CN105718764A - Android system trap instruction based software reinforcement method - Google Patents
Android system trap instruction based software reinforcement method Download PDFInfo
- Publication number
- CN105718764A CN105718764A CN201610034623.XA CN201610034623A CN105718764A CN 105718764 A CN105718764 A CN 105718764A CN 201610034623 A CN201610034623 A CN 201610034623A CN 105718764 A CN105718764 A CN 105718764A
- Authority
- CN
- China
- Prior art keywords
- androidmanifest
- application
- resid
- district
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 230000002787 reinforcement Effects 0.000 title claims abstract description 23
- 238000009434 installation Methods 0.000 claims abstract description 8
- 238000012856 packing Methods 0.000 claims abstract description 4
- 238000012545 processing Methods 0.000 claims abstract description 3
- 230000006837 decompression Effects 0.000 claims description 4
- 239000000284 extract Substances 0.000 claims description 3
- 230000003014 reinforcing effect Effects 0.000 claims 1
- 238000004458 analytical method Methods 0.000 abstract description 8
- 230000008569 process Effects 0.000 description 6
- 108010092377 aminoalcoholphosphotransferase Proteins 0.000 description 2
- 230000000712 assembly Effects 0.000 description 2
- 238000000429 assembly Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 230000008439 repair process Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000010009 beating Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000035800 maturation Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012857 repacking Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
Abstract
The invention discloses an Android system trap instruction based software reinforcement method. A trap instruction analysis method is utilized for processing an entrance file AndroidManifest.xml in an Android installation package through analyzing an axml file, so that an application program is difficult to decompile and an application after being reinforced has no influence to the normal operation of the program. The Android system trap instruction based software reinforcement method comprises the steps of analyzing the Axml file; establishing an application attribute item, including, an index name and an attribute name, and adding the application attribute item to the AndroidManifest.xml file through modifying a StringChunk area and a RessourceChunk area; modifying a corresponding Size attribute in the AndroidManifest.xml file; and packing the AndroidManifest.xml file to finish reinforcement. On one hand, the Android system trap instruction based software reinforcement method can guarantee that the processed application has no influence to the normal operation of the program; and on the other hand, the Android system trap instruction based software reinforcement method enables the application program to be decompiled difficultly so as to prevent malicious use; and accordingly, benefits of the application program developer and safety of the application program are protected.
Description
Technical field
The present invention relates to technical field of software security, particularly relate to a kind of software reinforcement method based on android system trap instruction analytical technology.
Background technology
Along with software industry is growing, assailant utilizes software reversal technique that various attacks and the behavior such as unauthorized use and pirate duplication of software are also got more and more.Conversed analysis technology can be used to analyze the functional sequence of application program when not knowing application source code, distort the data code etc. of application program, if conversed analysis technology is used by malice without restriction, user can analyze the core technology obtaining application program, signature and the author information of application program can also be distorted, malicious code can also be injected in existing application program and be pretended by secondary packing, these behaviors compromise the interests of application developer all greatly, seriously compromise the personal secrets of users.
Android, as emerging operating system, has developed rapidly since listing from 07 year, forms, with Fructus Mali pumilae IOS system, the gesture made rival claims as an equal.But the Software hardening design under Android platform is still within the starting stage.A lot of application softwaries are all write with Java code, but it is easy to by decompiling.And android system has desalinated the concept of process, application is based on message and event is run, it is only necessary to increase the response of some events in inventory file, then receives event response in malicious code and just can realize basic injection.Therefore, increasing software developer focuses on the safety problem of application more, it would be desirable to ensures that the software of oneself will not be beaten again bag easily, will not be injected easily and crack.
Trap instruction analytical technology refers in (SuSE) Linux OS, and CPU performs certain specific instruction when normal operation, enters interrupt service routine.Occur interrupt time CPU analysis type code so that judge whether perform trap interrupt instruction.
It is by former Android installation kit (AndroidPackage, apk) is carried out code process that Android software is reinforced, and prevents this apk from being used by decompiling malice under the premise not affecting apk normal operation.Conventional software reinforcement method has integrity checking method, counnter attack compile-debugging method etc.; current major part core reinforcement means is primarily directed to dex file or so file is encrypted and obscures; and for entry file AndroidManifest.xml main in apk bag; there is presently no the guard method of maturation; the core technology or the malice that are prevented from conversed analysis and obtain in application software use; and do not affect the properly functioning of program, thus protect the interests of application developer.
Summary of the invention
In order to overcome above-mentioned the deficiencies in the prior art, the present invention provides a kind of software reinforcement method based on android system trap instruction, by trap instruction analytical technology, resolve axml technology etc., process entry file AndroidManifest.xml in apk, application program is made to be difficult to by decompiling, thus the core technology reaching to prevent other people conversed analysis from going out in application software and then steal or the autotelic purpose distorted;Additionally, the method ensure that the application processed does not affect the properly functioning of program.
Principles of the invention is: common reverse instrument such as apktool, AAPT, AXMLPrinter2 etc. resolve axml (AndroidbinaryXML) file according to attribute-name and the property value of AndroidManifest.xml, and android system does not resolve for illegal ResID, therefore, axml adds the attribute with illegal ResID and does not affect the use of apk, but reverse instrument can be allowed to resolve axml deviation occurs, after beating again bag, apk can not use, thus the core technology reaching to prevent other people conversed analysis from going out in application software and then steal or the autotelic purpose distorted.The axml file related in the present invention is the binary format that AndroidManifest.xml file is corresponding in android system.Android system parsing axml attribute is No. ResID according to this attribute but not Property Name positions.
Present invention provide the technical scheme that
A kind of software reinforcement method based on android system trap instruction, trap instruction is utilized to analyze method and resolve axml method, by processing the entry file AndroidManifest.xml (axml file) in Android installation kit (apk) so that application program is difficult to the application after by decompiling and process does not affect the properly functioning of program;This reinforcement means comprises the following steps:
S1) decompression apk compressed package, extracts the axml file that compressed package is corresponding;
Containing in axml file for describing the processed data of some assemblies, the class of realization and the various energy that expose in application program and starting position, these information are referred to as attribute in axml.Each attribute mainly comprises name, string, type, data, ResId and some other, and wherein, what name was corresponding is the title of attribute;String is corresponding: if the description type type of attribute is ATTR_STRING, this value is exactly attribute name=" xxx ", xxx index in StringChunk, other situation is 0xffffffff;Type is the description type of attribute;Data is the data value of attribute, if type is ATTR_STRING, its value is exactly the value of string;For ResId, its value is to rely on name item, and namely name item is an index in a StringChunk district of attribute-name, the index in Ye Shi ResourceChunk district, and this to ensure that both index values in respective Chunk region are equal.
Axml file structure mainly includes several parts such as file header, StringChunk district, ResourceChunk district, AttributionChunk;It is initially file header header, comprises file label, and the deviant in several regions and size below;StringChunk district contains the index area of character string and the data field of character string, and all of string data is all placed on this region;It is that ResID, each ResID account for 4 bytes that ResourceChunk district contains No. ID of each resource;Also having a region is AttributionChunk.
S2) resolve AndroidManifest.xml file, obtain the position in each region of AndroidManifest.xml file;According to axml File head header offset orientation to StringChunk district and ResourceChunk district;
S3) building an application attribute item, described application attribute item includes index name and Property Name, is modified StringChunk district and amendment RessourceChunk district, is added in AndroidManifest.xml file;
Build an application attribute item, including index name and Property Name, be modified StringChunk district and be added in axml file, in axml file, namely increase an attribute (application attribute item) state an imaginary class;In embodiments of the present invention, namely amendment StringChunk district, inserts two character strings " name " (index name) and " trap.class " (Property Name) of newly constructed application attribute item in StringChunk;Wherein, namely the value of the index name " name " of the application attribute item of structure corresponds to attribute-name " trap.class " as the index in StringChunk district, and the index as RessourceChunk district corresponds to ResID again;The value of " name " is to should the attribute (application attribute item) deviation post in ResourceChunk district;
Set a numeral different with existing ResID, the method that can adopt directly expansion, the ResID value of the attribute (the application attribute item built in step S3) that this numeral increases as us, is modified RessourceChunk region and is inserted in RessourceChunk with the value (value of " name ") of index name for the position of offset address;
ResID corresponds to concrete resource.The inventive method obtains a numeral different with existing ResID by directly expanding numeral, ResID value as the application attribute item built, owing to this attribute item is structure, and it is absent from the actually used resource arrived, therefore, this ResID is one and non-existent ResID (illegal ResID value).
S4) Size attribute corresponding in amendment axml, including fileSize, StringChunkSize etc., it is ensured that axml can normally pack compiling;
S5) packing AndroidManifest.xml, completes to reinforce, the Android installation kit after being reinforced.
In software reinforcement method based on android system trap instruction, further, step S3) the described attribute adding an imaginary class of expression in axml file, in embodiments of the present invention, specifically comprise the following steps that
Amendment StringChunk region, adds the character string of UTF-16 coding " name " and " trap.class ", and be that two character strings add deviant entry, the start offset value of StringChunkSize, CountofString, Style is repaired simultaneously.Wherein, the attribute built can be blank attribute (namely only increasing name item and data item), it was shown that in this example, trap.class does not inherit application class, without concrete function, may result in reverse go out apk cannot run because can not find trap.class class;The attribute built is alternatively the attribute being inherited from application, produces a new class the same with other class functions, can realize the trap.class function constructed in reverse, thus causing reverse failure, apk cannot be properly functioning.
Compared with prior art, the invention has the beneficial effects as follows:
The present invention provides a kind of reinforcement means based on android system trap instruction analytical technology, by trap instruction analytical technology, resolves axml technology etc., processes axml file, processes entry file AndroidManifest.xml in apk.The method ensure that the application processed does not affect the properly functioning of program on the one hand;Can cause on the other hand apk cannot by decompiling stop malice developer reverse go out source code malice use, it is prevented that other people conversed analysis goes out the core technology in application software and then steals or autotelic distort;Thus protecting the interests of application developer and the safety of application program.
Accompanying drawing explanation
Fig. 1 is the FB(flow block) that the present invention provides method.
Detailed description of the invention
Below in conjunction with accompanying drawing, further describe the present invention by embodiment, but the scope not limited the present invention in any way.
The present invention provides a kind of software reinforcement method based on android system trap instruction, comprises the following steps:
1) decompression apk compressed package, extracts corresponding axml (AndroidbinaryXML) file;Resolve axml file;
Containing the description of some attributes in application program in axml file, such as the control etc. of the class realized, authority, each attribute comprises name, id, string, data, type and some other.
2) increasing an application attribute item, the name item of this attribute is " name ", data item is " and trap.class ", the StringChunk of axml file inserts the two character string " and name " and " trap.class ";
Meanwhile, set a numeral different with existing ResID value, the method that directly expansion can be adopted, this numeral as new illegal ResID value, the position that to be inserted in RessourceChunk be offset address with name value;
3) Size attribute corresponding in amendment axml, such as fileSize, StringChunkSize etc., it is ensured that axml can normally pack compiling.
Illustrate that the present invention provides being embodied as of method by the following examples:
First to Android installation kit (AndroidPackage, apk) decompression, obtain the binary file axml of AndroidManifest.xml, this document contain for describing some assemblies exposed in application program, the class realized, and processed data of various energy and start position.Axml file structure mainly includes several parts such as file header, StringChunk district, ResourceChunk district, AttributionChunk, is initially file header, comprises file label, and the deviant in several regions and size below;StringChunk district contains the index area of character string and the data field of character string, and all of string data is all placed on this region;ResourceChunk district comprises No. ResID, and each ResID accounts for 4 bytes;Also having a region is AttributionChunk, and this region is the structure of continuous print attribution, and its structure is as follows:
typedefstruct{
Uint32_turi;The url of/* NameSpace, be a character string index value */
Uint32_tname;/ * attribute-name, is also the index value of a character string, be also simultaneously a ResId index value */
Uint32_tstring;If/* type==ATTR_STRING, this value be exactly a character string index value */
Uint32_ttype;The index value * of/* attribute type/
Uint32_tdata;The occurrence of/* attribute, if type==ATTR_STRING, its value and the equal * of string value/
Attribute_t;
Attribution structure in this AttributionChunk does not have the member of the ResID of correspondence, but system is found according to the index of name and obtained ResID;Name, again can as the index of ResID both as a community string index community of attribute-name.This structure is exactly the trunk needing to add, and we add an attribution structure in AttributionChunk district, and the name only constructing an attribute is called " name ", property value is " trap.class " item.Need to add two character strings in StringChunk district " name " and " trap.class ", increase No. ResID in ResourceChunk district.
Axml file is analyzed, according to header offset orientation to StringChunk district and ResourceChunk district (ResourceChunk is one piece of region, and this region lists a series of ResID, the resource of the use in corresponding program);Increase an application attribute item, the index being equivalent to a non-existent class newly-built.Reverse tool failures concrete class can be found by this property index when using reverse instrument, but be a non-existent class due to what build, thus can be caused.
In the present embodiment, the attribute item of structure corresponds to a concrete class;The application attribute item built comprises attribute-name " name " and property value " trap.class ";Wherein, trap.class can be taken as class name when being resolved by reverse instrument.Owing to this attribute item is imaginary, it will cause reverse tool failures.
The array of the deviation post gone here and there for describing word symbol is had in the front portion in StringChunk district;First StringChunk is revised, add character string " trap.class " and " name " of UTF-16 coding, and add deviant entry for the two character string, the start offset value of StringChunkSize, CountofString, Style is repaired simultaneously.Other of the attribute wherein built can be, it was shown that in this example, trap.class does not inherit application class, without concrete function.The attribute built is alternatively the attribute being inherited from application, but amendment can be more complicated.
After having revised StringChunk, next ResourceChunk is revised, ResID is expanded (for ResID=0x0), increase by one No. ID (this No. ID is one non-existent No. ResID before), correspond to the name item of increase, owing to increasing by an item data in ResourceChunk region, the size in this block region there occurs change;According to the sizes values of ResourceChunk after amendment, repair the ResourceChunkSize size of ResourceChunk region (ResourceChunkSize describe).
Fetching lower amendment application is a descriptor in axml file, describes one piece of region, its each class of attribute description, and class description is the chunk at string place, and insertion type is name, and trap.class, Id by name are the attribute of 0.Simultaneously according to the size of each Chunk (including ResourceChunk, StringChunk, AttributionChunk) after amendment and the attribute number in application, attribute number in ChunkSize and the application of each Chunk is repaired.
Finally, due to the size of file also there occurs change, also to revise according to size actual after amendment, repair fileSize according to the size of file after amendment, it is ensured that in axml and apk, other resources can be properly functioning after being repackaged into apk together.
Common reverse instrument such as apktool, AAPT, AXMLPrinter2 etc. resolve axml file according to attribute-name and the property value of AndroidManifest.xml, and android system resolves according to ResID, and illegal ResID is not resolved, therefore, normal program operation is not affected after adding attribute.But, if there being malice reverse this axml file (with the addition of attribute nametrap.class0x0 in the present embodiment) of developer, then the application after reverse will with attribute name by name, and being worth for trap.class, ResID is 0x0 attribute.When repacking, this ResID will become android system and think and can resolve, and therefore, can not find corresponding class when being repackaged into apk bag and performing and reports an error, thus being effectively protected application program.
It should be noted that the purpose publicizing and implementing example is in that help is further appreciated by the present invention, but it will be appreciated by those skilled in the art that: in the spirit and scope without departing from the present invention and claims, various substitutions and modifications are all possible.Therefore, the present invention should not be limited to embodiment disclosure of that, and the scope that the scope of protection of present invention defines with claims is as the criterion.
Claims (5)
1. the software reinforcement method based on android system trap instruction, described reinforcement means utilizes trap instruction analyze method and resolve axml method, by processing the entry file AndroidManifest.xml in Android installation kit so that application program is difficult to the application after by decompiling and reinforcing does not affect the properly functioning of program;Described reinforcement means comprises the following steps:
S1) decompression Android installation kit, extracts AndroidManifest.xml file;
S2) resolve AndroidManifest.xml file, obtain the position in each region of AndroidManifest.xml file;Offset orientation according to described AndroidManifest.xml File head header is to the StringChunk district of AndroidManifest.xml file and ResourceChunk district;
S3) building an application attribute item, described application attribute item includes index name and Property Name, is modified StringChunk district and amendment RessourceChunk district, is added in AndroidManifest.xml file;
S4) value of Size attribute corresponding in amendment AndroidManifest.xml file, including fileSize and StringChunkSize;
S5) packing AndroidManifest.xml, completes to reinforce, the Android installation kit after being reinforced.
2. as claimed in claim 1 based on the software reinforcement method of android system trap instruction, it is characterized in that, step S3) described amendment StringChunk district, particularly as follows: set the described index name building application attribute item and Property Name respectively the first character string and the second character string, StringChunk inserts the first character string and the second character string;The value of the index name that described first character string represents corresponds to, as the index in StringChunk district, the Property Name that described second character string represents, and the index simultaneously as RessourceChunk district corresponds to ResID;The value corresponding described structure application attribute item deviation post in ResourceChunk district of the index name that described first character string represents.
3. as claimed in claim 2 based on the software reinforcement method of android system trap instruction, it is characterized in that, described first character string and the second character string are the character string of UTF-16 coding.
4. as claimed in claim 2 based on the software reinforcement method of android system trap instruction, it is characterized in that, step S3) described amendment RessourceChunk region, particularly as follows: set a numeral different with existing ResID, ResID value as the application attribute item of described structure, it is modified RessourceChunk region, is inserted in RessourceChunk with the value of the index name of the application attribute item of described structure for the position of offset address.
5. as claimed in claim 4 based on the software reinforcement method of android system trap instruction, it is characterized in that, one numeral different with existing ResID of described setting, the numeral different from existing ResID is obtained, as the ResID value of the application attribute item of described structure especially by the method directly expanding existing ResID.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610034623.XA CN105718764A (en) | 2016-01-19 | 2016-01-19 | Android system trap instruction based software reinforcement method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610034623.XA CN105718764A (en) | 2016-01-19 | 2016-01-19 | Android system trap instruction based software reinforcement method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105718764A true CN105718764A (en) | 2016-06-29 |
Family
ID=56147222
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610034623.XA Pending CN105718764A (en) | 2016-01-19 | 2016-01-19 | Android system trap instruction based software reinforcement method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105718764A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107292134A (en) * | 2017-05-27 | 2017-10-24 | 北京思特奇信息技术股份有限公司 | It is a kind of to prevent Android from applying by the application reinforcement means and system of decompiling |
| CN109542459A (en) * | 2018-09-29 | 2019-03-29 | 中国平安人寿保险股份有限公司 | Application program packaging method and device, computer installation and computer storage medium |
| CN109814912A (en) * | 2018-12-15 | 2019-05-28 | 中国平安人寿保险股份有限公司 | Application program packaging method and system |
| CN110362970A (en) * | 2019-07-23 | 2019-10-22 | 北京智游网安科技有限公司 | A kind of method preventing application program decompiling, storage medium and terminal device |
| CN114519043A (en) * | 2021-12-31 | 2022-05-20 | 北京握奇数据股份有限公司 | Executable binary file format reverse analysis method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140006923A1 (en) * | 2012-06-27 | 2014-01-02 | Nimrod Barak | Modeled applications multiple views generation mechanism |
| CN105205358A (en) * | 2015-09-21 | 2015-12-30 | 中科信息安全共性技术国家工程研究中心有限公司 | Method for identifying Android APP reinforcement and detection method |
-
2016
- 2016-01-19 CN CN201610034623.XA patent/CN105718764A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140006923A1 (en) * | 2012-06-27 | 2014-01-02 | Nimrod Barak | Modeled applications multiple views generation mechanism |
| CN105205358A (en) * | 2015-09-21 | 2015-12-30 | 中科信息安全共性技术国家工程研究中心有限公司 | Method for identifying Android APP reinforcement and detection method |
Non-Patent Citations (1)
| Title |
|---|
| WANCHOUCHOU: "AndroidManifest Ambiguity方案原理及代码", 《博客园,URL:HTTP://WWW.CNBLOGS.COM/WANYUANCHUN/P/4084292.HTML》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107292134A (en) * | 2017-05-27 | 2017-10-24 | 北京思特奇信息技术股份有限公司 | It is a kind of to prevent Android from applying by the application reinforcement means and system of decompiling |
| CN109542459A (en) * | 2018-09-29 | 2019-03-29 | 中国平安人寿保险股份有限公司 | Application program packaging method and device, computer installation and computer storage medium |
| CN109814912A (en) * | 2018-12-15 | 2019-05-28 | 中国平安人寿保险股份有限公司 | Application program packaging method and system |
| CN110362970A (en) * | 2019-07-23 | 2019-10-22 | 北京智游网安科技有限公司 | A kind of method preventing application program decompiling, storage medium and terminal device |
| CN114519043A (en) * | 2021-12-31 | 2022-05-20 | 北京握奇数据股份有限公司 | Executable binary file format reverse analysis method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105718764A (en) | Android system trap instruction based software reinforcement method | |
| Gupta et al. | Enhancing the browser-side context-aware sanitization of suspicious HTML5 code for halting the DOM-based XSS vulnerabilities in cloud | |
| Veanes et al. | Symbolic finite state transducers: Algorithms and applications | |
| Lekies et al. | 25 million flows later: large-scale detection of DOM-based XSS | |
| CN112805694A (en) | System and method for improved intelligent contract for block chain implementation | |
| Yu et al. | Automata-based symbolic string analysis for vulnerability detection | |
| Doupe et al. | deDacota: toward preventing server-side XSS via automatic code and data separation | |
| CN105426708A (en) | Reinforcing method of application program of Android system | |
| CN110096853B (en) | Unity android application reinforcement method based on Mono and storage medium | |
| US20160142437A1 (en) | Method and system for preventing injection-type attacks in a web based operating system | |
| US20100107251A1 (en) | MIME Handling Security Enforcement | |
| CN104866739A (en) | Application program encryption method and application program encryption system in Android system | |
| CN103177199A (en) | Webpage application code protective method and system, and executive speed-up method and system | |
| Endignoux et al. | Caradoc: A pragmatic approach to pdf parsing and validation | |
| US20080027866A1 (en) | System and method for authenticating file content | |
| Møller et al. | Automated detection of client-state manipulation vulnerabilities | |
| Fu et al. | A String Constraint Solver for Detecting Web Application Vulnerability. | |
| Fu et al. | Simple linear string constraints | |
| Narayanan et al. | Detection and prevention of sql injection attacks using semantic equivalence | |
| CN109299610B (en) | Method for verifying and identifying unsafe and sensitive input in android system | |
| CN113419734B (en) | Application program reinforcing method and device and electronic equipment | |
| CN114357391A (en) | Data encryption and decryption method and computer storage medium | |
| Ulucenk et al. | Techniques for analysing pdf malware | |
| Fernando et al. | Securing RFID systems from SQLIA | |
| Brodin et al. | Blind Spots: Automatically detecting ignored program inputs |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160629 |
|
| RJ01 | Rejection of invention patent application after publication |