CN105447349A - Method and device for protecting derived symbol in so file - Google Patents
Method and device for protecting derived symbol in so file Download PDFInfo
- Publication number
- CN105447349A CN105447349A CN201510812749.0A CN201510812749A CN105447349A CN 105447349 A CN105447349 A CN 105447349A CN 201510812749 A CN201510812749 A CN 201510812749A CN 105447349 A CN105447349 A CN 105447349A
- Authority
- CN
- China
- Prior art keywords
- file
- symbol
- title
- original symbol
- obscure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 85
- 230000008569 process Effects 0.000 claims description 60
- 238000009795 derivation Methods 0.000 claims description 49
- 230000006870 function Effects 0.000 description 20
- 239000010410 layer Substances 0.000 description 16
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000009434 installation Methods 0.000 description 2
- 238000005457 optimization Methods 0.000 description 2
- 108091029480 NONCODE Proteins 0.000 description 1
- 230000001133 acceleration Effects 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000000712 assembly Effects 0.000 description 1
- 238000000429 assembly Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 239000012792 core layer Substances 0.000 description 1
- 238000005111 flow chemistry technique Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method and device for protecting a derived symbol in a so file. The method comprises the following steps: finding the position of a character string of the derived symbol in the so file from the so file one by one; obtaining an original symbol name at the position, confusing the original symbol name at the position, and obtaining a confused symbol name, the length of which is the same to that of the original symbol name at the position; taking the confused symbol name as the new derived symbol, and writing in the corresponding position in the so file. By means of the manner, protection of the so file can be realized; and thus, the security of an application program is further improved.
Description
Technical field
The present invention relates to applications security technical field, particularly relate to a kind of method that derivation symbol in so file is protected and device.
Background technology
Along with the high speed development of Android (Android) smart machine, the safety problem of mobile terminal also comes out gradually.
Android application program (APP) is cracked by reverse, difficulty is very low, at the dex (executable file be made up of Dalvik bytecode under being Android platform, Dalvik is the Java Virtual Machine that Google company oneself is designed for Android platform) aspect, even can directly decompiling go out java source code and read, in order to improve the security of Android application, Google provides ProGuard instrument, when generation Android installation kit (apk), can configure according to user, to the class name in java code, function name is obscured, become some insignificant character strings, even if cracker decompiles into java code, also the effect of analysis classes or function cannot be carried out according to these titles, greatly enhance the security of software.
But, in most cases, an Android application is made up of two parts: the dex file of java aspect and so (being the dynamic link library file under linux) file of native aspect, these two parts are independently, so file is equivalent to a module, and developer can call the deriving method of so file at java layer.But in major applications, be only most crucial code in so file, ProGuard instrument is helpless to the protection of so file.
Summary of the invention
The technical matters that the present invention mainly solves is to provide a kind of method of protecting the derivation symbol in so file and device, can realize the protection to so file, thus strengthen the security of application program further.
For solving the problems of the technologies described above, the technical scheme that the present invention adopts is: provide a kind of method protected the derivation symbol in so file, described method comprises: from so file, find the position of character string in described so file of deriving symbol one by one; Obtain the original symbol title of described position, and process is obscured to the original symbol title of described position; Obtain identical with the length of the original symbol title of described position obscure after designation; Using described obscure after designation to write correspondence position in described so file as new derivation symbol.
Wherein, the described step finding the position of character string in described so file of deriving symbol from so file one by one, comprising: find the positional information of described derivation symbol in described so file by system command; According to the positional information of described derivation symbol in described so file, from described so file, find the position of the character string of described derivation symbol in described so file one by one.
Wherein, the original symbol title of the described position of described acquisition, and the original symbol title of described position is obscured to the step of process, comprising: the original symbol title obtaining described position, and judge whether the original symbol title of described position can obscure process; If the original symbol title of described position can obscure process, then process is obscured to the original symbol title of described position.
Wherein, describedly judge the step whether the original symbol title of described position can obscure process, comprise: if the character string that described original symbol title is not JNI_Onload, JNI_Unload or starts with java_, then judge that the original symbol title of described position can obscure process.
Wherein, the described original symbol title to described position obscures the step of process, comprising: obscure process by the original symbol title of Message Digest Algorithm 5 MD5 to described position.
For solving the problems of the technologies described above, another technical solution used in the present invention is: provide a kind of device protected the derivation symbol in so file, described device comprises: find module, for finding the position of character string in described so file of deriving symbol from so file one by one; Obscuring module, for obtaining the original symbol title of described position, and process being obscured to the original symbol title of described position; Acquisition module, for obtain identical with the length of the original symbol title of described position obscure after designation; Writing module, for using described obscure after designation to write correspondence position in described so file as new derivation symbol.
Wherein, module is found to comprise described in: first finds unit, for being found the positional information of described derivation symbol in described so file by system command; Second finds unit, for according to the positional information of described derivation symbol in described so file, finds the position of the character string of described derivation symbol in described so file from described so file one by one.
Wherein, described in obscure module and comprise: acquiring unit, for obtaining the original symbol title of described position, judging unit, for judging whether the original symbol title of described position can obscure process; Obfuscation unit, for being when can obscure process in the original symbol title of described position, obscures process to the original symbol title of described position.
Wherein, described judging unit specifically in described original symbol title be not JNI_Onload, JNI_Unload or with java_ beginning character string time, judge that the original symbol title of described position can obscure process.
Wherein, module is obscured described in specifically for obscuring process by the original symbol title of Message Digest Algorithm 5 MD5 to described position.
The invention has the beneficial effects as follows: the situation being different from prior art, the present invention finds the position of character string in so file of deriving symbol one by one from so file; Obtain the original symbol title of this position, and process is obscured to the original symbol title of this position; Obtain identical with the length of the original symbol title of this position obscure after designation; Using the designation after obscuring as the correspondence position in new derivation symbol write so file.Owing to obscuring the derivation symbol of so file, in this way, the protection to so file can be realized, thus strengthen the security of application program further.
Accompanying drawing explanation
Fig. 1 is the configuration diagram of android system;
Fig. 2 is the process flow diagram of the present invention to method one embodiment that the derivation symbol in so file is protected;
Fig. 3 is the process flow diagram of the present invention to another embodiment of method that the derivation symbol in so file is protected;
Fig. 4 is the process flow diagram of the present invention to the another embodiment of method that the derivation symbol in so file is protected;
Fig. 5 is the structural representation of the present invention to device one embodiment that the derivation symbol in so file is protected;
Fig. 6 is the structural representation of the present invention to another embodiment of device that the derivation symbol in so file is protected;
Fig. 7 is the structural representation of the present invention to the another embodiment of device that the derivation symbol in so file is protected.
Embodiment
Before introducing the present invention in detail, technology first illustratively related to the present invention.
Android is the mobile phone operating system of increasing income based on Linux platform of Google exploitation.It comprises operating system, user interface and application program.Android adopts WebKit browser engine, possesses touch-screen, advanced figure display and function of surfing the Net, and user can check Email, search network address and viewing video frequency program etc. on mobile phone, is a kind of single platform incorporating whole Web and apply.
The system architecture of Android is the same with its operating system, have employed the framework of layering.See the system architecture schematic diagram that Fig. 1, Fig. 1 are Android, from Organization Chart, Android is divided into four layers, from high level to low layer respectively: application layer 10, application framework layer 20, system cloud gray model storehouse layer 30 and linux core layer 40.
(1) issue together together with a series of core application bag at application layer 10, Android, this application package comprises email client, SMS short message program, calendar, map, browser, contact management's program etc.All application programs all use JAVA language to write.
(2) at application framework layer 20, developer can access the API framework that core application uses completely.The architecture design of this application program simplifies reusing of assembly, and any one application program can issue its functional block and other application program any can use its functional block issued.Equally, this application program reuse mechanism also makes user can replace program assembly easily.Be hidden in each application below be a series of service and system, comprising:
Enrich and extendible view (Views), can be used for building application program, it comprises list (lists), grid (grids), text box (textboxes), button (buttons), even embeddable web browser;
Content Provider (ContentProviders), it makes application program can access the data (as contact database) of Another application program, or shares their data;
Explorer (ResourceManager), it provides the access of non-code resource, as local character string, figure and topology file (layoutfiles);
Notification manager (NotificationManager), it makes application program can show self-defining information in status bar;
Active manager (ActivityManager), is used for managing application program life cycle and providing conventional navigation Backward Function.
(3) system cloud gray model storehouse layer 30 comprises routine library and Android Runtime Library.
1) routine library:
Android comprises some C/C++ storehouses, and these storehouses can be used by assemblies different in android system.They by Android application framework for developer provides service.Below some core libraries:
System C storehouse, inherits from BSD the standard C system function storehouse (libc) of coming for one, and it is special in the device customizing based on embeddedlinux;
Media library, based on PacketVideoOpenCORE, multiple conventional audio frequency, video format playback and recording are supported in this storehouse, support static image file simultaneously;
SurfaceManager, it manages display subsystem, and provides the seamless fusion of 2D and 3D layer for multiple application program;
LibWebCore, a up-to-date web browser engine use, supports Android browser and an embeddable web view;
SGL, the 2D graphics engine of bottom;
3Dlibraries, realizes based on OpenGLES1.0APIs, and this storehouse can use hardware 3D to accelerate or use the soft acceleration of 3D of height optimization;
FreeType, bitmap (bitmap) and the display of vector (vector) font;
SQLite, can use for all application programs for one, the light-duty relevant database engine of powerful in function.
2) Android Runtime Library:
Android includes a core library, and this core library provides most of functions of JAVA programming language core library.Each Android application program is run in its process, all has an independently Dalvik virtual machine instance.Dalvik is designed to an equipment can run multiple virtual system simultaneously efficiently.Dalvik virtual machine performs Dalvik executable file, and this formatted file makes to be used as optimization for little internal memory.Virtual machine is based on register simultaneously, and all classes all via the compiling of JAVA compiler, then become .dex form to be performed by virtual machine by " dx " tool change in SDK.Dalvik virtual machine depends on some functions of linux kernel, such as threading mechanism and bottom memory management mechanism.
(4) Linux inner core 40:
Security, memory management, management of process, network protocol stack and driving model etc. are responsible in the core system service of Android.Linux kernel is also simultaneously as the level of abstraction between hardware and software stack.
In most cases, an Android application is made up of two parts: the dex file of java aspect and so (being the dynamic link library file under linux) file of native aspect.
Java aspect is exactly the application framework layer Framework often said, in this layer, thing is a lot of also very complicated, and the Android code write can normally identify and action, all will rely on the support of this one deck, and this one deck is also realized by Java language.
Native aspect is positioned at system cloud gray model storehouse layer, this part more common local service and some chained libraries etc.A feature of this one deck is exactly realized by C and C Plus Plus.
So file is the dynamic link library file under linux, its file layout can perform and can link form (ExecutableandLinkableFormat, be called for short elf), elf is a kind of Standard File Format for binary file, executable file, object code, shared library and Core Dump.
In order to improve the security of Android application, Google provides ProGuard instrument, when generation Android installation kit, can configure according to user, class name in java code, function name are obscured, becomes some insignificant character strings, even if cracker decompiles into java code, also cannot carry out the effect of analysis classes or function according to these titles, greatly enhance the security of software.But the protection of ProGuard instrument to so file is helpless.
The present invention will realize obscuring the derivation symbol of so file, becomes some and does not have significant random string, prevents cracker from being cracked by the designation deriving symbol; Concrete scheme is: the original symbol title obtaining the position in character string place so file of deriving symbol; process is obscured to original symbol title; intercept with the obscuring of original symbol title equal length after designation; and using the designation after obscuring as the correspondence position in new derivation symbol write so file; in this way; the protection to so file can be realized, thus strengthen the security of application program further.
Below in conjunction with drawings and embodiments, the present invention is described in detail.
Consult Fig. 2, Fig. 2 is the process flow diagram of the present invention to method one embodiment that the derivation symbol in so file is protected, and the method comprises:
Step S101: find the position of character string in so file of deriving symbol from so file one by one.
Derive symbol be so file to the visible symbol in outside, comprise function, class, variable etc.From so file, find the mode of the position of character string in so file of deriving symbol to have a variety of one by one, such as: the form of so file is elf file layout, according to the feature of elf file layout, can find the position of character string in so file of deriving symbol one by one, certain this Measures compare is time-consuming; And for example: the position of character string in so file of deriving symbol can be found rapidly one by one by the mode of system command from so file.
Step S102: the original symbol title obtaining this position, and process is obscured to the original symbol title of this position.
Original symbol title comprises a large amount of information be easily cracked, such as: class name, method name, function name, variable name, parameter name etc., because class name, method name etc. all can follow certain Naming conventions usually, cracker is easy to guess code function according to these information, reading gets up just to follow through sees that source code is the same, therefore, there is security hidden trouble.
Obscuring process to original symbol title is adopt obfuscation to original symbol title processing process, to prevent the person's of being cracked decompiling.Conventional obfuscation, such as: java class name, method name are obscured, Java Code obfuscation, Dalvik bytecode is encrypted, Androidapk encryption etc.
Step S103: obtain identical with the length of the original symbol title of this position obscure after designation.
Designation after obscuring needs to put into original position, and therefore, the designation after obscuring is equal with the length of original symbol title.The length of the designation after Initial Interest Confusion may be inconsistent with the length of the original symbol title of this position, if the length of the designation after Initial Interest Confusion is longer, the character string of its moderate-length can be intercepted, as the designation after obscuring, if the length of the designation after Initial Interest Confusion is shorter, other character string can be supplemented to equal length, then as the designation after obscuring.
Step S104: using the designation after obscuring as the correspondence position in new derivation symbol write so file.
Correspondence position is the position at original symbol title place.Designation after obscuring replaces original symbol title, as the correspondence position in new derivation symbol write so file, thus realizes the protection to so file.
Embodiment of the present invention finds the position of character string in so file of deriving symbol one by one from so file; Obtain the original symbol title of this position, and process is obscured to the original symbol title of this position; Obtain identical with the length of the original symbol title of this position obscure after designation; Using the designation after obscuring as the correspondence position in new derivation symbol write so file.Owing to obscuring the derivation symbol of so file, in this way, the protection to so file can be realized, thus strengthen the security of application program further.
Wherein, see Fig. 3, step S101 can comprise: sub-step S1011 and sub-step S1012.
Sub-step S1011: found by system command and derive the positional information of symbol in so file.
Sub-step S1012: according to the positional information of derivation symbol in so file, find the position of character string in so file of deriving symbol one by one from so file.
Such as: (1) uses system command readelf-axxx.so|grep " dynstr " to find the start address in dynstr section district, is stored in variable base, and the total length totalsize in this section of region.From base, to the position of base+totalsize, deposit each designation one by one and rely on the title etc. in storehouse, each title with ' 0' separate;
(2) use system command readelf-sxxx.so to find the character string of all derivation symbols, be stored in array symbols, symbols is a character string dimension;
(3) by the first address base in the 1st step, from file, read out each title one by one, and search in symbols array, if found, explanation is one derives symbol, thus finds the position of the character string of this derivation symbol in so file, the rest may be inferred, searches one by one.
Certainly, except the above-mentioned system command enumerated, other system command can also be had, also can find and derive the positional information of symbol in so file.Such as: realelf-Sxxx.so|grep " dynstr ", or objdump-xxxx.so|grep " dynstr " etc.
Found the position of character string in so file of deriving symbol by the mode of system command, the position of character string in so file of all derivation symbols can be found soon, thus improve the efficiency of searching.
Wherein, see Fig. 4, step S102 can also comprise: sub-step S1021 and sub-step S1022.
Sub-step S1021: the original symbol title obtaining this position, and judge whether the original symbol title of this position can obscure process.
Sub-step S1022: if the original symbol title of this position can obscure process, then process is obscured to the original symbol title of this position.
If be all encrypted all derivation symbols, likely cause so file to use, therefore, first judge whether the original symbol title of this position can obscure process, when passable, just carry out obscuring process.
Specifically, judge whether the original symbol title of position can be obscured process and comprise: if the character string that original symbol title is not JNI_Onload, JNI_Unload or starts with java_, then judge that the original symbol title of this position can obscure process.
JNI_Onload, JNI_Unload, these 2 functions are entrance functions of Androidso files loading, if be modified, will cause loading; With the function of java_ beginning, be very likely the derivative function that java layer needs to call, if modified under ignorant, java layer may be caused to can not find corresponding function.Therefore, these original symbol titles cannot obscure process.
After above-mentioned flow processing, in so file except the derivative function name that the above-mentioned several java layer of minority must rely on, other derivation symbol has been confused into random string, use and the stability of so file are not affected completely, but cracker but cannot according to the title of symbol, go the effect guessing symbol, thus increase the difficulty cracked.
Wherein, the original symbol title of this position is obscured to the step of process, comprising: obscure process by the original symbol title of Message Digest Algorithm 5 MD5 to position.
Message Digest Algorithm 5 (MessageDigestAlgorithm is called for short MD5) is the widely used a kind of hash function of computer safety field, in order to provide the integrity protection of message.By the way, anti-decoding ability can be strengthened.
Consult Fig. 5, Fig. 5 is the structural representation of the present invention to device one embodiment that the derivation symbol in so file is protected, this device can to perform the above method in step, the detailed description of related content refers to said method part, no longer superfluously to chat at this.
This device comprises: find module 101, obscure module 102, acquisition module 103 and writing module 104.
Find module 101 for finding the position of character string in so file of deriving symbol from so file one by one.
Obscure module 102 for obtaining the original symbol title of this position, and process is obscured to the original symbol title of this position.
Acquisition module 103 for obtain identical with the length of the designation of this position obscure after designation.
Writing module 104 for using the designation after obscuring as the correspondence position in new derivation symbol write so file.
Embodiment of the present invention finds the position of character string in so file of deriving symbol one by one from so file; Obtain the original symbol title of this position, and process is obscured to the original symbol title of this position; Obtain identical with the length of the original symbol title of this position obscure after designation; Using the designation after obscuring as the correspondence position in new derivation symbol write so file.Owing to obscuring the derivation symbol of so file, in this way, the protection to so file can be realized, thus strengthen the security of application program further.
Wherein, see Fig. 6, module 101 is found to comprise: first finds unit 1011 and second to find unit 1012.
First finds unit 1011 to derive the positional information of symbol in so file for being found by system command.
Second finds unit 1012 for according to the positional information of derivation symbol in so file, finds the position of character string in so file of deriving symbol from so file one by one.
Wherein, see Fig. 7, obscure module 102 and comprise: acquiring unit 1021, judging unit 1022 and obfuscation unit 1023.
Acquiring unit 1021 is for obtaining the original symbol title of this position.
Judging unit 1022 is for judging whether the original symbol title of this position can obscure process.
Obfuscation unit 1023, for being when can obscure process in the original symbol title of this position, obscures process to the original symbol title of this position.
Wherein, judging unit 1022 specifically in original symbol title be not JNI_Onload, JNI_Unload or with java_ beginning character string time, judge that the original symbol title of this position can obscure process.
Wherein, module 102 is obscured specifically for obscuring process by the original symbol title of Message Digest Algorithm 5 MD5 to this position.
The foregoing is only embodiments of the present invention; not thereby the scope of the claims of the present invention is limited; every utilize instructions of the present invention and accompanying drawing content to do equivalent structure or equivalent flow process conversion; or be directly or indirectly used in other relevant technical fields, be all in like manner included in scope of patent protection of the present invention.
Claims (10)
1. to the method that the derivation symbol in so file is protected, it is characterized in that, described method comprises:
The position of character string in described so file of deriving symbol is found one by one from so file;
Obtain the original symbol title of described position, and process is obscured to the original symbol title of described position;
Obtain identical with the length of the original symbol title of described position obscure after designation;
Using described obscure after designation to write correspondence position in described so file as new derivation symbol.
2. method according to claim 1, is characterized in that, the described step finding the position of character string in described so file of deriving symbol from so file one by one, comprising:
The positional information of described derivation symbol in described so file is found by system command;
According to the positional information of described derivation symbol in described so file, from described so file, find the position of the character string of described derivation symbol in described so file one by one.
3. method according to claim 1, is characterized in that, the original symbol title of the described position of described acquisition, and the step original symbol title of described position being obscured to process, comprising:
Obtain the original symbol title of described position, and judge whether the original symbol title of described position can obscure process;
If the original symbol title of described position can obscure process, then process is obscured to the original symbol title of described position.
4. method according to claim 3, is characterized in that, describedly judges the step whether the original symbol title of described position can obscure process, comprising:
If the character string that described original symbol title is not JNI_Onload, JNI_Unload or starts with java_, then judge that the original symbol title of described position can obscure process.
5. the method according to any one of claim 1-4, is characterized in that, the described original symbol title to described position obscures the step of process, comprising:
Process is obscured by the original symbol title of Message Digest Algorithm 5 MD5 to described position.
6. to the device that the derivation symbol in so file is protected, it is characterized in that, described device comprises:
Find module, for finding the position of character string in described so file of deriving symbol from so file one by one;
Obscuring module, for obtaining the original symbol title of described position, and process being obscured to the original symbol title of described position;
Acquisition module, for obtain identical with the length of the original symbol title of described position obscure after designation;
Writing module, for using described obscure after designation to write correspondence position in described so file as new derivation symbol.
7. device according to claim 6, is characterized in that, described in find module to comprise:
First finds unit, for being found the positional information of described derivation symbol in described so file by system command;
Second finds unit, for according to the positional information of described derivation symbol in described so file, finds the position of the character string of described derivation symbol in described so file from described so file one by one.
8. device according to claim 6, is characterized in that, described in obscure module and comprise:
Acquiring unit, for obtaining the original symbol title of described position,
Judging unit, for judging whether the original symbol title of described position can obscure process;
Obfuscation unit, for being when can obscure process in the original symbol title of described position, obscures process to the original symbol title of described position.
9. device according to claim 8, it is characterized in that, described judging unit specifically in described original symbol title be not JNI_Onload, JNI_Unload or with java_ beginning character string time, judge that the original symbol title of described position can obscure process.
10. the device according to any one of claim 6-9, is characterized in that, described in obscure module specifically for obscuring process by the original symbol title of Message Digest Algorithm 5 MD5 to described position.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510812749.0A CN105447349A (en) | 2015-11-20 | 2015-11-20 | Method and device for protecting derived symbol in so file |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510812749.0A CN105447349A (en) | 2015-11-20 | 2015-11-20 | Method and device for protecting derived symbol in so file |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105447349A true CN105447349A (en) | 2016-03-30 |
Family
ID=55557519
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510812749.0A Pending CN105447349A (en) | 2015-11-20 | 2015-11-20 | Method and device for protecting derived symbol in so file |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105447349A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106599730A (en) * | 2016-12-20 | 2017-04-26 | 武汉斗鱼网络科技有限公司 | File detection method, apparatus and system |
| CN107992723A (en) * | 2017-11-29 | 2018-05-04 | 南京莱斯信息技术股份有限公司 | A kind of Java protection of source codes methods based on dynamic link library |
| CN108304187A (en) * | 2016-08-24 | 2018-07-20 | 北京花甲科技有限公司 | A kind of generation method and equipment of static library |
| CN109510825A (en) * | 2018-11-13 | 2019-03-22 | 许昌许继软件技术有限公司 | Dynamic base encryption method and device and the anti-abduction method and apparatus of dynamic base |
| CN110489162A (en) * | 2019-08-02 | 2019-11-22 | 北京字节跳动网络技术有限公司 | Installation kit SO file compressing method, device, medium and equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938036A (en) * | 2011-11-29 | 2013-02-20 | Ut斯达康通讯有限公司 | Section double encryption and safe loading method of Windows dynamic link library |
| CN103150493A (en) * | 2013-02-28 | 2013-06-12 | 浙江中控技术股份有限公司 | JavaScript code obfuscation method and device |
| CN103198244A (en) * | 2013-03-26 | 2013-07-10 | 北京深思数盾科技有限公司 | Method for protecting dynamic linking library (DLL) |
| CN104392181A (en) * | 2014-11-18 | 2015-03-04 | 北京奇虎科技有限公司 | SO file protection method and device and android installation package reinforcement method and system |
| CN104751024A (en) * | 2013-12-27 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Method and device for encrypting core source code |
-
2015
- 2015-11-20 CN CN201510812749.0A patent/CN105447349A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938036A (en) * | 2011-11-29 | 2013-02-20 | Ut斯达康通讯有限公司 | Section double encryption and safe loading method of Windows dynamic link library |
| CN103150493A (en) * | 2013-02-28 | 2013-06-12 | 浙江中控技术股份有限公司 | JavaScript code obfuscation method and device |
| CN103198244A (en) * | 2013-03-26 | 2013-07-10 | 北京深思数盾科技有限公司 | Method for protecting dynamic linking library (DLL) |
| CN104751024A (en) * | 2013-12-27 | 2015-07-01 | 腾讯科技(深圳)有限公司 | Method and device for encrypting core source code |
| CN104392181A (en) * | 2014-11-18 | 2015-03-04 | 北京奇虎科技有限公司 | SO file protection method and device and android installation package reinforcement method and system |
Non-Patent Citations (1)
| Title |
|---|
| 苏帅: "基于Android平台的软件保护研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108304187A (en) * | 2016-08-24 | 2018-07-20 | 北京花甲科技有限公司 | A kind of generation method and equipment of static library |
| CN106599730A (en) * | 2016-12-20 | 2017-04-26 | 武汉斗鱼网络科技有限公司 | File detection method, apparatus and system |
| CN106599730B (en) * | 2016-12-20 | 2019-08-02 | 武汉斗鱼网络科技有限公司 | File test method, device and system |
| CN107992723A (en) * | 2017-11-29 | 2018-05-04 | 南京莱斯信息技术股份有限公司 | A kind of Java protection of source codes methods based on dynamic link library |
| CN109510825A (en) * | 2018-11-13 | 2019-03-22 | 许昌许继软件技术有限公司 | Dynamic base encryption method and device and the anti-abduction method and apparatus of dynamic base |
| CN110489162A (en) * | 2019-08-02 | 2019-11-22 | 北京字节跳动网络技术有限公司 | Installation kit SO file compressing method, device, medium and equipment |
| CN110489162B (en) * | 2019-08-02 | 2023-09-22 | 北京字节跳动网络技术有限公司 | Method, device, medium and equipment for simplifying installation package SO (storage and retrieval) file |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Holla et al. | Android based mobile application development and its security | |
| US10824404B2 (en) | Methods and systems for uploading a program based on a target network platform | |
| US8972967B2 (en) | Application packages using block maps | |
| CN107506221B (en) | Application program upgrading method, device and equipment | |
| US9223999B2 (en) | Management of Digital information | |
| US9152796B2 (en) | Dynamic analysis interpreter modification for application dataflow | |
| CN105447349A (en) | Method and device for protecting derived symbol in so file | |
| US20150012924A1 (en) | Method and Device for Loading a Plug-In | |
| US10176327B2 (en) | Method and device for preventing application in an operating system from being uninstalled | |
| US11036479B2 (en) | Devices, systems, and methods of program identification, isolation, and profile attachment | |
| WO2022247301A1 (en) | Testing method, graphical interface and related apparatus | |
| US9513762B1 (en) | Static content updates | |
| WO2022247300A1 (en) | Sandbox initialization method, graphical interface and related apparatus | |
| US8473936B2 (en) | System and method for runtime class extracting | |
| Li | Mining androzoo: A retrospect | |
| US20180349102A1 (en) | Apparatus and method for converting large-scale application | |
| CN113268221A (en) | File matching method and device, storage medium and computer equipment | |
| CN115080114B (en) | Application program transplanting processing method, device and medium | |
| US20220337620A1 (en) | System for collecting computer network entity information employing abstract models | |
| CN106778270B (en) | Malicious application detection method and system | |
| CN105610908B (en) | A kind of samba service implementing method and system based on Android device | |
| Ai et al. | Enhancing personal information security on android with a new synchronization scheme | |
| US20170286195A1 (en) | Information object system | |
| CN106897588B (en) | Processing method and device of label function | |
| KR101562282B1 (en) | System and Method for Verifying Integrity of an ODEX |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 519000 High-tech Zone, Zhuhai City, Guangdong Province, Unit 1, Fourth Floor C, Building A, Headquarters Base No. 1, Qianwan Third Road, Tangjiawan Town Applicant after: ZHUHAI DUOWAN INFORMATION TECHNOLOGY LIMITED Address before: 510000 Nancun Town Wanbo Business Center, Panyu District, Guangzhou City, Guangdong Province, 29 floors of B-1 Building, Wanda Business Plaza North District Applicant before: ZHUHAI DUOWAN INFORMATION TECHNOLOGY LIMITED |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160330 |