CN104408367B

CN104408367B - Application program configuration method and device

Info

Publication number: CN104408367B
Application number: CN201410708574.4A
Authority: CN
Inventors: 杨威
Original assignee: Beijing Qihoo Technology Co Ltd
Current assignee: Beijing Qihoo Technology Co Ltd
Priority date: 2014-11-28
Filing date: 2014-11-28
Publication date: 2019-04-05
Anticipated expiration: 2034-11-28
Also published as: CN104408367A

Abstract

The present invention relates to a kind of application program configuration methods comprising following steps: parsing the application program original installation kit, obtains its internal file；The shell adding installation kit of original installation kit described in construction set and the internal file is configured with loading module, the loading module, for the former installation kit being aggregated to be loaded into sandbox running environment to run the application program in the internal file being aggregated；The shell adding installation kit is installed.Moreover, it relates to a kind of application program configuration device corresponding with this method.The invention enables destination applications can run in sandbox running environment, and can ensure that the safety of system.

Description

Application program configuration method and device

Technical field

The present invention relates to security of computer software technical field more particularly to a kind of application program configuration method and accordingly Device.

Background technique

Sandbox is a kind of performing environment according to security strategy limiting program behavior, is practically applicable to various behaviour extensively at present Make in system.By taking Android as an example, some application programs are special for the purpose realized except application program inherent function needs It is not commercial object, random application system permission obtains privacy of user data, executes network access, keep device activity, send Short message behavior etc..It is light then may cause privacy of user leaking data or occupying system resources, it is heavy then malice may be passed through and detained Take, product placement, consumption rate, fraud inveigle etc., so that user is suffered a loss.Therefore, the execution ring provided by sandbox technology Border is managed by resource, permission of the sandbox to system, application program is allowed to run in the sandbox, and the access of application program is first It is examined through sandbox by security strategy, forms a kind of isolation operational effect relative to system itself as a result, it can be effectively The safety of protection system.For security strategy used in sandbox, adapting to a variety of different operating systems has different details Consider, the basic knowledge that these related technologies are realized is grasped by those skilled in the art, without repeating.

There are many examples at present to realize sandbox technology.In these examples, on the one hand, sandbox technology is in order to be compatible with market A variety of applications control the executable resource of the application and realize typically only by limiting the security strategy of sandbox.However, The technical level of security fields, attacking and defending both sides is shifting, and traditional sandbox only by limitation security strategy is difficult to sometimes Guarantee to reach desired purpose, it is necessary to by means of new departure of richer technology content.On the other hand, sandbox technology is often It is related to system bottom operation, and such as using Android itself to have stringent power in the operating system of the Unix system of representative Limit management, in this way, just causing under the premise of not obtaining Root authorization, it is difficult to remove construction sandbox using sandbox technology.It can be only Path is warded off, goes to realize the sandbox environment exempted under Root environment, however, in this case, often causing more various Technology barrier, these obstacles are depending on the specific implementation of sandbox.

In currently available technology, exempt from Root sandbox for this, it is possible despite the presence of theory, have no mature case.But From above analysis as can be seen that realize a kind of safer sandbox technology based on Root environment is exempted from, need to combine its tool Body technique principle, to consider the specific configuration of its own and if necessary consider reconstruct to related application, so that weight Application program after structure can keep applying journey by this among relatively independent sandbox in having been based on system with seamless operation Due security control effect is realized in operation of the sequence in sandbox.

Summary of the invention

The first object of the present invention is to provide a kind of application program configuration method, to configure to exempt from Root sandbox environment Convenient for the application program of load operating.

Second mesh of the invention is to provide a kind of application program configuration dress suitable for constructing method described in the first purpose It sets.

To achieve the purpose of the present invention, the present invention adopts the following technical scheme that:

A kind of application program configuration method provided by the invention, comprising the following steps:

The application program original installation kit is parsed, its internal file is obtained；

The shell adding installation kit of original installation kit described in construction set and the internal file, in the internal file being aggregated Configured with loading module, the loading module, for the former installation kit being aggregated to be loaded into sandbox running environment to run State application program；

The shell adding installation kit is installed.

Specifically:

One of described internal file is the copy of the configuration file for the former installation kit being aggregated, the shell adding installation kit and its In the former installation kit packet name having the same.Preferably, the copy of the configuration file refers in particular to Androidmanifest.xml file.

The loading module is set in the code file of one of internal file, which is configured as using reflection The former installation kit being aggregated described in call-by mechanism load is to run the application program.The code file is refered in particular to Classes.dex file.

The internal file includes the resource file obtained from former installation kit being aggregated and/or dynamic library file and its phase The bibliographic structure answered.Preferably, the resource file refers in particular to Res catalogue and its lower included file, the dynamic library file Refer in particular to Lib catalogue and its lower included file.Further, the resource file includes icon file, and the icon file base It is carried out obtained by partial modification in the respective icon file obtained from former installation kit being aggregated.

Preferably, the former installation kit being aggregated is placed in the Assets catalogue of shell adding installation kit.

It is with high safety to the operation process of the application program that the loading module is configured as guidance sandbox running environment Monitoring, to realize normal operation of the application program in sandbox running environment.

A kind of application program configuration device provided by the invention, the functional example with above-mentioned application program configuration method, Comprising:

Acquiring unit obtains its internal file for parsing the application program original installation kit；

Structural unit, it is described to be collected for the shell adding installation kit of original installation kit described in construction set and the internal file Loading module, the loading module, for the former installation kit being aggregated to be loaded into sandbox operation are configured in the internal file of conjunction To run the application program in environment；

Installation unit, for installing the shell adding installation kit.

Compared to the prior art, the present invention at least has the advantages that

1, it is the installation kit shell adding by the internal file of destination application installation kit itself, generates shell adding installation kit, Make shell adding installation kit that there is packet name (PackageName) identical with former installation kit, as a result, in host application installation and operation When afterwards, then by reflection call-by mechanism removing four big component of load installation kit, the four big component with host application due to having Have identical packet name, in android system, can make movable component and serviced component establish with The normal communication of ActivityManagerService, and movable component, serviced component and broadcast component can be made etc., smoothly quilt PackageManagerService identification, reduces the error rate being operating abnormally in the prior art in relation to shell adding application program.

2, the loading module of former installation kit is called by being configured to reflection in the host application of shell adding, and by Loading module sets up the communication between the destination application of former installation kit and sandbox running environment, so that destination application Active procedure can further be monitored by sandbox running environment, to be applicable in it security strategy, and it is carried out Quoting resource redirects etc., it is ensured that destination application by host application normal load and can keep operating normally.

3, since host application and destination application have used identical packet name, it is not necessary to for the mesh called by reflection The various components (Activity, Service, Receiver) for marking application program individually construct principal function entrance (ActivityThread.main), it need not also consider the program that bring PackageManagerService is verified due to packet name Implementation complexity problem, to greatly improve program operational efficiency.

The additional aspect of the present invention and advantage will be set forth in part in the description, these will become from the following description Obviously, or practice through the invention is recognized.

Detailed description of the invention

Above-mentioned and/or additional aspect and advantage of the invention will become from the following description of the accompanying drawings of embodiments Obviously and it is readily appreciated that, in which:

Fig. 1 is the process principle figure of application program configuration method of the invention；

Fig. 2 is the schematic diagram of application program configuration device of the invention；

Fig. 3 is the process principle figure of application program progress control method of the invention；

Fig. 4 is the schematic diagram of application program operating control device of the invention.

Specific embodiment

The embodiment of the present invention is described below in detail, examples of the embodiments are shown in the accompanying drawings, wherein from beginning to end Same or similar label indicates same or similar element or element with the same or similar functions.Below with reference to attached The embodiment of figure description is exemplary, and for explaining only the invention, and is not construed as limiting the claims.

Those skilled in the art of the present technique are appreciated that unless expressly stated, singular " one " used herein, " one It is a ", " described " and "the" may also comprise plural form.It is to be further understood that being arranged used in specification of the invention Diction " comprising " refer to that there are the feature, integer, step, operation, element and/or component, but it is not excluded that in the presence of or addition Other one or more features, integer, step, operation, element, component and/or their group.It should be understood that when we claim member Part is " connected " or when " coupled " to another element, it can be directly connected or coupled to other elements, or there may also be Intermediary element.In addition, " connection " used herein or " coupling " may include being wirelessly connected or wirelessly coupling.It is used herein to arrange Diction "and/or" includes one or more associated wholes for listing item or any cell and all combinations.

Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein (including technology art Language and scientific term), there is meaning identical with the general understanding of those of ordinary skill in fields of the present invention.Should also Understand, those terms such as defined in the general dictionary, it should be understood that have in the context of the prior art The consistent meaning of meaning, and unless idealization or meaning too formal otherwise will not be used by specific definitions as here To explain.

Those skilled in the art of the present technique are appreciated that " terminal " used herein above, " terminal device " both include wireless communication The equipment of number receiver, only has the equipment of the wireless signal receiver of non-emissive ability, and including receiving and emitting hardware Equipment, have on bidirectional communication link, can execute two-way communication reception and emit hardware equipment.This equipment It may include: honeycomb or other communication equipments, shown with single line display or multi-line display or without multi-line The honeycomb of device or other communication equipments；PCS (Personal Communications Service, PCS Personal Communications System), can With combine voice, data processing, fax and/or communication ability；PDA (Personal Digital Assistant, it is personal Digital assistants), it may include radio frequency receiver, pager, the Internet/intranet access, web browser, notepad, day It goes through and/or GPS (Global Positioning System, global positioning system) receiver；Conventional laptop and/or palm Type computer or other equipment, have and/or the conventional laptop including radio frequency receiver and/or palmtop computer or its His equipment." terminal " used herein above, " terminal device " can be it is portable, can transport, be mounted on the vehicles (aviation, Sea-freight and/or land) in, or be suitable for and/or be configured in local runtime, and/or with distribution form, operate in the earth And/or any other position operation in space." terminal " used herein above, " terminal device " can also be communication terminal, on Network termination, music/video playback terminal, such as can be PDA, MID (Mobile Internet Device, mobile Internet Equipment) and/or mobile phone with music/video playing function, it is also possible to the equipment such as smart television, set-top box.

Those skilled in the art of the present technique are appreciated that server used herein above, cloud, remote network devices etc. are general It reads, there is effects equivalent comprising but it is not limited to computer, network host, single network server, multiple network server collection Or the cloud that multiple servers are constituted.Here, cloud is by a large amount of computers or network clothes based on cloud computing (Cloud Computing) Business device is constituted, wherein cloud computing is one kind of distributed computing, and one consisting of a loosely coupled set of computers super Virtual machine.It, can be by any logical between remote network devices, terminal device and WNS server in the embodiment of the present invention Letter mode realizes communication, including but not limited to, mobile communication based on 3GPP, LTE, WIMAX, based on TCP/IP, udp protocol Computer network communication and low coverage wireless transmission method based on bluetooth, Infrared Transmission standard.

It will be appreciated by those skilled in the art that so-called " application ", " application program ", " application software " and class of the invention It is same concept well known to those skilled in the art like the concept of statement, refers to and instructed by series of computation machine and related data The computer software for being suitable for electronics operation of the organic construction of resource.Unless specified, this name itself is not by programming language Type, rank, the operating system of operation of also not rely by it or platform are limited.In the nature of things, this genus also not by appoint The terminal of what form is limited.

The application scenarios that a kind of application program configuration method and device that will be described below the present invention are implemented are installations The running environment based on Android operation system on mobile terminals.

In order to illustrate implementation of the invention, the present invention attempts to carry out in conjunction with two aspects of static state and dynamic of computer program Description, so-called static aspect, refers to that program installation kit, file, database etc. are stored in the storage object of medium；So-called dynamic side Face refers to the dynamic object for being transferred and executing in memory, including but not limited to process, thread, used data etc..In view of These features of computer software technology, should not by it is of the present invention and each method, step, sub-step, device, unit, Module etc. is interpreted as only static in isolation or only dynamic aspect, those skilled in the art should know this.So ability Field technique personnel should can be corresponded to dynamic Process Movement or foundation in relation to static statement according to the present invention The present invention corresponds to its static form of expression in relation to dynamic Process Movement, it is established that certainty of both static and dynamic Association understands the present invention based on this.

Those skilled in the art should know, the present invention is proposed power and proposes based on exempting from Root, however, proposing power operation It is the rights management control that android system is implemented, the present invention is also suitable for the Android behaviour that Root proposes power of course Make in system.

The present invention be proposed based on sandbox principle, so, those skilled in the art are able to combine well known sandbox real Show principle to understand implementation of the invention.The effect of sandbox is to provide the running environment of relative closure for destination application, Access application program to the resource of system, by the application of sandbox security strategy, and as defined in being limited within the scope of.Cause And essence of the invention is that provide a kind of sandbox example, it is realized in terms of two, first aspect is to provide construction target and answers With the solution of program, second aspect, which is to provide, corresponding with the former runs control program.The two aspects can be integrated Realize in software to sandbox, destination application processed using the realization of its first aspect, so using its The realization of two aspects, safe sandbox running environment is provided for destination application.

In view of this, application program configuration method of the invention, major embodiment sandbox example in a first aspect, for processing The destination application of corresponding sandbox running environment is adapted to, in one example as shown in fig.l, this method includes following step It is rapid:

S11, the parsing application program original installation kit, obtain its internal file.

Application program designated herein, i.e. so-called destination application above.Since the present invention is based on exempt from Root demand And propose, according to the intrinsic principle of Android, the destination application is generally the third-party application that user voluntarily installs.

The present invention can be by adapter tube erector, to realize the installation control to third-party application.Specifically, can be by The sandboxed application that user provides through the invention is downloaded and installs the third-party application and obtain the original installation kit, or Person can also obtain corresponding installation package file from/data/app by the sandboxed application.It, can this hair for having filled application It is bright be disposed after, induction user unloads old application, installs new opplication.

The means for parsing the former installation kit of application program, are well known to those skilled in the art.Installation kit APK file essence On be using ZIP compress technique combination signature technology realization compressed package therefore on the one hand it can be discharged by decompression technique On the other hand internal file can also obtain its internal file (its generation in this case by the tool software of Apktool etc Code file can be reversed .smali file).Those skilled in the art can be given using these well-known techniques at one consummately Determine to handle former installation kit in catalogue, to obtain inside therein by way of internal memory operation (non-file operation) File.

The internal file of Android installation kit, refering to shown in following table:

File structure inside 1 APK file of table

The present invention can obtain catalogue and text appended in table by the former installation kit of the parsing destination application Part referring to the shell adding installation kit realized as host application, is detailed in later step on this basis.

The shell adding installation kit of original installation kit described in S12, construction set and the internal file.

Internal file needed for first constructing the shell adding installation kit in conjunction with 1 couple of present invention of table below is introduced.

In the various internal files for belonging to installation kit listed by table 1, MATA-INF catalogue is after being packaged to alternative document Signature and generate, therefore, when being subsequently generated shell adding installation kit, have the signature of shell adding installation kit itself and generate identical mesh Directory structures and file, so the respective directories structure of former installation kit and file will not be placed into shell adding installation kit.

