CN109255235A - Mobile application third party library partition method based on User space sandbox - Google Patents
Mobile application third party library partition method based on User space sandbox Download PDFInfo
- Publication number
- CN109255235A CN109255235A CN201811083714.8A CN201811083714A CN109255235A CN 109255235 A CN109255235 A CN 109255235A CN 201811083714 A CN201811083714 A CN 201811083714A CN 109255235 A CN109255235 A CN 109255235A
- Authority
- CN
- China
- Prior art keywords
- code
- file
- party library
- class
- smali
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Stored Programmes (AREA)
Abstract
The present invention provides the mobile application third party library partition method based on User space sandbox, is rewritten and is realized based on code, including third party library code rewrites and dynamically load code rewrites two parts.Third party library code overwritten parts, the calling code of the sensitive API of third party library itself is replaced using the calling code of self defined interface, so that the behavior of privacy-sensitive is all limited in User space sandbox in third party library code, the permission of third party library receives to be constrained well;Third party library after dynamically load code overwritten parts are mainly written over uses in the process of running, when third party's dynamically load code, the code of dynamically load can be uploaded onto the server in real time be rewritten as the calling code of self defined interface, solves existing code and rewrites the dynamic code loading problem that scheme cannot be handled.The present invention is rewritten by bytecode to existing third party library and dynamically load code, the personal secrets of protection application and user.
Description
Technical field
The invention belongs to mobile security fields, are related to the permission protection of mobile application third party library, are specially based on user
The mobile application third party library partition method of state sandbox.
Background technique
Currently, the application overwhelming majority on Android (Android) platform is free.Application developer is often being exempted from
One or more third party libraries are integrated in the application taken, to reduce the exploitation investment of oneself or make a profit by advertising income.
According to the existing Right control model of Android, the permission of application is to pass through configuration file when installing first time
Application distribution, that is to say, that all components inside application share a set of authorization policy, therefore integrate third in the application
Fang Ku also inherits all permissions of application, including some permissions that should not be used by third party library.These third party libraries
Developer is often supplied in the form of jar packet, therefore developer does not know what they can do in the application of oneself, such as
Read user communication record, short message, geographical location information etc..As developer, though want when integrating third party library to they
Permission is configured, and existing Android mechanism of authorization control is excessively coarse, can not be realized and be weighed to the internal disparate modules of application
The separated monitoring of limit.
The permission of third party library can neither be controlled by developer, can not be distinguished from application by the ccf layer of Android
Out, so its security risk is also more and more sensitive.Firstly, since third party library inherits the permission of application, so they
These permissions can be abused by permission possessed by detection application, read the private data of user, execute sensitive operation.The
Two, since third party library operates in the context environmental of application, ccf layer and operating system to third party library and apply itself
Stringent differentiation is not done, third party library can freely read the file of application, this is equally possible to cause application message to be modified
Or the leakage of application private data.Third, even if these third party libraries itself may also in the believable situation of third party library
There are loopholes, attack application by attacker's utilization.
In order to cope with the security risk in third party library, many researchers are proposed oneself corresponding solution.
For example, AdDroid [Paul Pearce etc., the ACM meeting] proposition of Univ California-Berkeley designs for third party library
The operation of third party library is separated in a system service executes as a result, by new API;Permission operation is separated, but this
The participation of third party library is needed, so opaque to third party library.Xue Cheng university of the U.S. AFrame [Xiao Zhang etc.,
ACSAC meeting] third party library is separated in the process of an independent UID and executes, to make third party library and be applied to two
A different application, permission are separated;But it has modified the frame layer identification code of system, needs ROOT permission or brushes again
Machine, therefore feasibility is restricted.The PEDAL [Bin Liu et al., ACM meeting] of Samsung Institute of American Studies, Carnegie Mellon University
It is proposed separates third party library from application, is written over to the relevant operation code of privacy in third party library, to rise
It to the effect of control third party library permission, does so and does not need ROOT permission, also do not need third party library participation, but it cannot
Code obfuscation, the load of Remote Dynamic code etc. are resisted well.
Summary of the invention
In order to make up for the deficiencies of the prior art, the invention proposes the mobile application third party library based on User space sandbox every
It is a kind of method that third party library is isolated realized in client layer from method, this method passes through the word to existing third party library
Section code is rewritten, to manage mistrustful third party library code, the personal secrets of protection application and user.
The present invention is to be achieved through the following technical solutions:
Mobile application third party library partition method based on User space sandbox, includes the following steps:
(1) the calling code of third party library sensitive API is rewritten:
(1.1) input and output are initialized:
(1.11) catalogue where initialization JAR packet, generates tmp_class file;
(1.12) JAR packet output directory is initialized, out file is generated;
(1.13) predefined sensitive API information is loaded;
(1.14) self defined interface class corresponding with sensitive API is added in tmp_class file;
(1.2) bytecode writing instrument packet is utilized, JAR packet to be rewritten is traversed, obtains the information column of all classes in JAR packet
Table;
(1.3) traversal rewrites each class in JAR packet, calls code to replace sensitivity therein with corresponding self defined interface
API Calls code;
(1.4) it is packaged revised class file, generates new JAR packet to catalogue tmp_class file.
Preferably, (1.13) load predefined sensitive API information concrete operations are as follows:
(1.131) developer is as needed, and definition needs the sensitive API information rewritten, including class name, method name and method
Signature, storage is hereof;
(1.132) file for reading sensitive API information, parses class name, method name and method signature.
Preferably, (1.14) concrete operations are as follows:
(1.141) according to sensitive API information, define corresponding self defined interface, in self defined interface return falsity or
Directly block original operation, generates self defined interface class;
(1.142) self defined interface class is added in revised class file catalogue tmp_class file.
4. the mobile application third party library partition method according to claim 1 based on User space sandbox, feature
It is, in (1.2), bytecode writing instrument packet uses javassist.
Preferably, (1.3) concrete operations are as follows:
(1.31) from JAR packet loading classes bytecode;
(1.32) according to the sensitive API information of load, traversal searches the calling code of sensitive API in bytecode;
(1.33) the calling code for rewriting sensitive API, replaces with the calling code of corresponding self defined interface;
(1.34) revised bytecode is write back in class file, is put into revised class file catalogue tmp_class
In file.
Preferably, further comprising the steps of:
(2) third party library dynamically load code is rewritten:
(2.1) input and output catalogue is initialized:
(2.11) initialization receives the catalogue of dynamically load file, generates in file;
(2.12) catalogue of initialization storage .smali file, generates tmp_smali file;
(2.13) initialization dynamically load code rewrites output directory, generates out file;
(2.2) client in the process of running dynamically load code when, upload the code of dynamically load and carried out to server-side
It rewrites;
(2.3) server-side receives the dynamically load code that client uploads;
(2.4) server-side preliminary treatment dynamically load code extracts .dex file;
(2.5) smali/baksmali tools chain decompiling .dex file is utilized, the .smali file of each class is generated, deposits
It is put into tmp_smali file;
(2.6) self defined interface class corresponding with sensitive API is added to tmp_ in revised .smali file directory
In smali file;
(2.7) each .smali file is traversed, the calling code of sensitive API is searched and replaces with corresponding self defined interface
Calling code;
(2.8) tmp_smali in revised .smali file directory is compiled using smali/baksmali tools chain
File generates new .dex file and is converted into former formatted dynamically load code;
(2.9) server-side notifies the revised dynamically load code of client downloads, and load and execution.
Further, (2.4) concrete operations are as follows:
(2.41) if dynamically load code is .apk file .dex is extracted;
(2.42) if dynamically load code is .jar file .dex is extracted;
(2.43) it if dynamically load code is .dex file, is directly entered in next step.
Further, (2.7) concrete operations are as follows:
(2.71) .smali file content is read;
(2.72) traversal searches the calling code of sensitive API in .smali;
(2.73) the calling code for rewriting sensitive API, replaces with the calling code of corresponding self defined interface;
(2.74) revised smali code is write back in .smali file, is put into revised .smali file mesh
In tmp_smali file in record.
Compared with prior art, the invention has the following beneficial technical effects:
It rewrites and realizes the present invention is based on code, analysis rewriting is carried out to the code of existing third party library, is replaced wherein quick
The calling code for feeling API, by the rewriting to third party library code itself, in third party library code the behavior of privacy-sensitive all by
It is limited in User space sandbox, the permission of third party library receives to be constrained well, can be used for protecting user in mobile device hidden
Private data are not stolen by malicious third parties library.Frame of the present invention as a loose coupling, is with good expansibility.This hair
It is bright that mainly third party library is rewritten according to the configuration file that developer provides, if define new sensitive API information and
Corresponding self defined interface function can rewrite the calling code of sensitive API new to these in third party library.The present invention makes up
The deficiency of Android system current entitlement model, can do individual limitation to the permission of third party library in mobile application, prevent
Third party library abuses the permission of host's application, endangers the personal secrets of user and application.The present invention is mainly in client layer realization, phase
It has a clear superiority to existing program.Relatively traditional system level solution, the present invention do not need modification system source code, not yet
It needs to apply ROOT permission, can be used as an independent tool and use, therefore be easier to use and promote.It is relatively existing
Bytecode rewrites scheme, and the present invention operates mainly in the development phase, directly processing third party library, does not need processing and has in application
Code obfuscation.
Further, the present invention also monitors the behavior of third party library dynamically load code, when third party's dynamically load code
When, the code of dynamically load can be rewritten by uploading onto the server in real time, and solving existing code rewriting scheme cannot be handled
Dynamic code loading problem, further prevent third party library abuse host application permission, significantly more efficient protection user with
The personal secrets of application.
Detailed description of the invention
Fig. 1 is that third party library of the invention rewrites module workflow;
Fig. 2 is that third party library dynamically load code of the invention rewrites module workflow.
Specific embodiment
Below with reference to specific embodiment, the present invention is described in further detail, it is described be explanation of the invention and
It is not to limit.Referring to Figures 1 and 2, the present invention includes that third party library rewrites module and dynamically load code rewriting two portions of module
Point.Wherein third party library is rewritten the module person of being mainly developed and is used in the development phase, for rewriting control third party library itself
Code, dynamically load code is rewritten the third party library after module is mainly written over and is used in the process of running, for rewriting third
The code of square library dynamically load.
The calling code of one, third party library sensitive API is rewritten
Referring to Fig.1, this part is implemented as follows:
Step 1, input and output are initialized.
This part hashes mainly to rewrite third party library jar file so system is initialized first after jar file is rewritten
The output directory of JAR packet after the storing directory and rewriting of file.
(1.1) catalogue where initialization JAR packet, generates tmp_class file.
(1.2) JAR packet output directory is initialized, out file is generated.
(1.3) predefined target susceptibility API information is loaded;
The present invention is mainly the needs according to developer, and third party library code is isolated, limits the specifies behavior of third party library,
So the present invention needs developer according to format provided by the invention, the sensitive API of the specified third party library for needing to limit is called
List, the sensitive API information that system is provided according to developer, rewrites third party library bytecode, controls in third party library
To the calling of specified sensitive API.
(1.31) developer is as needed, and definition needs the sensitive API information rewritten, including class name, method name and method
Signature, storage is hereof;
Sensitive API information mainly includes class name, method name and method signature, and centre is separated with comma, and is arranged according to a line
Column, developer can be put into the API information of all sensitivities in one .txt file, and system can read this document, and according to upper
Rule is stated to be parsed.
(1.32) file for reading sensitive API information, parses class name, method name and method signature;
System reads out sensitive API information from the file that developer provides, and parses in deposit system, for subsequent code
It is used when rewriting.
(1.4) self defined interface class corresponding with sensitive API is added in tmp_class file;
Third party library after self defined interface class is mainly written over uses, and instead of system sensitive API, it is former to block third party library
Some privacy-sensitive operations.
(1.41) according to sensitive API information, corresponding self defined interface is defined, falsity or straight is returned in self defined interface
Connect the original operation of obstruction;
Self defined interface mainly to block original operation of third party library, and different system privacy API have it is different
Return value, so the present invention has different processing modes for different system privacy API.For example, it is corresponding to send short message API
Self defined interface directly returns to null value, does not do any operation;And the corresponding self defined interface of API for obtaining device id can return to one
The device id of a vacation cheats third party library.It can either guarantee that the private data of user and application is not stolen by third party library in this way
Take, but can guarantee third party library will not because operation is blocked and it is not normal to run or collapse.
(1.42) self defined interface is written in new class, is rewritten and uses by code as an independent class;
(1.43) self defined interface class is added in the tmp_class file in revised class file catalogue;
Third party library after being finally written over due to self defined interface class is called, so the class file is needed to be added to
In revised third party library.
Step 2, using bytecode writing instrument packet javassist, JAR packet to be rewritten is traversed, obtains in JAR packet and owns
The list of class, including packet name and class name;
This part rewrites the bytecode of third party library using javassist tool, javassist tool support from
Specified class is taken out in jar file to be rewritten, so first have to obtain out all class file lists in JAR packet, then according to
List is rewritten one by one.
Step 3, traversal rewrites each class in JAR packet, replaces sensitive API therein and calls code;
Main operational principle of the invention is exactly the code for rewriting third party library, in third party library code to system sensitive
The calling code of API is rewritten, and is substituted for the calling code of corresponding self defined interface, and self defined interface can return to a vacation
Value returns to null value to block the original operation of third party library, to guarantee that system sensitive API cannot be random by third party library
It uses, protects the privacy-sensitive data of user and application.
(3.1) from JAR packet loading classes bytecode;
This part mainly uses javassist tool, rewrites to the bytecode of class in third party's JAR packet.
The support of Javassist tool is loaded directly into JAR packet, and is taken out specified class file and rewrites its bytecode, so herein
The list of class file in the JAR packet according to obtained in step 2 is taken out the bytecode of specified class from JAR packet one by one, is traversed
It rewrites.
(3.2) according to the sensitive API information of load, traversal searches the calling code of sensitive API in bytecode;
According to the sensitive API information to be rewritten that developer provides, system traversal searches the bytecode of each class, therefrom finds out
To the calling code of these sensitive APIs, and do the rewriting of next step.
(3.3) the calling code for rewriting sensitive API, replaces with the calling code of self defined interface, in self defined interface
Block relevant operation;
According to the calling code of the sensitive API found, system calls javassist tool to carry out rewriting replacement, will be former
There is code to be rewritten as the calling code of self defined interface, and original operation is blocked in self defined interface.
(3.4) revised bytecode is write back in class file, is put into revised class file catalogue tmp_class text
In part folder;
After being rewritten to the byte code files of specified class, by such revised bytecode according to the road of packet name and class name
Diameter re-writes in class file.Then system carries out traversal rewriting to next class according to the list of JAR packet class file, until
The bytecode of all class files, which is all written over, in JAR packet finishes, and is stored in temp directory tmp_ according to the path of packet name class name
In class file.
Step 6, it is packaged revised class file, generates new JAR packet to catalogue tmp_class file;
Revised class byte code files folder tmp_class catalogue is packaged, new jar file is generated, JAR text at this time
Part has been processed, and the calling code of sensitive API has been written over, so the behavior of third party library can be controlled well
System.
Two, dynamically load codes rewrite step
Since third party library in the process of running can be with dynamically load code, so the second part of the invention is dynamic
Loading code is rewritten.On the remote server, the revised third party library of first part moves the part major deployments in operation
When state loading code, code to be loaded can be uploaded in real time to remote server, disposes dynamically load generation on the server
Code rewrites the code that module is capable of the upload of real-time reception client, and rewrites the code of dynamically load.After the completion of rewriting, client
The code that rewriting can be downloaded is executed to local dynamically load.To which the behavior of third party library dynamically load code receives very well
Control.
Referring to Fig. 2, this part is implemented as follows:
Step 1, input and output catalogue is initialized;
This part is mainly to rewrite the code file of third party library dynamically load, so system initializes first receives generation
The catalogue of code file storage, then initializes the catalogue stored after the decompiling of dynamically load code file, finally initialization dynamic
The catalogue that loading code exports after rewriting.
(1.1) initialization receives the catalogue of dynamically load file, generates in file;
(1.2) catalogue of initialization storage .smali file, generates tmp_smali file;
(1.3) initialization dynamically load code rewrites output directory, generates out file;
Step 2, client in the process of running dynamically load code when, upload the code of dynamically load and carried out to server-side
It rewrites;
Module is rewritten by the third party library of first part due to the third party library JAR code of client to rewrite, so
Third party library in operation dynamically load code when, the code file that will load can be uploaded in real time to server, allow service
Device rewrites the code of dynamically load.
Step 3, server-side receives the dynamically load code that client uploads;
After the completion of server disposition, the request of transmitting file in client can be monitored in real time, receive client upload in time
The dynamically load code file to come over, line code of going forward side by side are rewritten.
Step 4, server-side preliminary treatment dynamically load code is prepared for the rewriting of next step;
The code of third party library dynamically load has .dex .apk and three kinds of formats of jar file, so needing for different
File format uses different rewriting schemes.The JAR packet used when dynamically load code is to contain the compression of .dex file
Packet can unpack out .dex file therein when loading JAR packet first, then proceed to each in the parsing load .dex file
Class..dex file when system dynamically load .apk code, in main load document.So for JAR packet and .apk file
Processing, this system first therefrom extract .dex file, and the rewriting of next step is then carried out as .dex file.
(4.1) if .apk file, then .dex is extracted;
(4.2) if .jar file, then .dex is extracted;
(4.3) it if .dex file, is directly entered in next step.
Step 5, using smali/baksmali tools chain decompiling .dex file, the .smali file of each class is generated,
It is stored in tmp_smali file;
Rewriting for .dex file, the present invention carry out decompiling using smali/baksmali tools chain, obtain
.smali after file, the traversal for doing next step is rewritten..smali file is mainly the code file that smali language is write, and is peace
A kind of distinctive file format of Zhuo Pingtai.Smali language is the register language of Dalvik virtual machine, and language feature is similar to
Assembler language.Although the main programming code of Android platform is java .class file is not generated after java code compilation, and
It is to be packaged in the .dex file generated in .apk file.Smali language after compiling has been various assembly instructions, but
It is that it maintains the structure features such as class, the method for original java language and logic of language feature substantially, more relative to assembler language
It is readily appreciated that.
Step 6, self defined interface class is added;
.dex file after self defined interface class is mainly written over uses, and instead of original system sensitive API, blocks third
The square original privacy-sensitive operation of library dynamically load code.
(6.1) according to sensitive API information, corresponding self defined interface is defined, falsity or straight is returned in self defined interface
Connect the original operation of obstruction;
Self defined interface is mainly to block original operation of third party library dynamically load code, and different system sensitives
API has different return values, so the present invention has different processing modes for different system sensitive API.For example, sending short
The corresponding self defined interface of letter API directly returns to null value, does not do any operation;And the API for obtaining device id is corresponding customized
Interface can return to a false device id to cheat third party library.Can either guarantee in this way the private data of user and application not by
Dynamically load code is stolen, but can guarantee dynamically load code will not because operation is blocked and it is not normal to run or collapse.
(6.2) self defined interface is written in new .smali file, is made as an independent class by code rewriting
With;
(6.3) self defined interface class is added in revised .smali file directory in tmp_smali file;
Dynamically load code after being finally written over due to self defined interface class is called, so the class file is needed to add
It is added in revised dynamically load code.
Step 7, traverse each .smali file, search the calling code of sensitive API and do rewriting replace with it is corresponding from
The calling code of defining interface;
Traversal parses the sensitive API in smali code and calls code, text rewriting is then directly done, as long as rewriting
During do not introduce new parameter, increase register or change the logical construction of original code, be just able to maintain original code
Operation logic will not introduce compile error.And by rewriting, it can effectively control the privacy-sensitive row of dynamically load code
For.
(7.1) .smali file content is read;
(7.2) traversal searches the calling code of sensitive API in .smali;
Calling code in smali language also contains the information such as call type, class name, method name and method signature, institute
To be easy to find out the calling code to system sensitive API by analyzing smali code.
(7.3) the calling code for rewriting sensitive API, replaces with the calling code of corresponding self defined interface, customized
Block relevant operation in interface;
According to the calling code of the sensitive API found, according to the format of smali language, text directly is carried out to code
Original code, is rewritten as the calling code of self defined interface, and block in self defined interface to original operation by replacement.
(7.4) revised smali code is write back in .smali file, is put into revised .smali file directory
In tmp_smali file;
After being rewritten to the .smali file of specified class, by such revised smali code according to packet name and class name
Path re-write in class file.Then traversal rewriting is carried out to next class, until all class files in .dex file
Smali code be all written over and finish, and be stored in temp directory tmp_smali file according to the path of packet name class name.
Step 8, revised .smali file directory tmp_smali file is compiled using smali/baksmali tools chain
Folder generates new .dex file and is converted into former formatted dynamically load code;
The file tmp_smali catalogue of revised .smali file is beaten using smali/baksmali tools chain
Packet recompilates and generates .dex file, and .dex file at this time has been processed, and the calling code of sensitive API has been written over,
So the behavior of dynamically load code can be controlled well.
Step 9, server-side notifies the revised dynamically load code of client downloads;
After the completion of rewriting, server needs to notify that client downloads back revised dynamically load code local.
Step 10, the revised dynamically load code of client downloads is to local, and load and execution;
After client receives the notice of server, revised dynamically load code is downloaded to locally, dynamically load executes,
The code of dynamically load is rewritten by server at this time, and wherein the behavior of privacy-sensitive is limited, and user and host answer
Private data can be protected well.
The impact of performance of the invention can be further illustrated by following experiment:
1) experiment condition
Third party library of the invention is rewritten module as independent java program to use, is used to third party library JAR packet
It is rewritten, and dynamically load code is rewritten module and is directly deployed on Apache Tomcat server, for revised the
Three-party library accesses in the process of running.Hardware platform selects ordinary PC and brushes the LG into primary 6.0 operating system of Android
5 mobile phone of Nexsus.
2) experiment content
20 popular third party libraries of home and overseas are downloaded respectively, are integrated into test application respectively.Work as third party library
After capable of operating normally in the application, third party library JAR packet is rewritten using third party library writing instrument of the invention, and
Revised third party library is reentered into test application and is run, comparison front and back effect.
A simulation third party library is developed, various privacy-sensitive operations and dynamically load generation are carried out in simulation third party library
Code rewrites simulation third party library, and observes the present invention to simulation third party library code itself and dynamically load code
Limited case.
Various privacy-sensitive operations are carried out with simulation third party library, and rewrite the time-consuming of front and back to each operation test, often
A operation executes 100 times, seeks average time, and the performance load of front and back is rewritten in comparison, measures performance caused by the present invention and is lost.
3) interpretation of result
As it can be seen from table 1 the present invention is capable of the code of effective controlled entity third party library itself, they are isolated in one
In the sandbox of a User space, prevent third party library from arbitrarily accessing the private data of user and host's application.
Functional test results of the application of table 1 present invention in entity third party library
From table 2 it can be seen that the present invention can effectively control the code of simulation third party library and its dynamically load, by them
It is isolated in the sandbox of a User space, prevents third party library and its code of dynamically load from arbitrarily accessing user and host's application
Private data.
Functional test results of the application of table 2 present invention in simulation third party library
From table 3 it can be seen that the present invention will not bring the additional time rewriting of third party library to third party library substantially
Expense, also, since the operation after rewriting in third party library is blocked, the time needed for most of operation has also appeared reduction
Situation.
The performance test results of the application of table 3 present invention in simulation third party library
Claims (8)
1. the mobile application third party library partition method based on User space sandbox, which comprises the steps of:
(1) the calling code of third party library sensitive API is rewritten:
(1.1) input and output are initialized:
(1.11) catalogue where initialization JAR packet, generates tmp_class file;
(1.12) JAR packet output directory is initialized, out file is generated;
(1.13) predefined sensitive API information is loaded;
(1.14) self defined interface class corresponding with sensitive API is added in tmp_class file;
(1.2) bytecode writing instrument packet is utilized, JAR packet to be rewritten is traversed, obtains the information list of all classes in JAR packet;
(1.3) traversal rewrites each class in JAR packet, calls code to replace sensitive API therein with corresponding self defined interface
Call code;
(1.4) it is packaged revised class file, generates new JAR packet to catalogue tmp_class file.
2. the mobile application third party library partition method according to claim 1 based on User space sandbox, which is characterized in that
(1.13) predefined sensitive API information concrete operations are loaded are as follows:
(1.131) developer is as needed, and definition needs the sensitive API information rewritten, including class name, method name and method label
Name, storage is hereof;
(1.132) file for reading sensitive API information, parses class name, method name and method signature.
3. the mobile application third party library partition method according to claim 1 based on User space sandbox, which is characterized in that
(1.14) concrete operations are as follows:
(1.141) according to sensitive API information, corresponding self defined interface is defined, falsity or direct is returned in self defined interface
Block original operation, generates self defined interface class;
(1.142) self defined interface class is added in revised class file catalogue tmp_class file.
4. the mobile application third party library partition method according to claim 1 based on User space sandbox, which is characterized in that
(1.2) in, bytecode writing instrument packet uses javassist.
5. the mobile application third party library partition method according to claim 1 based on User space sandbox, which is characterized in that
(1.3) concrete operations are as follows:
(1.31) from JAR packet loading classes bytecode;
(1.32) according to the sensitive API information of load, traversal searches the calling code of sensitive API in bytecode;
(1.33) the calling code for rewriting sensitive API, replaces with the calling code of corresponding self defined interface;
(1.34) revised bytecode is write back in class file, is put into revised class file catalogue tmp_class file
In folder.
6. the mobile application third party library partition method according to claim 1 based on User space sandbox, which is characterized in that
It is further comprising the steps of:
(2) third party library dynamically load code is rewritten:
(2.1) input and output catalogue is initialized:
(2.11) initialization receives the catalogue of dynamically load file, generates in file;
(2.12) catalogue of initialization storage .smali file, generates tmp_smali file;
(2.13) initialization dynamically load code rewrites output directory, generates out file;
(2.2) client in the process of running dynamically load code when, the code for uploading dynamically load is rewritten to server-side;
(2.3) server-side receives the dynamically load code that client uploads;
(2.4) server-side preliminary treatment dynamically load code extracts .dex file;
(2.5) smali/baksmali tools chain decompiling .dex file is utilized, the .smali file of each class is generated, is stored in
In tmp_smali file;
(2.6) self defined interface class corresponding with sensitive API is added to tmp_smali in revised .smali file directory
In file;
(2.7) each .smali file is traversed, the calling code of sensitive API is searched and replaces with the tune of corresponding self defined interface
Use code;
(2.8) the tmp_smali file in revised .smali file directory is compiled using smali/baksmali tools chain
Folder generates new .dex file and is converted into former formatted dynamically load code;
(2.9) server-side notifies the revised dynamically load code of client downloads, and load and execution.
7. the mobile application third party library partition method according to claim 6 based on User space sandbox, which is characterized in that
(2.4) concrete operations are as follows:
(2.41) if dynamically load code is .apk file .dex is extracted;
(2.42) if dynamically load code is .jar file .dex is extracted;
(2.43) it if dynamically load code is .dex file, is directly entered in next step.
8. the mobile application third party library partition method according to claim 6 based on User space sandbox, which is characterized in that
(2.7) concrete operations are as follows:
(2.71) .smali file content is read;
(2.72) traversal searches the calling code of sensitive API in .smali;
(2.73) the calling code for rewriting sensitive API, replaces with the calling code of corresponding self defined interface;
(2.74) revised smali code is write back in .smali file, is put into revised .smali file directory
Tmp_smali file in.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811083714.8A CN109255235B (en) | 2018-09-17 | 2018-09-17 | Mobile application third-party library isolation method based on user state sandbox |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811083714.8A CN109255235B (en) | 2018-09-17 | 2018-09-17 | Mobile application third-party library isolation method based on user state sandbox |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109255235A true CN109255235A (en) | 2019-01-22 |
| CN109255235B CN109255235B (en) | 2021-08-24 |
Family
ID=65047926
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811083714.8A Active CN109255235B (en) | 2018-09-17 | 2018-09-17 | Mobile application third-party library isolation method based on user state sandbox |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109255235B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110309646A (en) * | 2019-06-28 | 2019-10-08 | 广州小鹏汽车科技有限公司 | Personal information protecting method, protective device and vehicle |
| CN110727952A (en) * | 2019-08-30 | 2020-01-24 | 国家计算机网络与信息安全管理中心 | Privacy collection and identification method for third-party library of mobile application program |
| CN111046386A (en) * | 2019-12-05 | 2020-04-21 | 深圳开源互联网安全技术有限公司 | Method and system for dynamically detecting program third-party library and performing security evaluation |
| CN111400757A (en) * | 2020-03-13 | 2020-07-10 | 西安电子科技大学 | Method for preventing native code in android third-party library from revealing user privacy |
| CN112379890A (en) * | 2020-12-04 | 2021-02-19 | 深圳麦风科技有限公司 | Data copying method of Whatsapp |
| CN114329359A (en) * | 2021-12-30 | 2022-04-12 | 湖南快乐阳光互动娱乐传媒有限公司 | API call control method and device, storage medium and electronic equipment |
| CN117874749A (en) * | 2024-01-15 | 2024-04-12 | 北京盛邦赛云科技有限公司 | Sandbox type code expansion isolation device and method |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102591696A (en) * | 2011-01-14 | 2012-07-18 | 中国科学院软件研究所 | Method and system for extracting behavioral data of mobile phone software |
| CN102760219A (en) * | 2011-12-20 | 2012-10-31 | 北京安天电子设备有限公司 | Android platform software protecting system, method and equipment |
| CN103902859A (en) * | 2013-12-25 | 2014-07-02 | 武汉安天信息技术有限责任公司 | Code protecting method and system based on hook technology in JAVA |
| CN103970563A (en) * | 2014-04-15 | 2014-08-06 | 四川长虹电器股份有限公司 | Dynamic Android class loading method |
| CN104021321A (en) * | 2014-06-17 | 2014-09-03 | 北京奇虎科技有限公司 | Reinforcing protection method and device for software installation package |
| CN104462959A (en) * | 2014-12-04 | 2015-03-25 | 北京奇虎科技有限公司 | Reinforcement protection method, sever and system for android app |
| CN104866734A (en) * | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | DEX (Dalvik VM executes) file protecting method and device |
| CN104992081A (en) * | 2015-06-24 | 2015-10-21 | 华中科技大学 | Security enhancement method for third-party code of Android application program |
| WO2016135002A1 (en) * | 2015-02-24 | 2016-09-01 | International Business Machines Corporation | Fine-grained user control over usages of sensitive system resources having private data with applications in privacy enforcement |
| CN106096394A (en) * | 2016-06-16 | 2016-11-09 | 北京奇虎科技有限公司 | A kind of Ad blocking method and apparatus of Android application |
| CN108229148A (en) * | 2016-12-21 | 2018-06-29 | 武汉安天信息技术有限责任公司 | A kind of sandbox hulling method and system based on Android virtual machines |
| CN108491235A (en) * | 2018-03-21 | 2018-09-04 | 北京理工大学 | In conjunction with the DEX guard methods of dynamic load and function Nativeization |
| CN108763924A (en) * | 2018-04-26 | 2018-11-06 | 南京大学 | Insincere third party library access right control method in a kind of Android application program |
-
2018
- 2018-09-17 CN CN201811083714.8A patent/CN109255235B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102591696A (en) * | 2011-01-14 | 2012-07-18 | 中国科学院软件研究所 | Method and system for extracting behavioral data of mobile phone software |
| CN102760219A (en) * | 2011-12-20 | 2012-10-31 | 北京安天电子设备有限公司 | Android platform software protecting system, method and equipment |
| CN103902859A (en) * | 2013-12-25 | 2014-07-02 | 武汉安天信息技术有限责任公司 | Code protecting method and system based on hook technology in JAVA |
| CN104866734A (en) * | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | DEX (Dalvik VM executes) file protecting method and device |
| CN103970563A (en) * | 2014-04-15 | 2014-08-06 | 四川长虹电器股份有限公司 | Dynamic Android class loading method |
| CN104021321A (en) * | 2014-06-17 | 2014-09-03 | 北京奇虎科技有限公司 | Reinforcing protection method and device for software installation package |
| CN104462959A (en) * | 2014-12-04 | 2015-03-25 | 北京奇虎科技有限公司 | Reinforcement protection method, sever and system for android app |
| WO2016135002A1 (en) * | 2015-02-24 | 2016-09-01 | International Business Machines Corporation | Fine-grained user control over usages of sensitive system resources having private data with applications in privacy enforcement |
| CN106339633A (en) * | 2015-02-24 | 2017-01-18 | 国际商业机器公司 | Method and equipment for user controlling |
| CN104992081A (en) * | 2015-06-24 | 2015-10-21 | 华中科技大学 | Security enhancement method for third-party code of Android application program |
| CN106096394A (en) * | 2016-06-16 | 2016-11-09 | 北京奇虎科技有限公司 | A kind of Ad blocking method and apparatus of Android application |
| CN108229148A (en) * | 2016-12-21 | 2018-06-29 | 武汉安天信息技术有限责任公司 | A kind of sandbox hulling method and system based on Android virtual machines |
| CN108491235A (en) * | 2018-03-21 | 2018-09-04 | 北京理工大学 | In conjunction with the DEX guard methods of dynamic load and function Nativeization |
| CN108763924A (en) * | 2018-04-26 | 2018-11-06 | 南京大学 | Insincere third party library access right control method in a kind of Android application program |
Non-Patent Citations (2)
| Title |
|---|
| BIN LIU等: ""Efficient Privilege De-Escalation for Ad Libraries in Mobile Apps"", 《PROCEEDINGS OF MOBISYS’ 15》 * |
| 朱孝南: ""基于用户态沙箱的移动应用第三方库隔离"", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110309646A (en) * | 2019-06-28 | 2019-10-08 | 广州小鹏汽车科技有限公司 | Personal information protecting method, protective device and vehicle |
| CN110727952A (en) * | 2019-08-30 | 2020-01-24 | 国家计算机网络与信息安全管理中心 | Privacy collection and identification method for third-party library of mobile application program |
| CN111046386A (en) * | 2019-12-05 | 2020-04-21 | 深圳开源互联网安全技术有限公司 | Method and system for dynamically detecting program third-party library and performing security evaluation |
| CN111400757A (en) * | 2020-03-13 | 2020-07-10 | 西安电子科技大学 | Method for preventing native code in android third-party library from revealing user privacy |
| CN112379890A (en) * | 2020-12-04 | 2021-02-19 | 深圳麦风科技有限公司 | Data copying method of Whatsapp |
| CN114329359A (en) * | 2021-12-30 | 2022-04-12 | 湖南快乐阳光互动娱乐传媒有限公司 | API call control method and device, storage medium and electronic equipment |
| CN117874749A (en) * | 2024-01-15 | 2024-04-12 | 北京盛邦赛云科技有限公司 | Sandbox type code expansion isolation device and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109255235B (en) | 2021-08-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109255235A (en) | Mobile application third party library partition method based on User space sandbox | |
| Afonso et al. | Going native: Using a large-scale analysis of android apps to create a practical native-code sandboxing policy | |
| Zhao et al. | “TrustDroid™”: Preventing the use of SmartPhones for information leaking in corporate networks through the used of static analysis taint tracking | |
| US8015608B2 (en) | Systems and methods for preventing unauthorized use of digital content | |
| Marforio et al. | Application collusion attack on the permission-based security model and its implications for modern smartphone systems | |
| US8261359B2 (en) | Systems and methods for preventing unauthorized use of digital content | |
| US20070180509A1 (en) | Practical platform for high risk applications | |
| AU2001292910A1 (en) | Systems and methods for preventing unauthorized use of digital content | |
| CN111400757B (en) | Method for preventing native code in android third-party library from revealing user privacy | |
| CN108763924B (en) | Method for controlling access authority of untrusted third party library in android application program | |
| CN112738194A (en) | Access control system for safe operation and maintenance management | |
| KR101525402B1 (en) | Separating execution method of executable contents, device for forming separating execution based executable contents, and storage media recorded separating execution based executable contents | |
| CN106803040A (en) | Virus signature processing method and processing device | |
| Bacis et al. | AppPolicyModules: Mandatory access control for third-party apps | |
| Jia et al. | Programmable system call security with ebpf | |
| US20240095402A1 (en) | Methods and Systems for Recursive Descent Parsing | |
| Abbadini et al. | Lightweight cloud application sandboxing | |
| Qiu et al. | Libcapsule: Complete confinement of third-party libraries in android applications | |
| Bouffard et al. | Accessing secure information using export file fraudulence | |
| KR102618922B1 (en) | Apparatus and method for Preventing SW reverse engineering of embedded system | |
| Liu et al. | [Retracted] A Secure Communication and Access Control Scheme for Native Libraries of Android Applications | |
| CA2429587A1 (en) | Systems and methods for preventing unauthorized use of digital content | |
| AU2002219852A1 (en) | Systems and methods for preventing unauthorized use of digital content | |
| Titze | Analysis and Mitigation of Security Issues on Android | |
| Kim et al. | Self‐Controllable Mobile App Protection Scheme Based on Binary Code Splitting |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220817 Address after: 29th Floor, Building 1, China Railway Xi'an Center, No. 10 Zhangba 1st Road, High-tech Zone, Xi'an City, Shaanxi Province 710065 Patentee after: Shaanxi shutuxing Information Technology Co.,Ltd. Address before: 710071 No.2, Taibai South Road, Beilin District, Xi'an City, Shaanxi Province Patentee before: XIDIAN University |
|
| TR01 | Transfer of patent right |