CN105760721A - Software hardening method and system - Google Patents
Software hardening method and system Download PDFInfo
- Publication number
- CN105760721A CN105760721A CN201610067648.XA CN201610067648A CN105760721A CN 105760721 A CN105760721 A CN 105760721A CN 201610067648 A CN201610067648 A CN 201610067648A CN 105760721 A CN105760721 A CN 105760721A
- Authority
- CN
- China
- Prior art keywords
- sdk
- display interface
- described display
- portal contents
- reinforcing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 57
- 230000003014 reinforcing effect Effects 0.000 claims description 52
- 238000000151 deposition Methods 0.000 claims description 15
- 230000002787 reinforcement Effects 0.000 claims description 13
- 238000013461 design Methods 0.000 claims description 12
- 238000009434 installation Methods 0.000 description 6
- 238000012856 packing Methods 0.000 description 6
- 238000005336 cracking Methods 0.000 description 5
- 238000002513 implantation Methods 0.000 description 5
- 238000010009 beating Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000007596 consolidation process Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 239000000284 extract Substances 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a software hardening method and system. The method comprises the steps of analyzing a software development kit (SDK), and determining a display port; hiding other ports, except the display port, in the SDK, and hiding the port content in the display port; saving the port content in the display port in another place so as to acquire the corresponding port content from the another place when the display port is called; repackaging the corrected SDK to generate a hardened SDK. By the adoption of the method and system, software protection is achieved, software safety is improved, and the rights of developers and users are protected.
Description
Technical field
The present invention relates to security technology area, particularly relate to a kind of software reinforcement method and system.
Background technology
Android (Android) platform development is rapid, it is increasingly becoming the most universal operating system of mobile terminal, it is simultaneously based on software application number therein also very huge, compared with other mobile terminal operating systems, Android system is that application developer provides more functional interface, wherein a lot of system bottom interfaces, improve the extensibility of system, but also provide convenience for Malware simultaneously, the Malwares such as the wooden horse for Android system are also easier to be implemented, the existing Malware for Android system can pass through the mode of camouflage at present, gain user installation by cheating and authorize certain authority, abuse these authorities afterwards and perform some specific behaviors on backstage, the behaviors such as rate are defrauded of including stealing privacy of user.But with it and raw safety problem be not but settled properly all the time, security threat gets more and more, and threat degree is also progressively being deepened, and developer or user are brought bad impact.
And some normal Android systems are applied, there is also by illegal copies, reverse-engineering, decompiling, debug, crack, secondary packing, the means such as internal memory intercepting threaten the safety of Android system, not only compromise use user, cause serious infringement also to normal use developer.
Summary of the invention
In view of the above problems, it is proposed that the present invention is to provide a kind of a kind of software reinforcement method and system overcoming the problems referred to above or solving the problems referred to above at least in part.
According to one aspect of the present invention, it is provided that a kind of software reinforcement method, including:
SDK SDK is resolved, it is determined that display interface;
Hide other interface except described display interface in described SDK, and, hide the portal contents in described display interface;And,
Portal contents in described display interface is separately deposited, to obtain corresponding portal contents when described display interface is called from separately depositing position;
Amended SDK is beaten again bag and generates reinforcing SDK.
According to another aspect of the present invention, it is provided that a kind of Software hardening design system, including:
Parsing module, for resolving software development kit SDK, it is determined that display interface;
First hides module, for hiding in described SDK other interface except described display interface;
Second hides module, for hiding the portal contents in described display interface;
Another storing module, for separately depositing the portal contents in described display interface, to obtain corresponding portal contents when described display interface is called from separately depositing position;
Generation module, generates reinforcing SDK for amended SDK beats again bag.
The embodiment of the invention discloses a kind of Software hardening design scheme; only interface required in process of service execution can be displayed; namely only can expose display interface (portal contents without in display interface) to user; ensureing that SDK is properly functioning and while calling; achieve the protection to software; effectively prevent the Malware illegal acquisition to key message; and for multiple malicious acts such as the cracking of software, decompiling, secondary packing and wooden horse implantation; improve the safety of software, protect the rights and interests of developer and user.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention, and can be practiced according to the content of description, and in order to above and other objects of the present invention, feature and advantage can be become apparent, below especially exemplified by the specific embodiment of the present invention.
