CN103365699B - 基于apk的系统api和运行时字符串的提取方法及系统 - Google Patents
基于apk的系统api和运行时字符串的提取方法及系统 Download PDFInfo
- Publication number
- CN103365699B CN103365699B CN201210559627.1A CN201210559627A CN103365699B CN 103365699 B CN103365699 B CN 103365699B CN 201210559627 A CN201210559627 A CN 201210559627A CN 103365699 B CN103365699 B CN 103365699B
- Authority
- CN
- China
- Prior art keywords
- file
- code
- depositor
- character string
- instruction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 230000006870 function Effects 0.000 claims description 19
- 230000006837 decompression Effects 0.000 claims description 7
- 238000000605 extraction Methods 0.000 claims description 6
- 238000013507 mapping Methods 0.000 claims description 6
- 238000012856 packing Methods 0.000 claims description 6
- GNFTZDOKVXKIBK-UHFFFAOYSA-N 3-(2-methoxyethoxy)benzohydrazide Chemical compound COCCOC1=CC=CC(C(=O)NN)=C1 GNFTZDOKVXKIBK-UHFFFAOYSA-N 0.000 claims description 4
- FGUUSXIOTUKUDN-IBGZPJMESA-N C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 Chemical compound C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 FGUUSXIOTUKUDN-IBGZPJMESA-N 0.000 claims description 2
- 238000001514 detection method Methods 0.000 abstract description 7
- 230000003252 repetitive effect Effects 0.000 abstract description 4
- 238000013459 approach Methods 0.000 abstract description 3
- 238000012545 processing Methods 0.000 abstract description 3
- 230000003068 static effect Effects 0.000 description 4
- 230000006399 behavior Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 1
Landscapes
- Stored Programmes (AREA)
Abstract
Description
Claims (8)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210559627.1A CN103365699B (zh) | 2012-12-21 | 2012-12-21 | 基于apk的系统api和运行时字符串的提取方法及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210559627.1A CN103365699B (zh) | 2012-12-21 | 2012-12-21 | 基于apk的系统api和运行时字符串的提取方法及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103365699A CN103365699A (zh) | 2013-10-23 |
CN103365699B true CN103365699B (zh) | 2016-08-03 |
Family
ID=49367128
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210559627.1A Active CN103365699B (zh) | 2012-12-21 | 2012-12-21 | 基于apk的系统api和运行时字符串的提取方法及系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103365699B (zh) |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103761475B (zh) * | 2013-12-30 | 2017-04-26 | 北京奇虎科技有限公司 | 检测智能终端中恶意代码的方法及装置 |
WO2015101096A1 (zh) * | 2013-12-30 | 2015-07-09 | 北京奇虎科技有限公司 | 检测智能终端中恶意代码的方法及装置 |
CN104866504B (zh) * | 2014-02-25 | 2018-07-06 | 北京娜迦信息科技发展有限公司 | 一种对Android软件进行功能扩展的方法及装置 |
CN104484585A (zh) * | 2014-11-26 | 2015-04-01 | 北京奇虎科技有限公司 | 一种应用程序安装包的处理方法、装置及移动设备 |
CN104932929B (zh) * | 2015-05-26 | 2018-06-08 | 百度在线网络技术(北京)有限公司 | 一种文件处理方法及装置 |
CN106326691B (zh) * | 2015-06-15 | 2021-06-18 | 中兴通讯股份有限公司 | 加解密功能的实现方法、装置及服务器 |
CN106355087A (zh) * | 2015-07-17 | 2017-01-25 | 腾讯科技(深圳)有限公司 | 一种病毒检测结果的监控方法及装置 |
CN105068813B (zh) * | 2015-08-19 | 2019-05-31 | 北京奇虎科技有限公司 | 一种提供安卓包apk修改服务的方法和装置 |
CN107463420A (zh) * | 2016-06-02 | 2017-12-12 | 深圳市慧动创想科技有限公司 | 一种在Android APK中植入代码的便捷方法 |
CN108614709B (zh) * | 2016-11-29 | 2021-08-03 | 北京明朝万达科技股份有限公司 | 一种控制Android应用安全访问网络的方法及系统 |
CN106648676A (zh) * | 2016-12-28 | 2017-05-10 | 哈尔滨安天科技股份有限公司 | 一种利用运行时库识别编译器的方法及系统 |
CN108734012B (zh) * | 2018-05-21 | 2020-11-03 | 上海戎磐网络科技有限公司 | 恶意软件识别方法、装置及电子设备 |
CN110147671B (zh) * | 2019-05-29 | 2022-04-29 | 奇安信科技集团股份有限公司 | 一种程序内字符串提取方法及装置 |
CN110941833A (zh) * | 2019-12-04 | 2020-03-31 | 厦门安胜网络科技有限公司 | 一种检测apk文件中漏洞的方法、装置及存储介质 |
CN111045686B (zh) * | 2019-12-16 | 2023-05-30 | 北京智游网安科技有限公司 | 一种提高应用反编译速度的方法、智能终端及存储介质 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101005497A (zh) * | 2006-11-27 | 2007-07-25 | 科博技术有限公司 | 一种阻止恶意代码入侵的系统及方法 |
CN102663281A (zh) * | 2012-03-16 | 2012-09-12 | 成都市华为赛门铁克科技有限公司 | 检测恶意软件的方法和装置 |
CN102760219A (zh) * | 2011-12-20 | 2012-10-31 | 北京安天电子设备有限公司 | 一种Android平台软件保护系统、方法及设备 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7735138B2 (en) * | 2005-01-14 | 2010-06-08 | Trend Micro Incorporated | Method and apparatus for performing antivirus tasks in a mobile wireless device |
-
2012
- 2012-12-21 CN CN201210559627.1A patent/CN103365699B/zh active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101005497A (zh) * | 2006-11-27 | 2007-07-25 | 科博技术有限公司 | 一种阻止恶意代码入侵的系统及方法 |
CN102760219A (zh) * | 2011-12-20 | 2012-10-31 | 北京安天电子设备有限公司 | 一种Android平台软件保护系统、方法及设备 |
CN102663281A (zh) * | 2012-03-16 | 2012-09-12 | 成都市华为赛门铁克科技有限公司 | 检测恶意软件的方法和装置 |
Also Published As
Publication number | Publication date |
---|---|
CN103365699A (zh) | 2013-10-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103365699B (zh) | 基于apk的系统api和运行时字符串的提取方法及系统 | |
KR101162051B1 (ko) | 문자열 비교 기법을 이용한 악성코드 탐지 및 분류 시스템 및 그 방법 | |
CN108734012B (zh) | 恶意软件识别方法、装置及电子设备 | |
WO2015190446A1 (ja) | マルウェア判定器、マルウェア判定システム、マルウェア判定方法、プログラム | |
CN106599242B (zh) | 一种基于相似度计算的网页变更监测方法和系统 | |
KR102317833B1 (ko) | 악성 코드 탐지 모델 학습 방법 및 이를 이용한 탐지 방법 | |
US20170149830A1 (en) | Apparatus and method for automatically generating detection rule | |
CN109753800A (zh) | 融合频繁项集与随机森林算法的Android恶意应用检测方法及系统 | |
CN101751530B (zh) | 检测漏洞攻击行为的方法及设备 | |
CN109992969B (zh) | 一种恶意文件检测方法、装置及检测平台 | |
CN107346284B (zh) | 一种应用程序的检测方法及检测装置 | |
CA2956207C (en) | Program code comparison and reporting | |
US10237285B2 (en) | Method and apparatus for detecting macro viruses | |
CN103294951B (zh) | 一种基于文档型漏洞的恶意代码样本提取方法及系统 | |
CN105205397A (zh) | 恶意程序样本分类方法及装置 | |
CN111399848B (zh) | 一种硬编码数据检测方法、装置、电子设备和介质 | |
CN104751053A (zh) | 移动智能终端软件的静态行为分析方法 | |
US10229267B2 (en) | Method and device for virus identification, nonvolatile storage medium, and device | |
CN110427757A (zh) | 一种Android漏洞检测方法、系统及相关装置 | |
CN109902487B (zh) | 基于应用行为的Android应用恶意性检测方法 | |
CN108229168B (zh) | 一种嵌套类文件的启发式检测方法、系统及存储介质 | |
US10031745B2 (en) | System and method for automatic API candidate generation | |
CN102682237A (zh) | 针对网络下载文件的判毒方法及系统 | |
CN108171057B (zh) | 基于特征匹配的Android平台恶意软件检测方法 | |
CN104200164B (zh) | 一种加载器Loader病毒的查杀方法、装置及终端 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 100080 Beijing city Haidian District minzhuang Road No. 3, Tsinghua Science Park Building 1 Yuquan Huigu a Patentee after: Beijing ahtech network Safe Technology Ltd Address before: 100080 Haidian District City, Zhongguancun, the main street, No. 1 Hailong building, room 1415, room 14 Patentee before: Beijing Antiy Electronic Installation Co., Ltd. |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: System API and running character string extraction method and system based on APK Effective date of registration: 20170821 Granted publication date: 20160803 Pledgee: CITIC Bank Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2017990000776 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20180817 Granted publication date: 20160803 Pledgee: CITIC Bank Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2017990000776 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: System API and running character string extraction method and system based on APK Effective date of registration: 20180817 Granted publication date: 20160803 Pledgee: CITIC Bank Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2018990000700 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20191021 Granted publication date: 20160803 Pledgee: CITIC Bank Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2018990000700 |