CN109145619A - A kind of Android application resource reinforcement means and system - Google Patents
A kind of Android application resource reinforcement means and system Download PDFInfo
- Publication number
- CN109145619A CN109145619A CN201810914429.XA CN201810914429A CN109145619A CN 109145619 A CN109145619 A CN 109145619A CN 201810914429 A CN201810914429 A CN 201810914429A CN 109145619 A CN109145619 A CN 109145619A
- Authority
- CN
- China
- Prior art keywords
- application program
- reinforcement
- program
- file
- reinforcement application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The present invention discloses a kind of Android application resource reinforcement means and system, the purpose of the present invention is to provide a kind of Android application resource reinforcement means and systems, by doing the encryption process to the core document in Android application program, the safety of Android application program is improved.This method comprises: doing the encryption process for the core document in former application program, reinforcement application program is formed;The startup item of reinforcement application program is modified, so that taking the lead in starting shell program in machine code before the operation of reinforcement application program;When the operation of reinforcement application program, library file is called to decrypt with reduction core file the file dynamic of encryption by shell program in machine code;By core document dynamically load in the current process of reinforcement application program, so that reinforcement application normal program operation.The system includes the method that above-mentioned technical proposal is mentioned, in the application program applied to H5 technological development.
Description
Technical field
The present invention relates to software information security technology area more particularly to a kind of Android application resource reinforcing sides
Method and system.
Background technique
In recent years, smart phone rapid proliferation in the world, in occupation of more and more mobile phone market shares,
Android system is the smart phone operation based on Linux, open source code that Google announced to release on November 5th, 2007
System.So far, Android has become most popular one of mobile terminal open platform.
With being continuously increased for Android number of applications, more and more Android application programs are using H5's
Development technique, compares primary exploitation, and the development scheme of H5 is suitable for those pages and frequently replaces (such as: Taobao's homepage various activities
Show by turns), it needs often to show big section text (such as: news, strategy), page formatting is relatively enriched (such as: overstriking, font
Multiplicity) application program.In application program using H5 development scheme, core code will focus on the H5 page and corresponding
In JS scripted code, these codes are put into the catalogue under one's name of application program APK packet as resource.Only due to APK packet itself
It is to take simple compression processing, therefore attacker is easy to get the application program of H5 exploitation by way of decompression
Resource file, in this way, the core code of H5 application is just directly exposed in face of attacker, caused consequence is answering of being attacked
It can be implanted advertisement, back door easily with program, even with the behaviors such as stealing privacy of user data, maliciously deducting fees, given
User causes loss.
Summary of the invention
The purpose of the present invention is to provide a kind of Android application resource reinforcement means and systems, by right
Core document in Android application program is done the encryption process, and improves the safety of Android application program.
To achieve the goals above, an aspect of of the present present invention provides a kind of Android application resource reinforcement means, packet
It includes:
It is done the encryption process for the core document in former application program, forms reinforcement application program;
The startup item of reinforcement application program is modified, so that taking the lead in starting shell program in machine code before the operation of reinforcement application program;
When the operation of reinforcement application program, library file is called to decrypt the file dynamic of encryption by shell program in machine code
With reduction core file;
By core document dynamically load in the current process of reinforcement application program, so that reinforcement application program is normally transported
Row.
Specifically, it is done the encryption process for the core document in former application program, forms the method packet of reinforcement application program
It includes:
Core document is extracted from former application program, compress and obtains encryption file after encrypting;
Core document in former application program is replaced with into encryption file, forms reinforcement application program.
Preferably, the core document includes H5 core code and correlated resources file.
Preferably, the startup item of modification reinforcement application program, so that taking the lead in starting shell generation before the operation of reinforcement application program
The method of coded program includes:
The configuration file attribute item in reinforcement application program is modified, sets shell program in machine code as the starting of reinforcement application program
Module.
Preferably, core document dynamically load is realized into reinforcement application program in the current process of reinforcement application program
The method of normal operation includes:
The resource path for modifying reinforcement application program is directed toward, after making reinforcement application program at runtime and capable of calling reduction
Core document.
Optionally, core document dynamically load is realized into reinforcement application program in the current process of reinforcement application program
It operates normally further include:
Exit shell program in machine code example.
Compared with prior art, Android application resource reinforcement means provided by the invention has below beneficial to effect
Fruit:
In the reinforcement means of Android application resource provided by the invention, by the core in former application program
File is done the encryption process, and can directly acquire the content of core document by installation kit to avoid attacker, and then ensure that and be based on
The safety of the application program of H5 technological development;In view of reinforcement application program operation when can not to encrypted core document into
Row identifying call, for this purpose, startup item of the present invention by modification reinforcement application program, so that energy before the operation of reinforcement application program
It enough takes the lead in starting shell program in machine code, and calls library file to decrypt the core document dynamic of encryption using shell program in machine code,
Obtained core document is restored there are in the temp directory of reinforcement application program, so that core document can be reinforced application program
Current process loaded, realize reinforcement application program normal operation.
As it can be seen that the present invention ensure that reinforcing by being encrypted to core document to reduce the risk that keystone resources leak
The safety of application program, while the normal operation in order to realize reinforcement application program, the present invention pass through modification reinforcement application journey
The startup item of sequence calls library file to decrypt encrypted core document dynamic, and then makes to add to take the lead in starting shell program in machine code
Gu core document can be directly got from temp directory after application program operation, since this process is nothing for a user
Sense, therefore, using Android application resource reinforcement means provided by the invention, software security can promoted
User experience is not lost simultaneously.
Another aspect of the present invention provides Android application resource hardened system, including sequentially connected encryption list
Member, startup item modification unit, shell program in machine code unit, library file unit and loading unit;
The encryption unit is used to do the encryption process for the core document in former application program, forms reinforcement application journey
Sequence;
The startup item modification unit is used to modify the startup item of reinforcement application program, so that reinforcement application program runs it
Before take the lead in starting shell program in machine code;
The shell program in machine code unit is used to pass through shell program in machine code cell call library text when the operation of reinforcement application program
Part unit decrypts with reduction core file the file dynamic of encryption;
The loading unit is used for by core document dynamically load in the current process of reinforcement application program, so as to reinforce
Application program operates normally.
Specifically, the encryption unit includes encrypting module and addition processing module, and the encrypting module is added by described
Add processing module to modify unit with the startup item to connect;
The encrypting module is for extracting core document from former application program, compressing and obtaining encryption file after encrypting;
The addition processing module is used to replacing with the core document in former application program into encryption file, is formed to reinforce and be answered
Use program.
Preferably, further including the control unit being connect with the loading unit, described control unit is for working as reinforcement application
When normal program operation, controls the shell program in machine code unit and exit example.
Compared with prior art, the beneficial effect of Android application resource hardened system provided by the invention with it is upper
The beneficial effect for stating the Android application resource reinforcement means of technical solution offer is identical, and this will not be repeated here.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present invention, constitutes a part of the invention, this hair
Bright illustrative embodiments and their description are used to explain the present invention, and are not constituted improper limitations of the present invention.In the accompanying drawings:
Fig. 1 is the flow diagram of Android application resource reinforcement means in the embodiment of the present invention one;
Fig. 2 is the structural block diagram of Android application resource hardened system in the embodiment of the present invention two.
Appended drawing reference:
1- encryption unit, 2- startup item modify unit;
3- shell program in machine code unit, 4- library file unit;
5- loading unit, 6- control unit;
11- encrypting module, 12- add processing module.
Specific embodiment
In order to make the foregoing objectives, features and advantages of the present invention clearer and more comprehensible, implement below in conjunction with the present invention
Attached drawing in example, technical scheme in the embodiment of the invention is clearly and completely described.Obviously, described embodiment
Only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, the common skill in this field
Art personnel all other embodiment obtained without creative labor belongs to the model that the present invention protects
It encloses.
Embodiment one
Fig. 1 is the flow diagram of Android application resource reinforcement means in the embodiment of the present invention one.Please refer to figure
1, the present embodiment provides a kind of Android application resource reinforcement means, comprising:
It is done the encryption process for the core document in former application program, forms reinforcement application program;Modify reinforcement application journey
The startup item of sequence, so that taking the lead in starting shell program in machine code before the operation of reinforcement application program;When the operation of reinforcement application program, lead to
Crossing shell program in machine code calls library file to decrypt with reduction core file the file dynamic of encryption;Core document dynamic is added
It is loaded in the current process of reinforcement application program, so that reinforcement application normal program operation.
In the reinforcement means of Android application resource provided in this embodiment, by the core in former application program
Heart file is done the encryption process, and can directly acquire the content of core document by installation kit to avoid attacker, and then ensure that base
In the safety of the application program of H5 technological development;It can not be to encrypted core document when in view of the operation of reinforcement application program
Identifying call is carried out, for this purpose, startup item of the present embodiment by modification reinforcement application program, so that reinforcement application program runs it
Before can take the lead in starting shell program in machine code, and call library file to the core document dynamic resolution of encryption using shell program in machine code
Close, the core document restored is there are in the temp directory of reinforcement application program, so that core document can be reinforced application
The current process of program is loaded, and realizes the normal operation of reinforcement application program.
As it can be seen that the present embodiment ensure that and add by being encrypted to core document to reduce the risk that keystone resources leak
Gu the safety of application program, while the normal operation in order to realize reinforcement application program, the present embodiment is answered by modifying to reinforce
With the startup item of program, library file is called to decrypt encrypted core document dynamic to take the lead in starting shell program in machine code, in turn
Core document can be directly got from temp directory after running reinforcement application program, for a user due to this process
Be it is noninductive, therefore, using Android application resource reinforcement means provided in this embodiment, software peace can promoted
User experience is not lost while full property.
It is understood that being done the encryption process in above-described embodiment for the core document in former application program, is formed and added
Gu the method for application program includes: to extract core document from former application program, compresses and obtain encryption file after encrypting;It will be former
Core document in application program replaces with encryption file, forms reinforcement application program.
When it is implemented, these core documents are compressed in a file after extracting core document in former application program
It is interior, then this document folder is encrypted using Encryption Algorithm to obtain encryption file;Later, by being searched in former application program
Core document, and encrypted file is replaced with it, form reinforcement application program.Illustratively, the core in above-described embodiment
Heart file includes H5 core code and correlated resources file, wherein correlated resources file include JS scripted code, display picture and
Configuration file etc..
In addition, the startup item of reinforcement application program is modified in above-described embodiment, so that the antecedent of reinforcement application program operation
The method for first starting shell program in machine code includes: the configuration file attribute item modified in reinforcement application program, sets shell program in machine code
For the starting module of reinforcement application program.
When it is implemented, passing through the apk packet of decompiling reinforcement application program, plaintext is obtained
AndroidManifest.xml file, the configuration item for then finding the inside are modified, that is, are modified
The android:name attribute of AndroidManifest.xml configuration file Application Shipping Options Page, is revised as shell generation
Application title in coded program, in this way when starting reinforcement application program, it will shell program in machine code is first carried out
Application, realization shell program in machine code take the lead in starting.
Further, in above-described embodiment by core document dynamically load in the current process of reinforcement application program, realize
The method of the normal operation of reinforcement application program includes: to modify the resource path direction of reinforcement application program, makes reinforcement application journey
Sequence can call the core document after reduction at runtime.
It should be noted that being directed toward by the resource path of modification current application, resource path is adjusted to temp directory
The reduction core file of middle storage, such reinforcement application program at runtime can be by obtaining the core stored in temp directory
File completes corresponding parsing function, and then realizes the normal operation of reinforcement application program, solves in the prior art
Reinforcement application program cannot parse the technical issues of encryption file.Wherein, the amending method that resource path is directed toward is to pass through reflection
Mode obtains " android.app.LoadedApk " object of reinforcement application program, obtains its domain " mResDir " later, then
The value for modifying this domain is the core document path values of reduction, and the direction modification of resource path can be completed.
It is well known that the core document in temp directory is merely able to be accessed by the reinforcement application program of itself, other are answered
It can not be accessed with program, therefore not will cause the leakage of core document, without core document in worry temp directory
Safety issue.In addition, shell program in machine code example is exited, to application after the normal operation of reinforcement application program
Using effect will not reduce user experience as former application program for family.
Embodiment two
Fig. 1 and Fig. 2 are please referred to, the present embodiment provides a kind of Android application resource hardened systems, including successively connect
Encryption unit 1, startup item modification unit 2, shell program in machine code unit 3, library file unit 4 and the loading unit 5 connect;
Encryption unit is done the encryption process with 1 in for the core document in former application program, forms reinforcement application program;
Startup item modification unit 2 is used to modify the startup item of reinforcement application program, so that before the operation of reinforcement application program
It takes the lead in starting shell program in machine code;
Shell program in machine code unit 3 is used to call library file by shell program in machine code unit 3 when the operation of reinforcement application program
Unit 4 decrypts with reduction core file the file dynamic of encryption;
Loading unit 5 is used for by core document dynamically load in the current process of reinforcement application program, is answered so as to reinforce
Use normal program operation.
Encryption unit 1 includes encrypting module 11 and addition processing module 12, and encrypting module 11 passes through addition processing module 12
It is connect with startup item modification unit 2;
Encrypting module 11 is for extracting core document from former application program, compressing and obtaining encryption file after encrypting;
Addition processing module 12 is used to replacing with the core document in former application program into encryption file, forms reinforcement application
Program.
It further include the control unit 6 being connect with loading unit 5, control unit 6 is used to work as reinforcement application normal program operation
When, control shell program in machine code unit 3 exits example.
Compared with prior art, the beneficial effect of Android application resource hardened system provided in an embodiment of the present invention
Fruit is identical as the beneficial effect of Android application resource reinforcement means that above-described embodiment one provides, and this will not be repeated here.
It will appreciated by the skilled person that realizing that all or part of the steps in foregoing invention method is can to lead to
Program is crossed to instruct relevant hardware and complete, above procedure can store in computer-readable storage medium, the program
When being executed, each step including above-described embodiment method, and the storage medium may is that ROM/RAM, magnetic disk, CD,
Storage card etc..
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain
Lid is within protection scope of the present invention.Therefore, protection scope of the present invention should be based on the protection scope of the described claims.
Claims (9)
1. a kind of Android application resource reinforcement means characterized by comprising
It is done the encryption process for the core document in former application program, forms reinforcement application program;
The startup item of reinforcement application program is modified, so that taking the lead in starting shell program in machine code before the operation of reinforcement application program;
When the operation of reinforcement application program, library file is called to decrypt to go back the file dynamic of encryption by shell program in machine code
Former core document;
By core document dynamically load in the current process of reinforcement application program, so that reinforcement application normal program operation.
2. the method according to claim 1, wherein being done at encryption for the core document in former application program
Reason, the method for forming reinforcement application program include:
Core document is extracted from former application program, compress and obtains encryption file after encrypting;
Core document in former application program is replaced with into encryption file, forms reinforcement application program.
3. the method according to claim 1, wherein the core document includes H5 core code and correlated resources
File.
4. the method according to claim 1, wherein the startup item of modification reinforcement application program, is answered so that reinforcing
Include: with the method for taking the lead in starting shell program in machine code before program operation
The configuration file attribute item in reinforcement application program is modified, sets shell program in machine code as the starting mould of reinforcement application program
Block.
5. the method according to claim 1, wherein the working as in reinforcement application program by core document dynamically load
Preceding process, the method for realizing the normal operation of reinforcement application program include:
The resource path for modifying reinforcement application program is directed toward, and the core after reduction can be called by making reinforcement application program at runtime
File.
6. according to the method described in claim 5, it is characterized in that, by core document dynamically load working as in reinforcement application program
Preceding process realizes the normal operation of reinforcement application program further include:
Exit shell program in machine code example.
7. a kind of Android application resource hardened system, which is characterized in that including sequentially connected encryption unit, starting
Item modification unit, shell program in machine code unit, library file unit and loading unit;
The encryption unit is used to do the encryption process for the core document in former application program, forms reinforcement application program;
The startup item modification unit is used to modify the startup item of reinforcement application program, so that the antecedent of reinforcement application program operation
First start shell program in machine code;
The shell program in machine code unit is used to pass through shell program in machine code cell call library file list when the operation of reinforcement application program
Member decrypts with reduction core file the file dynamic of encryption;
The loading unit is used for by core document dynamically load in the current process of reinforcement application program, so that reinforcement application
Normal program operation.
8. system according to claim 7, which is characterized in that the encryption unit includes encrypting module and addition processing mould
Block, the encrypting module are modified unit with the startup item by the addition processing module and are connect;
The encrypting module is for extracting core document from former application program, compressing and obtaining encryption file after encrypting;
The addition processing module is used to replacing with the core document in former application program into encryption file, forms reinforcement application journey
Sequence.
9. system according to claim 7, which is characterized in that it further include the control unit being connect with the loading unit,
Described control unit is used for when reinforcement application normal program operation, is controlled the shell program in machine code unit and is exited example.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810914429.XA CN109145619A (en) | 2018-08-13 | 2018-08-13 | A kind of Android application resource reinforcement means and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810914429.XA CN109145619A (en) | 2018-08-13 | 2018-08-13 | A kind of Android application resource reinforcement means and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109145619A true CN109145619A (en) | 2019-01-04 |
Family
ID=64792554
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810914429.XA Pending CN109145619A (en) | 2018-08-13 | 2018-08-13 | A kind of Android application resource reinforcement means and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109145619A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109918872A (en) * | 2019-01-28 | 2019-06-21 | 中国科学院数据与通信保护研究教育中心 | Android application reinforcement means |
| CN113157324A (en) * | 2021-03-19 | 2021-07-23 | 山东英信计算机技术有限公司 | Starting method, device and equipment of computer equipment and readable storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101284676B1 (en) * | 2012-02-28 | 2013-08-23 | 건국대학교 산학협력단 | Cryptography-based copy protection system and method for android apps |
| CN104408337A (en) * | 2014-11-18 | 2015-03-11 | 刘鹏 | Reinforcement method for preventing reverse of APK (Android package) file |
| CN106295370A (en) * | 2016-08-19 | 2017-01-04 | 北京奇虎科技有限公司 | A kind of method and apparatus of the dynamic link library (DLL) file reinforcing installation kit |
| CN106650330A (en) * | 2016-12-22 | 2017-05-10 | 合肥国信车联网研究院有限公司 | Android application software reinforcement protection method based on DexClassloader |
| CN106708571A (en) * | 2016-12-13 | 2017-05-24 | 北京奇虎科技有限公司 | Resource file loading method and device and source file reinforcing method and device |
| CN107480477A (en) * | 2017-07-21 | 2017-12-15 | 四川长虹电器股份有限公司 | Mobile terminal product copy-right protection method based on html5 technologies |
-
2018
- 2018-08-13 CN CN201810914429.XA patent/CN109145619A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101284676B1 (en) * | 2012-02-28 | 2013-08-23 | 건국대학교 산학협력단 | Cryptography-based copy protection system and method for android apps |
| CN104408337A (en) * | 2014-11-18 | 2015-03-11 | 刘鹏 | Reinforcement method for preventing reverse of APK (Android package) file |
| CN106295370A (en) * | 2016-08-19 | 2017-01-04 | 北京奇虎科技有限公司 | A kind of method and apparatus of the dynamic link library (DLL) file reinforcing installation kit |
| CN106708571A (en) * | 2016-12-13 | 2017-05-24 | 北京奇虎科技有限公司 | Resource file loading method and device and source file reinforcing method and device |
| CN106650330A (en) * | 2016-12-22 | 2017-05-10 | 合肥国信车联网研究院有限公司 | Android application software reinforcement protection method based on DexClassloader |
| CN107480477A (en) * | 2017-07-21 | 2017-12-15 | 四川长虹电器股份有限公司 | Mobile terminal product copy-right protection method based on html5 technologies |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109918872A (en) * | 2019-01-28 | 2019-06-21 | 中国科学院数据与通信保护研究教育中心 | Android application reinforcement means |
| CN113157324A (en) * | 2021-03-19 | 2021-07-23 | 山东英信计算机技术有限公司 | Starting method, device and equipment of computer equipment and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9038910B2 (en) | Method and apparatus for executing user action commands | |
| CN107967139B (en) | Hot updating method and device for game | |
| CN104239757A (en) | Application program reversing-preventing method and device and operation method and terminal | |
| CN105224401A (en) | Scheduled task control method and device | |
| CN105068813A (en) | Method and device for providing android package (APK) modification service | |
| CN109145619A (en) | A kind of Android application resource reinforcement means and system | |
| US20140045467A1 (en) | Method and apparatus for recording information during a call | |
| CN103677948A (en) | Starter and start method | |
| CN107766096A (en) | The generation method of application program installation kit, the operation method of application program and device | |
| KR101734663B1 (en) | Method for preventing reverse engineering of android application and apparatus for performing the method | |
| CN109992284A (en) | Method and device for providing hot update program and electronic equipment | |
| CN111144878A (en) | Instruction generation method and instruction generation device | |
| CN109766123B (en) | Application program packaging method and device | |
| CN107807831A (en) | Business in application program performs method, apparatus, terminal and storage medium | |
| US8863121B2 (en) | Method and terminal for loading picture resources by JAVA virtual machine | |
| CN106775879B (en) | VR application installation-free method and system based on android system client | |
| CN113157337A (en) | Application program starting method and device, terminal equipment and storage medium | |
| CN103034811A (en) | File processing method and system and device | |
| CN102053917B (en) | Smart card capable of reducing memory footprint and instruction processing method thereof | |
| BRPI0708498A2 (en) | method for displaying content on a mobile communication terminal that hosts a security personal authenticator, and security personal authenticator for a mobile communication terminal | |
| CN111475763B (en) | Webpage running method and device, storage medium and equipment | |
| CN110399160B (en) | Channel package packaging method, device, server and storage medium | |
| CN113420313A (en) | Program safe operation and encryption method and device, equipment and medium thereof | |
| CN110704157B (en) | Application starting method, related device and medium | |
| CN107341392A (en) | File hulling method and device in android system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190104 |
|
| RJ01 | Rejection of invention patent application after publication |