Accompanying drawing explanation
By reading hereafter detailed description of the preferred embodiment, various other advantage and benefit those of ordinary skill in the art be will be clear from understanding.Accompanying drawing is only for illustrating the purpose of preferred implementation, and is not considered as limitation of the present invention.And in whole accompanying drawing, it is denoted by the same reference numerals identical parts.In the accompanying drawings:
Fig. 1 is the flow chart of steps of a kind of software reinforcement method in the embodiment of the present invention one;
Fig. 2 is the flow chart of steps of a kind of software reinforcement method in the embodiment of the present invention two;
Fig. 3 is the structured flowchart of a kind of Software hardening design system in the embodiment of the present invention three;
Fig. 4 is the structured flowchart of a kind of preferred Software hardening design system in the embodiment of the present invention three.
Detailed description of the invention
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although accompanying drawing showing the exemplary embodiment of the disclosure, it being understood, however, that may be realized in various forms the disclosure and should do not limited by embodiments set forth here.On the contrary, it is provided that these embodiments are able to be best understood from the disclosure, and complete for the scope of the present disclosure can be conveyed to those skilled in the art.
Embodiment one
With reference to Fig. 1, it is shown that the flow chart of steps of a kind of software reinforcement method in the embodiment of the present invention one.In the present embodiment, described software reinforcement method may include that
Step 102, resolves SDK SDK, it is determined that display interface.
SoftwareDevelopmentKit, SDK, SDK: be typically all the set of developing instrument when some software engineers set up application software for specific software kit, software frame, hardware platform, operating system etc..
SDK can be handed down to user with the installation kit of corresponding application software, at present, when SDK is handed down to user with the installation kit of corresponding application software, and the total interface in SDK, and the content in interface is all an exposure to outer (display).In the present embodiment, it is possible to according to the interface that application software or developer are practically necessary, selectively only practically necessary interface is displayed, namely, SDK SDK can be resolved, described practically necessary interface is defined as display interface, uses for user.
Step 104, hides other interface except described display interface in described SDK, and, hide the portal contents in described display interface.
In the present embodiment, it is possible to display just for described display interface, that is, other interface except described display interface and the portal contents in described display interface can be hidden.
Wherein it is possible to adopt any one suitable mode that the portal contents in other interface described and described display interface is hidden.For example, it is possible to the portal contents in described display interface is encrypted, to realize hiding described portal contents;Or, it is possible to reset after the portal contents in described display interface is upset, to realize hiding described portal contents;Or, it is possible to extracting the part of interface content in described display interface, and delete the part of interface content of extraction, hiding with mouthful content that achieves a butt joint, this is not limited as by the present embodiment.
Step 106, separately deposits the portal contents in described display interface, to obtain corresponding portal contents when described display interface is called from separately depositing position.
In the present embodiment, in order to ensure the normal execution when called of described display interface, can by described display interface portal contents (namely, portal contents itself) separately deposit to other any appropriate positions, described portal contents can be obtained from described position of separately depositing when described display interface is called.
Step 108, beats again amended SDK bag and generates reinforcing SDK.
In the present embodiment, beating again in the reinforcing SDK that bag generates and only can expose display interface, the content in other interface and concrete interface is all sightless, it is impossible to is made directly and calls.The Malware acquisition to key message is effectively prevented while guarantee SDK normally uses; the portal contents in the information of other interface and described display interface cannot be got due to Malware; and then described Malware also just cannot realize for the malicious act such as the cracking of software, decompiling, secondary packing and wooden horse implantation; it is effectively ensured the safety of software, protects the rights and interests of developer and user.
Embodiment two
With reference to Fig. 2, it is shown that the flow chart of steps of a kind of software reinforcement method in the embodiment of the present invention two.In the present embodiment, described software reinforcement method can but be not limited only to be applied to Android system, described method specifically may include that
Step 202, resolves SDK SDK, it is determined that display interface.
In the present embodiment, it is possible to determine described display interface according to pending type of service;Wherein, described display interface is at least one.Such as, for a certain application software, may determine that interface to be used is according to pending type of service: program initialization interface, order inquiries interface and order generate interface, then, program initialization interface in described SDK, order inquiries interface and order can be generated interface and be defined as described display interface, call being supplied to user.And, other interface except described display interface and the concrete portal contents in described display interface can be hidden, it is prevented that maliciously obtained.
Step 204, hides other interface except described display interface in described SDK, and, hide the portal contents in described display interface.
In the present embodiment, it is possible to adopt any one suitable mode that the portal contents in other interface described and described display interface is hidden.
To hide the portal contents in described display interface, it is possible to but be not limited only to be encrypted hiding to the portal contents in the described display interface determined.When implementing, it is possible to the portal contents in described display interface is encrypted, and, encryption content is inserted protection code.Wherein, described protection code includes: the collapse code of decompiling instrument;Wherein, when triggering described collapse code, power cut-off flow process.
Step 206, separately deposits the portal contents in described display interface, to obtain corresponding portal contents when described display interface is called from separately depositing position.
In the present embodiment, it is possible to portal contents is separately deposited to arbitrarily suitable position.Preferably, it is possible to the portal contents in described display interface is separately deposited to setting in queue, to obtain described portal contents when calling from described setting queue.
Wherein, described setting queue may include that the queue under Classloader.With Classloader ClassLoader, (ClassLoader can be used to load java class in Java Virtual Machine.With ordinary procedure the difference is that.Java applet (class file) is not local executable program.When running java applet, first running JVM (JavaVirtualMachine, Java Virtual Machine), then again Javaclass is loaded into inside JVM and runs, this part being responsible for loading Javaclass is just called ClassLoader.The request of class is mainly provided service by ClassLoader, such as, as JVM (JavaVirtualMachine, Java Virtual Machine) when needing certain class, it requires this class according to title to ClassLoader, then the class object of this class is returned by ClassLoader) for example, described setting queue can be DexPathList.When system is called, generally the DexPathList in ClassLoader can be traveled through, to obtain the class needed.In the present embodiment, described portal contents separately can be deposited to described DexPathList, so, directly can travel through from DexPathList when needs calling interface content and obtain, it is not necessary to the extra position to the portal contents separately deposited indicates, namely, in the present embodiment, it is absent from the instruction information of position for the portal contents separately deposited, further increases Malware (or disabled user) and obtain the difficulty of information, further increase the safety of software.
It should be noted that described setting queue includes but are not limited to: DexPathList;Same, described Classloader includes but are not limited to: ClassLoader.
Step 208, beats again amended SDK bag and generates reinforcing SDK.
Step 210, signs to described reinforcing SDK.
For security purposes, in the present embodiment, it is possible to described reinforcing SDK is signed.Before described reinforcing SDK is used, it is possible to check that whether the signature of described reinforcing SDK is consistent with its signature set in advance, if inconsistent, or do not sign, then it is believed that file is tampered, it is possible to the installation and operation of refusal this document.
Wherein, to described reinforcing SDK sign specifically can be accomplished in that issue described reinforcing SDK, by user use its identity to described reinforcing SDK sign;Or, utilize the identity that user uploads that described reinforcing SDK is signed.
In the present embodiment; the safety reinforcing SDK that bag generates finally is beaten again in order to improve further; when the portal contents in described display interface is encrypted hiding; specifically may include that and the portal contents in described display interface is encrypted; and, encryption content is inserted protection code.Wherein, described protection code includes but are not limited to: the collapse code of decompiling instrument.When triggering described collapse code, it is possible to directly power cut-off flow process.Such as; when beating again the reinforcing SDK quilt malice shelling software shelling of bag generation or maliciously being cracked by decompiling instrument; described collapse code can be triggered; when described collapse code is triggered; can directly terminate malice shelling software or the workflow by decompiling instrument; and then described in protection, beat again the reinforcing SDK that bag generates, and then ensure the safety of software.
