CN106203006A - Android application reinforcement means based on dex Yu so file Dynamic Execution - Google Patents
Android application reinforcement means based on dex Yu so file Dynamic Execution Download PDFInfo
- Publication number
- CN106203006A CN106203006A CN201610787151.5A CN201610787151A CN106203006A CN 106203006 A CN106203006 A CN 106203006A CN 201610787151 A CN201610787151 A CN 201610787151A CN 106203006 A CN106203006 A CN 106203006A
- Authority
- CN
- China
- Prior art keywords
- file
- dex
- android application
- code
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000002787 reinforcement Effects 0.000 title claims abstract description 18
- 238000000034 method Methods 0.000 claims abstract description 37
- 230000008569 process Effects 0.000 claims abstract description 18
- 230000008859 change Effects 0.000 claims description 4
- 238000001514 detection method Methods 0.000 claims description 4
- 230000008485 antagonism Effects 0.000 claims description 3
- 239000000284 extract Substances 0.000 claims description 3
- 238000012986 modification Methods 0.000 claims description 2
- 230000004048 modification Effects 0.000 claims description 2
- 229910002056 binary alloy Inorganic materials 0.000 claims 1
- 230000006837 decompression Effects 0.000 claims 1
- 230000006870 function Effects 0.000 abstract description 31
- 230000007246 mechanism Effects 0.000 abstract description 9
- 239000000203 mixture Substances 0.000 description 6
- 230000003014 reinforcing effect Effects 0.000 description 5
- 230000003068 static effect Effects 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 4
- 238000013461 design Methods 0.000 description 4
- 238000005728 strengthening Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 241000223026 Akodon simulator Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of Android application reinforcement means, described reinforcement means Dynamic Execution based on dex Yu so file, by encryption method, the key code in Android application program is reinforced so that Android application code is protected;Described reinforcement means includes ciphering process and decrypting process, including: by ciphering process, the key code in Android application program is reinforced;It is decrypted when Dynamic Execution Android application program;The decryption function C Plus Plus of core dex is write by the inventive method, increase the difficulty of its decompiling, presented in dynamic link library and be encrypted, be equivalent to core dex double-encryption, the key code of dynamic link library has been also carried out encryption, decrypting process has broken away from JNI call-by mechanism so that decrypting process all will not be carried out at the plaintext so file after hard disk leaves deciphering in internal memory.The inventive method has higher safety.
Description
Technical field
The present invention relates to field of information security technology, particularly relate to a kind of based on dex Yu so file Dynamic Execution
Android application reinforcement means.
Background technology
The mobile phone operating system of increasing income that Android is google company to be released in 2007, due to its powerful function and
Customization capability flexibly so that it is the most just leap to the first place of the operation system of smart phone market share, according to famous city
The latest data of field research institution IDC shows, the third season in 2015, and the market share of android system smart mobile phone is up to
84.7%, far surpass other system.
Although android system has just fully taken into account safety problem at the beginning of design, but along with it is extensively applied, many
Potential safety problem the most little by little comes out, and the research to its safety starts to get more and more people's extensive concerning.Due to
The programming language that Android platform software uses is Java, and the binary code after Java source code compiling is easily compiled by counter
Translate, cause it to crack the program that difficulty uses compiled language to write much smaller than other.Although Android 2.3 adds later
Code obfuscation mechanism, but by reverse-engineering, the code that its api class is not gone up is still and is difficult to hide, for assailant, cracks
Probability is still the biggest.
More existing Android application program reinforcement means, the method mostly using static treatment, i.e. to dex file
Carry out some amendments and increase the difficulty of attack.This reinforcement means only increases code reading difficulty.Or adjust based on JNI
By mechanism, by encrypting former so file, use shell side sequence to load and decrypted original so file, indirectly call the function of former so file.
But, due to based on the JNI call-by mechanism program, inevitably hard disk of short duration leave deciphering after plaintext so literary composition
Part, assailant uses Hook system API, automatized script can crack this scheme easily.Therefore assailant still can obtain
Code to program, it is impossible to ensure the safety of application program.
Summary of the invention
In order to overcome above-mentioned the deficiencies in the prior art, the labor of the present invention system architecture of Android, program knot
The reverse threat that structure, program execution mechanism and Android platform software face, based on classes.dex file dynamic load,
Utilize so storehouse to decipher dex file Scheme of Strengthening, propose and achieve one to make so storehouse depart from the dependence of JNI call-by mechanism, thus
The encryption and decryption of so file is completed, it is ensured that do not have the generation of interim so file, ensureing can not be by mapping table in internal memory in internal memory
The Scheme of Strengthening with greater security of so core code that method for cutting obtains.
Present invention provide the technical scheme that
A kind of Android application reinforcement means based on dex Yu so file Dynamic Execution, by binary stream encryption method
Key code in Android application program is reinforced so that Android application code is protected;Described add
Solid method includes ciphering process and decrypting process, specifically includes following steps:
A. ciphering process is realized by Software hardening design module:
Software hardening design module is the reinforcing module for Android application program, by binary stream encryption method pair
Android
Key code in application program is reinforced;
A1. decoder software main part apk file, extracts its classes.dex file;
One Android application program (software) can be packaged into an APK file, carries out decompressing permissible for APK file
Obtain dex file, assets file, arsc file etc.;Wherein classes.dex comprises is to perform literary composition in Android platform
The type of part;
A2. Core Feature partial code is compiled into independent apk file and it is encrypted;
Code is analyzed obtaining by Core Feature partial code according to after extracting classes.dex file, usually,
Core code is the program oneself write rather than the system quoted or the code of external libraries;
A3. the apk file after encryption is written to the end of the classes.dex file of software agent part, and at literary composition
Part afterbody adds the size of encryption data, finds the original position of Core Feature partial code during in order to decipher;
Compiling of application can obtain the numerical value of the size of this file after becoming independent apk file, is encryption number
According to size;
A4. the value of checksum, signature and file_size field of classes.dex file is recalculated.Point
Do not calculate the value after the change of these fields, replace checksum, signature and file_size field of original position
Value, replaces the content of original position;
A5. amended classes.dex file is put back in software agent part apk bag, use in Android SDK
Program is signed by the signature instrument provided;
A6. read so library file (being assumed to be a.so) to be reinforced, resolution file information, obtain the skew of function to be encrypted
Address and size, and at function end to be encrypted, write decryDEX () decryption function, the dex literary composition after deciphering encryption
Part, recalculates the size of function to be encrypted and fills in;Specifically, the numerical value in amendment decryption function, namely will originally treat
Numerical value in encryption function is revised as the numerical value after changing, and this numerical value is the size of function to be encrypted;
A7. treat encryption function and carry out XOR encryption;
A8. resolve the file header of so library file, revise top of file partial words segment value, including so file size, so file
The offset address of middle function;
A9. calculate the MD5 value of so library file, and be written into end of file;
A10. the .init_array in so file joint code segment in add running environment detection, antagonism dynamic debugging,
MD5 completeness check, and the code that so file is decrypted.
B. start Dynamic Execution Android application program when being decrypted, perform following operation:
B1. software agent part reads classes.dex file from the apk file of self, at classes.dex file
Afterbody obtains the length of encryption data, calculates the original position of encryption data according to encrypted data length, thus reads and obtain
Encryption data;
B2. calling loadLibrary system function and load a.so, this stage, loadLibrary can load shared library (i.e.
So file a.so in embodiment), control pass to dynamic linker Linker, Linker can check that top of file is legal
Property, read in the various data structures of correspondence respectively according to the data of head, and the section of all PT_LOAD attributes is loaded onto properly
Address space, then in shared library chained list, distribute a soinfo node for this storehouse and fill its data structure, performing mark
The code of the joint being designated as .init .init_array carries out code initial work, if there is JNI_OnLoad function, performing should
Code;(.init_array process can decipher encryption function);
B3. call decryDEX () deciphering and obtain the apk of Core Feature part;
B4. the DexClassLoader class provided by Android API, to Core Feature part code (Core Feature portion
Point apk) carry out reflection and call, thus realize the dynamic load of Core Feature partial code;
B5., after having called, delete Core Feature part apk file, thus avoid Core Feature partial code to be exposed to
Among internal system storage, the person of being hacked obtains.
Compared with prior art, the invention has the beneficial effects as follows:
More existing Android application program reinforcement means, the method mostly using static treatment, i.e. to dex file
Carry out some amendments and increase the difficulty of attack, or based on JNI call-by mechanism, by encrypting former so file, use shell side sequence
Load and decrypted original so file, indirectly call the function of former so file.But, due to based on the JNI call-by mechanism program, can not
Avoid can hard disk of short duration leave deciphering after plaintext so file, assailant uses Hook system API, the automatized script can
To crack this scheme easily.The reinforcement means that the present invention provides is encrypted protection to core dex, the deciphering to core dex
Function C Plus Plus is write, and adds the difficulty of its decompiling, presented in dynamic link library and be also carried out adding
Close.Be equivalent to, to core dex double-encryption, the key code of dynamic link library has been also carried out encryption.And decrypting process is put
Take off JNI call-by mechanism so that decrypting process all will not enter at the plaintext so file after hard disk leaves deciphering in internal memory
OK, it is to avoid the person of being hacked obtains.The inventive method ensure that does not has the generation of interim so file, ensureing can not be by internal memory
So core code that mapping table method for cutting obtains, is the Scheme of Strengthening with greater security.
Accompanying drawing explanation
Fig. 1 is the FB(flow block) that the present invention provides method;
Wherein, A is to extract dex file Core Feature part and be compiled into an independent apk file, and by its write literary composition
Part classes.dex tail of file;B is write by the apk file decryption function that this is independent in so file to be reinforced to be added
Compact part divides and encrypts this partial code;C is the relevant code loading so file of software agent write at dex, and calculates
The value of checksum, signature and file_size field of classes.dex file also replaces the content of original position;D is
Reading classes.dex tail of file, perform so file in dex main body, deciphering classes core is properly functioning.
Detailed description of the invention
Below in conjunction with the accompanying drawings, further describe the present invention by embodiment, but limit the model of the present invention never in any form
Enclose.
The present invention provides a kind of Android application reinforcement means based on dex Yu so file Dynamic Execution, and Fig. 1 is this
The FB(flow block) of bright offer method, comprises the steps:
A. Software hardening design module:
A1. decoder software main part apk file, extracts its classes.dex file;
A2. Core Feature partial code is compiled into independent apk file and it is encrypted;
A3. the apk file after encryption is written to the end of the classes.dex file of software agent part, and at literary composition
Part afterbody adds the size of encryption data, finds the original position of Core Feature partial code during in order to decipher;
A4. the value of checksum, signature and file_size field of classes.dex file is recalculated.Point
Do not calculate the value after the change of these fields, replace the content of original position i.e.;
A5. amended classes.dex file is put back in software agent part apk bag, use in AndroidSDK
Program is signed by the signature instrument provided;
A6. read so library file (being assumed to be a.so) to be reinforced, resolution file information, obtain the skew of function to be encrypted
Address and size also write decryDEX () decryption function dex file after deciphering encryption at close function end of waiting for the right price,
Recalculate the size of function to be encrypted and fill in;
A7. treat encryption function and carry out XOR encryption;
A8. resolution file head, revises top of file partial words segment value;
A9. the MD5 value of calculation document, and it is written into end of file;
A10. in the code segment of .init_array joint, add running environment detection, antagonism dynamic debugging, MD5 integrity
Verification, the decrypted code to the deciphering of so file respective encrypted function.
When B. starting Dynamic Execution Android application program, perform to operate as follows:
B1. software agent part reads classes.dex file from the apk file of self, at classes.dex file
Afterbody obtains the length of encryption data, calculates the original position of encryption data according to encrypted data length, thus reads and obtain
Encryption data;
B2. calling loadLibrary and load a.so, shared library, control that this stage loadLibrary can load pass
Passing dynamic linker Linker, Linker can check that top of file legitimacy, data according to head read in correspondence respectively
Various data structures, and the section of all PT_LOAD attributes is loaded onto suitable address space, then it is that this storehouse is at shared library chain
Distributing a soinfo node in table and fill its data structure, execution flag is the code of the joint of .init .init_array
Carrying out code initial work, if there is JNI_OnLoad function, performing this code.(.init_array process can decipher encryption
Function)
B3. call decryDEX () deciphering and obtain Core Feature part apk;
B4. the DexClassLoader class provided by Android API, is carried out reflection and adjusts Core Feature part code
With, thus realize the dynamic load of Core Feature partial code;
B5., after having called, delete Core Feature part apk file, thus avoid Core Feature partial code to be exposed to
Among internal system storage, the person of being hacked obtains.
Embodiment
The present embodiment is to carry out reinforcing operation, including the anti-debugging step of part for an Android application.This
Android application can be for b.apk for reinforcing, through above reinforcing step, permissible with named b.apk
B.apk is reinforced, prevents that APK is debugged here and crack, check the source code of software.Embodiment step for this APK
As follows, wherein A, step B add as conventional anti-debugging step, and C, D, E step is as the core procedure of above invention
Carry out.Shown in comprising the following steps that:
A. simulator is detected:
A1. detection "/dev/socket/qemud ", "/dev/qemu_pipe " the two passage.// judge two passages
Whether exist, exist then for simulator access ("/dev/socket/qemud ", 0) access ("/dev/qemu_pipe ",
0)
A2. props is detected.Including: ro.product.model: this value is sdk in simulator, generally at normal handset
In be the model of mobile phone;Ro.build.tags: this value is test-keys in simulator, in normal handset is generally
release-keys;Ro.kernel.qemu: this value is 1 in simulator, generally not this attribute in normal handset.
The most anti-dynamic debugging:
B1. multi-process uses ptrace, // stop the additional ptrace of debugged device (PTRACE_TRACEME, 0,0,0);
B2. proc/xxx/task and proc/xxx/status is detected;Under default situations in status
TracerPid value is 0, if not 0, then program is in debugged state.
The most self-defined so library file ELF header fileinfo
Each field in ELF header portion is as follows: typedef struct{unsigned char e_ident [16];Elf32_
Half e_type;Elf32_Half e_machine;Elf32_Word e_version;Elf32_Addr e_entry;
Elf32_Off e_phoff;Elf32_Off e_shoff;Elf32_Word e_flags;Elf32_Half e_ehsize;
Elf32_Half e_phentsize;Elf32_Half e_phnum;Elf32_Half e_shentsize;Elf32_Half
e_shnum;Elf32_Half e_shstrndx;}Elf32_Ehdr;
By to the analysis of the loading procedure of dynamic base under Android platform, find that many fields do not use.Amendment
These field values do not interfere with the normal use of dynamic base yet.But, use the static analysis tools such as readelf, IDA time
Wait, if these field value mistakes, static analysis failure can be caused.Technical solution of the present invention utilizes this characteristic, revises partial words
Section, reaches prevention program by the purpose of static analysis.Specifically include: 1) revise 9 bytes after e_ident field.2) amendment e_
Type, e_machine, e_version, e_flag field.3) amendment e_shoff, e_shentsize, e_shnum, e_
Shstrndx field.
D.so specific function is encrypted
D1. read file header, obtain e_phoff, e_phentsize and e_phnum information.
D2. by the p_type field in Elf32_Phdr, DYNAMIC is found.DYNAMIC is exactly .dynamic in fact
Section, this is a section in so file.The original position file and length is obtained from p_offset and p_filesz field
Degree.
D3. travel through .dynamic, find the skew in .dynsym .dynstr .hash section file and
.dynstr size.Under my test environment, in Fedora 14 and Windows 7Cygwin x64, elf.h defines .hash
D_tag indicate be: DT_GNU_HASH;And in Android source code: DT_HASH.
D4. according to function name, calculate hash value, obtain offset address and the size of function to be encrypted further.
D5. according to hash value, the bucket of subscript hash%nbuckets is found;According to the value in bucket, read
The Elf32_Sym symbol of the manipulative indexing in .dynsym;From the st_name of symbol so finding word corresponding among .dynstr
Symbol string function name compares.If then looking for next Elf32_Sym symbol according to chain [hash%nbuckets],
Until finding or chain is terminated, code is as follows:
For (i=bucket [funHash%nbucket];i!=0;I=chain [i]) { if (strcmp (dynstr+
(funSym+i)-> st_name, funcName)==0) { flag=0;break;}}
D6., after finding the Elf32_Sym symbol that function is corresponding, letter can be found according to st_value and st_size field
The position of number and size.
D7. will need encryption region be encrypted, use XOR encryption method, i.e. inversion operation: * content=~
(*content)。
E. deciphering flow process is encryption inverse process, is substantially the same, only some trickle differences, specific as follows:
E1. so file initial address in internal memory is found.
E2. Phdr is found by so file header;After Phdr finds PT_DYNAMIC, p_vaddr and p_filesz need to be taken
Field.
Subsequent step is identical with the encryption (inversion operation) in D7 step.Thus complete the reinforcing to application.
It should be noted that publicizing and implementing the purpose of example is that help is further appreciated by the present invention, but the skill of this area
Art personnel are understood that various substitutions and modifications are all without departing from the present invention and spirit and scope of the appended claims
Possible.Therefore, the present invention should not be limited to embodiment disclosure of that, and the scope of protection of present invention is with claim
Book defines in the range of standard.
Claims (4)
1. an Android application reinforcement means, described reinforcement means Dynamic Execution based on dex Yu so file, by encryption
Key code in Android application program is reinforced by method so that Android application code is protected;Institute
State reinforcement means and include ciphering process and decrypting process, specifically include following steps:
A) by ciphering process, the key code in Android application program is reinforced, execution following steps:
A1. decompression Android application program main part apk file, extracts classes.dex file therein;
A2. Android application program Core Feature partial code is compiled into independent apk file and this apk file is carried out
Encryption;
A3. the apk file after encryption is written to the classes.dex file of Android application program main part in A1
End, and the size of encryption data is added at described classes.dex tail of file, find Core Feature part when being used for deciphering
The original position of code;
A4. recalculate the value of checksum, signature and file_size field of classes.dex file, replace former
The value of the respective field of position, obtains amended classes.dex file;
A5. amended classes.dex file is put back in described application software main part apk bag, then to described
Application program is signed;
A6. read so library file to be reinforced, obtained offset address and the size of function to be encrypted by resolution file information, and
DecryDEX () decryption function, the dex file after deciphering encryption is write at function end to be encrypted;Recalculate and obtain
The value of the size of the function to be encrypted after change, and after the size modification in original function to be encrypted is described change
The value of the size of function to be encrypted;
A7. described function to be encrypted is carried out XOR encryption;
A8. resolve the file header of so library file, revise top of file partial words segment value, including letter in so file size, so file
The offset address of number;
A9. calculate the MD5 value of so library file, described MD5 value is write the end of described so library file;
A10. add running environment detection in the code segment of the joint of the .init_array in described so library file, antagonism is dynamically adjusted
Examination, MD5 completeness check and the code that so library file is decrypted;
B., when Dynamic Execution Android application program is decrypted, perform to operate as follows:
The most described Android application program main part reads classes.dex file from the apk file of self, from
Classes.dex tail of file obtains the length of encryption data, is calculated the original position of encryption data, thus reads and obtain
Encryption data;
B2. described so library file is loaded;
B3. call decryDEX () decryption function to be decrypted, obtain the apk of Core Feature part;
B4. the DexClassLoader class provided by Android API, is carried out instead the apk of Core Feature part described in B3
Penetrate and call, thus realize the dynamic load of Core Feature partial code;
B5., after having called, delete Core Feature part apk file, thus avoid Core Feature partial code to be exposed to system
Among storage inside, the person of being hacked obtains.
2. Android application reinforcement means as claimed in claim 1, is characterized in that, ciphering process described in step A uses binary system
Stream encryption method.
3. as claimed in claim 1 Android application reinforcement means, is characterized in that, step A8) described part field includes e_
Ident field, e_type field, e_machine field, e_version field, e_flag field, e_shoff field, e_
Shentsize field, e_shnum field and e_shstrndx field.
4. Android application reinforcement means as claimed in claim 1, is characterized in that, step B2 is by calling loadLibrary system
System function loads described so library file, specifically includes following steps:
LoadLibrary loads shared library so library file, and control passes to dynamic linker Linker;
Dynamic linker Linker checks so library file head legitimacy, reads in the data knot of correspondence respectively according to header data
Structure, and the section of all PT_LOAD attributes is loaded onto suitable address space;
Distributing a soinfo node in shared library chained list for this so library file and fill its data structure, execution flag is
.init;
The code of joint .init_array carries out code initial work;
When there is JNI_OnLoad function, performing this code, deciphering encryption function.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610787151.5A CN106203006A (en) | 2016-08-31 | 2016-08-31 | Android application reinforcement means based on dex Yu so file Dynamic Execution |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610787151.5A CN106203006A (en) | 2016-08-31 | 2016-08-31 | Android application reinforcement means based on dex Yu so file Dynamic Execution |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106203006A true CN106203006A (en) | 2016-12-07 |
Family
ID=58085242
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610787151.5A Pending CN106203006A (en) | 2016-08-31 | 2016-08-31 | Android application reinforcement means based on dex Yu so file Dynamic Execution |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106203006A (en) |
Cited By (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106599629A (en) * | 2016-12-16 | 2017-04-26 | Tcl集团股份有限公司 | Strengthening method and apparatus for Android application program |
CN106650431A (en) * | 2016-12-09 | 2017-05-10 | 北京奇虎科技有限公司 | Method and device for reinforcing dynamic link library SO file of Android installation package |
CN106681828A (en) * | 2016-12-09 | 2017-05-17 | 北京奇虎科技有限公司 | Method and device for reinforcing dynamic link library SO file of Android installation package |
CN106681782A (en) * | 2016-12-09 | 2017-05-17 | 北京奇虎科技有限公司 | Method and device for compiling dynamic linking library SO file of Android installation package |
CN106713319A (en) * | 2016-12-23 | 2017-05-24 | 北京奇虎科技有限公司 | Method, device, system of realizing remote control between terminals, and mobile terminal |
CN106845167A (en) * | 2016-12-12 | 2017-06-13 | 北京奇虎科技有限公司 | The reinforcement means and device of a kind of APK, and dynamic loading method and device |
CN106845169A (en) * | 2016-12-26 | 2017-06-13 | 北京握奇智能科技有限公司 | A kind of Jar bags reinforcement means and system |
CN106934260A (en) * | 2017-03-14 | 2017-07-07 | 北京深思数盾科技股份有限公司 | Code protection method, device, server and storage medium |
CN107066842A (en) * | 2017-03-28 | 2017-08-18 | 福建天晴在线互动科技有限公司 | A kind of method and system of reinforcing SDK projects |
CN107092828A (en) * | 2017-04-13 | 2017-08-25 | 深圳海云安网络安全技术有限公司 | A kind of Android dynamic debuggings detection method |
CN107169324A (en) * | 2017-05-12 | 2017-09-15 | 北京理工大学 | A kind of Android application reinforcement means based on dynamic encryption and decryption |
CN107196907A (en) * | 2017-03-31 | 2017-09-22 | 武汉斗鱼网络科技有限公司 | A kind of guard method of Android SO files and device |
CN107273723A (en) * | 2017-07-07 | 2017-10-20 | 广东工业大学 | A kind of Android platform applied software protection method based on so file shell addings |
CN107977553A (en) * | 2017-12-25 | 2018-05-01 | 中国电子产品可靠性与环境试验研究所 | The method and device of the security hardening of mobile applications |
CN108133126A (en) * | 2017-12-04 | 2018-06-08 | 北京奇虎科技有限公司 | A kind of reinforcement means and device of Android application |
CN108363580A (en) * | 2018-03-12 | 2018-08-03 | 平安普惠企业管理有限公司 | Application program installation method, device, computer equipment and storage medium |
CN108446552A (en) * | 2018-03-13 | 2018-08-24 | 山东超越数控电子股份有限公司 | A kind of implementation method of software security under domestic operating system platform |
CN108573142A (en) * | 2017-03-10 | 2018-09-25 | 中移(杭州)信息技术有限公司 | A kind of method and device for realizing hook |
CN108629163A (en) * | 2018-05-14 | 2018-10-09 | 广东蜂助手网络技术股份有限公司 | A kind of anti-tune method for testing of APP |
CN108664796A (en) * | 2017-03-29 | 2018-10-16 | 中移(杭州)信息技术有限公司 | A kind of so document protection methods and device |
WO2018192025A1 (en) * | 2017-04-19 | 2018-10-25 | 北京洋浦伟业科技发展有限公司 | Method for protecting executable program on android platform |
CN108733379A (en) * | 2018-05-28 | 2018-11-02 | 常熟理工学院 | The Android application reinforcement means that mapping is obscured is detached based on DEX bytecodes |
CN108932406A (en) * | 2017-05-18 | 2018-12-04 | 北京梆梆安全科技有限公司 | Virtualization software guard method and device |
CN109460640A (en) * | 2018-11-13 | 2019-03-12 | 杭州涂鸦信息技术有限公司 | A kind of java applet guard method, device, equipment and readable storage medium storing program for executing |
CN109492353A (en) * | 2018-10-11 | 2019-03-19 | 北京奇虎科技有限公司 | Using reinforcement means, device, electronic equipment and storage medium |
CN109558745A (en) * | 2017-09-25 | 2019-04-02 | 赖育承 | Method for protecting electronic file and computer program product thereof |
CN109657480A (en) * | 2017-10-11 | 2019-04-19 | 中国移动通信有限公司研究院 | A kind of document handling method, equipment and computer readable storage medium |
CN109981580A (en) * | 2019-02-25 | 2019-07-05 | 浪潮软件集团有限公司 | It is a kind of to prevent safety method and system of the CMSP by dynamically track |
CN110046504A (en) * | 2019-04-22 | 2019-07-23 | 北京智游网安科技有限公司 | SO file hiding method, storage medium and device based on Linker |
CN110502874A (en) * | 2019-07-19 | 2019-11-26 | 西安理工大学 | A kind of Android App reinforcement means based on file self-modifying |
CN110532738A (en) * | 2019-08-26 | 2019-12-03 | 北京智游网安科技有限公司 | A kind of code process method, intelligent terminal and storage medium based on SO file |
CN111143869A (en) * | 2019-12-30 | 2020-05-12 | Oppo广东移动通信有限公司 | Application package processing method and device, electronic equipment and storage medium |
CN111191195A (en) * | 2019-12-10 | 2020-05-22 | 航天信息股份有限公司 | Method and device for protecting APK |
CN111488557A (en) * | 2019-01-28 | 2020-08-04 | 中国移动通信有限公司研究院 | Encryption and decryption method and device, electronic equipment and readable storage medium |
CN111984940A (en) * | 2019-05-22 | 2020-11-24 | 北京奇虎科技有限公司 | SO file reinforcing method and device, electronic equipment and storage medium |
CN112486496A (en) * | 2020-11-25 | 2021-03-12 | 上海连尚网络科技有限公司 | Method and equipment for generating and operating so file |
CN112507292A (en) * | 2020-12-09 | 2021-03-16 | 重庆邮电大学 | Shell adding protection method supporting operation environment detection and integrity detection |
CN112667975A (en) * | 2020-12-29 | 2021-04-16 | 西北工业大学 | Android system application software safety protection method based on hybrid reinforcement |
CN113761482A (en) * | 2017-06-06 | 2021-12-07 | 杭州网易智企科技有限公司 | Program code protection method and device |
CN113987471A (en) * | 2021-10-29 | 2022-01-28 | 山西大鲲智联科技有限公司 | Executable file execution method and device, electronic equipment and computer readable medium |
WO2022042363A1 (en) * | 2020-08-31 | 2022-03-03 | 华为技术有限公司 | Shared library multiplexing method and electronic device |
CN114398103A (en) * | 2022-01-19 | 2022-04-26 | 深圳爱加密科技有限公司 | Dynamic loading based Hongmon system code encryption method, system and terminal |
CN116680670A (en) * | 2023-08-03 | 2023-09-01 | 北京冠群信息技术股份有限公司 | Application software generation method, system, device and storage medium |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103413076A (en) * | 2013-08-27 | 2013-11-27 | 北京理工大学 | Block protection method for Android application programs |
CN104392181A (en) * | 2014-11-18 | 2015-03-04 | 北京奇虎科技有限公司 | SO file protection method and device and android installation package reinforcement method and system |
-
2016
- 2016-08-31 CN CN201610787151.5A patent/CN106203006A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103413076A (en) * | 2013-08-27 | 2013-11-27 | 北京理工大学 | Block protection method for Android application programs |
CN104392181A (en) * | 2014-11-18 | 2015-03-04 | 北京奇虎科技有限公司 | SO file protection method and device and android installation package reinforcement method and system |
Non-Patent Citations (2)
Title |
---|
巫志文等: "基于Android平台的软件加固方案的设计与实现", 《电信工程技术与标准化》 * |
韩子诺等: "基于Android平台的SO加固技术研究", 《现代计算机》 * |
Cited By (59)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106650431A (en) * | 2016-12-09 | 2017-05-10 | 北京奇虎科技有限公司 | Method and device for reinforcing dynamic link library SO file of Android installation package |
CN106681828A (en) * | 2016-12-09 | 2017-05-17 | 北京奇虎科技有限公司 | Method and device for reinforcing dynamic link library SO file of Android installation package |
CN106681782A (en) * | 2016-12-09 | 2017-05-17 | 北京奇虎科技有限公司 | Method and device for compiling dynamic linking library SO file of Android installation package |
CN106681782B (en) * | 2016-12-09 | 2019-12-24 | 北京奇虎科技有限公司 | Method and device for compiling dynamic link library SO file of android installation package |
CN106845167A (en) * | 2016-12-12 | 2017-06-13 | 北京奇虎科技有限公司 | The reinforcement means and device of a kind of APK, and dynamic loading method and device |
CN106599629B (en) * | 2016-12-16 | 2021-08-06 | Tcl科技集团股份有限公司 | Android application program reinforcing method and device |
CN106599629A (en) * | 2016-12-16 | 2017-04-26 | Tcl集团股份有限公司 | Strengthening method and apparatus for Android application program |
CN106713319B (en) * | 2016-12-23 | 2020-01-14 | 北京安云世纪科技有限公司 | Remote control method, device and system between terminals and mobile terminal |
CN106713319A (en) * | 2016-12-23 | 2017-05-24 | 北京奇虎科技有限公司 | Method, device, system of realizing remote control between terminals, and mobile terminal |
CN106845169B (en) * | 2016-12-26 | 2023-04-07 | 北京握奇智能科技有限公司 | Jar package reinforcing method and system |
CN106845169A (en) * | 2016-12-26 | 2017-06-13 | 北京握奇智能科技有限公司 | A kind of Jar bags reinforcement means and system |
CN108573142A (en) * | 2017-03-10 | 2018-09-25 | 中移(杭州)信息技术有限公司 | A kind of method and device for realizing hook |
CN108573142B (en) * | 2017-03-10 | 2020-06-09 | 中移(杭州)信息技术有限公司 | Method and device for realizing hook |
CN106934260A (en) * | 2017-03-14 | 2017-07-07 | 北京深思数盾科技股份有限公司 | Code protection method, device, server and storage medium |
CN106934260B (en) * | 2017-03-14 | 2020-03-17 | 北京深思数盾科技股份有限公司 | Code protection method, device, server and storage medium |
CN107066842A (en) * | 2017-03-28 | 2017-08-18 | 福建天晴在线互动科技有限公司 | A kind of method and system of reinforcing SDK projects |
CN108664796A (en) * | 2017-03-29 | 2018-10-16 | 中移(杭州)信息技术有限公司 | A kind of so document protection methods and device |
CN107196907B (en) * | 2017-03-31 | 2018-08-03 | 武汉斗鱼网络科技有限公司 | A kind of guard method of Android SO files and device |
CN107196907A (en) * | 2017-03-31 | 2017-09-22 | 武汉斗鱼网络科技有限公司 | A kind of guard method of Android SO files and device |
CN107092828A (en) * | 2017-04-13 | 2017-08-25 | 深圳海云安网络安全技术有限公司 | A kind of Android dynamic debuggings detection method |
WO2018192025A1 (en) * | 2017-04-19 | 2018-10-25 | 北京洋浦伟业科技发展有限公司 | Method for protecting executable program on android platform |
CN107169324A (en) * | 2017-05-12 | 2017-09-15 | 北京理工大学 | A kind of Android application reinforcement means based on dynamic encryption and decryption |
CN108932406A (en) * | 2017-05-18 | 2018-12-04 | 北京梆梆安全科技有限公司 | Virtualization software guard method and device |
CN108932406B (en) * | 2017-05-18 | 2021-12-17 | 北京梆梆安全科技有限公司 | Virtualization software protection method and device |
CN113761482A (en) * | 2017-06-06 | 2021-12-07 | 杭州网易智企科技有限公司 | Program code protection method and device |
CN107273723A (en) * | 2017-07-07 | 2017-10-20 | 广东工业大学 | A kind of Android platform applied software protection method based on so file shell addings |
CN107273723B (en) * | 2017-07-07 | 2022-01-28 | 广东工业大学 | So file shell adding-based Android platform application software protection method |
CN109558745A (en) * | 2017-09-25 | 2019-04-02 | 赖育承 | Method for protecting electronic file and computer program product thereof |
CN109657480A (en) * | 2017-10-11 | 2019-04-19 | 中国移动通信有限公司研究院 | A kind of document handling method, equipment and computer readable storage medium |
CN108133126A (en) * | 2017-12-04 | 2018-06-08 | 北京奇虎科技有限公司 | A kind of reinforcement means and device of Android application |
CN107977553A (en) * | 2017-12-25 | 2018-05-01 | 中国电子产品可靠性与环境试验研究所 | The method and device of the security hardening of mobile applications |
CN107977553B (en) * | 2017-12-25 | 2020-07-10 | 中国电子产品可靠性与环境试验研究所 | Method and device for security reinforcement of mobile application program |
CN108363580A (en) * | 2018-03-12 | 2018-08-03 | 平安普惠企业管理有限公司 | Application program installation method, device, computer equipment and storage medium |
CN108446552A (en) * | 2018-03-13 | 2018-08-24 | 山东超越数控电子股份有限公司 | A kind of implementation method of software security under domestic operating system platform |
CN108629163A (en) * | 2018-05-14 | 2018-10-09 | 广东蜂助手网络技术股份有限公司 | A kind of anti-tune method for testing of APP |
CN108733379A (en) * | 2018-05-28 | 2018-11-02 | 常熟理工学院 | The Android application reinforcement means that mapping is obscured is detached based on DEX bytecodes |
CN109492353B (en) * | 2018-10-11 | 2024-04-16 | 北京奇虎科技有限公司 | Application reinforcement method, device, electronic equipment and storage medium |
CN109492353A (en) * | 2018-10-11 | 2019-03-19 | 北京奇虎科技有限公司 | Using reinforcement means, device, electronic equipment and storage medium |
CN109460640A (en) * | 2018-11-13 | 2019-03-12 | 杭州涂鸦信息技术有限公司 | A kind of java applet guard method, device, equipment and readable storage medium storing program for executing |
CN111488557B (en) * | 2019-01-28 | 2024-01-12 | 中国移动通信有限公司研究院 | Encryption and decryption method and device, electronic equipment and readable storage medium |
CN111488557A (en) * | 2019-01-28 | 2020-08-04 | 中国移动通信有限公司研究院 | Encryption and decryption method and device, electronic equipment and readable storage medium |
CN109981580A (en) * | 2019-02-25 | 2019-07-05 | 浪潮软件集团有限公司 | It is a kind of to prevent safety method and system of the CMSP by dynamically track |
CN110046504A (en) * | 2019-04-22 | 2019-07-23 | 北京智游网安科技有限公司 | SO file hiding method, storage medium and device based on Linker |
CN111984940A (en) * | 2019-05-22 | 2020-11-24 | 北京奇虎科技有限公司 | SO file reinforcing method and device, electronic equipment and storage medium |
CN110502874B (en) * | 2019-07-19 | 2021-05-25 | 西安理工大学 | Android App reinforcement method based on file self-modification |
CN110502874A (en) * | 2019-07-19 | 2019-11-26 | 西安理工大学 | A kind of Android App reinforcement means based on file self-modifying |
CN110532738A (en) * | 2019-08-26 | 2019-12-03 | 北京智游网安科技有限公司 | A kind of code process method, intelligent terminal and storage medium based on SO file |
CN111191195A (en) * | 2019-12-10 | 2020-05-22 | 航天信息股份有限公司 | Method and device for protecting APK |
CN111143869A (en) * | 2019-12-30 | 2020-05-12 | Oppo广东移动通信有限公司 | Application package processing method and device, electronic equipment and storage medium |
WO2022042363A1 (en) * | 2020-08-31 | 2022-03-03 | 华为技术有限公司 | Shared library multiplexing method and electronic device |
CN112486496A (en) * | 2020-11-25 | 2021-03-12 | 上海连尚网络科技有限公司 | Method and equipment for generating and operating so file |
CN112507292A (en) * | 2020-12-09 | 2021-03-16 | 重庆邮电大学 | Shell adding protection method supporting operation environment detection and integrity detection |
CN112507292B (en) * | 2020-12-09 | 2024-01-26 | 重庆邮电大学 | Method for protecting shell supporting running environment detection and integrity detection |
CN112667975A (en) * | 2020-12-29 | 2021-04-16 | 西北工业大学 | Android system application software safety protection method based on hybrid reinforcement |
CN112667975B (en) * | 2020-12-29 | 2024-04-26 | 西北工业大学 | Application software safety protection method based on hybrid reinforcement Android system |
CN113987471A (en) * | 2021-10-29 | 2022-01-28 | 山西大鲲智联科技有限公司 | Executable file execution method and device, electronic equipment and computer readable medium |
CN114398103A (en) * | 2022-01-19 | 2022-04-26 | 深圳爱加密科技有限公司 | Dynamic loading based Hongmon system code encryption method, system and terminal |
CN116680670A (en) * | 2023-08-03 | 2023-09-01 | 北京冠群信息技术股份有限公司 | Application software generation method, system, device and storage medium |
CN116680670B (en) * | 2023-08-03 | 2023-10-31 | 北京冠群信息技术股份有限公司 | Application software generation method, system, device and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106203006A (en) | Android application reinforcement means based on dex Yu so file Dynamic Execution | |
US20160203087A1 (en) | Method for providing security for common intermediate language-based program | |
US8286251B2 (en) | Obfuscating computer program code | |
US10586026B2 (en) | Simple obfuscation of text data in binary files | |
CN106126981B (en) | Software security means of defence based on the replacement of virtual function table | |
CN104318155A (en) | Dynamic loading method capable of guarding against reverse APK file | |
US20170024230A1 (en) | Method, apparatus, and computer-readable medium for ofuscating execution of an application on a virtual machine | |
CN107273723B (en) | So file shell adding-based Android platform application software protection method | |
CN103530535A (en) | Shell adding and removing method for Android platform application program protection | |
CN104317625A (en) | Dynamic loading method for APK files | |
CN103136458B (en) | A kind of (SuSE) Linux OS dynamic base code protection method and device thereof | |
CN104408337A (en) | Reinforcement method for preventing reverse of APK (Android package) file | |
CN109598107B (en) | Code conversion method and device based on application installation package file | |
KR102028091B1 (en) | Apparatus and method for loading up dex file into memory | |
CN108399319B (en) | Source code protection method, application server and computer readable storage medium | |
CN108133147B (en) | Method and device for protecting executable code and readable storage medium | |
CN107291485B (en) | Dynamic link library reinforcing method, operation method, reinforcing device and safety system | |
CN105022936A (en) | Class file encryption and decryption method and class file encryption and decryption device | |
CN112269970A (en) | Script encryption method and device, server and storage medium | |
US10867017B2 (en) | Apparatus and method of providing security and apparatus and method of executing security for common intermediate language | |
CN110472425A (en) | Unity plug-in unit encryption method based on Mono, storage medium | |
CN108170433A (en) | A kind of Java code obscures method, restoration methods and its device | |
KR101863325B1 (en) | Method and apparatus for preventing reverse engineering | |
KR101667774B1 (en) | Apparatus and Method of Providing Security for Script Program | |
CN112035803A (en) | Protection method and device based on Windows platform software |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination |