CN108133229B - Classified encryption method and system for android APK (android package) file - Google Patents
Classified encryption method and system for android APK (android package) file Download PDFInfo
- Publication number
- CN108133229B CN108133229B CN201711305791.9A CN201711305791A CN108133229B CN 108133229 B CN108133229 B CN 108133229B CN 201711305791 A CN201711305791 A CN 201711305791A CN 108133229 B CN108133229 B CN 108133229B
- Authority
- CN
- China
- Prior art keywords
- apk
- fixed value
- classified
- application program
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 87
- 238000012549 training Methods 0.000 claims abstract description 41
- 238000007635 classification algorithm Methods 0.000 claims abstract description 23
- 238000012360 testing method Methods 0.000 claims description 24
- 238000012545 processing Methods 0.000 claims description 6
- 238000012216 screening Methods 0.000 claims description 6
- 238000004422 calculation algorithm Methods 0.000 abstract description 12
- 238000005516 engineering process Methods 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 5
- 238000011161 development Methods 0.000 description 2
- 238000012856 packing Methods 0.000 description 2
- 230000008094 contradictory effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 241000411851 herbal medicine Species 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
- G06F18/2413—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches based on distances to training or reference patterns
- G06F18/24147—Distances to closest patterns, e.g. nearest neighbour classification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
Abstract
The invention discloses a classified encryption method and a system for android APK files, belonging to the technical field of mobile phone application, wherein the method comprises the steps of obtaining a fixed value in a constant counter of an android application program APK to be classified and a fixed value of the number of program using methods; comparing the fixed value of the fixed value and the program using method number in the constant counter with training set data in a KNN classification algorithm after training, and determining the type of the android application program APK to be classified; determining a corresponding known encryption method according to the type of the android application program, and encrypting the APK; different encryption technologies are used for different types of APP to ensure that products of the whole company cannot be cracked under the condition that one APK is cracked; if all products need to be cracked, each algorithm needs to be cracked, so that the cost and the safety are increased; and meanwhile, different values are taken for K in the KNN classification method, and dynamic encryption in a certain range is further realized.
Description
Technical Field
The invention relates to the technical field of mobile phone application, in particular to a classified encryption method and system for android APK files.
Background
At present, the APP running in the android system is poor in general safety. The android virtual machine operation system is out of the operation principle of the java virtual machine and can be decompiled at any time; even if confusion is made, there is a possibility of being cracked if careful research analysis is performed; the APP encryption technology available in the market is based on a set of encryption methods, that is, each APP uses the same encryption scheme; this encryption scheme continues to be explored exclusively on encryption algorithms, but once a decryption method is found. All APPs will be cracked. Certain environments and situations may present certain risks.
Disclosure of Invention
The invention provides a classified encryption method and a classified encryption system for android APK files, and aims to improve the safety of android application programs and increase the difficulty of cracking all products under the company flag.
In order to achieve the above object, the present invention provides a classified encryption method for an android APK file, including:
acquiring a fixed value of a constant counter of the android application program APK to be classified and a fixed value of the number of program using methods;
comparing the fixed value of the fixed value and the program using method number in the constant counter with training set data in a KNN classification algorithm after training, and determining the type of the android application program APK to be classified;
and determining a corresponding known encryption method according to the type, and encrypting the android application program APK.
Preferably, before the step of obtaining a fixed value in a constant counter of the android application program APK to be classified and a fixed value of the number of program using methods, the method further includes:
and inputting a fixed value in a constant counter of various known android Application Programs (APKs), a fixed value of the number of program using methods and a known type into a KNN classification algorithm for training, and constructing a training set.
Preferably, the fixed value of the constant counter and the fixed value of the program using method number are compared with training set data in the trained KNN classification algorithm to determine the type of the android application program APK to be classified, which is specifically as follows:
inputting a fixed value in a constant counter of an android application program APK to be classified and a fixed value of the program using method number as test sample data into a trained KNN classification algorithm;
obtaining the distance between the test sample data and each training set data;
sorting according to the distance increasing relation;
selecting K points with the minimum distance;
determining the occurrence frequency of the category where the first K points are located;
and taking the class with the highest occurrence frequency in the first K points as the prediction classification of the test data, namely determining the type of the android application program APK to be classified.