In addition, reinforcing SDK possibly owing to generating after reinforcing cannot by static and dynamic scan, likely can be utilized by some malicious codes, therefore first the SDK uploaded can be carried out security sweep, ensure the SDK that there is potential safety hazard not to be carried out consolidation process, now need to obtain related development information and Reinforcing parameter, carry out security sweep for SDK, malicious file is processed in time.
Wherein, a kind of feasible security sweep mode for SDK can be such that and extracts the characteristic information specified from SDK;Wherein, the described characteristic information specified includes but are not limited to: the MD5 value etc. of each file under bag name, version number, digital signature, Dex file and ELF file, Android installation kit catalogue.Preset security identification storehouse is searched the feature record matched with the single characteristic information specified or its combination;Wherein, security identification storehouse comprises feature record and level of security corresponding to feature record, every feature record comprises the combination of single characteristic information or characteristic information.Level of security corresponding for the feature record found is exported.When the level of security found out is lower than default level of security, then can point out safety detection result to the uploader of SDK, and prompting cannot be carried out reinforcing.
In sum; software reinforcement method described in the present embodiment; only interface required in process of service execution can be displayed; namely only can expose display interface (portal contents without in display interface) to user; while ensureing the properly functioning of SDK and calling; achieve the protection to software; effectively prevent the Malware illegal acquisition to key message; and for multiple malicious acts such as the cracking of software, decompiling, secondary packing and wooden horse implantation; improve the safety of software, protect the rights and interests of developer and user.
It should be noted that, for aforesaid embodiment of the method, in order to be briefly described, therefore it is all expressed as a series of combination of actions, but those skilled in the art should know, the present invention is not by the restriction of described sequence of movement, because according to the present invention, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, embodiment described in this description belongs to preferred embodiment, and involved action is not necessarily essential to the invention.
Embodiment three
Based on inventive concept same as said method embodiment, with reference to Fig. 3, it is shown that the structured flowchart of a kind of Software hardening design system in the embodiment of the present invention three.In the present embodiment, described Software hardening design system includes:
Parsing module 302, for resolving SDK SDK, it is determined that display interface.
First hides module 304, for hiding in described SDK other interface except described display interface.
Second hides module 306, for hiding the portal contents in described display interface.
Another storing module 308, for separately depositing the portal contents in described display interface, to obtain corresponding portal contents when described display interface is called from separately depositing position.
Generation module 310, generates reinforcing SDK for amended SDK beats again bag.
Visible, in the present embodiment, beat again in the reinforcing SDK that bag generates and only can expose display interface, content in other interface and concrete interface is all hiding, the Malware acquisition to key message is effectively prevented while guarantee SDK normally uses, the portal contents in the information of other interface and described display interface cannot be got due to Malware, and then described Malware also just cannot realize cracking for software, decompiling, the malicious acts such as secondary packing and wooden horse implantation, it is effectively ensured the safety of heavy software packaging, protect the rights and interests of developer and user.
With reference to Fig. 4, it is shown that the structured flowchart of a kind of preferred Software hardening design system in the embodiment of the present invention three.
Preferably, described system also includes: signature blocks 312, after amended SDK beating again bag generation reinforcing SDK at described generation module, described reinforcing SDK is signed.It is further preferred that described signature blocks 312 specifically may be used for issuing described reinforcing SDK, user use its identity that described reinforcing SDK is signed;Or, utilize the identity that user uploads that described reinforcing SDK is signed.
Preferably, described determine that module 302 specifically may be used for determining in described SDK the display interface for showing according to pending type of service;Wherein, described display interface is at least one.
Preferably, described parsing cover half block 302, specifically may be used for SDK SDK is resolved, determine described display interface according to pending type of service;Wherein, described display interface is at least one.
Preferably, described another storing module 308, specifically may be used for separately being deposited by the portal contents in described display interface to setting in queue.
Preferably, described second hides module 306, specifically may be used for being encrypted hiding to the portal contents in described display interface.When implementing, it is possible to the portal contents in described display interface is encrypted, and, encryption content is inserted protection code.Wherein, described protection code includes: the collapse code of decompiling instrument;Wherein, when triggering described collapse code, power cut-off flow process.
Wherein, described setting queue includes but are not limited to: the queue under Classloader.
It is further preferred that described setting queue may include that DexPathList;Described Classloader comprises the steps that ClassLoader.
In addition, reinforcing SDK possibly owing to generating after reinforcing cannot by static and dynamic scan, likely can be utilized by some malicious codes, therefore first the SDK uploaded can be carried out security sweep, ensure the SDK that there is potential safety hazard not to be carried out consolidation process, now need to obtain related development information and Reinforcing parameter, carry out security sweep for SDK, malicious file is processed in time.For example, it is possible to by realizing the security sweep to SDK such as lower module: scan module, for extracting the characteristic information specified from SDK;Wherein, the described characteristic information specified includes but are not limited to: the MD5 value etc. of each file under bag name, version number, digital signature, Dex file and ELF file, Android installation kit catalogue.And, preset security identification storehouse is searched the feature record matched with the single characteristic information specified or its combination;Wherein, security identification storehouse comprises feature record and level of security corresponding to feature record, every feature record comprises the combination of single characteristic information or characteristic information.And, level of security corresponding for the feature record found is exported.And, when the level of security found out is lower than default level of security, then can point out safety detection result to the uploader of SDK, and prompting cannot be carried out reinforcing.
In sum; Software hardening design system described in the present embodiment; only interface required in process of service execution can be displayed; namely only can expose display interface (portal contents without in display interface) to user; while ensure that the properly functioning of SDK and calling; achieve the protection to software; effectively prevent the Malware illegal acquisition to key message; and for multiple malicious acts such as the cracking of software, decompiling, secondary packing and wooden horse implantation; improve the safety of software, protect the rights and interests of developer and user.
For said apparatus embodiment, due to itself and embodiment of the method basic simlarity, so what describe is fairly simple, relevant part illustrates referring to the part of embodiment of the method.
Not intrinsic to any certain computer, virtual system or miscellaneous equipment relevant in algorithm and the display of this offer.Various general-purpose systems can also with use based on together with this teaching.As described above, the structure constructed required by this kind of system is apparent from.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to utilize various programming language to realize the content of invention described herein, and the description above language-specific done is the preferred forms in order to disclose the present invention.
In description mentioned herein, describe a large amount of detail.It is to be appreciated, however, that embodiments of the invention can be put into practice when not having these details.In some instances, known method, structure and technology it are not shown specifically, in order to do not obscure the understanding of this description.
Similarly, it is to be understood that, one or more in order to what simplify that the disclosure helping understands in each inventive aspect, herein above in the description of the exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or descriptions thereof sometimes.But, the method for the disclosure should be construed to and reflect an intention that namely the present invention for required protection requires feature more more than the feature being expressly recited in each claim.More precisely, as the following claims reflect, inventive aspect is in that all features less than single embodiment disclosed above.Therefore, it then follows claims of detailed description of the invention are thus expressly incorporated in this detailed description of the invention, wherein each claim itself as the independent embodiment of the present invention.
Those skilled in the art are appreciated that, it is possible to carry out the module in the equipment in embodiment adaptively changing and they being arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and multiple submodule or subelement or sub-component can be put them in addition.Except at least some in such feature and/or process or unit excludes each other, it is possible to adopt any combination that all processes or the unit of all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed any method or equipment are combined.Unless expressly stated otherwise, each feature disclosed in this specification (including adjoint claim, summary and accompanying drawing) can be replaced by the alternative features providing purpose identical, equivalent or similar.
In addition, those skilled in the art it will be appreciated that, although embodiments more described herein include some feature included in other embodiments rather than further feature, but the combination of the feature of different embodiment means to be within the scope of the present invention and form different embodiments.Such as, in the following claims, the one of any of embodiment required for protection can mode use in any combination.
The all parts embodiment of the present invention can realize with hardware, or realizes with the software module run on one or more processor, or realizes with their combination.It will be understood by those of skill in the art that the some or all functions of the some or all parts that microprocessor or digital signal processor (DSP) can be used in practice to realize in a kind of Software hardening design equipment according to embodiments of the present invention.The present invention is also implemented as part or all the equipment for performing method as described herein or device program (such as, computer program and computer program).The program of such present invention of realization can store on a computer-readable medium, or can have the form of one or more signal.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or provides with any other form.
The present invention will be described rather than limits the invention to it should be noted above-described embodiment, and those skilled in the art can design alternative embodiment without departing from the scope of the appended claims.In the claims, any reference marks that should not will be located between bracket is configured to limitations on claims.Word " comprises " and does not exclude the presence of the element or step not arranged in the claims.Word "a" or "an" before being positioned at element does not exclude the presence of multiple such element.The present invention by means of including the hardware of some different elements and can realize by means of properly programmed computer.In the unit claim listing some devices, several in these devices can be through same hardware branch and specifically embody.Word first, second and third use do not indicate that any order.Can be title by these word explanations.
The invention discloses A1, a kind of software reinforcement method, including:
SDK SDK is resolved, it is determined that display interface;
Hide other interface except described display interface in described SDK, and, hide the portal contents in described display interface;And,
Portal contents in described display interface is separately deposited, to obtain corresponding portal contents when described display interface is called from separately depositing position;
Amended SDK is beaten again bag and generates reinforcing SDK.
A2, method according to A1, described resolve SDK SDK, it is determined that display interface, including:
SDK SDK is resolved, determines described display interface according to pending type of service;Wherein, described display interface is at least one.
A3, method according to A1, described separately deposit the portal contents in described display interface, including:
Portal contents in described display interface is separately deposited to setting in queue.
A4, method according to A1, the described portal contents hidden in described display interface, including:
Portal contents in described display interface is encrypted hiding.
A5, method according to A4, described be encrypted hiding to the portal contents in described display interface, including:
Portal contents in described display interface is encrypted, and, encryption content is inserted protection code.
A6, method according to A5, described protection code includes: the collapse code of decompiling instrument;Wherein, when triggering described collapse code, power cut-off flow process.
A7, method according to any one of A1 to A6, beat again after bag generates the step reinforcing SDK described by amended SDK, and described method also includes:
Described reinforcing SDK is signed.
A8, method according to A7, described sign to described reinforcing SDK, including:
Issue described reinforcing SDK, user use its identity that described reinforcing SDK is signed;Or,
Utilize the identity that user uploads that described reinforcing SDK is signed.
A9, method according to A3, described setting queue includes: the queue under Classloader.
A10, method according to A9, described setting queue includes: DexPathList;Described Classloader includes: ClassLoader.
The invention also discloses B11, a kind of Software hardening design system, including:
Parsing module, for resolving software development kit SDK, it is determined that display interface;
First hides module, for hiding in described SDK other interface except described display interface;
Second hides module, for hiding the portal contents in described display interface;
Another storing module, for separately depositing the portal contents in described display interface, to obtain corresponding portal contents when described display interface is called from separately depositing position;
Generation module, generates reinforcing SDK for amended SDK beats again bag.
B12, system according to B11, described parsing cover half block, for SDK SDK is resolved, determine described display interface according to pending type of service;Wherein, described display interface is at least one.
B13, system according to B11, described another storing module, for separately depositing the portal contents in described display interface to setting in queue.
B14, system according to B11, described second hides module, for being encrypted hiding to the portal contents in described display interface.
B15, system according to B14, described second hides module, for the portal contents in described display interface is encrypted, and, encryption content is inserted protection code.
B16, system according to B15, described protection code includes: the collapse code of decompiling instrument;Wherein, when triggering described collapse code, power cut-off flow process.
B17, system according to any one of B11 to B16, also include:
Signature blocks, after amended SDK beating again bag generation reinforcing SDK at described generation module, signs to described reinforcing SDK.
B18, system according to B17, described signature blocks, it is used for issuing described reinforcing SDK, user uses its identity that described reinforcing SDK is signed;Or, utilize the identity that user uploads that described reinforcing SDK is signed.
