CN110096433A - The method of encryption data is obtained on a kind of iOS platform - Google Patents
The method of encryption data is obtained on a kind of iOS platform Download PDFInfo
- Publication number
- CN110096433A CN110096433A CN201910231814.9A CN201910231814A CN110096433A CN 110096433 A CN110096433 A CN 110096433A CN 201910231814 A CN201910231814 A CN 201910231814A CN 110096433 A CN110096433 A CN 110096433A
- Authority
- CN
- China
- Prior art keywords
- encryption
- function
- ios
- data
- library
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3644—Software debugging by instrumenting at runtime
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Computing Systems (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention belongs to the mobile security technical field in information security, a kind of method for being related to obtaining encryption data on iOS platform, the method, according to the library Crypto carried iOS and third party library, constructs the encrypted feature library constantly expanded using DBI technology;When iOS operation, to iOS application fetches encryption data and key feature vector, the final encryption data obtained on iOS platform.The technology of the method for the invention is more stable, more efficient, and is not influenced by Software hardening design and anti-debug;Compared with the reinforcing that static analysis occurs and obscuring, binary pitching pile tool is no longer dependent on static analysis departing from static behavior feature, has more versatility;Compared with obscuring the anti-debug behavior occurred with dynamic debugging, the correlated characteristic of debugging will not be embodied inside program, so more difficult be detected.
Description
Technical field
The invention belongs to the mobile security technical fields in information security, are related to one kind and obtain in iOS application Dynamic Execution
Obtain a kind of method that encryption data is obtained in the technology more particularly to iOS platform of data.
Background technique
A large amount of research has been done in the safety analysis field of software cryptography algorithm both at home and abroad, has proposed some feasible packets
Static and dynamic Safety Analysis Method is included, and constructs corresponding software security analysis tool.At present on iOS platform
Static analysis, dynamic debugging etc. are specifically included that for encryption data analysis method, are carried out citing below and are made a brief description.
To encrypted feature static analysis
Static analysis first has to conversed analysis function call process, for Encryption Algorithm, analyzes corresponding module and importing
Derived table, to track corresponding symbol function.By identifying importing header file relevant to encryption, encryption letter therein is analyzed
Several and algorithm, then assembly instruction is analyzed, finally obtain the key features such as original data source, the key of encryption and salt figure.
In addition in the analysis of instruction-level, using stain tracking+semiology analysis, using clear data to be decrypted as symbol
Number, stain analysis is completed during semiology analysis, and corresponding input/output variable is compared at the end of, obtains the fortune of data
Calculate conversion process.
To encryption function dynamic debugging
For the initial data by encryption, encryption function is debugged, using lldb+debugserver, in static analysis
On the basis of find the encryption function of crucial import library and debugged.By the way that breakpoint is arranged on corresponding encryption function, beat
Register and variate-value are printed, to obtain the front and back data encrypted in dynamic running process, encryption key and hash salt figure etc..
Because generally to carry out safe transmission by relevant Encryption Algorithm using data, original encryption data are extracted
The first step, seek to the Encryption Algorithm used in analysis and recognizer.The technical research of present analysis program encryption algorithm
Very much, the feature constant that Encryption Algorithm can be extracted by static analysis, according to previously described Static Analysis Method, mainstream
Software tool includes: FindCrypt, PEiD, Krypto Analyzer plugin etc..Brief introduction is carried out to these softwares below:
FindCrypt
FindCrypt/FindCrypt2 realizes static analysis by the Python of IDA plug-in unit, sweeps particular by static state
The program retouched, and Encryption Algorithm is matched with the Fixed constant of Encryption Algorithm, identifiable Encryption Algorithm and Fixed constant such as table 1
It is shown,
The identifiable Encryption Algorithm of 1 FindCrypt/FindCrypt2 of table and Fixed constant list
Krypto Analyzer
Krypto Analyzer plug-in unit searches for known encryption algorithm, function and the library in specified module, and lists and detect
Encryption Algorithm, constant, function and library.For the offset of each project display signature;If the file of analysis is PE executable
File then can also show the virtual address of signature.
Correspondingly, dynamic analysing method is briefly described as follows there is also corresponding Dynamic Debugging Tool:
LLDB
It is directed to iOS program, LLDB is the default debugger of Xcode in Mac OS system, is supported in iOS device and simulation
Objective-C and C/C++ is debugged on device.After searching out relevant encryption function using static analysis, LLDB can use
Breakpoint is arranged to relative address in debugger, debugs to iOS program, to obtain the data and characteristic information of encryption.
At present either be directed to static analysis or dynamic debugging, all more or less there is a problem that it is certain, although,
Corresponding tool is being constantly updated, and is done a lot, but in general, and functional limitation achieved by each algorithm is also
Be it is bigger, be listed below:
(1) program internal analysis technology is relied solely on
Either static analysis or dynamic debugging is all only built upon on the basis of program analysis inside, can not extract
External function feature relevant to encryption, and for the ciphering process of data, can not unify fixed encrypted feature, dependent on pair
The conversed analysis of program can not be detached from associated static and dynamic analytical technology, and analysis method itself also has deficiency.
(2) deficiency of static analysis
For certain Encryption Algorithm (such as RSA), can be detected according to its realization in particular encryption library.But
This detection depends on used compiler and its optimal setting etc., therefore is not suitable for all situations.In addition, in dword
Some constants that Data Detection arrives, are easy to appear wrong report once in a while.
For the Encryption Algorithm of some shared common initial codes, if there are multiple Encryption Algorithm in file,
It is possible that meeting " obscuring " multiple Encryption Algorithm.Static analysis plug-in unit attempt in some way filter result (such as: use " shared "
Code guesses actual Encryption Algorithm), but certainly may not be 100% accurate.
Static analysis is largely dependent upon reading assembly code, so there is tool much increase income or payment can be with
Realization obscures or shell adding, in order to fight static analysis;Program is reinforced as reinforcing platform, LLVM is to control data
Stream is obscured, fuzzy program symbol, and original encryption function title etc. can make dis-assembling code be difficult to read.The above feelings
The presence of condition all finds encryption function to static analysis and causes very big difficulty.
(3) deficiency of dynamic debugging
Dynamic debugging namely tracks the operation of software using tools such as debuggers, to carry out to key code
Reverse-engineering, anti-dynamic debugging hinder this reverse process.Because dynamic debugging needs to depend on process presence, answering
With that can have debugging feature accordingly, such as debugging port and debug process in process, above-mentioned debugging feature is easy to by program
Detection, and debugger is caused to exit.For the tool of the trace debugs iOS program such as LLDB, detect in memory or process whether
There are debugging software operation, such as two process protection, time-based anti-debug etc., debugging routine is allowed to exit or directly lose sound
It answers.And a dynamic debugging inherently extremely complex and cumbersome operation, if encountering anti-debug also needs manual analyzing,
Patch is carried out to program, debugging operations are also required to configure quite cumbersome operating procedure, both laborious and time consuming.
Summary of the invention
With a large amount of universal, a large amount of mobile applications of iOS user, such as financial class application, news category application, car networking class are answered
Use is also more and more extensive, these applications are interacted by network protocol and server, provides clothes for iOS user
Business.IOS data encryption analytical technology iOS mobile application service logic bug excavation, mobile application Network Communicate Security test,
The security fields such as application program conversation playback, server end Fuzz and mobile application web crawlers have highly important using valence
Value.
Encryption data is extracted on iOS platform, is of great significance for mobile security;Mobile terminal, which is applied, assists business
Discuss the protection of data, comprising: the agreement encryption of network layer, critical field encryption, code layer are obscured and character string dynamic generation
Etc. means.The analysis that is depended on by manual Commissioning Analysis mostly, but is debugged manually for the conventional method that agreement carries out conversed analysis
Method is time-consuming and laborious, and most software can take the code protections such as Code obfuscation and character string dynamic generation technology to fight
Analysis, therefore the difficulty of manual Commissioning Analysis is substantially increased, current industry is still partial to data encryption analysis artificial
Based on analysis, the relevant technologies are deficient;It is still very big to the dependence of Manual analysis.How static analysis and cumbersome dynamic is not being depended on
State debugging step, and realize conversed analysis and extract encryption data improves reverse efficiency and accurate for realizing data deciphering
Rate etc. is a problem too impatient to wait.
The main object of the present invention is to provide one kind based on binary pitching pile (DBI) technology to obtain encryption data
Method obtains the method for encryption data that is, on iOS platform.
Wherein Dynamic Binary Instrumentation (DBI) technology refers in program operation, inserts in real time
Enter additional code and data, there is no any binary pitching pile technology permanently changed to executable file.The tool can be with
Automatically to iOS application fetches encryption data and key feature vector.It applies and the realization of these Encryption Algorithm is mainly adopted in mobile terminal
With the library Crypto carried iOS and use third party library.
Specific technical solution is as follows:
The method of encryption data is obtained on a kind of iOS platform, comprising the following steps:
It S1, is a kind of closed system due to iOS, official encapsulates the encryption system of oneself, has used unification
The library Crypto, code characteristic can be described as creation key factory, selection encryption mode/filling mode, generate key, added
It is close.For the encryption method of iOS, the key of Encryption Algorithm in the library Crypto is extracted to the iOS encryption header file that official provides
Encryption function;
S2, the setting rule according to Encryption Algorithm of all categories in the library Crypto, utilize corresponding binary pitching pile tool
Scripting language hook module (hook module) is set, hook script is write to the crucial encryption function, function hook is set,
Print parameters and return value;
S3, the crucial encryption function is used as to encrypted feature function, building encrypted feature library;
S4, using binary pitching pile tool, it is internal that hook script is manually injected into iOS application;
S5, operation iOS application, automatic trigger hook module;
When the Data Matching that the actual encrypted data of iOS application and hook module are got, i.e., when the reality that iOS is applied
When encryption data is matched with the data (abbreviation encrypted feature data) of the encrypted feature function in encrypted feature library, that is, carry out step
S10;
When the encryption data that the actual encrypted data of iOS application and hook module are got mismatches, i.e., when iOS is applied
Actual encrypted data and encrypted feature library in encrypted feature function data mismatch when, can not obtain iOS application plus
Ciphertext data, or when can not trigger hook module, carry out step S6;
S6, extraction can not obtain the iOS application sample of encryption data;
S7, program internal analysis is carried out to the iOS application sample of extraction;
S8, it extracts again not in the encryption function in the library Crypto, i.e. third party library function;
S9, the encryption function not in the library Crypto is added to encrypted feature library as encrypted feature function manually, simultaneously
Encrypted feature library of enriching constantly is achieved the purpose that, hook mold is arranged in the scripting language using corresponding binary pitching pile tool
Block writes hook script to the encryption function not in the library Crypto, function hook, print parameters and return value is arranged;It returns
It is back to step S4, continues to execute subsequent step;
S10, go out relevant parameter and return value by dump, the original encryption data for obtaining iOS application (are extracted original
Data), encryption key and salt figure etc. are extracted, and then directly obtain encrypting plaintext and key information;
After corresponding event or function are completed in iOS application, then obtains encryption data and finish;Otherwise, it is back to step S5,
Continue to execute subsequent step.
Based on the above technical solution, the Encryption Algorithm includes: that symmetric encipherment algorithm, hash algorithm and RSA add
Close algorithm etc..
Based on the above technical solution, the crucial encryption function in the Encryption Algorithm includes: symmetric encipherment algorithm
CCCrypt function, CC_MD5 function, CC_SHA256 function, the CCHmac function of hash algorithm, RSA cryptographic algorithms
SecKeyEncrypt function etc..
Based on the above technical solution, when writing hook script to the crucial encryption function, using dynamic two
The api function that system pitching pile tool provides handles different types of parameter and return value.
Based on the above technical solution, described program internal analysis method includes: Static Analysis Method and dynamic point
Analysis method.
Advantageous effects of the invention are as follows:
(1) technology is more stable
Binary pitching pile (DBI) technology can be used to access the memory of process, cover one in application program operation
A little functions call function from the class of importing, search object instance on heap, and using above-mentioned object instance carry out Hook, with
Track and interception function etc., if debugger is utilized to carry out aforesaid operations, it is easy to a series of problems, such as encountering anti-debug, and meeting
Attempt to prevent debugger.However, requiring no knowledge about details therein can quickly start using DBI technology, do not influencing
In the case where entire software operation, achieve the purpose that obtaining function executes process.It is this relative to other technologies such as static pitching piles
Technology is not due to modification of program, so executing more stable.
(2) more efficient.
Be directed to the Login Register and other critical functions of iOS application, such as: network transmission including sensitive data and
The Encryption Algorithm of transmission data is handled, it is no longer necessary to conversed analysis be carried out to program, analysis code flow in layer
The call relation of journey, function, and find relevant feature encryption function;Dynamic pitching pile tool Auto-matching encryption method, is obtained
The data and key encryption constant for obtaining original encryption, substantially increase the efficiency of conversed analysis.
(3) it is not influenced by Software hardening design and anti-debug.
The reinforcing that occurs with static analysis and compared with obscuring, binary pitching pile tool departing from static behavior feature,
It is no longer dependent on static analysis, i.e., to the reverse of program, so herein described method has more versatility.With obscure and dynamic
The anti-debug behavior that debugging occurs is compared, and the correlated characteristic of debugging will not be embodied inside program, so more difficult be detected.
Detailed description of the invention
The present invention has following attached drawing:
Fig. 1 is the method flow schematic diagram that encryption data is obtained on iOS platform of the present invention.
Fig. 2 is the scene flow diagram using the method for the invention.
Specific embodiment
The present invention is described in further details below in conjunction with drawings and examples.
In order to extract the encryption data of iOS application on iOS platform, the present invention, which provides, obtains encryption on a kind of iOS platform
The method of data, is described in detail below:
As shown in Figure 1, the process step of the method for the invention is as described below:
For the encryption data that one section of iOS application generates, the library Crypto carried iOS is handled first, according to
The setting rule of Encryption Algorithm of all categories in the library Crypto, in hash algorithm CC_MD5 function, CC_SHA256 function,
CCHmac function, the CCCrypt function in symmetric encipherment algorithm, the SecKeyEncrypt function in rivest, shamir, adelman RSA
Deng setting function hook.
Reading rule file, i.e., the setting rule of Encryption Algorithm of all categories, writes relevant hook module in the library Crypto,
Print parameters and return value.
It will be in the injection iOS application of hook script using binary pitching pile tool according to encryption rule and function hook
Portion triggers hook module, is returned the result.
If it find that iOS application can not trigger rule (the i.e. actual encrypted data and encryption of iOS application in encrypted feature library
The data of encrypted feature function in feature database mismatch, and can not obtain the encryption data of iOS application, or can not trigger hook mold
Block) when, then need to carry out manual analyzing to the iOS application sample that can not trigger, i.e. progress program internal analysis, will not include
The third party library function in encrypted feature library is added, and repeats above-mentioned hook script injection iOS application inside and subsequent step
Suddenly;Conversely, obtaining the data of encryption front and back according to the hook parameter arrived and return value, and extracts and obtain encryption key and salt figure
Equal important informations.
The applicating example of the method for the invention is as follows:
The enterprises and individuals for carrying out software development can be used herein described method, the split iOS distributed apply into
Row detection carries out loophole audit to the data of leakage, therefrom finds out existing risk, and improve.Developer can also be with
Defect present in Encryption Algorithm is detected.
As shown in Fig. 2, being to illustrate using a scene process step of the method for the invention, applied for iOS, first
DBI tool is run, in conjunction with the method for the invention, obtains Hook result;Further according to Hook result to iOS application carry out loophole/
Defect audit, then carries out risk positioning, modifies to loophole/defect of iOS application;Initial step is returned again,
The detection that next round is carried out to iOS application, is repeated above-mentioned process step, until the risk of iOS application is minimized.
Present invention content to be protected and key problem in technology point are as follows:
1. encrypted feature library is extendible
Other than iOS is from the encryption library of encapsulation, for the encryption rule that third party uses, can constantly from having not been obtained plus
It extracts, and is added in encrypted feature library in the application sample of ciphertext data, to expand encrypted feature library.
2. automatically obtaining encryption data
Based on to encryption function rule lab setting hook, complicated reverse process is not needed, when iOS applications trigger hook mold
When function hook feature in block, the initial data of automatic output encryption and the important feature of Encryption Algorithm.
3. the function hook feature in hook module is realized to encrypted feature library using DBI technology
For iOS using general encryption function, extract common program surface, using binary insert
Stake (DBI) technology writes hook module and injection script is realized and obtains encryption data.
The above description is only a preferred embodiment of the present invention, rather than whole embodiments.It is all to utilize description of the invention
And the equivalent structure that is done of accompanying drawing content or process transformation, other relevant technical fields are applied directly or indirectly in, together
Reason is included within the scope of the present invention.
The content not being described in detail in this specification belongs to the prior art well known to professional and technical personnel in the field.
Claims (5)
1. obtaining the method for encryption data on a kind of iOS platform, which comprises the following steps:
S1, the crucial encryption function that Encryption Algorithm in the library Crypto is extracted to the iOS encryption header file that official provides;
S2, the setting rule according to Encryption Algorithm of all categories in the library Crypto, utilize the foot of corresponding binary pitching pile tool
Hook module is arranged in this language, writes hook script to the crucial encryption function, function hook, print parameters and return is arranged
Value;
S3, the crucial encryption function is used as to encrypted feature function, building encrypted feature library;
S4, using binary pitching pile tool, it is internal that hook script is manually injected into iOS application;
S5, operation iOS application, automatic trigger hook module;
When the Data Matching that the actual encrypted data of iOS application and hook module are got, step S10 is carried out;
When the encryption data that the actual encrypted data of iOS application and hook module are got mismatches, step S6 is carried out;
S6, extraction can not obtain the iOS application sample of encryption data;
S7, program internal analysis is carried out to the iOS application sample of extraction;
S8, it extracts again not in the encryption function in the library Crypto;
S9, the encryption function not in the library Crypto is added to encrypted feature library as encrypted feature function manually, utilizes correspondence
Hook module is arranged in the scripting language of binary pitching pile tool, writes hook to the encryption function not in the library Crypto
Function hook, print parameters and return value is arranged in script;It is back to step S4, continues to execute subsequent step;
S10, go out relevant parameter and return value by dump, obtain the original encryption data of iOS application, extract encryption key and
Salt figure, and then directly obtain encrypting plaintext and key information;
After corresponding event or function are completed in iOS application, then obtains encryption data and finish;Otherwise, it is back to step S5, is continued
Execute subsequent step.
2. obtaining the method for encryption data on iOS platform as described in claim 1, it is characterised in that: the Encryption Algorithm packet
It includes: symmetric encipherment algorithm, hash algorithm and RSA cryptographic algorithms.
3. obtaining the method for encryption data on iOS platform as claimed in claim 1 or 2, it is characterised in that: the Encryption Algorithm
In crucial encryption function include: symmetric encipherment algorithm CCCrypt function, CC_MD5 function, the CC_SHA256 of hash algorithm
Function, CCHmac function, the SecKeyEncrypt function of RSA cryptographic algorithms.
4. obtaining the method for encryption data on iOS platform as described in claim 1, it is characterised in that: add to the key
When close function writes hook script, using the api function that binary pitching pile tool provides handle different types of parameter and
Return value.