Res catalogue and its resource that includes down, be the resource that reference is needed in destination application operational process, target is answered It can be accessed at runtime by ID with program.Therefore, it is possible in conjunction with program realize difficulty consider, and consider whether by Part resource file therein is placed in subsequent shell adding installation kit.The present embodiment pays close attention to home icon file therein for example Icon.png file, this document, that is, destination application home icon file, when the installation kit normal mounting of destination application, The icon file can be shown as its shortcut icon in desktop.In the present embodiment, partial modification, example are carried out to the pattern of the icon For example its pattern lower right corner adds a tapered end pattern, becomes the icon with specific markers, and by modified icon file As the icon file of shell adding installation kit, deposit in shell adding installation kit res under catalogue.As a result, after the installation of shell adding installation kit, User can recognize the program by carry out sandbox protection by its icon.It is of course also possible to consider by res its under catalogue Its resource file is introduced as the internal file of construction shell adding installation kit, but when subsequent reflection calls the destination application, Quoting resource redirection need to be carried out, so that target application can normally refer to correct resource.

Assets catalogue for store resource file, such as installation package file, font file of broad sense etc. incompressible File can access the resource in the catalogue with passage path.In the present embodiment, not by the assets of former installation kit catalogue File introduces, and is the volume in order to reduce shell adding installation kit, shell adding installation kit assets in catalogue, storage will be reflected The former installation kit of the destination application of calling.

Resources.arsc file is mainly the index established to application program pointed by installation kit, in the present embodiment In the file of the same name of former installation kit is also used not in shell adding installation kit.

Lib file under catalogue, mainly storage .so dynamic library file, the dynamic library file of the original installation kit whether by Assemble together into shell adding installation kit, similarly, can take in conjunction with program implementation complexity, select on demand.

Androidmanifest.xml file is global configuration file more important in installation kit, is responsible for system Four big components of android system are registered, and to system application permission etc..In shell adding installation kit, add as needs The important internal file for entering shell adding installation kit accounts for, and is incorporated into shell adding installation with the copy completely the same with former installation kit Bao Zhong.Since the Androidmanifest.xml file in shell adding installation kit is the file of the same name of former installation kit, Bao Mingxiang Together, therefore shell adding installation kit is in systems after installation and operation host application, is infused with Androidmanifest.xml to system Volume various components and application system permission, the entrance of various components is just established with this, makes the target application journey for being reflected calling The various components of sequence can be called by ActivityManagerService, without constructing for the various components ActivityThread and the corresponding LoadedApk object of offer, save the program realization link of operation context environmental.Together Reason, reflection call caused by PackageManagerService to major component whether lawful registration the problem of, also by because The registration of Androidmanifest.xml and be overcome.

Classes.dex is the code file (binary code executable file) in installation kit.It in the present invention, will be by The file of the same name of pre-structured is replaced, but the file of the same name is aggregated in the shell adding installation kit together with alternative document.This Classes.dex provided by inventing, is implanted with loading module stub (), by the loading module, can further start one Monitoring module, the monitoring module are used to monitor the active procedure of the entire destination application called through reflection, therefore, general first It is loaded in the destination application.The monitoring module is the implementor of sandbox running environment, is responsible for realizing both sides Function redirects quoting resource, makes target application journey on the one hand by access of the monitoring objective application program to resource Sequence process can be realized the normal reference to correct resource.Specifically, if related resource is the former installation for being reflected calling The resource of packet then calls the resource of the original installation kit for reference, realizes and redirect by reflecting call-by mechanism.It is provided if it is system Source or the installation resource for being directed toward host application then allow its default reference to guarantee its normal adduction relationship.If It is I/O operation, can also redirects whereby.On the other hand pass through access of the monitoring objective application program to system resource, For example whether request sends short message, its operation is determined whether according to security strategy, when not allowing this implementation this When behavior, self-defining data can be returned to related call instruction, such as return to null value, so that it is guaranteed that some illegal behaviour can be prevented Make.The technology of the monitoring module is realized, using Hook technology, is carried out using entrance of the Hook Function to related call instruction This call instruction is intercepted and captured in monitoring, is turned to and is executed corresponding Hook Function, is answered by the Hook Function according to sandbox inherent logic The call instruction is answered, to reach purpose above-mentioned.

Need exist for supplement: term " hook " is covered for by intercepting the function transmitted between component software It calls, message or event change or increase the technology of the behavior of operating system, application program or other software component.And locate The code for managing this intercepted function call, event or message is thus referred to as hook hook function.Hook is commonly used in various Target, including function debug and be extended to function.Its example may include being transmitted in keyboard or mouse event They or hooking system service call (system call) are intercepted before application program or system function behavior, function execute As a result etc., to monitor or modify the function etc. of application program or other assemblies.Hook hook function can be used in the present embodiment Take over installation self checking operation required when application program operation.

After getting out above-mentioned internal file and former installation kit, the present invention is further by above-mentioned selected internal file and original Installation kit is packaged, and row is signed again after packing, that is, completes the construction of the shell adding installation kit, and former installation kit is located at shell adding installation The assets of packet in catalogue, become the subsidiary resource of shell adding installation kit.Shell adding installation can be further installed by next step Packet, to install host application.

In view of the file of shell adding installation kit generated will be greater than former installation kit, the present invention can install shell adding in turn Code file in packet is compressed, and generates compressed file and for restoring the additional text that the compressed file is code file Part, this compression process is similarly suitable for the former installation kit.As long as according to inverse algorithm during subsequent installation, utilization is attached Add file restores the compressed file in memory, host application and destination application can be made to realize normal Operation.Installation kit through overcompression, increment is even less than zero close to zero, therefore efficiency is higher.

S13, the shell adding installation kit is installed.

As previously mentioned, one of implement scene of the invention, does not obtain Root authority, therefore, in this scene, can not pass through The present invention realizes silent installation.In this case, the present invention preferentially passes through calling system erector, to start installation interface, refers to Lead the installation that user completes the shell adding installation kit.

According to the modularized thoughts of computer program, the present invention can mention in turn according to above-mentioned application program configuration method For a kind of application program configuration device, specifically incorporated by reference to Fig. 2 and refering to as described below.

Application program configuration device of the invention is made of, respectively acquiring unit 11, structural unit 12 and installation unit 13 The function that unit is realized is as follows:

The acquiring unit 11 obtains its internal file for parsing the application program original installation kit.

The means for parsing the former installation kit of application program, are well known to those skilled in the art.Installation kit APK file essence On be using ZIP compress technique combination signature technology realization compressed package therefore on the one hand it can be discharged by decompression technique On the other hand internal file can also obtain its internal file (its generation in this case by the tool software of Apktool etc Code file can be reversed .smali file).Those skilled in the art can be given using these well-known techniques at one consummately Determine to handle former installation kit in catalogue, to obtain internal file therein.It is obtained it is emphasized that the present invention is alleged Its internal file, recommendation is obtained in a manner of well known internal memory operation, rather than refers to file operation.

The internal file of Android installation kit, similarly refering to table 1.The present invention is by parsing the destination application Former installation kit can obtain catalogue and file appended in table 1, on this basis, referring to realization as host application Shell adding installation kit is detailed in the explanation of structural unit.

The structural unit 12, the shell adding installation kit for original installation kit described in construction set and the internal file.

After getting out above-mentioned internal file and former installation kit, the present invention is further by above-mentioned selected internal file and original Installation kit is packaged, and row is signed again after packing, that is, completes the construction of the shell adding installation kit, and former installation kit is located at shell adding installation The assets of packet in catalogue, become the subsidiary resource of shell adding installation kit.Further the shell adding can be installed by next installation unit Installation kit, to install host application.

The installation unit 13, for installing the shell adding installation kit.

After installing the shell adding installation kit, the file in Androidmanifest.xml therein just completes the note to system Copy, packet name used in host application is the packet name of destination application, and the two is with uniformity, therefore host applies journey Sequence can find entering for the component that the destination application of operation is called through reflection by ActivityManagerService Mouthful, also, the component of destination application can also pass through the examination of system PackageManagerService, and program is real Existing difficulty subtracts greatly, and the operational efficiency of application program will also greatly improve.

For the second aspect for embodying sandbox example of the present invention, the present invention provides a kind of application program operation controlling party in turn Method, this method are mainly used for embodying in the operational process and its operational process of the host application to target application journey The load operating process of sequence.Those skilled in the art should know according to sandbox realization principle, progress control method of the invention For controlling the operation of host application and destination application that configuration method of the invention is constructed, therefore, the present invention Progress control method specific implementation details in, the specific example that need to adapt to the host application certainly does adaptability Matching, therefore, many variation instances derived from above-mentioned configuration method lead to the adaptability tune of the progress control method of course It is whole, and these adjustment means should also be known for those skilled in the art of course.

Refering to Fig. 3, application program progress control method of the invention specifically comprises the following steps:

The peace that resource is attached to as host application for having identical packet name with host application is called in S21, reflection Dress packet, to load the destination application that the installation kit is realized.

In conjunction with the description previously with regard to application program configuration method it is found that host application refers to the shell adding installation kit Program after installation, and the installation kit refer to deposit in shell adding installation kit assets application program original installation under catalogue Packet.After installation, the installation kit for the destination application that host application reflection is called belongs to the installation of host application Resource file.The installation kit is called in reflection, this means that running the destination application.

Reflection mechanism of the present invention can be Java reflection mechanism, Java reflection mechanism be in operating status, For any one class, all properties and method of this class can be known；For any one object, it can be called Any one method；The function of this dynamic acquisition information and the method for dynamic call object is the reflection of JAVA language Mechanism.

In an example recommending of the present invention, the host application will find first after its installation by it Then the installation kit APK file that assets is carried goes to execute in APK by an Agent components (Activity) Activity, to realize that the reflection to destination application is called.Host application is implemented reflection and is called firstly the need of logical Classloader is crossed to realize, particular by DexClassLoader () Lai Shixian.It is realized using this Classloader to peace The calling of movable component in dress packet is the means that those skilled in the art are grasped, without repeating.When program is realized, it can pass through One Proxy method allows the execution of host application adapter tube destination application, once after being taken over, target application journey All execution of sequence are realized by proxy, and Context also becomes the Context of host program.Host application its Real is exactly a ghost, it only goes the inside for being loaded into oneself former installation kit apk to execute.In this case, although host answers Use the Androidmanifest.xml of destination application to system registry with program, due to running context environmental Context may be different, it would still be possible to will lead to the difficulty occurred in resource access, even can find that installation kit cannot be accessed sometimes In resource the case where.And the degree of this difficulty, it depends on being constructed into shell adding application program in aforementioned applications configuration method In resource number.Howsoever, those skilled in the art can be overcome by the mode of subsequent announcement.

The operation of destination application is involved in the reference to resource, though the disposal skill of this reference is this field skill Art personnel are known, but also more many and diverse, therefore the present invention will assist those skilled in the art's fast understanding by example as far as possible Several examples provided by the present invention.

Really, if the destination application resource to be accessed is registered to system by mounted host application In, such as previously described home icon file, then its to the reference of resource will very directly, by host application The calling of installation resource can meet the resource access of destination application.In addition to this, then it needs to add some additional considerations.

If since construction shell adding installation kit causes the Context of host application cannot be normal by destination application Access, it may be considered that improve this problem, borrow resource to former installation kit.Since destination application installation kit APK does not pacify Dress, therefore can not just go to obtain the resource, such as picture, text etc. in APK by the Context of host application.APK exists Used context is the context of host application when being loaded operation, is to be unable to get certainly with others' Context Oneself resource.It follows that host application other than wanting each component in energy loading application programs, will also be using journey Sequence constructs the running environment needed for it.

Android application program in the process of running, be by one be known as AssetsManager resource manager come Read the resource file being packaged in inside APK file.Each Activity component of application program is associated with one ContextImpl object, this ContextImpl object are exactly the operation context environmental for describing activity component 's.The member function init of this ContextImpl object is called to execute initialization Activity assembly operating context ring The work in border, wherein just including Resources object and AssetsManager object that creation is used to access application resource Work.Wherein, ContextImpl.init function is just defined on file f rameworks/base/core/java/ In android/app/ContextImpl.java.What the parameter packageInfo in ContextImpl.init function was directed toward It is a loadedApk object, this loadedApk object factory is currently to start Apk belonging to component.With visiting The Resources object for asking application resource is by being a loadedApk pointed by call parameters packageInfo The member function getResources of object is created.It follows that in order to create Resources object, to extract or visit Application resource is asked, if the present embodiment can also be respectively in application for the needs of the resource in access installation kit Apk One loadedAPK object of each component construction.

Similarly, the configuration of specific shell adding installation kit is adapted to, as needed, it may be considered that resource Resources class Member variable mResource, mAssets in constructed fuction modify, described to pass through when starting each component MResource, mAssets transfer corresponding resource.

Similarly, it also it is contemplated that modify to the AssetsPath function in resource manager AssetsManager, modifies Resource file that the AssetsPath function afterwards is directed toward in the destination application installation kit (be often referred to assets), The resource is obtained to transfer the AssetsPath function by the AssetsManager when starting each component Corresponding resource in file.

Wherein, the constructed fuction of Resources class is defined on file f rameworks/base/core/java/ In android/content/res/Resources.java.Because the constructed fuction of Resources class is by parameter assets institute An AssetManager object being directed toward is stored in member variable mAssets, i.e. mAssets=assets, so that The constructed fuction of Resources class can be by mAssets come the resource of access application.Therefore, the present embodiment can pass through It modifies to the member variable mAssets in resources-type constructed fuction, application program institute is transferred by mAssets to realize The resource needed.Really, above-mentioned implementation also uses reflection mechanism to realize.

Certainly, the present embodiment can also modify to the AssetsPath function in resource manager AssetsManager, Specified application resource file road is such as added by the member function addAssetsPath of AssetsManager object Diameter (such as: path is /data/app/com.qihoo.box-1.apk) is into AssetsPath function.Due to AddAssetsPath be hide API we can not call directly, so can only be realized by reflection mechanism.

As previously described, it is also necessary to realize Classloader, in loading module to load the corresponding load in each component Class.Under type realization such as can be used: a kind of mode is the path column being added to the path of the application program in Classloader In table pathList, construction searches the Classloader of loading classes according to the application path；Another way is added to class The member variable carried in device is modified, and construction looks for the Classloader of loading classes with super first.Due to dynamic using Classloader The technology of state loading application programs has been well known to those skilled in the art, therefore only provides exemplary illustration herein, without repeating.

S22, monitoring module is called by host application, the activity of destination application is monitored.

It as a sandbox example, runs on destination application in sandbox running environment, usually passes through the load Reflection of the module prior to the destination application calls and preferentially calls a monitoring module.This monitoring module is institute above The monitoring module of title.

As previously mentioned, the monitoring module is the core implementor of sandbox running environment, it is responsible for realizing both sides function, On the one hand by access of the monitoring objective application program to resource, quoting resource is redirected, make destination application into Journey can be realized the normal reference to correct resource.Specifically, if related resource is the former installation kit for being reflected calling Resource then calls the resource of the original installation kit for reference, realizes and redirect by reflecting call-by mechanism.If it is system resource or Person is directed toward the installation resource of host application, then its default reference is allowed to guarantee its normal adduction relationship.If it is I/O Operation, can also redirect whereby.For example, the above-mentioned resource progress in relation to the installation kit to destination application is drawn With, it can both be realized by the modification to above-mentioned AssetsManager, it can also be by monitoring the specific tool for calling resource Body call instruction is realized using Hook technology.On the other hand pass through access of the monitoring objective application program to system resource, example Such as whether request sends short message, its operation is determined whether according to security strategy, when not allowing this this row of implementation For when, can to related call instruction return self-defining data, such as return null value, so that it is guaranteed that some illegal behaviour can be prevented Make.The monitoring module is registered as service processes, with the call instruction of Hook Function associated objects application program active process To realize the activity monitoring to the destination application.The monitoring module enters related call instruction using Hook Function Mouth point is monitored, this call instruction is intercepted and captured, and is turned to and is executed corresponding Hook Function, by the Hook Function according to sandbox itself Logic carrys out the response call instruction, to reach purpose above-mentioned.It is related to monitoring module for the processing of surveillance operation, especially In terms of being security control, more specifically example will be provided below and will be illustrated.

S23, when monitoring destination application and needing to call not matched resource, redirect the money of related call instruction Source reference, provides correct resource with the operation for the destination application.

Not matched resource designated herein, should not limit to and be interpreted as being configured in host application shell adding installation kit Res and assets resource, it is thus understood that resource and system resource and target including the resource of the two catalogues Inside application program original installation kit including res, assets including all may by process call resources.It is especially right Resource in destination application original installation kit, because not being mounted, when related call instruction implements it to call, usually It can be erroneously interpreted as abuse.

The alleged quoting resource for redirecting related call instruction, is primarily referred to as in destination application process operational process The redirection of realization utilizes AssetsManager's by Hook Function including what may be occurred in the process operational process Member variable and the resource re-orientation processes to former installation kit realized, including that may occur in process operational process to institute The redirection directly to fixed number value of the reference of the resource in former installation kit is stated, if not being subject to this intervention, in the installation kit Individual resources may be included in process operational process since the abuse of the process can be erroneously interpreted as without installation It is middle it is possible occur to notification bar service (NotificationManager) and animation function (OverridePendingTransition) shielding processing of calling (returns to null value to its call instruction using Hook Function ), and include that the re-orientation processes of the call instruction of the access to resource without permission (can return such as empty to it The self-defining data of value, spurious numerical etc) etc..So " redirection " designated herein, should be the understanding of broad sense, refer to according to All realizing logic according to sandbox and concluding ensure the safe practice means realized based on Hook Function that process operates normally.

As can be seen that can normally be adjusted by host application by application program progress control method of the invention With destination application and ensure the normal operation of destination application.

Correspondingly, realizing a kind of application program operation control referring to Fig. 4, being aided with the present invention further provides a kind of device Device comprising call unit 21, monitoring module 22 and processing unit 23.

The call unit 21 has applying as host for identical packet name with host application for reflecting to call Program is attached to the installation kit of resource, to load the destination application that the installation kit is realized.

Similarly, reflection mechanism of the present invention can be Java reflection mechanism, and Java reflection mechanism is in operation shape In state, for any one class, all properties and method of this class can be known；It, can for any one object Call its any one method；The function of this dynamic acquisition information and the method for dynamic call object is JAVA language Reflection mechanism.

In an example recommending of the present invention, the host application will find first after its installation by it Then the installation kit APK file that assets is carried goes to execute in APK by an Agent components (Activity) Activity, to realize that the reflection to destination application is called.Host application is implemented reflection and is called firstly the need of logical Classloader is crossed to realize, particular by DexClassLoader () Lai Shixian.It is realized using this Classloader to work The technology of the calling of dynamic component is grasped by those skilled in the art, without repeating.When program is realized, a Proxy can be passed through Method allows the execution of host application adapter tube destination application, once after being taken over, destination application is all to be held Row is realized by proxy, and Context also becomes the Context of host program.Host application is exactly a sky in fact Shell, it only goes the inside for being loaded into oneself former installation kit apk to execute.In this case, although host application Using the Androidmanifest.xml of destination application to system registry, since operation context environmental context may It is different, it would still be possible to will lead to the difficulty occurred in resource access, even can find access the resource in installation kit sometimes Situation.And the degree of this difficulty, it depends on being constructed into the resource in shell adding application program in aforementioned applications configuration method Number.Howsoever, those skilled in the art can be overcome by the mode of subsequent announcement.

Really, if the destination application resource to be accessed is registered to system by mounted host application In, such as previously described icon, then it will very directly provide the reference of resource by the installation to host application The calling in source can meet the resource access of destination application.In addition to this, then it needs to add some additional considerations.

The monitoring module 22, is configured as being loaded by host application, carries out to the activity of destination application Monitoring.

It as a sandbox example, runs on destination application in sandbox running environment, usually passes through the load Reflection of the module prior to the destination application calls and preferentially calls a monitoring module 22.Before this monitoring module 22 is The so-called monitoring module 22 of text.

As previously mentioned, the monitoring module 22 is the core implementor of sandbox running environment, it is responsible for realizing both sides function Can, on the one hand by access of the monitoring objective application program to resource, quoting resource is redirected, destination application is made Process can be realized the normal reference to correct resource.Specifically, if related resource is the former installation kit for being reflected calling Resource, then by reflect call-by mechanism call the resource of the original installation kit for reference, realize redirection.If it is system resource Or be directed toward the installation resource of host application, then allow its default reference to guarantee its normal adduction relationship.If it is I/O operation can also redirect whereby.For example, what the above-mentioned resource in relation to the installation kit to destination application carried out Reference, can both be realized by the modification to above-mentioned AssetsManager, can also be by monitoring specific calling resource Specific call instruction is realized using Hook technology.On the other hand pass through access of the monitoring objective application program to system resource, For example whether request sends short message, its operation is determined whether according to security strategy, when not allowing this implementation this When behavior, self-defining data can be returned to related call instruction, such as return to null value, so that it is guaranteed that some illegal behaviour can be prevented Make.The monitoring module 22 is registered as service processes, is referred to the calling of Hook Function associated objects application program active process It enables to realize the activity monitoring to the destination application.The monitoring module 22 is using Hook Function to related call instruction Entrance monitored, intercept and capture this call instruction, turn to and execute corresponding Hook Function, by the Hook Function according to sandbox Inherent logic carrys out the response call instruction, to reach purpose above-mentioned.It is related to monitoring module 22 for the place of surveillance operation In terms of reason, especially security control, more specifically example will be provided below and will be illustrated.

The processing unit 23 is configured as when monitoring destination application needs calling not matched resource, The quoting resource for redirecting related call instruction, provides correct resource with the operation for the destination application.

Using monitoring module 22 of the invention, the building of more powerful sandbox running environment may be implemented.Below in conjunction with One specific example, further to supplement the explanation to the monitoring unit in the present invention.

The monitoring module 22 can obtain the extension corresponding to specific event behavior from a backstage sandbox HOOK frame Hook plug-in unit (Hook Function) is realized using the particular event behavior of hook plug-in unit hook and monitoring objective application to target The movable monitoring of program process.The backstage sandbox HOOK frame, is managed concentratedly beyond the clouds, to each terminal into Row distribution.Wherein, cloud is mainly configured with Java hook plugin library and Native hook plugin library.Monitoring module 22 needs to link up with It when specific event behavior, is sent and is requested to backstage sandbox HOOK frame by long-range card i/f, obtained and be directed to particular event row For HOOK function, i.e., described hook plug-in unit establishes the capture of the monitoring to particular event behavior and processing whereby.

In turn, the target application that running host application will be located in specified directory described in further load.Such as It is preceding described, it to the calling of destination application, is realized using well known Java reflection call-by mechanism.Destination application quilt When load, the module that has been monitored 22 establishes monitoring using hook plug-in unit, and therefore, all event behaviors of destination application are equal Within the monitoring range of monitoring module 22.The installation kit of destination application be it is complete unmodified, therefore, target application After program is loaded by host application, can it is completely legal, normally run, realize that destination application is able to achieve originally Institute is functional.

Due to the load of monitoring module 22 and destination application, it is that host application process is driven, is all place A part of primary application program process, and monitoring module 22 is loaded prior to destination application, thus, running monitoring module 22 establish the monitoring to all event behaviors of destination application.The anything generated in destination application operational process Part behavior, event message can be monitored module 22 capture and perform corresponding processing.

The monitored module 22 of the particular event behavior that destination application generates captures, substantially triggering particular event row For when, generated event message is monitored in module 22 and links up with plug-in unit (Hook Function) accordingly and captured.Capture the event Message, i.e., the intention of the knowable event can then carry out subsequent processing.

Particular event behavior is handled and is implemented by the processing unit 23, needs to obtain event behavior processing strategie. In this sub-step, human-computer interaction function further can be realized by system service.In order to realize man-machine interaction effect, One interactive module is registered as system service in advance by the present invention, and host application can pass through its interactive interface and the interaction mould Block communication, to realize acquisition of the host application to user instruction or preset instructions.

As previously mentioned, the acquisition modes of event behavioral strategy are very versatile and flexible, by one strategy generating device of construction come It executes, is exemplified below several strategies selecting one for the present invention or being used in any combination:

(1) after monitoring module 22 captures particular event behavior, pass through the built-in interactive interface of host application, Xiang Suoshu Interactive module sends request, and from interactive module to user interface pop-up inquiry user's processing strategie, which can be direct It informs content and its risk of the user in relation to event behavior, selects corresponding option as processing strategie by user.User's selection Respective selection and after determining, interactive module obtains the processing strategie for being directed to the particular event behavior, is fed back to monitoring module 22, monitoring module 22 can the processing strategie according to caused by the user instruction to the corresponding event behavior of destination application into The processing of row next step.

(2) when certain event behaviors for being acknowledged as opposite low-risk occur, such as to the read-only operation of contact person Behavior, or when user is provided with for the present invention processing strategie that voluntarily retrieval should be taken for particular event behavior, originally Invention is directed to the processing strategie of particular event behavior using a local policy database retrieval accordingly.That is, the local In policy database, the association between particular event behavior and corresponding processing strategie is established, and stores a variety of events The record data of corresponding relationship between behavior and corresponding processing strategie can be used for present invention retrieval.The present invention is from local After obtaining corresponding processing strategie in policy database, the processing of next step can be done to corresponding event behavior.

(3) if user is that the present invention is provided with the long-range option for obtaining processing strategie, or default in local policy number According to library searching less than particular event behavior specific strategy when can remotely obtain, and or pass through aforementioned (1) plant situation carry out It interacts and cannot get response of the user to pop-up within the regulation time limit, such situation, host application can pass through Its built-in remote policy interface sends to the cloud of pre- framework and requests, and obtains and corresponds to the corresponding of the particular event behavior Processing strategie, and it is used for subsequent processing.

It should be pointed out that related three of the above obtains the mode of processing strategie, it can intersect and be used cooperatively, for example, one Denier interactive module receives the feature of the event message of the transmitting of monitoring module 22, can be according to default setting, referring to (2) kind side Formula retrieves local policy database in advance, obtains the processing strategie of system recommendation (if cannot obtain from local policy database , it might even be possible to further obtained from the policy database of cloud by (3) kind mode).Then, mode is planted referring to (1), The processing strategie that system recommendation is arranged in pop-up interface is default option.If user does not confirm that the default is selected within the regulation time limit , then the processing strategie of system recommendation of being subject to executes subsequent instructions；If it is changed into new default option by user, to The processing strategie of the return user setting of monitoring module 22.As it can be seen that human-computer interaction process more flexible can freely be realized.

The local policy database can be a copy of cloud policy database, therefore, in the present invention, if A update step is set, for downloading cloud policy database for updating local policy database.

Under normal circumstances, the strategy for particular event behavior can be set to " to refuse ", " RUN ", " inquiry " three often See option, the specific intention of characterization are as follows:

Refusal: being directed to the particular event behavior, sends the falseness that event behavior has been finished to destination application Message, to forbid the event behavior to actually occur；

Operation: it is not made any changes for the particular event behavior, corresponding event message is forwarded directly to system and is disappeared Breath mechanism allows destination application to continue its event behavior；

Inquiry: independence or to depend on both of the aforesaid option one of any marks its state to be for the particular event behavior Unknown state, it is subsequent when occurring repeatedly the behavior, need row pop-up again to inquire user.

In practical application, option " inquiry " can be ignored, it is only necessary to consider whether to refuse or current event behavior is allowed to occur ?.

The event behavior, it is varied, specifically include following several big types:

(1) terminal, the related operation of networking:

Obtain operator's informaiton: destination application can for example be moved by getSimOperatorName () function The IMSI of dynamic terminal, thus can further judge the title of operator, and agreement instruction may further be sent to operator, is realized The illegal objective deducted fees etc.Monitor supervision platform, can be to the capture of event behavior by linking up with message related to this.

Switch APN operation: similarly, destination application realizes ANP switching control by switching related function with APN Operation, the module that can also be monitored 22 is by calling corresponding hook plug-in unit to be monitored.

Similar operation, further include obtain handset identity code IME operation, also with it is above-mentioned similarly.

(2) notification bar advertisement operation: notification bar advertisement is the means most easily utilized by rogue program, and monitoring module 22 passes through The event message for calling corresponding hook plug-in unit to generate notify function is monitored, can also be to its implementing monitoring.

(3) traffic operation:

If phone dials operation, the event of calling system dialing interface can be monitored by startActivity () function Behavior can establish event behavior monitoring to phone operation is dialed using corresponding hook plug-in unit.

Short message operation, corresponds to the function of sendTextMessage () etc, similarly, can be by hook plug-in unit to this Class function establishes event behavior monitoring.

Contact person's operation: corresponding generally to query (), insert () function, and monitoring module 22 is linked up with using hook plug-in unit The capture of the monitoring to such event behavior may be implemented in this class function.

(4) command operation:

If SU proposes power operation or execution of command operations, it is both needed to use Execve () function, monitoring module 22 is by monitoring this The return message of function, can realize the monitoring of such event behavior.

(5) interface and access operation:

The event behavior of shortcut is such as created, then corresponds to sentBroacast () function.Similarly, for concealing program The operation of icon can also correspond to specific function and monitor it.

Such as http network access operation, then correspond to the functions such as sentTo (), write ().

(6) procedure operation:

Such as application load operation refers to the operation of current goal application program load related application, by right The functions such as dexClassloader (), loadLibrary () carry out hook monitoring, may be implemented to catch such event behavior It obtains.

Attached bag is for another example installed, then corresponds to installPackage () function.

(7) other risky operation:

For example, subprocess intrusion operation, derivative operation, the operation of activation equipment manager etc., correspond respectively to.

Wherein, subprocess refers to the subprocess that destination application is established, when destination application creates subprocess, prison Control module 22 will receive corresponding message, and determine it and create the event behavior of subprocess.As a result, monitoring module 22 further to Subprocess implant monitor module 22 in the subprocess in a manner of inline hook, the subsequent thing that can continue to the subprocess Part behavior is monitored.Thus, either the own process of destination application or its creation subprocess, they directly Or the event behavior triggered indirectly, it can be monitored by monitoring module 22 of the invention, realize preferable Initiative Defense effect More preferably.

And the derivative, refer to the file of the file that destination application voluntarily creates or remote download, usually Refer to sensitive derivative, such as installation kit.The event can be captured by linking up with fClose () function.It should be pointed out that working as After monitoring module 22 captures the event behavior, can further it be asked as the method previously described using the transmission of remote layout bank interface It asks to cloud, judges the security level of the derivative, the present invention using its black, white, grey security level rule of conduct by cloud After obtaining cloud judgement result by remote layout bank interface, further pop-up asks the user whether to establish to the sensitive derivative Initiative Defense, thus can further consolidate the effect of Initiative Defense.

Above-mentioned event behavior is only to take passages to be used, and should not be understood as the limitation of the event behavior monitored to the present invention.

It can be right according to above-mentioned processing strategie and the above-mentioned explanation about event behavior, active defense method of the invention Various event behaviors perform corresponding processing.It is exemplified below several typical application examples:

(1) to the application of destination application finely intercepted:

After part rogue program is mounted, it is in the state of normal use within the quite a long time, benumbs user Awareness of safety.But after one rapid lapse of time of operation, which attempts to cause user from backstage one short message of insertion Concern, achieve the effect that advertisement and swindle.After establishing active defense mechanism to the destination application, for example preceding institute of the present invention It states, by the way that monitoring of the plug-in unit to short message handling function is linked up in monitoring module 22 accordingly, once destination application generation is short The event behavior for believing operation, can capture this event behavior, and then, monitoring module 22 is by its interactive interface notice as system The interactive module of system service operation, is warned from interactive module to user interface pop-up.After user clicks the processing strategie of " refusal ", By converse monitoring module 22 of feeding, wherein hook plug-in unit just can hinder actually occurring for the event behavior accordingly, reach prevention wind The purpose of danger.

(2) to the application of destination application release malicious file.

Destination application is a Games Software, is downloaded by way of checking and updating and discharges malice attached bag, and adjusted The attached bag is installed with system function.After the present invention establishes the sandbox running environment of Initiative Defense to the destination application, Its event behavior having downloaded file and having generated can be monitored, is alerted accordingly by interactive module pop-up.User instruction refusal Later, this document can directly be deleted by linking up with plug-in unit in monitoring module 22 accordingly, or only refuse the installation row of this document For.

In the present invention, for suchlike malice attached bag, it is considered as sensitive derivative, to derivative with the presence or absence of malice Judgement, can be by remotely being judged using predetermined security level.Specifically, when detecting generation derivative When, the characteristic information of corresponding file or its signature etc is sent to cloud by remote layout bank interface, and from cloud Its security level is obtained, if it is black, grey application, suggests that user refuses installation in pop-up；If it is white application, can permit Perhaps it passes through.By this method, the Prevention-Security to sensitive derivative can be realized.If cloud can't detect the derivative Relative recording, this method can be required to upload this document for it, and unknown applications are denoted as by cloud, correspondingly, being answered with ash With being marked, for future use.

(3) to the application of subprocess intrusion.

Monitored destination application creates subprocess in the process of running, and subprocess further discharges malicious event Behavior.Monitoring module 22 monitor destination application creation subprocess when, that is, obtain subprocess entrance, then to the son into Journey is implanted into monitoring module 22 of the invention, and all HOOK plug-in units (hook plug-in unit) all can be loaded into this in a manner of inline hook In subprocess and good realization hook is initialized, to establish the monitoring of the event behavior to the subprocess.Thus, it is possible to find out, The event behavior either directly triggered by destination application process, or by destination application process created son into The indirect event behavior that journey is triggered, the module 22 that can be monitored successfully monitor.

By above-mentioned analysis as it can be seen that the sand of application program progress control method and its construction of corresponding device institute of the invention Case running environment has efficient feasibility.

To further realize the present invention convenient for those skilled in the art, cloud server is disclosed further below and is set with terminal Standby how to cooperate realizes the related content of installation kit security level judgement:

As previously mentioned, the characteristic information of cloud server is sent to by remote layout bank interface by client, comprising: The packet name of Android installation kit, and/or, version number, and/or, digital signature, and/or, the spy of Android component receiver Sign, and/or, the feature of Android component service, and/or, the feature of Android component activity, and/or, it can hold Instruction or character string in style of writing part, and/or, the MD5 value (signature) of each file under Android installation kit catalogue.

Specified characteristic information is uploaded onto the server (cloud) by the client for realizing method or apparatus of the invention, The feature to match with specified single feature information or combinations thereof is searched in the preset rule base of server to record；Wherein, Corresponding security level is recorded comprising feature record and feature in the preset rule base of the server, is wrapped in every feature record The combination of information containing single feature or characteristic information；

Thousands of feature records are prefixed in server end rule base, wherein list certain in first feature record The Android installation kit packet name of virus lists the Android installation kit version of some normal use in Article 2 feature record Number and its digital signature MD5 value, Article 3 feature record in list some normal use Android installation kit packet name and Its receiver feature, list in Article 4 feature record the Android installation kit packet name of certain wooden horse, version number and its Specific character string, etc. in ELF file.

About the mark of security level, i.e., black, white (safety) or grey (unknown, suspicious) three kinds of marks can be further Ground is expressed as:

Safety: the application is a normal application, without any behavior for threatening user mobile phone safety；

Dangerous: there are security risks for the application, it is possible to the application inherently Malware；It is also possible to the application originally Being the normal software of regular company publication, but because there are security breaches, the privacy for leading to user, mobile phone safe are by prestige The side of body；

Careful: the application is a normal application, but there are some problems, such as user can be allowed accidentally to be detained Take, or there is disagreeableness advertisement to be complained；After finding this kind of application, user can be prompted to use with caution and inform this Using possible behavior, but decide whether remove the application in its sole discretion by user；

Wooden horse: the application is virus, wooden horse or other Malwares, here for being referred to generally simply as wooden horse, but not Indicate that the application is only wooden horse.

It should be appreciated that the cooperation between cloud and client, it can be disclosed according to the present invention by those skilled in the art Content further expand, convert, additions and deletions and improve.Thus, disclosure recited above should not be understood side to realize the present invention The limitation of method and device.

By test, the present invention has more wide application range and application effect compared with the existing technology, below slightly It illustrates:

Since HOOK frame has been made into service platform by the present invention, as terminal configuration monitoring in the way of linking up with plug-in unit Module 22, therefore, load are only needed dependent on corresponding configuration file, efficient administration and are easily achieved, for technical personnel, Some simple function calls, which only need to write configuration file, can be realized the configuration of hook plug-in unit, and HOOK is reentried, concurrency performance is high.

The load to monitoring module 22 and destination application is successively realized using host application, then by monitoring Module 22 establishes monitoring to the event behavior of destination application, and the hook to Java function, Native function may be implemented.

In conclusion the invention enables destination applications can run in sandbox running environment, and it can ensure that and be The safety of system.

The above is only some embodiments of the invention, it is noted that for the ordinary skill people of the art For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered It is considered as protection scope of the present invention.

Briefly, the embodiment of the invention discloses:

A1. a kind of application program configuration method, which comprises the following steps: parse the application program original peace Dress packet, obtains its internal file；The shell adding installation kit of original installation kit described in construction set and the internal file, it is described to be aggregated Internal file in be configured with loading module, the loading module, for by the former installation kit being aggregated be loaded into sandbox operation ring To run the application program in border；The shell adding installation kit is installed.

A2, application program configuration method according to a1, which is characterized in that one of described internal file is aggregated The copy of the configuration file of former installation kit, the shell adding installation kit and the former installation kit therein packet name having the same.

A3, the application program configuration method according to A2, which is characterized in that the copy of the configuration file refers in particular to Androidmanifest.xml file.

A4, application program configuration method according to a1, which is characterized in that the loading module is set to internal file One of code file in, the loading module be configured as using the former installation kit that is aggregated described in reflection call-by mechanism load with Run the application program.

A5, application program configuration method according to a4, which is characterized in that the code file is refered in particular to Classes.dex file.

A6, the application program configuration method according to A1 to any one of 5, which is characterized in that the internal file Including the resource file obtained from former installation kit being aggregated and/or dynamic library file and its corresponding bibliographic structure.

A7, the application program configuration method according to A6, which is characterized in that the resource file refer in particular to Res catalogue and Its lower included file, the dynamic library file refer in particular to Lib catalogue and its lower included file.

A8, the application program configuration method according to A6, which is characterized in that the resource file includes icon file, And the icon file is carried out obtained by partial modification based on the respective icon file obtained from former installation kit being aggregated.

A9, the application program configuration method according to A1 to any one of 5, which is characterized in that described to be aggregated Former installation kit is placed in the Assets catalogue of shell adding installation kit.

A10, the application program configuration method according to A1 to any one of 5, which is characterized in that the loading module It is configured as operation process with high safety monitoring of the guidance sandbox running environment to the application program, to realize the application program Normal operation in sandbox running environment.

The embodiment of the invention also discloses:

B11. a kind of application program configuration device characterized by comprising acquiring unit, it is described using journey for parsing Sequence original installation kit, obtains its internal file；Structural unit, for original installation kit described in construction set and the internal file plus Shell installation kit is configured with loading module, the loading module, the original installation for that will be aggregated in the internal file being aggregated Packet is loaded into sandbox running environment to run the application program；Installation unit, for installing the shell adding installation kit.

B12, the application program configuration device according to B11, which is characterized in that one of described internal file is to be aggregated Former installation kit configuration file copy, the shell adding installation kit and the former installation kit packet name having the same therein.

B13, application program configuration device according to b12, which is characterized in that the copy of the configuration file refers in particular to Androidmanifest.xml file.

B14, the application program configuration device according to B11, which is characterized in that the loading module is set to internal text In the code file of one of part, which is configured as using the former installation kit being aggregated described in reflection call-by mechanism load To run the application program.

B15, application program configuration device according to b14, which is characterized in that the code file is refered in particular to Classes.dex file.

B16, the application program configuration device according to B11 to any one of 15, which is characterized in that the internal text Part includes the resource file obtained from former installation kit being aggregated and/or dynamic library file and its corresponding bibliographic structure.

B17, the application program configuration device according to B16, which is characterized in that the resource file refers in particular to Res catalogue And its lower included file, the dynamic library file refer in particular to Lib catalogue and its lower included file.

B18, the application program configuration device according to B16, which is characterized in that the resource file includes icon text Part, and the icon file is carried out obtained by partial modification based on the respective icon file obtained from former installation kit being aggregated.

B19, the application program configuration device according to B11 to any one of 15, which is characterized in that described to be aggregated Former installation kit be placed in the Assets catalogue of shell adding installation kit.

B20, the application program configuration device according to B11 to any one of 15, which is characterized in that the load mould Block is configured as operation process with high safety monitoring of the guidance sandbox running environment to the application program, to realize this using journey Normal operation of the sequence in sandbox running environment.

Claims

1. a kind of application program configuration method, applied to exempting from Root sandbox environment, which comprises the following steps:

The shell adding installation kit of original installation kit described in construction set and the internal file, the former installation kit being aggregated are placed in shell adding In the Assets catalogue of installation kit, as the subsidiary resource of shell adding installation kit, there is the shell adding installation kit and the former peace Dress wraps identical packet name, is configured with loading module, the loading module, for what will be aggregated in the internal file being aggregated Former installation kit is loaded into run the application program in sandbox running environment, so that the application program and sand of the original installation kit Communication is established between case running environment, and guides sandbox running environment to the operation process prison with high safety of the application program Control, to realize normal operation of the application program in sandbox running environment；

Wherein, operation process with high safety monitoring of the guidance sandbox running environment to the application program, comprising: pass through institute It states loading module and further starts monitoring module, the monitoring module is sent out by long-range card i/f to backstage sandbox Hook frame Request is sent, and is obtained from the backstage sandbox Hook frame and is corresponded respectively to application program resource/system resource is visited The hook plug-in unit asked, the backstage sandbox Hook frame, is managed concentratedly beyond the clouds, is distributed to each terminal, wherein cloud End is mainly configured with Java hook plugin library and Native hook plugin library；

The access that further the hook plug-in unit that resource accesses is linked up with and monitors application program to resource using application program, Quoting resource is redirected, the program process is made to realize the normal reference to resource；And/or utilize application program To the access that the hook plug-in unit that system resource accesses is linked up with and monitors application program to system resource, and according to sandbox environment Security strategy determine whether the access operation, when not allowing the operation, Xiang Xiangguan call instruction return corresponding data To prevent the operation；

The shell adding installation kit is installed.

2. application program configuration method according to claim 1, which is characterized in that one of described internal file is to be aggregated Former installation kit configuration file copy, the shell adding installation kit and the former installation kit packet name having the same therein.

3. application program configuration method according to claim 2, which is characterized in that the copy of the configuration file refers in particular to Androidmanifest.xml file.

4. application program configuration method according to claim 1, which is characterized in that the loading module is set to internal text In the code file of one of part, which is configured as using the former installation kit being aggregated described in reflection call-by mechanism load To run the application program.

5. application program configuration method according to claim 4, which is characterized in that the code file is refered in particular to Classes.dex file.

6. application program configuration method as claimed in any of claims 1 to 5, which is characterized in that the internal text Part includes the resource file obtained from former installation kit being aggregated and dynamic library file and its corresponding bibliographic structure.

7. according to claim 1 to application program configuration method described in 5 any one, which is characterized in that the internal file Including the resource file obtained from former installation kit being aggregated or dynamic library file and its corresponding bibliographic structure.

8. application program configuration method according to claim 6, which is characterized in that the resource file refers in particular to Res catalogue And its lower included file, the dynamic library file refer in particular to Lib catalogue and its lower included file.

9. application program configuration method according to claim 6, which is characterized in that the resource file includes icon text Part, and the icon file is carried out obtained by partial modification based on the respective icon file obtained from former installation kit being aggregated.

10. a kind of application program configuration device, applied to exempting from Root sandbox environment characterized by comprising

Structural unit, for the shell adding installation kit of original installation kit described in construction set and the internal file, the original being aggregated is pacified Dress coating is placed in the Assets catalogue of shell adding installation kit, as the subsidiary resource of shell adding installation kit, makes the shell adding installation kit With packet name identical with the former installation kit, it is configured with loading module in the internal file being aggregated, the loading module, For the former installation kit being aggregated to be loaded into run the application program in sandbox running environment, so that the original installation kit Application program and sandbox running environment between establish and communicate, and guide operation of the sandbox running environment to the application program Process monitoring with high safety, to realize normal operation of the application program in sandbox running environment；

Wherein, operation process with high safety monitoring of the guidance sandbox running environment to the application program, comprising: pass through institute It states loading module and further starts monitoring module, the monitoring module is sent out by long-range card i/f to backstage sandbox Hook frame Request is sent, and is obtained from the backstage sandbox Hook frame and is corresponded respectively to application program resource/system resource is visited The hook plug-in unit asked, the backstage sandbox Hook frame, is managed concentratedly beyond the clouds, is distributed to each terminal, wherein cloud End is mainly configured with Java hook plugin library and Native hook plugin library；Further accessed using application program to resource The access linking up with and monitor application program to resource of hook plug-in unit, quoting resource is redirected, make the application program into Normal reference of the Cheng Shixian to resource；And/or the hook plug-in unit that system resource accesses is linked up with and supervised using application program Access of the application program to system resource is controlled, and the security strategy according to sandbox environment determines whether the access operation, when When not allowing the operation, Xiang Xiangguan call instruction returns to corresponding data to prevent the operation；

Installation unit, for installing the shell adding installation kit.

11. application program configuration device according to claim 10, which is characterized in that one of described internal file is to be collected The copy of the configuration file of the former installation kit of conjunction, the shell adding installation kit and the former installation kit therein packet having the same Name.

12. application program configuration device according to claim 11, which is characterized in that the copy of the configuration file refers in particular to Androidmanifest.xml file.

13. application program configuration device according to claim 10, which is characterized in that the loading module is set to inside In the code file of one of file, which is configured as using the former installation being aggregated described in reflection call-by mechanism load Packet is to run the application program.

14. application program configuration device according to claim 13, which is characterized in that the code file is refered in particular to Classes.dex file.

15. application program configuration device described in any one of 0 to 14 according to claim 1, which is characterized in that the inside File includes the resource file obtained from former installation kit being aggregated and dynamic library file and its corresponding bibliographic structure.

16. application program configuration device described in any one of 0 to 14 according to claim 1, which is characterized in that the inside File includes the resource file obtained from former installation kit being aggregated or dynamic library file and its corresponding bibliographic structure.

17. application program configuration device according to claim 15, which is characterized in that the resource file refers in particular to Res mesh Record and its lower included file, the dynamic library file refer in particular to Lib catalogue and its lower included file.

18. application program configuration device according to claim 15, which is characterized in that the resource file includes icon text Part, and the icon file is carried out obtained by partial modification based on the respective icon file obtained from former installation kit being aggregated.