B19, system according to B13, described setting queue includes: the queue under Classloader.
B20, system according to B19, described setting queue includes: DexPathList;Described Classloader includes: ClassLoader.
Claims (10)
1. a software reinforcement method, including:
SDK SDK is resolved, it is determined that display interface;
Hide other interface except described display interface in described SDK, and, hide the portal contents in described display interface;And,
Portal contents in described display interface is separately deposited, to obtain corresponding portal contents when described display interface is called from separately depositing position;
Amended SDK is beaten again bag and generates reinforcing SDK.
2. method according to claim 1, it is characterised in that described SDK SDK is resolved, it is determined that display interface, including:
SDK SDK is resolved, determines described display interface according to pending type of service;Wherein, described display interface is at least one.
3. method according to claim 1, it is characterised in that described portal contents in described display interface is separately deposited, including:
Portal contents in described display interface is separately deposited to setting in queue.
4. method according to claim 1, it is characterised in that the described portal contents hidden in described display interface, including:
Portal contents in described display interface is encrypted hiding.
5. method according to claim 4, it is characterised in that described portal contents in described display interface is encrypted hiding, including:
Portal contents in described display interface is encrypted, and, encryption content is inserted protection code.
6. method according to claim 5, it is characterised in that described protection code includes: the collapse code of decompiling instrument;Wherein, when triggering described collapse code, power cut-off flow process.
7. method according to any one of claim 1 to 6, it is characterised in that after the described step that amended SDK beats again bag generation reinforcing SDK, described method also includes:
Described reinforcing SDK is signed.
8. method according to claim 7, it is characterised in that described to described reinforcing SDK sign, including:
Issue described reinforcing SDK, user use its identity that described reinforcing SDK is signed;Or,
Utilize the identity that user uploads that described reinforcing SDK is signed.
9. method according to claim 3, it is characterised in that described setting queue includes: the queue under Classloader.
10. a Software hardening design system, including:
Parsing module, for resolving software development kit SDK, it is determined that display interface;
First hides module, for hiding in described SDK other interface except described display interface;
Second hides module, for hiding the portal contents in described display interface;
Another storing module, for separately depositing the portal contents in described display interface, to obtain corresponding portal contents when described display interface is called from separately depositing position;
Generation module, generates reinforcing SDK for amended SDK beats again bag.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610067648.XA CN105760721B (en) | 2016-01-29 | 2016-01-29 | A kind of software reinforcement method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610067648.XA CN105760721B (en) | 2016-01-29 | 2016-01-29 | A kind of software reinforcement method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105760721A true CN105760721A (en) | 2016-07-13 |
| CN105760721B CN105760721B (en) | 2019-02-12 |
Family
ID=56342911
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610067648.XA Active CN105760721B (en) | 2016-01-29 | 2016-01-29 | A kind of software reinforcement method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105760721B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107220529A (en) * | 2017-05-19 | 2017-09-29 | 湖南鼎源蓝剑信息科技有限公司 | A kind of reinforcement means for Android platform SDK bags |
| CN108647033A (en) * | 2018-04-03 | 2018-10-12 | 四川新网银行股份有限公司 | A kind of SDK automatic packaging methods of open platform |
| CN109032687A (en) * | 2018-06-11 | 2018-12-18 | 北京奇艺世纪科技有限公司 | Shield the method and device that SDK danger is called |
| CN109409037A (en) * | 2018-09-29 | 2019-03-01 | 阿里巴巴集团控股有限公司 | A kind of generation method, device and the equipment of data obfuscation rule |
| CN109542448A (en) * | 2017-08-18 | 2019-03-29 | 中兴通讯股份有限公司 | Output method, terminal and the computer readable storage medium of SDK library file |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102427481A (en) * | 2012-01-12 | 2012-04-25 | 易云捷讯科技(北京)有限公司 | System for managing cloud computing service and cloud computing management method |
| CN102760219A (en) * | 2011-12-20 | 2012-10-31 | 北京安天电子设备有限公司 | Android platform software protecting system, method and equipment |
| CN103577196A (en) * | 2013-11-15 | 2014-02-12 | 北京奇虎科技有限公司 | Method and device for hiding application program |
| CN104965712A (en) * | 2015-07-17 | 2015-10-07 | 北京奇虎科技有限公司 | Application reinforcing protection method and apparatus and mobile terminal |
-
2016
- 2016-01-29 CN CN201610067648.XA patent/CN105760721B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102760219A (en) * | 2011-12-20 | 2012-10-31 | 北京安天电子设备有限公司 | Android platform software protecting system, method and equipment |
| CN102427481A (en) * | 2012-01-12 | 2012-04-25 | 易云捷讯科技(北京)有限公司 | System for managing cloud computing service and cloud computing management method |
| CN103577196A (en) * | 2013-11-15 | 2014-02-12 | 北京奇虎科技有限公司 | Method and device for hiding application program |
| CN104965712A (en) * | 2015-07-17 | 2015-10-07 | 北京奇虎科技有限公司 | Application reinforcing protection method and apparatus and mobile terminal |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107220529A (en) * | 2017-05-19 | 2017-09-29 | 湖南鼎源蓝剑信息科技有限公司 | A kind of reinforcement means for Android platform SDK bags |
| CN109542448A (en) * | 2017-08-18 | 2019-03-29 | 中兴通讯股份有限公司 | Output method, terminal and the computer readable storage medium of SDK library file |
| CN108647033A (en) * | 2018-04-03 | 2018-10-12 | 四川新网银行股份有限公司 | A kind of SDK automatic packaging methods of open platform |
| CN109032687A (en) * | 2018-06-11 | 2018-12-18 | 北京奇艺世纪科技有限公司 | Shield the method and device that SDK danger is called |
| CN109032687B (en) * | 2018-06-11 | 2021-09-03 | 北京奇艺世纪科技有限公司 | Method and device for shielding dangerous call of SDK (software development kit) |
| CN109409037A (en) * | 2018-09-29 | 2019-03-01 | 阿里巴巴集团控股有限公司 | A kind of generation method, device and the equipment of data obfuscation rule |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105760721B (en) | 2019-02-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104462959B (en) | A kind of method for reinforcing and protecting, server and the system of Android application | |
| EP2946330B1 (en) | Method and system for protecting computerized systems from malicious code | |
| CN105760721A (en) | Software hardening method and system | |
| US9141787B2 (en) | Interlocked binary protection using whitebox cryptography | |
| CN104318135B (en) | A kind of Java code Safety actuality loading method based on credible performing environment | |
| US20160275019A1 (en) | Method and apparatus for protecting dynamic libraries | |
| US20170116410A1 (en) | Software protection | |
| WO2015192637A1 (en) | Method and apparatus for reinforced protection of software installation package | |
| CN105512521A (en) | Reinforcement and protection method and system for software installation package | |
| CN104517054A (en) | Method, device, client and server for detecting malicious APK | |
| CN104462971A (en) | Malicious application program recognition method and device according to application program declaration characteristics | |
| US11755724B2 (en) | Securing software routines | |
| CN107330328A (en) | Defend method, device and the server of virus attack | |
| CN105740703A (en) | Application reinforcement method and apparatus | |
| CN108763924B (en) | Method for controlling access authority of untrusted third party library in android application program | |
| CN105933296A (en) | Copyright registration method and system | |
| El-Harake et al. | Blocking advertisements on android devices using monitoring techniques | |
| US11194899B2 (en) | Apparatus and methods for transitioning between a secure area and a less-secure area | |
| CN107209815B (en) | Method for code obfuscation using return-oriented programming | |
| CN106407815A (en) | Vulnerability detection method and device | |
| Titze et al. | Preventing library spoofing on android | |
| CN105913348A (en) | Copyright registering method and copyright registering system | |
| CN109933961A (en) | A kind of software reinforcement method and system | |
| CN105930744B (en) | A kind of file reinforcement means and device | |
| CN112685697B (en) | Method and terminal for preventing cracking and tampering of Ann Zhuo Ying application |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220727 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
| TR01 | Transfer of patent right |