Preferably, the distance is Euclidean distance or Manhattan distance.
Preferably, the value of K is an integer less than or equal to 20.
The invention also provides a classified encryption system for the android APK file, which comprises the following steps:
a data acquisition module: the method comprises the steps of obtaining a fixed value of a constant counter of the android application program APK to be classified and a fixed value of the number of program using methods, and sending the fixed values to an application program type classification module;
an application type classification module: the method comprises the steps that a fixed value in a constant counter of the android application program APK to be classified and a fixed value of the program using method number are compared with training set data in a KNN classification algorithm after training is completed, the type of the android application program APK to be classified is determined, and the type of the android application program APK to be classified is sent to an encryption module;
an encryption module: the method is used for determining a corresponding known encryption method according to the type of the android application program APK and encrypting the android application program APK.
Preferably, the system further comprises a data training module, which is used for inputting a KNN classification algorithm for training by using a fixed value in a constant counter of the APK of the android application program, a fixed value of the number of the program using methods and a known type to construct a training set.
Preferably, the application type classification module includes:
a data input module: the method comprises the steps of inputting a fixed value in a constant counter of the android application program APK to be classified and a fixed value of the program using method number as test sample data into a trained KNN classification algorithm, and sending the test sample data to a distance acquisition module;
a distance acquisition module: the distance processing module is used for acquiring the distance between the test sample data and each training set data and sending the distance;
a distance processing module: the sorting module is used for sorting according to the distance increasing relation and sending the sorting to the screening module;
a screening module: the device is used for selecting K points with the minimum distance and sending the K points to the frequency determination module;
a frequency determination module: the system comprises a category determining module, a category determining module and a display module, wherein the category determining module is used for determining the occurrence frequency of the category where the first K points are located and sending the occurrence frequency to the category determining module;
a category determination module: and the method is used for taking the class with the highest occurrence frequency in the first K points as the prediction classification of the test data, namely determining the type of the android application program APK to be classified.
According to the classified encryption method and system for the android APK file, different encryption technologies are used for different types of APPs, so that products of a whole company cannot be cracked when one APK is cracked; under the theoretical condition, if all products need to be cracked, each different algorithm needs to be cracked, so that the cost is greatly increased; the safety is increased; meanwhile, if different values are taken for K in the KNN classification method, dynamic encryption can be further realized within a certain range, namely the prediction type of a certain APK changes along with the difference of the values of K.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the structures shown in the drawings without creative efforts.
FIG. 1 is a flowchart of a classified encryption method for an android APK file according to an embodiment of the present invention;
FIG. 2 is a diagram illustrating data regions in a constant pool in accordance with an embodiment of the present invention;
FIG. 3 is a diagram illustrating a dex file according to an embodiment of the present invention;
FIG. 4 is a flowchart of step S00 according to an embodiment of the present invention;
FIG. 5 is a flowchart detailing the step S20 according to an embodiment of the present invention;
FIG. 6 is a block diagram of a classified encryption system for android APK files in an embodiment of the present invention;
FIG. 7 is a block diagram of a data training module according to an embodiment of the present invention;
FIG. 8 is a block diagram of an application type classification module according to an embodiment of the present invention;
the implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that, if directional indications (such as up, down, left, right, front, and back … …) are involved in the embodiment of the present invention, the directional indications are only used to explain the relative positional relationship between the components, the movement situation, and the like in a specific posture (as shown in the drawing), and if the specific posture is changed, the directional indications are changed accordingly.
In addition, if there is a description of "first", "second", etc. in an embodiment of the present invention, the description of "first", "second", etc. is for descriptive purposes only and is not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In addition, technical solutions between various embodiments may be combined with each other, but must be realized by a person skilled in the art, and when the technical solutions are contradictory or cannot be realized, such a combination should not be considered to exist, and is not within the protection scope of the present invention.
The invention provides a classified encryption method for android APK files;
in a preferred embodiment of the present invention, as shown with reference to FIG. 1, includes:
s10, acquiring a fixed value in a constant counter of the android application program APK to be classified and a fixed value of the number of program using methods;
in the embodiment of the invention, because the android virtual machine and java are essentially the same in principle, the android virtual machine and java also comprise a constant pool for running the java virtual machine, and a data area in the constant pool has such a structure, as shown in fig. 2; wherein, constant _ pool _ count is a constant pool counter, and the constant pool counter counts the total amount of constants used by the application program; two major types of constants can be stored in the constant pool: literal quantity and symbol reference, wherein the literal quantity is a character string of a character, a constant value declared as final, and the like; the symbolic reference is the fully qualified name of the class and the interface, the name and the descriptor of the field, and the name and the descriptor of the method;
the Application Program (APK) can be uniquely identified by utilizing the constant pool counter, and the complex programs and the difference of the programming level are different when each type of program is developed; the result is that each type of APK can be simply classified after being developed by using the identification of the constant counter; in the invention, in order to apply a K-proximity algorithm, a second identifier is added, and the number of methods used by the whole APK can be counted from the process of finally packing and compiling by an android development tool, so that the number of methods used by the APK can be obtained, and each application is different theoretically;
in a preferred embodiment of the invention, the categories are shown in table 1:
TABLE 1
Name of program | Value of constant pool counter | Number of program using method | Program type value | Program type text identification |
4354 | 748485 | 1 | IM instant messaging | |
5433 | 242343 | 1 | IM instant messaging | |
V-shaped platform | 2566 | 88456 | 1 | IM instant messaging |
Rong Yao of the king | 7788 | 713049 | 2 | Game machine |
Taobao (treasure made of Chinese herbal medicine) | 9084 | 364099 | 3 | Electronic commerce |
Certain APP | 544332 | 455353 | ? | ? |
As can be seen from table 1, if an APP occurs, a fixed value in a constant counter of the APP and a fixed value of the number of methods used by the program can be obtained (the obtaining method is common knowledge in the art and is not described here);
s20, comparing the fixed value of the constant counter and the fixed value of the program using method number with training set data in a KNN classification algorithm after training, and determining the type of the APK of the android application program to be classified;
the KNN classification algorithm is used for classifying by measuring distances among different characteristic values, and the specific idea is as follows: if most of the K most similar (i.e., nearest neighbor in the feature space) samples in the feature space belong to a certain class, then the sample also belongs to this class; in the KNN algorithm, all selected neighbors are objects which are classified correctly, and the method only determines the class of the sample to be classified according to the class of the nearest sample or samples on the basis of class determination decision;
and S30, determining a corresponding known encryption method according to the type of the android application program, and encrypting the android application program APK.
In the embodiment of the invention, encryption algorithms are respectively applied to different APKs according to different APK types; assuming that an encryption part is a data area in a dex execution file of the android APK;
the dex file mainly contains some header check information and data index, as shown in fig. 3;
in a preferred embodiment of the present invention, before step S10, as shown in fig. 4, the method further includes:
and S00, inputting a KNN classification algorithm for training by using fixed values in constant counters of various known android application programs APK, fixed values of program use method numbers and known types, and constructing a training set.
In the embodiment of the invention, the known android applications are, for example, WeChat, QQ and V platforms, Royal and Taobao in tables 1 and 2;
in a preferred embodiment of the invention, the KNN algorithm makes a decision according to the dominant class in the k objects, rather than making a single object class decision, which is the advantage of the KNN algorithm; in the KNN algorithm, under the condition that the data and the labels in the training set are known, test data is input, the features of the test data are compared with the features corresponding to the training set, and the top K data most similar to the features in the training set are found, so that the category corresponding to the test data is the category with the largest occurrence frequency among the K data, and the step S20 is shown in fig. 5 and specifically includes the following steps:
s201, inputting a fixed value in a constant counter of an android application program APK to be classified and a fixed value of the program using method number as test sample data into a trained KNN classification algorithm;
s202, obtaining the distance between the test sample data and each training set data;
in the embodiment of the invention, in KNN, the distance between the objects is calculated to be used as a non-similarity index between the objects, so that the matching problem between the objects is avoided, wherein the distance generally adopts an Euclidean distance or a Manhattan distance:
euclidean distance:
manhattan distance:
s203, sorting according to the distance increasing relation;
s204, selecting K points with the minimum distance;
in the embodiment of the invention, the value of K is an integer less than or equal to 20.
S205, determining the occurrence frequency of the category where the first K points are located;
s206, taking the category with the highest occurrence frequency in the first K points as the prediction classification of the test data, namely determining the type of the android application program APK to be classified.
In a preferred embodiment of the present invention, the prediction result of an APP is shown in table 2;
TABLE 2
The invention also provides a classified encryption system for the android APK file;
in a preferred embodiment of the present invention, as shown with reference to FIG. 6, includes:
a data acquisition module: the method comprises the steps of obtaining a fixed value of a constant counter of the android application program APK to be classified and a fixed value of the number of program using methods, and sending the fixed values to an application program type classification module;
in the embodiment of the invention, as the android virtual machine and java are basically the same in principle, the android virtual machine also comprises a constant pool for running the java virtual machine, and a data area in the constant pool has the structure; wherein, the constant pool counter counts the total amount of the constants used by the application program; two major types of constants can be stored in the constant pool: literal quantity and symbol reference, wherein the literal quantity is a character string of a character, a constant value declared as final, and the like; the symbolic reference is the fully qualified name of the class and the interface, the name and the descriptor of the field, and the name and the descriptor of the method; the Application Program (APK) can be uniquely identified by utilizing the constant pool counter, and the complex programs and the difference of the programming level are different when each type of program is developed; the result is that each type of APK can be simply classified after being developed by using the identification of the constant counter; in the invention, in order to apply a K-proximity algorithm, a second identifier is added, and the number of methods used by the whole APK can be counted from the process of finally packing and compiling by an android development tool, so that the number of methods used by the APK can be obtained, and each application is different theoretically;
an application type classification module: the method comprises the steps that a fixed value in a constant counter of the android application program APK to be classified and a fixed value of the program using method number are compared with training set data in a KNN classification algorithm after training is completed, the type of the android application program APK to be classified is determined, and the type of the android application program APK to be classified is sent to an encryption module;
the KNN classification algorithm is used for classifying by measuring distances among different characteristic values, and the specific idea is as follows: if most of the K most similar (i.e., nearest neighbor in the feature space) samples in the feature space belong to a certain class, then the sample also belongs to this class; in the KNN algorithm, all selected neighbors are objects which are classified correctly, and the method only determines the class of the sample to be classified according to the class of the nearest sample or samples on the basis of class determination decision;
an encryption module: the method is used for determining a corresponding known encryption method according to the type of the android application program APK and encrypting the android application program APK.
In the embodiment of the invention, encryption algorithms are respectively applied to different APKs according to different APK types; assuming that an encryption part is a data area in a dex execution file of the android APK;
in a preferred embodiment of the present invention, referring to fig. 7, the system further includes a data training module, configured to input a KNN classification algorithm for training by using a fixed value in a constant counter of a plurality of known android application programs APK, a fixed value of a program usage method number, and a known type, so as to construct a training set.
In a preferred embodiment of the present invention, referring to fig. 8, the application type classification module includes:
a data input module: the method comprises the steps of inputting a fixed value in a constant counter of the android application program APK to be classified and a fixed value of the program using method number as test sample data into a trained KNN classification algorithm, and sending the test sample data to a distance acquisition module;
a distance acquisition module: the distance processing module is used for acquiring the distance between the test sample data and each training set data and sending the distance;
in the embodiment of the invention, in KNN, the distance between the objects is calculated to be used as a non-similarity index between the objects, so that the matching problem between the objects is avoided, wherein the distance generally adopts an Euclidean distance or a Manhattan distance:
a distance processing module: the sorting module is used for sorting according to the distance increasing relation and sending the sorting to the screening module;
a screening module: the device is used for selecting K points with the minimum distance and sending the K points to the frequency determination module;
a frequency determination module: the system comprises a category determining module, a category determining module and a display module, wherein the category determining module is used for determining the occurrence frequency of the category where the first K points are located and sending the occurrence frequency to the category determining module;
a category determination module: and the method is used for taking the class with the highest occurrence frequency in the first K points as the prediction classification of the test data, namely determining the type of the android application program APK to be classified.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention, and all modifications and equivalents of the present invention, which are made by the contents of the present specification and the accompanying drawings, or directly/indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (8)
1. A classified encryption method for android APK files is characterized by comprising the following steps:
acquiring a fixed value of a constant counter of the android application program APK to be classified and a fixed value of the number of program using methods;
comparing the fixed value of the fixed value and the program using method number in the constant counter with training set data in a KNN classification algorithm after training, and determining the type of the android application program APK to be classified; the fixed value in the constant counter is the total amount of the constant used by the application program counted in the constant counter; two major types of constants are stored in the constant counter: literal amount and symbolic references;
and determining a corresponding known encryption method according to the type, and encrypting the android application program APK.
2. The method for classifying and encrypting the android APK file according to claim 1, wherein before the step of obtaining the fixed value of the constant counter of the android application program APK to be classified and the fixed value of the program using method number, the method further comprises:
and inputting a fixed value in a constant counter of various known android Application Programs (APKs), a fixed value of the number of program using methods and a known type into a KNN classification algorithm for training, and constructing a training set.
3. The method for classifying and encrypting the android APK file according to claim 1, wherein the fixed value of the constant counter and the fixed value of the program use method number are compared with training set data in a trained KNN classification algorithm to determine the type of the android application program APK to be classified, and the method is specifically as follows:
inputting a fixed value in a constant counter of an android application program APK to be classified and a fixed value of the program using method number as test sample data into a trained KNN classification algorithm;
obtaining the distance between the test sample data and each training set data;
sorting according to the distance increasing relation;
selecting K points with the minimum distance;
determining the occurrence frequency of the category where the first K points are located;
and taking the class with the highest occurrence frequency in the first K points as the prediction classification of the test data, namely determining the type of the android application program APK to be classified.
4. The method of claim 3, wherein the distance is Euclidean distance or Manhattan distance.
5. The classified encryption method for the android APK file according to claim 3, wherein the value of K is an integer less than or equal to 20.
6. A classified encryption system for android APK files, comprising:
a data acquisition module: the method comprises the steps of obtaining a fixed value of a constant counter of the android application program APK to be classified and a fixed value of the number of program using methods, and sending the fixed values to an application program type classification module;
an application type classification module: the method comprises the steps that a fixed value in a constant counter of the android application program APK to be classified and a fixed value of the program using method number are compared with training set data in a KNN classification algorithm after training is completed, the type of the android application program APK to be classified is determined, and the type of the android application program APK to be classified is sent to an encryption module; the fixed value in the constant counter is the total amount of the constant used by the application program counted in the constant counter; two major types of constants are stored in the constant counter: literal amount and symbolic references;
an encryption module: the method is used for determining a corresponding known encryption method according to the type of the android application program APK and encrypting the android application program APK.
7. The system for classified encryption of android APK files of claim 6, further comprising a data training module for inputting a KNN classification algorithm for training to construct a training set by using fixed values of constant counters, fixed values of program usage method numbers and known types of a plurality of known android application program APKs.
8. The system of claim 6, wherein the application type classification module comprises:
a data input module: the method comprises the steps of inputting a fixed value in a constant counter of the android application program APK to be classified and a fixed value of the program using method number as test sample data into a trained KNN classification algorithm, and sending the test sample data to a distance acquisition module;
a distance acquisition module: the distance processing module is used for acquiring the distance between the test sample data and each training set data and sending the distance;
a distance processing module: the sorting module is used for sorting according to the distance increasing relation and sending the sorting to the screening module;
a screening module: the device is used for selecting K points with the minimum distance and sending the K points to the frequency determination module;
a frequency determination module: the system comprises a category determining module, a category determining module and a display module, wherein the category determining module is used for determining the occurrence frequency of the category where the first K points are located and sending the occurrence frequency to the category determining module;
a category determination module: and the method is used for taking the class with the highest occurrence frequency in the first K points as the prediction classification of the test data, namely determining the type of the android application program APK to be classified.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711305791.9A CN108133229B (en) | 2017-12-11 | 2017-12-11 | Classified encryption method and system for android APK (android package) file |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711305791.9A CN108133229B (en) | 2017-12-11 | 2017-12-11 | Classified encryption method and system for android APK (android package) file |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108133229A CN108133229A (en) | 2018-06-08 |
CN108133229B true CN108133229B (en) | 2021-08-06 |
Family
ID=62389107
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711305791.9A Active CN108133229B (en) | 2017-12-11 | 2017-12-11 | Classified encryption method and system for android APK (android package) file |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108133229B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109194666B (en) * | 2018-09-18 | 2021-06-01 | 东北大学 | LBS-based security kNN query method |
CN111402346A (en) * | 2020-02-27 | 2020-07-10 | 辽宁百思特达半导体科技有限公司 | Intelligent building system based on BIM and management method thereof |
CN111949735A (en) * | 2020-08-26 | 2020-11-17 | 鲁泽军 | System and method for realizing data query by applying account book of block chain |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2014191526A (en) * | 2013-03-27 | 2014-10-06 | Ricoh Co Ltd | Information processing device, method and program |
CN104598651A (en) * | 2015-02-27 | 2015-05-06 | 深圳市欧珀通信软件有限公司 | Method and apparatus for managing favorite on mobile terminal |
CN104620583A (en) * | 2012-05-14 | 2015-05-13 | 卢卡·罗萨托 | Encoding and reconstruction of residual data based on support information |
CN104657259A (en) * | 2013-11-22 | 2015-05-27 | 中国银联股份有限公司 | Android application testing method and device |
CN104766062A (en) * | 2015-04-07 | 2015-07-08 | 广西大学 | Face recognition system and register and recognition method based on lightweight class intelligent terminal |
CN104794398A (en) * | 2015-04-17 | 2015-07-22 | 天津大学 | Android platform malicious software detection method based on machine learning |
CN106650493A (en) * | 2016-12-14 | 2017-05-10 | 咪咕文化科技有限公司 | Method for obtaining behavioral data and device thereof |
CN106997434A (en) * | 2017-03-28 | 2017-08-01 | 西安电子科技大学 | Secret protection module and guard method based on android system |
CN107392022A (en) * | 2017-07-20 | 2017-11-24 | 北京小度信息科技有限公司 | Reptile identification, processing method and relevant apparatus |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103218551B (en) * | 2013-05-03 | 2016-04-06 | 飞天诚信科技股份有限公司 | A kind of method protecting java program |
US20150106195A1 (en) * | 2013-10-10 | 2015-04-16 | Elwha Llc | Methods, systems, and devices for handling inserted data into captured images |
-
2017
- 2017-12-11 CN CN201711305791.9A patent/CN108133229B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104620583A (en) * | 2012-05-14 | 2015-05-13 | 卢卡·罗萨托 | Encoding and reconstruction of residual data based on support information |
JP2014191526A (en) * | 2013-03-27 | 2014-10-06 | Ricoh Co Ltd | Information processing device, method and program |
CN104657259A (en) * | 2013-11-22 | 2015-05-27 | 中国银联股份有限公司 | Android application testing method and device |
CN104598651A (en) * | 2015-02-27 | 2015-05-06 | 深圳市欧珀通信软件有限公司 | Method and apparatus for managing favorite on mobile terminal |
CN104766062A (en) * | 2015-04-07 | 2015-07-08 | 广西大学 | Face recognition system and register and recognition method based on lightweight class intelligent terminal |
CN104794398A (en) * | 2015-04-17 | 2015-07-22 | 天津大学 | Android platform malicious software detection method based on machine learning |
CN106650493A (en) * | 2016-12-14 | 2017-05-10 | 咪咕文化科技有限公司 | Method for obtaining behavioral data and device thereof |
CN106997434A (en) * | 2017-03-28 | 2017-08-01 | 西安电子科技大学 | Secret protection module and guard method based on android system |
CN107392022A (en) * | 2017-07-20 | 2017-11-24 | 北京小度信息科技有限公司 | Reptile identification, processing method and relevant apparatus |
Non-Patent Citations (3)
Title |
---|
A Compiler Classification Framework for Use in Reverse Engineering;Stephen Torri 等;《2009 IEEE Symposium on Computational Intelligence in Cyber Security》;20090515;全文 * |
Several anti-ransomware techniques have been proposed in recent years to detect and prevent the;Isredza Rahmi A Hamid 等;《IOP Conference Series: Materials Science and Engineering》;20170801;全文 * |
安卓备份文件口令认证机构分析及其安全性;陈秀容;《山东工业技术》;20150130;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN108133229A (en) | 2018-06-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101752251B1 (en) | Method and device for identificating a file | |
JP6126672B2 (en) | Malicious code detection method and system | |
CN105224600B (en) | A kind of detection method and device of Sample Similarity | |
CN108133229B (en) | Classified encryption method and system for android APK (android package) file | |
KR20170108330A (en) | Apparatus and method for detecting malware code | |
CN109241741B (en) | Malicious code classification method based on image texture fingerprints | |
WO2013112061A1 (en) | System and methods for spam detection using frequency spectra of character strings | |
CN112685735B (en) | Method, apparatus and computer readable storage medium for detecting abnormal data | |
CN109543408A (en) | A kind of Malware recognition methods and system | |
CN112422574A (en) | Risk account identification method, device, medium and electronic equipment | |
CN112070506A (en) | Risk user identification method, device, server and storage medium | |
CN114386046A (en) | Unknown vulnerability detection method and device, electronic equipment and storage medium | |
CN105809034A (en) | Malicious software identification method | |
CN113139185A (en) | Malicious code detection method and system based on heterogeneous information network | |
CN112632000A (en) | Log file clustering method and device, electronic equipment and readable storage medium | |
CN112287936A (en) | Optical character recognition test method and device, readable storage medium and terminal equipment | |
CN109992960B (en) | Counterfeit parameter detection method and device, electronic equipment and storage medium | |
CN111353109A (en) | Malicious domain name identification method and system | |
CN111738290A (en) | Image detection method, model construction and training method, device, equipment and medium | |
WO2016127858A1 (en) | Method and device for identifying webpage intrusion script features | |
CN112882707B (en) | Rendering method and device, storage medium and electronic equipment | |
CN112073360B (en) | Detection method, device, terminal equipment and medium for hypertext transmission data | |
CN114266045A (en) | Network virus identification method and device, computer equipment and storage medium | |
CN108960952A (en) | A kind of detection method and device of violated information | |
CN112163217A (en) | Malicious software variant identification method, device, equipment and computer storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 510000 unit 03-05, room 1601, No. 12, Zhujiang East Road, Tianhe District, Guangzhou City, Guangdong Province (office use only) Patentee after: Guangzhou saiyiyecai Technology Co.,Ltd. Address before: 510000 unit 03-05, room 1601, No. 12, Zhujiang East Road, Tianhe District, Guangzhou, Guangdong Patentee before: GUANGZHOU ENERGY BOX TECHNOLOGY Co.,Ltd. |