5. obtaining the method for encryption data on iOS platform as described in claim 1, it is characterised in that: described program inner part
Analysis method includes: Static Analysis Method and dynamic analysing method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910231814.9A CN110096433B (en) | 2019-03-26 | 2019-03-26 | Method for acquiring encrypted data on iOS platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910231814.9A CN110096433B (en) | 2019-03-26 | 2019-03-26 | Method for acquiring encrypted data on iOS platform |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110096433A true CN110096433A (en) | 2019-08-06 |
CN110096433B CN110096433B (en) | 2020-07-14 |
Family
ID=67443209
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910231814.9A Active CN110096433B (en) | 2019-03-26 | 2019-03-26 | Method for acquiring encrypted data on iOS platform |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110096433B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112580057A (en) * | 2020-12-17 | 2021-03-30 | 光通天下网络科技股份有限公司 | Attack vulnerability detection method, device, equipment and medium for ZIP encrypted compressed packet |
CN113392416A (en) * | 2021-06-28 | 2021-09-14 | 北京恒安嘉新安全技术有限公司 | Method, device, equipment and storage medium for acquiring application program encryption and decryption data |
CN114390012A (en) * | 2021-12-15 | 2022-04-22 | 中国电子科技集团公司第三十研究所 | West trust application data evidence obtaining method based on reverse analysis |
CN115550058A (en) * | 2022-11-21 | 2022-12-30 | 卓望数码技术(深圳)有限公司 | Shared file transparent encryption method and system |
CN116483734A (en) * | 2023-06-16 | 2023-07-25 | 荣耀终端有限公司 | Pile inserting method and system based on compiler and related electronic equipment |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1777854A (en) * | 2003-03-13 | 2006-05-24 | 科沃德科技公司 | A computer system and an apparatus for use in a computer system |
CN103345445A (en) * | 2013-07-02 | 2013-10-09 | 华中科技大学 | Security chip design method based on control flow detection and resistant to error injection attack |
US20160267279A1 (en) * | 2015-03-02 | 2016-09-15 | Cirrus Lender Services, Inc. | Web application perpetually encrypted obscured filesystem |
US20160378640A1 (en) * | 2015-06-26 | 2016-12-29 | AVAST Software s.r.o. | Dynamic binary translation and instrumentation with postponed attachment to running native threads |
CN107040553A (en) * | 2017-06-16 | 2017-08-11 | 腾讯科技(深圳)有限公司 | Leak analysis method, device, terminal and storage medium |
CN109446053A (en) * | 2018-09-03 | 2019-03-08 | 平安普惠企业管理有限公司 | Test method, computer readable storage medium and the terminal of application program |
-
2019
- 2019-03-26 CN CN201910231814.9A patent/CN110096433B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1777854A (en) * | 2003-03-13 | 2006-05-24 | 科沃德科技公司 | A computer system and an apparatus for use in a computer system |
CN103345445A (en) * | 2013-07-02 | 2013-10-09 | 华中科技大学 | Security chip design method based on control flow detection and resistant to error injection attack |
US20160267279A1 (en) * | 2015-03-02 | 2016-09-15 | Cirrus Lender Services, Inc. | Web application perpetually encrypted obscured filesystem |
US20160378640A1 (en) * | 2015-06-26 | 2016-12-29 | AVAST Software s.r.o. | Dynamic binary translation and instrumentation with postponed attachment to running native threads |
CN107040553A (en) * | 2017-06-16 | 2017-08-11 | 腾讯科技(深圳)有限公司 | Leak analysis method, device, terminal and storage medium |
CN109446053A (en) * | 2018-09-03 | 2019-03-08 | 平安普惠企业管理有限公司 | Test method, computer readable storage medium and the terminal of application program |
Non-Patent Citations (2)
Title |
---|
YU XIAOYANG等: "Research and achievement of QR code encryption based on cellular automata", 《 PROCEEDINGS OF 2013 2ND INTERNATIONAL CONFERENCE ON MEASUREMENT,INFORMATION AND CONTROL》 * |
於剑波: "iOS应用隐私泄露检测技术的研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112580057A (en) * | 2020-12-17 | 2021-03-30 | 光通天下网络科技股份有限公司 | Attack vulnerability detection method, device, equipment and medium for ZIP encrypted compressed packet |
CN113392416A (en) * | 2021-06-28 | 2021-09-14 | 北京恒安嘉新安全技术有限公司 | Method, device, equipment and storage medium for acquiring application program encryption and decryption data |
CN113392416B (en) * | 2021-06-28 | 2024-03-22 | 北京恒安嘉新安全技术有限公司 | Method, device, equipment and storage medium for acquiring application program encryption and decryption data |
CN114390012A (en) * | 2021-12-15 | 2022-04-22 | 中国电子科技集团公司第三十研究所 | West trust application data evidence obtaining method based on reverse analysis |
CN115550058A (en) * | 2022-11-21 | 2022-12-30 | 卓望数码技术(深圳)有限公司 | Shared file transparent encryption method and system |
CN115550058B (en) * | 2022-11-21 | 2023-03-10 | 卓望数码技术(深圳)有限公司 | Shared file transparent encryption method and system |
CN116483734A (en) * | 2023-06-16 | 2023-07-25 | 荣耀终端有限公司 | Pile inserting method and system based on compiler and related electronic equipment |
CN116483734B (en) * | 2023-06-16 | 2024-03-19 | 荣耀终端有限公司 | Pile inserting method and system based on compiler and related electronic equipment |
Also Published As
Publication number | Publication date |
---|---|
CN110096433B (en) | 2020-07-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110096433A (en) | The method of encryption data is obtained on a kind of iOS platform | |
Almeida et al. | Verifying {Constant-Time} Implementations | |
US7254586B2 (en) | Secure and opaque type library providing secure data protection of variables | |
Yu et al. | Deescvhunter: A deep learning-based framework for smart contract vulnerability detection | |
Drewry et al. | Flayer: Exposing Application Internals. | |
Aizatulin et al. | Extracting and verifying cryptographic models from C protocol code by symbolic execution | |
Alpirez Bock et al. | White-box cryptography: don’t forget about grey-box attacks | |
Basile et al. | A meta-model for software protections and reverse engineering attacks | |
CN107330345B (en) | Method and device for detecting private data leakage | |
Afrose et al. | CryptoAPI-Bench: A comprehensive benchmark on Java cryptographic API misuses | |
Lu et al. | DeepAutoD: Research on distributed machine learning oriented scalable mobile communication security unpacking system | |
CN109784007A (en) | A kind of method of byte code encryption, the method and terminal of bytecode decryption | |
CN109871681A (en) | Android malware detection method is loaded towards dynamic code based on hybrid analysis | |
Ammanaghatta Shivakumar et al. | Enforcing fine-grained constant-time policies | |
CN114077737A (en) | Android inter-component communication data flow detection method based on taint analysis | |
Cho et al. | Using obfuscators to test compilers: A metamorphic experience | |
Crincoli et al. | Code reordering obfuscation technique detection by means of weak bisimulation | |
Chawdhary et al. | Partial evaluation of string obfuscations for Java malware detection | |
Coniglio | Combining program synthesis and symbolic execution to deobfuscate binary code | |
Sutter et al. | Dynamic Security Analysis on Android: A Systematic Literature Review | |
Choudhari et al. | CRYScanner: Finding cryptographic libraries misuse | |
Sánchez Ballabriga | Automation of white-box cryptography attacks in Android applications | |
Wu et al. | TaintGuard: Preventing implicit privilege leakage in smart contract based on taint tracking at abstract syntax tree level | |
Backes et al. | Computational soundness for Dalvik bytecode | |
Torres et al. | Elysium: Automagically Healing Vulnerable Smart Contracts Using Context-Aware Patching [J] |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |