CN108932436B - Android system-based software security reinforcement method for APP specification - Google Patents
Android system-based software security reinforcement method for APP specification Download PDFInfo
- Publication number
- CN108932436B CN108932436B CN201810737851.2A CN201810737851A CN108932436B CN 108932436 B CN108932436 B CN 108932436B CN 201810737851 A CN201810737851 A CN 201810737851A CN 108932436 B CN108932436 B CN 108932436B
- Authority
- CN
- China
- Prior art keywords
- file
- dex file
- word
- dex
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a software security reinforcement method of an APP specification based on an android system, the software security reinforcement method based on the APP specification of the android system utilizes a large amount of text information in the specification document, the software security is selectively reinforced, thereby improving the code running efficiency, and the reinforcement technology is mixed and added with shells, thereby reducing the intrusion record of reverse engineering and simultaneously reducing the readability of source files, after the codes are reinforced, the running efficiency of the codes is not influenced, the use safety of the android software APP is improved, and the privacy safety of a user is protected.
Description
Technical Field
The invention relates to the technical field of android software security in mobile internet, in particular to a software security reinforcing method based on an APP specification of an android system.
Background
With the rapid development of smart phones, a large amount of android software is convenient for human life. The specification document of android software contains a great deal of useful information. With the use of a large amount of android software, various malicious software steals the privacy (such as a telephone and a mailbox) of a user and steals property, thereby causing great potential safety hazard. How to improve the safety of software use and protect various information of a user without influencing the software operation efficiency becomes a problem which needs to be solved urgently by combining a software specification in the process of using android software by the user.
Disclosure of Invention
The invention aims to overcome the defects in the background technology, and provides a software security reinforcement method based on an APP specification of an android system.
In order to achieve the technical effects, the invention adopts the following technical scheme:
a software security reinforcement method of an APP specification based on an android system specifically comprises the following steps:
A. decompressing an APK file of the software to obtain a DEX file and analyzing the DEX file;
B. extracting keywords in the DEX file code by adopting an extraction algorithm;
C. carrying out confusion processing on the keywords to obtain an encrypted source APK file;
D. encrypting the encrypted source APK file on a shell APK file by using a fragmentation shell adding technology so as to obtain an encrypted DEX file;
E. replacing the DEX file in the shell program with the encrypted DEX file to obtain an encrypted APK file so as to finish software reinforcement;
the software security reinforcing method based on the APP specification of the android system has the advantages that the safety reinforcement of software is realized by reading the specification document, extracting the keywords from the specification, obfuscating the function codes corresponding to the keywords to obtain the new DEX file and adding the shell to the new DEX file, a large amount of text information in the specification document is utilized to selectively reinforce the software security, so that the code operation efficiency is improved, obfuscation and shell adding are carried out in the reinforcement technology, the intrusion record of reverse engineering is reduced, the readability of a source file is reduced, the operation efficiency of the codes is not influenced after the codes are reinforced, the use security of the APP of the android software is improved, and the privacy security of a user is protected.
Further, the step B specifically extracts the keyword by using a TF-IDF method and includes the following steps:
B1. dividing all documents of the DEX file into words, and creating a word order dictionary for storing the occurrence times of each word;
B2. traversing all words to obtain reverse file frequency of a single word in the DEX file, and then calculating the word frequency of each word, wherein the reverse file frequency is calculated by dividing the total number of files contained in the file set by the number of files in which the selected word appears in the measured file, and the word frequency is calculated by dividing the number of times of the selected word appears by the number of total words contained in the DEX file;
B3. creating a word letter dictionary, storing all word information, calculating the weight of each word, storing the weight of each word in the word letter dictionary, and selecting a plurality of words with the top rank according to the ranking sequence from the big to the small of the weight as the keywords to be extracted, wherein the weight of each word is the product of the reverse file frequency of the word and the word frequency of the word.
Further, the step C specifically includes: and renaming the keyword code name in the extracted DEX file code by using a rare word or simple and meaningless English characters so as to generate an encrypted source APK file.
Further, in the step C, after renaming the keyword code name, a string of invalid codes may be added to the end of the keyword code, and adding the invalid codes may further improve the confusion effect of the DEX file and ensure the security of the encryption processing.
Further, the step D is divided into two stages, namely an APK preprocessing stage and a DEX file operation stage;
the APK pretreatment stage specifically comprises the following steps:
the first step is as follows: c, dividing the DEX file subjected to the obfuscation processing in the step C into a plurality of independent segments;
the second step is that: respectively encrypting each DEX file segment by using an encryption algorithm and different keys;
the DEX file operation stage specifically comprises the following steps:
the first step is as follows: decrypting each DEX file segment respectively and mapping the DEX file segment into a memory;
the second step is that: repairing the DEX file segment by utilizing a hot patch dynamic repairing technology;
the third step: copying and Manifest configuration of resources in the software are completed;
the fourth step: a sharding run is performed in which context switching work is performed to run the entire DEX file in its entirety as the program crosses shards.
Further, the DEX file is specifically divided into 8 independent segments in the APK preprocessing stage.
Further, the encryption algorithm used when encrypting each DEX file segment is an exclusive or encryption algorithm or an AES encryption algorithm.
Further, the step E specifically includes the following steps:
E1. deleting the original DEX file and writing the encrypted DEX file in the step D into a data area;
E2. updating the offset position of the field in the file header according to the positions of the current field in the data area and the index area;
E3. performing CRC on the encrypted DEX file, and updating a checksum value in a file header;
E4. and copying the encrypted source APK file content behind the encrypted DEX file to finally generate an encrypted APK file.
Compared with the prior art, the invention has the following beneficial effects:
according to the android system-based APP specification software security reinforcing method, the specification document is read, the keywords are extracted from the specification, the function codes corresponding to the keywords are obfuscated to obtain the new DEX file, and the new DEX file is subjected to shell adding processing, so that the security reinforcement of software is achieved.
Drawings
Fig. 1 is a general flow diagram of a software security reinforcement method based on an APP specification of an android system in the present invention.
Fig. 2 is a schematic flow diagram of performing fragmentation and shell adding processing in a software security reinforcement method based on an APP specification of the android system according to an embodiment of the present invention.
Detailed Description
The invention will be further elucidated and described with reference to the embodiments of the invention described hereinafter.
Example (b):
as shown in fig. 1, a software security reinforcement method based on an APP specification of an android system specifically includes the following steps:
A. decompressing an APK file of the software to obtain a DEX file and analyzing the DEX file;
B. extracting keywords in the DEX file code by adopting an extraction algorithm;
specifically, in this embodiment, the method for extracting the keyword specifically uses a TF-IDF method and includes the following steps:
B1. dividing all documents of the DEX file into words, and creating a word order dictionary for storing the occurrence times of each word;
B2. traversing all words to obtain reverse file frequency of a single word in the DEX file, and then calculating the word frequency of each word, wherein the reverse file frequency is calculated by dividing the total number of files contained in the file set by the number of files in which the selected word appears in the measured file, and the word frequency is calculated by dividing the number of times of the selected word appears by the number of total words contained in the DEX file;
B3. creating a word letter dictionary, storing all word information, calculating the weight of each word, storing the weight of each word in the word letter dictionary, and selecting a plurality of words with the top rank according to the ranking sequence from the big to the small of the weight as the keywords to be extracted, wherein the weight of each word is the product of the reverse file frequency of the word and the word frequency of the word.
Specifically, in the present embodiment, the first four words ranked in the ranking with the weights from large to small in the word and letter dictionary are "pay", "password", "call", "read message", respectively, and in the present embodiment, the first 4 words are specifically extracted as keywords.
C. Renaming the name of the keyword code in the extracted DEX file code by using a rarely used word or simple and meaningless English characters so as to generate an encrypted source APK file;
in the implementation, byte confusion is carried out on 4 keywords of 'payment', 'password', 'calling', 'reading short message', and concretely, F is used for renaming 'payment', M is used for renaming 'password', D is used for renaming 'calling', and ME is used for renaming 'reading short message'.
Meanwhile, in order to increase invalid codes, the confusion effect of the DEX file can be further improved, and the security of encryption processing is guaranteed, and a string of invalid codes can be added to the tail end of the keyword codes after the name of the keyword codes is renamed.
D. Encrypting the encrypted source APK file on a shell APK file by using a fragmentation shell adding technology so as to obtain an encrypted DEX file;
the method specifically comprises an APK preprocessing stage and a DEX file operation stage;
the APK pretreatment stage specifically comprises the following steps:
the first step is as follows: c, dividing the DEX file subjected to the obfuscation processing in the step C into a plurality of independent segments;
the second step is that: respectively encrypting each DEX file segment by using an encryption algorithm and different keys;
the DEX file operation stage specifically comprises the following steps:
the first step is as follows: decrypting each DEX file segment respectively and mapping the DEX file segment into a memory;
the second step is that: repairing the DEX file segment by utilizing a hot patch dynamic repairing technology;
the third step: copying and Manifest configuration of resources in the software are completed;
the fourth step: a sharding run is performed in which context switching work is performed to run the entire DEX file in its entirety as the program crosses shards.
In this embodiment, specifically, during APK preprocessing, in a DEX file obtained based on obfuscation, the DEX file is divided into 8 independent segments, and each segment is encrypted by using an AES algorithm and using different keys.
Specifically, in order to ensure correct explanation and execute fragmented DEX files, some repair work needs to be done by using a hot patch dynamic repair technology to perform technical repair work, then copy work and Manifest configuration work of resources are completed, specifically, as shown in FIG. 2, resource files Manifest.xml, images, L ibraries and the like are copied to a data area, and a visual view of a set file is opened by double-clicking in a project manager to configure basic information of applications by setting the Manifest.json file in the android file.
Then, in the slicing operation, when the program is subjected to slicing crossing, the context switching operation is executed, namely when the current process enters the next process, the DEXCClass L loader file is used for replacing the program, so that the encrypted DEX file is obtained, and the whole DEX file is completely operated
E. And replacing the DEX file in the shell program by the encrypted DEX file to obtain an encrypted APK file so as to finish software reinforcement. The method specifically comprises the following steps:
E1. deleting the original DEX file and writing the encrypted DEX file in the step D into a data area;
E2. updating the offset position of the field in the file header according to the positions of the current field in the data area and the index area;
E3. performing CRC on the encrypted DEX file, and updating a checksum value in a file header;
E4. and copying the encrypted source APK file content behind the encrypted DEX file to finally generate an encrypted APK file.
Specifically, the encryption algorithm used in this embodiment is an AES encryption algorithm used when encrypting each DEX file segment, and other encryption algorithms may be actually used, such as performing xor processing on each byte by using an xor encryption algorithm.
Therefore, the android-system-based APP specification software security reinforcing method selectively reinforces software security by utilizing a large amount of text information in specification documents, so that the code operation efficiency is improved, confusion and shell adding are carried out in the reinforcing technology, intrusion records of reverse engineering are reduced, the readability of a source file is reduced, the operation efficiency of codes is not influenced after the codes are reinforced, the use security of android software APP is improved, and the privacy security of users is protected.
It will be understood that the above embodiments are merely exemplary embodiments taken to illustrate the principles of the present invention, which is not limited thereto. It will be apparent to those skilled in the art that various modifications and improvements can be made without departing from the spirit and substance of the invention, and these modifications and improvements are also considered to be within the scope of the invention.
Claims (5)
1. A software security reinforcement method of an APP specification based on an android system is characterized by specifically comprising the following steps:
A. decompressing an APK file of the software to obtain a DEX file and analyzing the DEX file;
B. extracting keywords in the DEX file code by adopting an extraction algorithm;
the step B specifically adopts a TF-IDF method to extract keywords and comprises the following steps:
B1. dividing all documents of the DEX file into words, and creating a word order dictionary for storing the occurrence times of each word;
B2. traversing all words in the DEX file to obtain the reverse file frequency of a single word in the DEX file, and then calculating the word frequency of each word, wherein the reverse file frequency is calculated by dividing the total number of files contained in a file set by the number of files in which selected words appear in the file to be measured, and the word frequency is calculated by dividing the number of times of the selected words by the number of total words contained in the DEX file;
B3. creating a word letter dictionary, storing all word information, calculating the weight of each word, storing the weight of each word in the word letter dictionary, and selecting a plurality of words with the top rank as key words to be extracted according to the ranking sequence of the weights from large to small, wherein the weight of each word is the product of the reverse file frequency of the word and the word frequency of the word;
C. carrying out confusion processing on the keywords to obtain an encrypted source APK file;
D. encrypting the encrypted source APK file on a shell APK file by using a fragmentation shell adding technology so as to obtain an encrypted DEX file;
the step D is divided into two stages, namely an APK preprocessing stage and a DEX file operation stage;
the APK pretreatment stage specifically comprises the following steps:
the first step is as follows: c, dividing the DEX file subjected to the obfuscation processing in the step C into a plurality of independent segments;
the second step is that: respectively encrypting each DEX file segment by using an encryption algorithm and different keys;
the DEX file operation stage specifically comprises the following steps:
the first step is as follows: decrypting each DEX file segment respectively and mapping the DEX file segment into a memory;
the second step is that: repairing the DEX file segment by utilizing a hot patch dynamic repairing technology;
the third step: copying and Manifest configuration of resources in the software are completed;
the fourth step: executing fragment operation, wherein when the program is in fragment spanning, the context switching work is executed so as to completely operate the whole DEX file;
E. replacing the DEX file in the shell program with the encrypted DEX file to obtain an encrypted APK file so as to finish software reinforcement;
the step E specifically comprises the following steps:
E1. deleting the original DEX file and writing the encrypted DEX file in the step D into a data area;
E2. updating the offset position of the field in the file header according to the positions of the current field in the data area and the index area;
E3. performing CRC on the encrypted DEX file, and updating a checksum value in a file header;
E4. copying the encrypted source APK file content in the encrypted DEX file, and finally generating an encrypted APK file.
2. The android system-based APP specification software security reinforcement method according to claim 1, wherein the step C specifically includes: and renaming the keyword code name in the extracted DEX file code by using a rare word or simple and meaningless English characters so as to generate an encrypted source APK file.
3. The android-system-based APP specification software security reinforcing method according to claim 2, wherein in the step C, a string of invalid codes can be added to the end of the keyword code after the keyword code name is renamed.
4. The android system-based APP specification software security reinforcement method according to claim 1, wherein the DEX file is specifically divided into 8 independent segments in the APK preprocessing stage.
5. The android-system-based software security reinforcing method for the APP specification, as recited in claim 1, wherein an encryption algorithm used when the DEX file segments are respectively encrypted is an exclusive OR encryption algorithm or an AES encryption algorithm.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810737851.2A CN108932436B (en) | 2018-07-06 | 2018-07-06 | Android system-based software security reinforcement method for APP specification |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810737851.2A CN108932436B (en) | 2018-07-06 | 2018-07-06 | Android system-based software security reinforcement method for APP specification |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108932436A CN108932436A (en) | 2018-12-04 |
CN108932436B true CN108932436B (en) | 2020-07-28 |
Family
ID=64447779
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810737851.2A Active CN108932436B (en) | 2018-07-06 | 2018-07-06 | Android system-based software security reinforcement method for APP specification |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108932436B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110781462B (en) * | 2019-10-10 | 2022-02-15 | 郑州阿帕斯科技有限公司 | Resource confusion method and device |
CN111522555B (en) * | 2020-04-24 | 2024-03-08 | 中国传媒大学 | apk file reinforcement method, decryption method and related devices |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103544414A (en) * | 2013-10-25 | 2014-01-29 | 苏州通付盾信息技术有限公司 | Deep code obfuscation method for Android system applications |
CN106096439A (en) * | 2016-06-03 | 2016-11-09 | 武汉大学 | A kind of intimacy protection system obscured based on mobile user profile and method |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102087605B (en) * | 2011-01-28 | 2014-05-07 | 宇龙计算机通信科技(深圳)有限公司 | Android-based platform application installation control method and system |
CN103886230A (en) * | 2014-02-24 | 2014-06-25 | 四川长虹电器股份有限公司 | Software copyright protection method of android system and system thereof |
CN105184118B (en) * | 2015-08-31 | 2018-02-23 | 西北大学 | A kind of Android application program shell adding guard methods and device based on code fragmentation |
CN105426708B (en) * | 2016-01-19 | 2018-08-21 | 北京鼎源科技有限公司 | A kind of reinforcement means of the application program of android system |
CN105930745A (en) * | 2016-04-25 | 2016-09-07 | 北京珊瑚灵御科技有限公司 | Android platform-based character string reinforcement method |
-
2018
- 2018-07-06 CN CN201810737851.2A patent/CN108932436B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103544414A (en) * | 2013-10-25 | 2014-01-29 | 苏州通付盾信息技术有限公司 | Deep code obfuscation method for Android system applications |
CN106096439A (en) * | 2016-06-03 | 2016-11-09 | 武汉大学 | A kind of intimacy protection system obscured based on mobile user profile and method |
Also Published As
Publication number | Publication date |
---|---|
CN108932436A (en) | 2018-12-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106126981B (en) | Software security means of defence based on the replacement of virtual function table | |
Garfinkel | Digital media triage with bulk data analysis and bulk_extractor | |
CN105426708A (en) | Reinforcing method of application program of Android system | |
Walls et al. | Forensic Triage for Mobile Phones with {DEC0DE} | |
US20100070518A1 (en) | Method for protecting private information and computer-readable recording medium storing program for executing the same | |
CN108932436B (en) | Android system-based software security reinforcement method for APP specification | |
WO2015035827A1 (en) | Method and apparatus for providing string encryption and decryption in program files | |
CN105095771A (en) | Method and apparatus for protecting shared target file | |
CN104090793A (en) | Device and method for destroying Android mobile phone body data | |
CN104298926A (en) | Method and device for running encrypted file | |
WO2015067996A1 (en) | Methods and apparatuses of digital data processing | |
Park et al. | A methodology for the decryption of encrypted smartphone backup data on android platform: A case study on the latest samsung smartphone backup system | |
CN107995174A (en) | File key acquisition device and method, file deciphering device and method | |
CN114036561A (en) | Information hiding method, information acquiring method, information hiding device, information acquiring device, storage medium and electronic equipment | |
CN107092834A (en) | A kind of finger print data management method and terminal | |
CN110119601A (en) | Program reinforcement means and device based on application program installation kit | |
CN111104693A (en) | Android platform software data cracking method, terminal device and storage medium | |
CN104765986A (en) | Steganography-based code protecting and restoring method | |
CN115292731A (en) | Encryption storage method of text reading and amending information and related equipment | |
Jiang et al. | A novel image-based malware classification model using deep learning | |
CN111563266B (en) | Encryption method and device, decryption method and device for data operation program of power system | |
CN109710899B (en) | Method and device for decrypting and obtaining evidence of file in storage medium | |
CN116235174A (en) | Apparatus and method for performing encryption algorithm | |
CN111984941A (en) | File processing method and device, terminal equipment and readable storage medium | |
CN109344574B (en) | Self-adaptive android reinforcement method based on specification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |