to limitations on claims.Word "comprising" is not excluded the presence of not
Element or step listed in the claims.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of some different elements and coming real by means of properly programmed computer
It is existing.In if the unit claim of equipment for drying is listed, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame
Claim.
The invention discloses the method for reinforcing and protecting that a kind of A1, a kind of Android are applied, wherein, this method includes:
Obtain the original Android installation kit APK of Android application;
Original APK described in decompiling, therefrom extracts shielded method code, and filled position is extracted with nop;
The shielded method code extracted is encrypted according to specified encryption and decryption strategy, configuration is reinforced in generation
File;
The specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program are added to after decompiling
In APK, the reinforcing APK of the compiling generation Android application;
Wherein, the reinforcement protection program performs following behaviour when the reinforcing APK that the Android is applied is mounted and is run
Make:According to the situation of calling of shielded method, dynamic application space, when shielded method is called, adds according to described
The shielded method code of acquisition is decrypted to reinforcing the correlation method in configuration file in decryption policy;When shielded method
Call after end, according to the encryption and decryption strategy to decryption obtain shielded method code re-start encryption.
A2, the method as described in A1, wherein,
Shielded method code is identified by explaining in the original APK;
Original APK described in the decompiling, therefrom extracting shielded method code includes:It is original described in decompiling
APK, explains according to method therein and therefrom extracts shielded method code.
A3, the method as described in A1, wherein, the specified encryption and decryption strategy include it is following in one or more:
Anti-debug strategy;
Anti- Dump strategies;
Bob-weight packing strategy;
Character string encryption and decryption strategy.
A4, the method as described in A1, wherein, the specified encryption and decryption strategy, the reinforcing configuration file and reinforcing are protected
Shield program, which is added to the APK after decompiling, to be included:
The APK that the specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program are write after decompiling
Lib catalogues under SO files in.
A5, the method as described in A1, wherein,
The core content in dex files in the original APK that the shielded method code is applied for the Android.
A6, the method as any one of A1-A5, wherein,
The original Android installation kit APK for obtaining Android application includes:User is received to pass through in reinforcement protection client
The original APK of the Android application of biography;
This method further comprises:There is provided the interface downloaded and reinforce APK so that user can utilize reinforcement protection visitor
Downloaded by the interface and reinforce APK in family end.
A7, the method as described in A6, wherein, this method further comprises:
The encryption and decryption policy selection that reception user is uploaded by reinforcement protection client is instructed, Crypted password and decryption are close
Code, and to specify encryption and decryption strategy described in this determination.
A8, the method as described in A 6, wherein, this method further comprises:
The identity that user is uploaded by reinforcement protection client is received, and is reinforced using the identity to described
APK is signed.
A 9, the method as described in A 6, wherein, this method further comprises:
Automatic installation test is carried out to reinforcing APK.
The present invention discloses also a kind of B10, a kind of reinforcement protection server of Android application, wherein, the server includes:
Acquiring unit, the original Android installation kit APK suitable for obtaining Android application;
Decompiling extraction unit, suitable for original APK described in decompiling, therefrom extracts shielded method code, and will
Position is extracted to be filled with nop;
Ciphering unit, suitable for place is encrypted to the shielded method code extracted according to specified encryption and decryption strategy
Configuration file is reinforced in reason, generation;
Compilation unit is added, suitable for by the specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program
It is added in the APK after decompiling, the reinforcing APK of the compiling generation Android application;
Wherein, the reinforcement protection program performs following behaviour when the reinforcing APK that the Android is applied is mounted and is run
Make:According to the situation of calling of shielded method, dynamic application space, when shielded method is called, adds according to described
The shielded method code of acquisition is decrypted to reinforcing the correlation method in configuration file in decryption policy;When shielded method
Call after end, according to the encryption and decryption strategy to decryption obtain shielded method code re-start encryption.
B11, the server as described in B10, wherein,
Shielded method code is identified by explaining in the original APK that the acquiring unit is obtained;
The decompiling extraction unit, suitable for original APK described in decompiling, explains according to method therein and therefrom extracts
Shielded method code.
B12, the method as described in B10, wherein,
The ciphering unit is suitable to carry out the method code protected by shield extracted according to one or more of strategy
Encryption:
Anti-debug strategy;
Anti- Dump strategies;
Bob-weight packing strategy;
Character string encryption and decryption strategy.
B13, the server as described in B10, wherein,
The addition compilation unit, suitable for by the specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection
In SO files under the lib catalogues of APK after program write-in decompiling.
B14, the server as described in B10, wherein,
The decompiling extraction unit, suitable for being extracted after original APK described in decompiling in the core in dex files therein
Hold.
B15, the server as any one of B10-B14, wherein,
The acquiring unit, the original APK that the Android uploaded suitable for receiving user by reinforcement protection client is applied.
The server further comprises:Download unit, is adapted to provide for downloading the interface for reinforcing APK so that user can
Downloaded using the reinforcement protection client by the interface and reinforce APK.
B16, the server as described in B15, wherein,
The acquiring unit, is further adapted for receiving the encryption and decryption policy selection that user is uploaded by reinforcement protection client
Instruction, Crypted password and clear crytpographic key, and it is sent to ciphering unit;
The ciphering unit, suitable for according to encryption and decryption policy selection instruction, Crypted password and clear crytpographic key, determining institute
State specified encryption and decryption strategy.
B17, the server as described in B15, wherein,
The acquiring unit, is further adapted for receiving the identity that user is uploaded by reinforcement protection client;
The server further comprises:Signature unit, suitable for being signed using the identity to the reinforcing APK
Name.
B18, the server as described in B15, wherein, the server further comprises:
Test cell, suitable for carrying out automatic installation test to reinforcing APK.
The invention also discloses the reinforcement protection system that C19, a kind of Android are applied, including:Reinforcement protection client and such as
Reinforcement protection server any one of claim B10-B18.
Claims (19)
1. a kind of method for reinforcing and protecting of Android application, wherein, this method includes:
Obtain the original Android installation kit APK of Android application;
Original APK described in decompiling, therefrom extracts shielded method code, and filled position is extracted with nop;
The shielded method code extracted is encrypted according to the specified encryption and decryption strategy of selection, generation reinforcing is matched somebody with somebody
Put file;
The specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program are added in the APK after decompiling,
The reinforcing APK of the compiling generation Android application;
Wherein, the reinforcement protection program performs following operation when the reinforcing APK that the Android is applied is mounted and is run:Root
According to the situation of calling of shielded method, dynamic application space, when shielded method is called, according to the encryption and decryption plan
The shielded method code of acquisition slightly is decrypted to reinforcing the correlation method in configuration file;When calling for shielded method
After end, encryption is re-started according to the shielded method code that the encryption and decryption strategy is obtained to decryption.
2. the method for claim 1, wherein
Shielded method code is identified by explaining in the original APK;
Original APK described in the decompiling, therefrom extracting shielded method code includes:Original APK, root described in decompiling
Explained according to method therein and therefrom extract shielded method code.
The one or more during 3. the method for claim 1, wherein the specified encryption and decryption strategy is included as follows:
Anti-debug strategy;
Anti- Dump strategies;
Bob-weight packing strategy;
Character string encryption and decryption strategy.
4. the method for claim 1, wherein by the specified encryption and decryption strategy, the reinforcing configuration file and reinforcing
Defence program, which is added to the APK after decompiling, to be included:
The lib for the APK that the specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program are write after decompiling
In SO files under catalogue.
5. the method for claim 1, wherein
The core content in dex files in the original APK that the shielded method code is applied for the Android.
6. the method as any one of claim 1-5, wherein,
The original Android installation kit APK for obtaining Android application includes:Receive what user was uploaded by reinforcement protection client
The original APK of Android application;
This method further comprises:There is provided the interface downloaded and reinforce APK so that user can utilize the reinforcement protection client
Downloaded by the interface and reinforce APK.
7. method as claimed in claim 6, wherein, this method further comprises:
The instruction of encryption and decryption policy selection, Crypted password and clear crytpographic key that user is uploaded by reinforcement protection client are received, and
To specify encryption and decryption strategy described in this determination.
8. method as claimed in claim 6, wherein, this method further comprises:
The identity that user is uploaded by reinforcement protection client is received, and the reinforcing APK is entered using the identity
Row signature.
9. method as claimed in claim 6, wherein, this method further comprises:
Automatic installation test is carried out to reinforcing APK.
10. a kind of reinforcement protection server of Android application, wherein, the server includes:
Acquiring unit, the original Android installation kit APK suitable for obtaining Android application;
Decompiling extraction unit, suitable for original APK described in decompiling, therefrom extracts shielded method code, and will extract
Filled with nop position;
Ciphering unit, suitable for place is encrypted to the shielded method code extracted according to the specified encryption and decryption strategy of selection
Configuration file is reinforced in reason, generation;
Compilation unit is added, suitable for the specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program are added
In APK after to decompiling, the reinforcing APK of the compiling generation Android application;
Wherein, the reinforcement protection program performs following operation when the reinforcing APK that the Android is applied is mounted and is run:Root
According to the situation of calling of shielded method, dynamic application space, when shielded method is called, according to the encryption and decryption plan
The shielded method code of acquisition slightly is decrypted to reinforcing the correlation method in configuration file;When calling for shielded method
After end, encryption is re-started according to the shielded method code that the encryption and decryption strategy is obtained to decryption.
11. the reinforcement protection server of Android application as claimed in claim 10, wherein,
Shielded method code is identified by explaining in the original APK that the acquiring unit is obtained;
The decompiling extraction unit, suitable for original APK described in decompiling, explains therefrom to extract and is protected according to method therein
The method code of shield.
12. the reinforcement protection server of Android application as claimed in claim 10, wherein,
The ciphering unit is suitable to the method code protected by shield extracted is encrypted according to one or more of strategy
Processing:
Anti-debug strategy;
Anti- Dump strategies;
Bob-weight packing strategy;
Character string encryption and decryption strategy.
13. the reinforcement protection server of Android application as claimed in claim 10, wherein,
The addition compilation unit, suitable for by the specified encryption and decryption strategy, the reinforcing configuration file and reinforcement protection program
Write in the SO files under the lib catalogues of the APK after decompiling.
14. the reinforcement protection server of Android application as claimed in claim 10, wherein,
The decompiling extraction unit, suitable for extracting the core content in dex files therein after original APK described in decompiling.
15. the reinforcement protection server of the Android application as any one of claim 10-14, wherein,
The acquiring unit, the original APK that the Android uploaded suitable for receiving user by reinforcement protection client is applied;
The server further comprises:Download unit, is adapted to provide for downloading the interface for reinforcing APK so that user can utilize
The reinforcement protection client is downloaded by the interface and reinforces APK.
16. the reinforcement protection server of Android application as claimed in claim 15, wherein,
The acquiring unit, is further adapted for receiving the encryption and decryption policy selection that uploads by reinforcement protection client of user and refers to
Make, Crypted password and clear crytpographic key, and be sent to ciphering unit;
The ciphering unit, suitable for according to encryption and decryption policy selection instruction, Crypted password and clear crytpographic key, determining the finger
Determine encryption and decryption strategy.
17. the reinforcement protection server of Android application as claimed in claim 15, wherein,
The acquiring unit, is further adapted for receiving the identity that user is uploaded by reinforcement protection client;
The server further comprises:Signature unit, suitable for being signed using the identity to the reinforcing APK.
18. the reinforcement protection server of Android application as claimed in claim 15, wherein, the server further comprises:
Test cell, suitable for carrying out automatic installation test to reinforcing APK.
19. a kind of reinforcement protection system of Android application, including:It is any in reinforcement protection client and such as claim 10-18
The reinforcement protection server of Android application described in.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410734372.7A CN104462959B (en) | 2014-12-04 | 2014-12-04 | A kind of method for reinforcing and protecting, server and the system of Android application |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410734372.7A CN104462959B (en) | 2014-12-04 | 2014-12-04 | A kind of method for reinforcing and protecting, server and the system of Android application |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104462959A CN104462959A (en) | 2015-03-25 |
CN104462959B true CN104462959B (en) | 2017-09-01 |
Family
ID=52908984
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410734372.7A Active CN104462959B (en) | 2014-12-04 | 2014-12-04 | A kind of method for reinforcing and protecting, server and the system of Android application |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104462959B (en) |
Families Citing this family (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104951707A (en) * | 2015-05-13 | 2015-09-30 | 上海交通大学 | Sensitive resource access control policy system based on Android platform |
CN106295263A (en) * | 2015-05-22 | 2017-01-04 | 中兴通讯股份有限公司 | A kind of method and device realizing application reinforcing |
CN106295255B (en) * | 2015-05-27 | 2020-04-14 | 腾讯科技(深圳)有限公司 | Application program reinforcing method and device |
CN104899481A (en) * | 2015-06-17 | 2015-09-09 | 上海斐讯数据通信技术有限公司 | System and method for preventing decompilation of application programs |
CN105046116B (en) * | 2015-06-25 | 2018-07-31 | 上海斐讯数据通信技术有限公司 | Protect dex files not by the method for decompiling in android system |
CN104965712B (en) * | 2015-07-17 | 2018-04-20 | 北京奇虎科技有限公司 | Application program method for reinforcing and protecting, device and mobile terminal |
CN107038371B (en) * | 2015-07-29 | 2020-01-31 | 腾讯科技(深圳)有限公司 | executable file processing method, device and system |
CN106650338A (en) * | 2015-10-28 | 2017-05-10 | 中国电信股份有限公司 | Method and system for preventing software from being anti-debugged |
CN105512521A (en) * | 2015-12-25 | 2016-04-20 | 北京奇虎科技有限公司 | Reinforcement and protection method and system for software installation package |
CN105631251B (en) * | 2015-12-25 | 2018-07-24 | 北京奇虎科技有限公司 | A kind of APK method for reinforcing and protecting and system |
CN105893793A (en) * | 2016-04-05 | 2016-08-24 | 上海携程商务有限公司 | Encrypting method and encrypting system for preventing reverse decrypting of app (application) |
CN105930744B (en) * | 2016-04-22 | 2019-03-08 | 北京奇虎科技有限公司 | A kind of file reinforcement means and device |
CN105930745A (en) * | 2016-04-25 | 2016-09-07 | 北京珊瑚灵御科技有限公司 | Android platform-based character string reinforcement method |
CN107784204B (en) * | 2016-08-31 | 2021-10-22 | 百度在线网络技术(北京)有限公司 | Application shelling method and device |
CN107871066B (en) * | 2016-09-28 | 2020-10-09 | 传化物流集团有限公司 | Code compiling method and device based on android system |
CN106709286A (en) * | 2016-11-30 | 2017-05-24 | 江苏神州信源系统工程有限公司 | Method for performing security reinforcement on apk resource package |
CN106528261A (en) * | 2016-12-02 | 2017-03-22 | 武汉斗鱼网络科技有限公司 | Application page initialization compiling and controlling device and method |
CN106845167A (en) * | 2016-12-12 | 2017-06-13 | 北京奇虎科技有限公司 | The reinforcement means and device of a kind of APK, and dynamic loading method and device |
CN106599629B (en) * | 2016-12-16 | 2021-08-06 | Tcl科技集团股份有限公司 | Android application program reinforcing method and device |
CN106843853B (en) * | 2016-12-28 | 2020-09-08 | 北京五八信息技术有限公司 | Method and device for protecting user information |
CN107103214B (en) * | 2017-04-06 | 2019-12-10 | 海信集团有限公司 | Application program anti-debugging method and device applied to Android system |
CN107180170A (en) * | 2017-05-09 | 2017-09-19 | 深圳海云安网络安全技术有限公司 | A kind of Android APP are without shell reinforcement means |
CN107220529A (en) * | 2017-05-19 | 2017-09-29 | 湖南鼎源蓝剑信息科技有限公司 | A kind of reinforcement means for Android platform SDK bags |
CN107748838A (en) * | 2017-10-13 | 2018-03-02 | 东软集团股份有限公司 | The method, apparatus and storage medium and electronic equipment of installation kit generation |
CN109597620B (en) * | 2018-08-08 | 2022-04-01 | 北京字节跳动网络技术有限公司 | Data processing method, device, equipment and storage medium |
CN109255235B (en) * | 2018-09-17 | 2021-08-24 | 西安电子科技大学 | Mobile application third-party library isolation method based on user state sandbox |
CN109408073B (en) * | 2018-09-21 | 2021-10-08 | 北京大学 | Android non-invasive application repacking method |
WO2020077487A1 (en) * | 2018-10-15 | 2020-04-23 | 华为技术有限公司 | Method and related apparatus for optimizing and running android application |
CN109614772B (en) * | 2018-11-20 | 2021-02-02 | 江苏通付盾信息安全技术有限公司 | Code conversion method and device based on application installation package file |
CN109598107B (en) * | 2018-11-20 | 2021-02-02 | 江苏通付盾信息安全技术有限公司 | Code conversion method and device based on application installation package file |
CN109614773B (en) * | 2018-11-20 | 2020-11-13 | 江苏通付盾信息安全技术有限公司 | Code self-modifying method and device and electronic equipment |
CN109858203A (en) * | 2018-12-21 | 2019-06-07 | 厦门市美亚柏科信息股份有限公司 | A kind of safety protecting method, device and the storage medium of Android platform application |
CN109976769B (en) * | 2019-03-05 | 2022-02-11 | 北京梆梆安全科技有限公司 | Method, device and equipment for determining server identification corresponding to application installation package |
CN109918917B (en) * | 2019-03-19 | 2021-06-08 | 北京智游网安科技有限公司 | Method, computer device and storage medium for preventing leakage of H5 source code |
CN111143869B (en) * | 2019-12-30 | 2023-07-14 | Oppo广东移动通信有限公司 | Application package processing method and device, electronic equipment and storage medium |
CN111544893B (en) * | 2020-04-30 | 2023-09-01 | 福建天晴在线互动科技有限公司 | Reinforcing method and system for preventing code flow forging based on game |
CN111914225B (en) * | 2020-07-15 | 2024-03-19 | 广东电网有限责任公司 | Source code protection system and source code encryption method |
CN112257033A (en) * | 2020-10-14 | 2021-01-22 | 郑州阿帕斯数云信息科技有限公司 | Application packaging method, device and equipment |
CN113434884B (en) * | 2021-06-30 | 2023-07-21 | 青岛海尔科技有限公司 | Encryption method, decryption method and related device for configuration file |
CN113590098A (en) * | 2021-07-30 | 2021-11-02 | 中电金信软件有限公司 | Software development kit SDK generation method and device and electronic equipment |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103413076A (en) * | 2013-08-27 | 2013-11-27 | 北京理工大学 | Block protection method for Android application programs |
CN104021321A (en) * | 2014-06-17 | 2014-09-03 | 北京奇虎科技有限公司 | Reinforcing protection method and device for software installation package |
US8892876B1 (en) * | 2012-04-20 | 2014-11-18 | Trend Micro Incorporated | Secured application package files for mobile computing devices |
-
2014
- 2014-12-04 CN CN201410734372.7A patent/CN104462959B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8892876B1 (en) * | 2012-04-20 | 2014-11-18 | Trend Micro Incorporated | Secured application package files for mobile computing devices |
CN103413076A (en) * | 2013-08-27 | 2013-11-27 | 北京理工大学 | Block protection method for Android application programs |
CN104021321A (en) * | 2014-06-17 | 2014-09-03 | 北京奇虎科技有限公司 | Reinforcing protection method and device for software installation package |
Also Published As
Publication number | Publication date |
---|---|
CN104462959A (en) | 2015-03-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104462959B (en) | A kind of method for reinforcing and protecting, server and the system of Android application | |
US10740443B2 (en) | System and method for code obfuscation of application | |
US10409966B2 (en) | Optimizing and protecting software | |
Caballero et al. | Binary Code Extraction and Interface Identification for Security Applications. | |
CN104392181A (en) | SO file protection method and device and android installation package reinforcement method and system | |
Preda et al. | Testing android malware detectors against code obfuscation: a systematization of knowledge and unified methodology | |
CN104239757B (en) | Application program reversing-preventing method and device and operation method and terminal | |
CN104965712B (en) | Application program method for reinforcing and protecting, device and mobile terminal | |
US20160203087A1 (en) | Method for providing security for common intermediate language-based program | |
CN105653432B (en) | A kind for the treatment of method and apparatus of crash data | |
US20170116410A1 (en) | Software protection | |
CN104484585A (en) | Application program installation package processing method and device, and mobile apparatus | |
CN104463002A (en) | APK reinforcing method and device and APK reinforcing client and server | |
CN105512521A (en) | Reinforcement and protection method and system for software installation package | |
WO2015192637A1 (en) | Method and apparatus for reinforced protection of software installation package | |
CN106055341A (en) | Application installation package checking method and device | |
CN106708571A (en) | Resource file loading method and device and source file reinforcing method and device | |
CN104217140A (en) | Method and device for reinforcing application program | |
CN105740703A (en) | Application reinforcement method and apparatus | |
CN105760721B (en) | A kind of software reinforcement method and system | |
Lim et al. | Structural analysis of packing schemes for extracting hidden codes in mobile malware | |
CN109934016A (en) | The signature check method, apparatus and electronic equipment of application | |
EP4053722B1 (en) | Secured computer code and systems, methods, and storage media for creating the secured computer code from original computer code | |
CN108664796B (en) | So file protection method and device | |
D'Elia et al. | Static analysis of ROP code |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20220725 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |