CN104657259A - Android application testing method and device - Google Patents
Android application testing method and device Download PDFInfo
- Publication number
- CN104657259A CN104657259A CN201310598510.9A CN201310598510A CN104657259A CN 104657259 A CN104657259 A CN 104657259A CN 201310598510 A CN201310598510 A CN 201310598510A CN 104657259 A CN104657259 A CN 104657259A
- Authority
- CN
- China
- Prior art keywords
- command calls
- runtime data
- calls
- application program
- agreement
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3692—Test management for test results analysis
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention discloses an Android application testing method and device. The method comprises the following steps of A, positioning a command call of an application; B, monitoring the command call and obtaining runtime data; C, analyzing the obtained runtime data.
Description
Technical field
The present invention relates to software test, and particularly relate to a kind of method and apparatus testing Android application program.
Background technology
In the application, the cryptographic algorithm of standard and agreement usually can be used to carry out protected data.But, in Develop Application System process may mistakenly parameters (such as, key length, cipher key content) and/or use step (such as, whether use certificate, whether verify certificate chain), security be can not be guaranteed.For this reason, application programs is needed to carry out testing to avoid such problem.
The unexposed solution for the problems referred to above of prior art.Static automated testing method Problems existing of the prior art to obtain runtime parameter, and parameter when running is vital for the analysis relating to the part that cryptographic algorithm and agreement use of application program.Dynamic testing method of the prior art often needs amendment application program or adds breakpoint to debug, and do like this and will reduce the transparency of program monitoring and stability, such as, amendment application program may cause application program run-time error, also can destroy the signature mechanism of application program.
On the other hand, the method for testing of prior art only for the code issue of versatility, and cannot be called and carry out testing and analysis by the particular command just in application programs.Such as, cannot the part that cryptographic algorithm and agreement use that relate to of application programs carry out the safety analysis of specificity (such as, whether certificate lacks or is tampered), thus cannot carry out testing and find that the cryptographic algorithm of the mistake in application program and agreement use.
For this reason, the present invention proposes a kind of method and apparatus testing Android application program.
Summary of the invention
According to one object of the present invention, disclose a kind of method of testing Android application program, comprise the following steps:
A: the command calls of position-location application,
B: monitor described command calls and obtain runtime data,
C: the runtime data obtained is analyzed.
In a technical scheme, steps A comprises:
Application programs carries out static code decompiling, obtains class descriptor;
According to class descriptor, positioning command calls.
In a technical scheme, steps A comprises:
Location uses relevant command calls to cryptographic algorithm and/or agreement.
In a technical scheme, step B comprises:
Utilize the monitoring module be affixed in the Zygote process of Dalvik virtual machine to monitor described command calls and to obtain runtime data.
In a technical scheme, described runtime data uses relevant parameter to cryptographic algorithm and/or agreement.
In a technical scheme, in step, in the binary code of application program, its command calls is located.
In a technical scheme, described command calls is method call or instruction calls.
According to another object of the present invention, disclose a kind of device testing Android application program, comprising:
Locating module, for the command calls of position-location application,
Monitoring module, for monitoring described command calls and obtaining runtime data,
Analysis module, for analyzing the runtime data obtained.
In a technical scheme, locating module is configured to:
Application programs carries out static code decompiling, obtains class descriptor;
According to class descriptor, positioning command calls.
In a technical scheme, locating module is configured to:
Location uses relevant command calls to cryptographic algorithm and/or agreement.
In a technical scheme, described monitoring module is affixed in the Zygote process of Dalvik virtual machine, monitors described command calls thus and obtains runtime data.
In a technical scheme, described runtime data uses relevant parameter to cryptographic algorithm and/or agreement.
In a technical scheme, described locating module locates its command calls in the binary code of application program.
The present invention treats test procedure and carries out dynamic monitoring, obtains the content of operation of its cryptographic algorithm and agreement use.An advantage of the present invention is the various operation informations that initiatively can check mechanism, pattern, problem and collection code that code runs at program run duration, thus Macro or mass analysis can be performed stage by stage, according to the standard of specifying, obtain code quality correlated judgment result.Especially, the present invention can directly analyze the binary code of program, without the need to depending on the source code of program, and when program is run, technical scheme of the present invention is dynamically analyzed the program code loaded in internal memory, find and insert the position of instruction, and add specific instruction and carry out program monitoring.
Accompanying drawing explanation
After having read the specific embodiment of the present invention with reference to accompanying drawing, those skilled in the art will become apparent various aspects of the present invention.One skilled in the art will appreciate that these accompanying drawings only for coordinating embodiment that technical scheme of the present invention is described, and and be not intended to be construed as limiting protection scope of the present invention.
Fig. 1 is the step schematic diagram of the method for test Android application program according to the embodiment of the present invention.
Fig. 2 is the structural representation of the device of test Android application program according to the embodiment of the present invention.
Embodiment
With reference to the accompanying drawings, the specific embodiment of the present invention is described in further detail.In the following description, in order to the object explained, state many details to provide the thorough understanding of the one or more aspects to embodiment.But, can it is evident that for those skilled in the art, the less degree of these details can come one or more aspects of practicing various embodiments.Therefore the description below is not regarded as circumscribed, but limits protection domain by claims.
Fig. 1 is the step schematic diagram of the method for test Android application program according to the embodiment of the present invention.As shown in Figure 1, the method comprises the following steps:
A: the command calls of position-location application,
B: monitor described command calls and obtain runtime data,
C: the runtime data obtained is analyzed.
In step, can call the particular command of position-location application, such as, use relevant command calls to cryptographic algorithm and/or agreement.Command calls can be the method call of this application program, interface interchange or more fine-grained instruction calls.In one example, application programs carries out static code decompiling, obtains the class descriptor of APK program; According to class descriptor, method call is screened, filter out specific method call.
In stepb, utilize the monitoring module be affixed in the Zygote process of Dalvik virtual machine (Dalvik VM) to monitor described command calls and to obtain runtime data.
In one example, in the binary code of application program, its command calls is located.
The programming language that Android application program uses is Java language, and runs in Dalvik VM.One embodiment of the present of invention, by increasing monitoring module on Dalvik VM, are monitored program operation process.An Android application program operates in a corresponding Dalvik virtual machine instance, a virtual machine instance is an independently process space, therefore for making monitoring module monitor each process, monitoring module is attached in Zygote process by embodiments of the invention.
Zygote process is a special virtual machine process, is also the incubator of a virtual machine instance simultaneously, and whenever will performing an Android application program, Zygote uses fork function creation to go out a subprocess to perform this application program.Zygote process completes the initialization of virtual machine, the loading in storehouse, the operation such as the loading of preset class libraries and initialization, and when the virtual machine instance that needs one are new, Zygote, by copying self, provides a process masterplate the most rapidly.Therefore, when monitoring module is carried in Zygote process, the APK program of each new startup can have monitoring module in the process space, ensures the reliability monitored thus.
In APK program process, interpreter (Interpreter) is the enforcement engine of Dalvik virtual machine, and it takes charge of the explanation and performs dex bytecode (i.e. Android program source code final coding run produced after compiling).The dex bytecode of Dalvik comprises constant pool and (describes all constants, comprise quote, method name and digital constant etc., and class definition, comprise access rights mark, class name etc.), the contents such as data segment (comprising the method code of all target virtual machine execution and the data message relevant to class and method) and class instance variable, these information make monitoring module can monitor all information to fine granularity.In one embodiment, in the explanation implementation of Dalvik dex bytecode, utilize monitoring module, strategy matching monitoring is carried out to command calls.Such as, in coupling monitor procedure, first application programs is monitored, then monitoring analysis is carried out for its concrete class, next filter in instruction-level, obtain and use relevant instruction calls with cryptographic algorithm/agreement, carry out analytical applications (such as analyzing encryption behavior) finally by extracting runtime data from monitoring module.In one example, described runtime data uses relevant parameter to cryptographic algorithm and/or agreement.
Fig. 2 is the structural representation of the device of test Android application program according to the embodiment of the present invention.As shown in Figure 2, the device testing Android application program comprises locating module, monitoring module, analysis module.Wherein, locating module is used for the command calls of position-location application, and monitoring module is for monitoring described command calls and obtaining runtime data, and the runtime data that analysis module is used for obtaining is analyzed.In a technical scheme, locating module is configured to application programs and carries out static code decompiling, obtains class descriptor; According to class descriptor, localization method calls.In a technical scheme, locating module is configured to location and uses relevant command calls to cryptographic algorithm and/or agreement.In a technical scheme, described monitoring module is affixed in the Zygote process of Dalvik virtual machine, monitors described command calls thus and obtains runtime data.In a technical scheme, described runtime data uses relevant parameter to cryptographic algorithm and/or agreement.In one example, locating module locates its command calls in the binary code of application program.
By the description of above embodiment, those skilled in the art can understand, and when without departing from the spirit and scope of the present invention, can also do various change and replacement to the specific embodiment of the present invention.These change and replace and all drop in claims of the present invention limited range.
Claims (14)
1. test a method for Android application program, it is characterized in that, comprise the following steps:
A: the command calls of position-location application,
B: monitor described command calls and obtain runtime data,
C: the runtime data obtained is analyzed.
2. the method for claim 1, is characterized in that, steps A comprises:
Application programs carries out static code decompiling, obtains class descriptor;
According to class descriptor, positioning command calls.
3. method as claimed in claim 2, it is characterized in that, steps A comprises:
Location uses relevant command calls to cryptographic algorithm and/or agreement.
4. method as claimed in claim 3, it is characterized in that, step B comprises:
Utilize the monitoring module be affixed in the Zygote process of Dalvik virtual machine to monitor described command calls and to obtain runtime data.
5. method as claimed in claim 4, is characterized in that,
Described runtime data uses relevant parameter to cryptographic algorithm and/or agreement.
6. method as claimed in claim 5, is characterized in that,
In step, in the binary code of application program, its command calls is located.
7. method as claimed in claim 6, is characterized in that,
Described command calls is method call or instruction calls.
8. test a device for Android application program, it is characterized in that, comprising:
Locating module, for the command calls of position-location application,
Monitoring module, for monitoring described command calls and obtaining runtime data,
Analysis module, for analyzing the runtime data obtained.
9. device as claimed in claim 8, it is characterized in that, locating module is configured to:
Application programs carries out static code decompiling, obtains class descriptor;
According to class descriptor, positioning command calls.
10. device as claimed in claim 9, it is characterized in that, locating module is configured to:
Location uses relevant command calls to cryptographic algorithm and/or agreement.
11. devices as claimed in claim 10, is characterized in that,
Described monitoring module is affixed in the Zygote process of Dalvik virtual machine, monitors described command calls thus and obtains runtime data.
12. devices as claimed in claim 11, is characterized in that,
Described runtime data uses relevant parameter to cryptographic algorithm and/or agreement.
13. devices as claimed in claim 12, is characterized in that,
Described locating module locates its command calls in the binary code of application program.
14. devices as claimed in claim 13, is characterized in that,
Described command calls is method call or instruction calls.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310598510.9A CN104657259B (en) | 2013-11-22 | 2013-11-22 | A kind of method and apparatus for testing Android application programs |
| PCT/CN2014/090259 WO2015074489A1 (en) | 2013-11-22 | 2014-11-04 | Method and apparatus for testing android application program |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310598510.9A CN104657259B (en) | 2013-11-22 | 2013-11-22 | A kind of method and apparatus for testing Android application programs |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104657259A true CN104657259A (en) | 2015-05-27 |
| CN104657259B CN104657259B (en) | 2018-05-18 |
Family
ID=53178917
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310598510.9A Active CN104657259B (en) | 2013-11-22 | 2013-11-22 | A kind of method and apparatus for testing Android application programs |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN104657259B (en) |
| WO (1) | WO2015074489A1 (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105740701A (en) * | 2016-02-01 | 2016-07-06 | 中国人民大学 | Reconstruction method and device of application execution environment of Android platform |
| CN108133229A (en) * | 2017-12-11 | 2018-06-08 | 广州能量盒子科技有限公司 | The classification encryption method and system of a kind of Android APK file |
| CN109086200A (en) * | 2018-07-13 | 2018-12-25 | 南京大学 | A kind of validity test frame based on the modification of Android virtual machine |
| WO2019061783A1 (en) * | 2017-09-29 | 2019-04-04 | 武汉斗鱼网络科技有限公司 | Data test method and apparatus, electronic device and computer-readable storage medium |
| CN113032183A (en) * | 2021-03-24 | 2021-06-25 | 西安闻泰信息技术有限公司 | System management method, device, computer equipment and storage medium |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106911537A (en) * | 2017-04-19 | 2017-06-30 | 深圳天珑无线科技有限公司 | Information collecting method and information collecting device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7296190B2 (en) * | 2003-01-29 | 2007-11-13 | Sun Microsystems, Inc. | Parallel text execution on low-end emulators and devices |
| US20120151269A1 (en) * | 2010-12-10 | 2012-06-14 | Helix Technology Inc. | Mobile communication terminal capable of testing application and method thereof |
| CN102521118A (en) * | 2011-11-11 | 2012-06-27 | 福建星网视易信息系统有限公司 | Automatic testing method of Android program |
| CN102810143A (en) * | 2012-04-28 | 2012-12-05 | 天津大学 | Safety detecting system and method based on mobile phone application program of Android platform |
-
2013
- 2013-11-22 CN CN201310598510.9A patent/CN104657259B/en active Active
-
2014
- 2014-11-04 WO PCT/CN2014/090259 patent/WO2015074489A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7296190B2 (en) * | 2003-01-29 | 2007-11-13 | Sun Microsystems, Inc. | Parallel text execution on low-end emulators and devices |
| US20120151269A1 (en) * | 2010-12-10 | 2012-06-14 | Helix Technology Inc. | Mobile communication terminal capable of testing application and method thereof |
| CN102521118A (en) * | 2011-11-11 | 2012-06-27 | 福建星网视易信息系统有限公司 | Automatic testing method of Android program |
| CN102810143A (en) * | 2012-04-28 | 2012-12-05 | 天津大学 | Safety detecting system and method based on mobile phone application program of Android platform |
Non-Patent Citations (1)
| Title |
|---|
| 卜哲 等: "基于Android系统的智能终端软件行为分析方法", 《信息网络安全》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105740701A (en) * | 2016-02-01 | 2016-07-06 | 中国人民大学 | Reconstruction method and device of application execution environment of Android platform |
| WO2019061783A1 (en) * | 2017-09-29 | 2019-04-04 | 武汉斗鱼网络科技有限公司 | Data test method and apparatus, electronic device and computer-readable storage medium |
| CN108133229A (en) * | 2017-12-11 | 2018-06-08 | 广州能量盒子科技有限公司 | The classification encryption method and system of a kind of Android APK file |
| CN108133229B (en) * | 2017-12-11 | 2021-08-06 | 广州能量盒子科技有限公司 | Classified encryption method and system for android APK (android package) file |
| CN109086200A (en) * | 2018-07-13 | 2018-12-25 | 南京大学 | A kind of validity test frame based on the modification of Android virtual machine |
| CN109086200B (en) * | 2018-07-13 | 2020-04-14 | 南京大学 | Effective test framework based on android virtual machine modification |
| CN113032183A (en) * | 2021-03-24 | 2021-06-25 | 西安闻泰信息技术有限公司 | System management method, device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2015074489A1 (en) | 2015-05-28 |
| CN104657259B (en) | 2018-05-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Agadakos et al. | Nibbler: debloating binary shared libraries | |
| Sun et al. | Taintart: A practical multi-level information-flow tracking system for android runtime | |
| Xue et al. | NDroid: Toward tracking information flows across multiple Android contexts | |
| Backes et al. | Artist: The android runtime instrumentation and security toolkit | |
| CN104657259A (en) | Android application testing method and device | |
| US20180211046A1 (en) | Analysis and control of code flow and data flow | |
| CN105046116B (en) | Protect dex files not by the method for decompiling in android system | |
| US20170024230A1 (en) | Method, apparatus, and computer-readable medium for ofuscating execution of an application on a virtual machine | |
| Schutte et al. | Appcaulk: Data leak prevention by injecting targeted taint tracking into android apps | |
| CN114021142A (en) | Android application program vulnerability detection method | |
| CN109271789B (en) | Malicious process detection method and device, electronic equipment and storage medium | |
| CN109388946B (en) | Malicious process detection method and device, electronic equipment and storage medium | |
| CN113569246A (en) | Vulnerability detection method and device, computer equipment and storage medium | |
| Arzt et al. | The soot-based toolchain for analyzing android apps | |
| CN112434266A (en) | Shell code control flow flattening confusion method | |
| Agadakos et al. | Large-scale debloating of binary shared libraries | |
| You et al. | Deoptfuscator: Defeating Advanced Control-Flow Obfuscation Using Android Runtime (ART) | |
| Mitchell et al. | Systematic audit of third-party android phones | |
| Siavvas et al. | On the relationship between software security and energy consumption | |
| CN107209815B (en) | Method for code obfuscation using return-oriented programming | |
| Yeh et al. | Covdroid: A black-box testing coverage system for android | |
| Bleier et al. | Of ahead time: Evaluating disassembly of android apps compiled to binary oats through the art | |
| Xiong et al. | Towards build verifiability for java-based systems | |
| Jurn et al. | A survey of automated root cause analysis of software vulnerability | |
| KR101842263B1 (en) | Method and apparatus for preventing reverse engineering |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |