CN110765424B - Android application reinforcement method and computer equipment - Google Patents
Android application reinforcement method and computer equipment Download PDFInfo
- Publication number
- CN110765424B CN110765424B CN201911007092.5A CN201911007092A CN110765424B CN 110765424 B CN110765424 B CN 110765424B CN 201911007092 A CN201911007092 A CN 201911007092A CN 110765424 B CN110765424 B CN 110765424B
- Authority
- CN
- China
- Prior art keywords
- dex
- memory
- file
- apk
- android
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 26
- 230000002787 reinforcement Effects 0.000 title claims abstract description 12
- 230000006978 adaptation Effects 0.000 claims abstract description 18
- 230000007246 mechanism Effects 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 3
- 230000003014 reinforcing effect Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 2
- 238000005728 strengthening Methods 0.000 description 2
- 230000003044 adaptive effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides an android application reinforcement method, which comprises the steps of obtaining an APK to be reinforced, and obtaining a dex file from the APK; encrypting the dex file, and writing a decryption strategy and a memory adaptation scheme into the so file; recompiling to obtain a reinforced APK; the invention also provides computer equipment which is configured with a set of security policy, thereby effectively avoiding the apk from being decompiled, tampered and secondarily utilized.
Description
Technical Field
The invention relates to an android application reinforcement method and computer equipment.
Background
At present, the market share of android in global mobile market exceeds 6, that is, more than half of mobile phone users in the world use mobile devices mounted in an android system, and for this reason, global app application has been well developed in recent years, and the safety problem brought with the growth also urges a large number of solutions about application safety, wherein the most attractive solution is a strengthening solution of apk.
The conventional strengthening scheme of the apk is not landing loading, namely memory loading, but the common scheme is a scheme provided based on a certain android system version, for example, in the android4.4 version, dalvik is used for optimizing a dex file, so that the memory loading mode is necessarily direct loading of the dex file, but in the version after 4.4, the android system is used for optimizing the dex file by using an art virtual machine, the previous scheme cannot be effective, and in addition, even in the version after 4.4, the memory loading mode of the dex file is not consistent, and moreover, a hacker can easily obtain code logic of the file to crack the file due to the single memory loading mode.
Disadvantage 1: the conventional reinforcing scheme is single and cannot be adapted to android systems of various versions, and nowadays, the apk reinforcing scheme is also adapted along with the day.
And (2) disadvantage: the method is characterized in that the method is reinforced to be not loaded to the ground, but the method also has the great disadvantage that in dynamic debugging, a complete dex file is easy to obtain in a memory, so even though the scheme of memory loading can effectively prevent static analysis, for dynamic debugging, if the scheme of memory loading is single, the method is easy to be utilized by people, and attack means such as memory dump are used.
Disclosure of Invention
The technical problem to be solved by the invention is to provide an android application reinforcement method and computer equipment, a set of security policies are configured, and the apk is effectively prevented from being decompiled, tampered and secondarily utilized.
One of the present invention is realized by: an android application reinforcement method comprises the following steps:
step 1, obtaining an APK to be reinforced, and obtaining a dex file from the APK;
step 2, encrypting the dex file, and writing a decryption strategy and a memory adaptation scheme into the so file;
and 3, recompiling to obtain the reinforced APK.
Further, the step 1 is further specifically: and obtaining the APK to be reinforced, and then performing decompiling to obtain a dex file.
Further, the step 2 is further specifically: and compressing and encrypting the dex file, and writing a decryption strategy and a memory adaptation scheme into the so file.
Further, the memory adaptation scheme is as follows:
if the application system is android4.4, loading a dex file by using dalvik so as to obtain a dex instance;
if the application systems are android5.0 to android6.0, calling an openmemory method of libart. so as to load a dex file, thereby obtaining a dex instance;
if the application systems are from android 7.0 to android7.1.2, replacing the virtual dex in the load in the memory by using a hook scheme so as to obtain a dex instance;
and if the application systems are android8.0 to android9.0, loading the dex in the memory by using a class loader loaded by a new mechanism memory of the android to obtain a dex instance.
The second invention is realized by the following steps: a computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein: the processor implements the following steps when executing the program:
step 1, obtaining an APK to be reinforced, and obtaining a dex file from the APK;
step 2, encrypting the dex file, and writing a decryption strategy and a memory adaptation scheme into the so file;
and 3, recompiling to obtain the reinforced APK.
Further, the step 1 is further specifically: and obtaining the APK to be reinforced, and then performing decompiling to obtain a dex file.
Further, the step 2 is further specifically: and compressing and encrypting the dex file, and writing a decryption strategy and a memory adaptation scheme into the so file.
Further, the memory adaptation scheme is as follows:
if the application system is android4.4, loading a dex file by using dalvik so as to obtain a dex instance;
if the application systems are android5.0 to android6.0, calling an openmemory method of libart. so as to load a dex file, thereby obtaining a dex instance;
if the application systems are from android 7.0 to android7.1.2, replacing the virtual dex in the load in the memory by using a hook scheme so as to obtain a dex instance;
and if the application systems are android8.0 to android9.0, loading the dex in the memory by using a class loader loaded by a new mechanism memory of the android to obtain a dex instance.
The invention has the following advantages: the method can reinforce and protect the android application, and can be adapted to systems from android4.4 to android 9.0; the reinforced Android application is safer and not utilized by others, and a set of security strategy is configured, so that the apk is effectively prevented from being decompiled, tampered and secondarily utilized.
Drawings
The invention will be further described with reference to the following examples with reference to the accompanying drawings.
FIG. 1 is a flowchart of an android application reinforcement method of the present invention.
FIG. 2 is a flow chart of apk reinforcement in an embodiment of the present invention.
Fig. 3 is a flowchart of a memory load adaptation scheme in an embodiment of the present invention.
Detailed Description
As shown in fig. 1, the android application reinforcement method of the present invention includes:
step 1, obtaining an APK to be reinforced, and then performing decompiling to obtain a dex file;
step 2, compressing and encrypting the dex file, and writing a decryption strategy and a memory adaptation scheme into the so file, wherein the memory adaptation scheme is as follows:
if the application system is android4.4, loading a dex file by using dalvik so as to obtain a dex instance;
if the application systems are android5.0 to android6.0, calling an openmemory method of libart. so as to load a dex file, thereby obtaining a dex instance;
if the application systems are from android 7.0 to android7.1.2, replacing the virtual dex in the load in the memory by using a hook scheme so as to obtain a dex instance;
if the application systems are android8.0 to android9.0, loading dex in the memory by using a class loader loaded by a new mechanism memory of the android to obtain a dex instance;
and 3, recompiling to obtain the reinforced APK.
The computer equipment comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, and is characterized in that: the processor implements the following steps when executing the program:
step 1, obtaining an APK to be reinforced, and then performing decompiling to obtain a dex file;
step 2, compressing and encrypting the dex file, and writing a decryption strategy and a memory adaptation scheme into the so file, wherein the memory adaptation scheme is as follows:
if the application system is android4.4, loading a dex file by using dalvik so as to obtain a dex instance;
if the application systems are android5.0 to android6.0, calling an openmemory method of libart. so as to load a dex file, thereby obtaining a dex instance;
if the application systems are from android 7.0 to android7.1.2, replacing the virtual dex in the load in the memory by using a hook scheme so as to obtain a dex instance;
if the application systems are android8.0 to android9.0, loading dex in the memory by using a class loader loaded by a new mechanism memory of the android to obtain a dex instance;
and 3, recompiling to obtain the reinforced APK.
One specific embodiment of the present invention:
the invention provides a reinforcing scheme adaptive to each android platform, and a set of security policies are configured, so that the apk is effectively prevented from being decompiled, tampered and secondarily utilized.
The invention provides an APK reinforcing scheme, as shown in FIG. 2, the process is as follows:
1. and obtaining the APK to be reinforced.
2. And decompiling the APK to be reinforced to obtain a code file needing to be protected, namely a dex file.
3. And integrally compressing and encrypting the dex file, and writing an encryption and decryption strategy and a memory adaptation scheme into the so file.
4. After integration, the consolidated APK is recompiled.
Wherein, for the memory loading, the adaptation of each android version needs to be processed correspondingly, as shown in fig. 3,
1. and (4) directly loading the dex file by using dalvik at android4.4 so as to obtain a dex instance.
2. And calling an openmemory method of libart. so at android 5.0-6.0 to load a dex file, thereby obtaining a dex instance.
3. 7.0 to android7.1.2, because the version change, the previous openmemory method of libart.so is not applicable, the hook scheme, read, open, fork, fstat, etc. function of hook libart.so will be used to replace the dummy dex in the load in the memory, and actually load the source dex, thereby obtaining the dex instance.
4. And in android8.0 to 9.0, a class loader loaded by a new mechanism memory of the android is used for loading dex in the memory to obtain a dex instance.
Keywords and key terms:
decompiling: the apk decompiling relies on a third-party tool, apktool, to unpack and separate the original apk into important files such as res (resource folder), resources, arsc (binary resource file), classes, dex (source code resource file), lib (attachment component), android manifest.
Class loader: the Android class loader has the meaning that a dex file is optimized to be capable of running in Android equipment.
Memory loading: the memory loading in the invention has the practical meaning that a class loader is applied to call a dex instance in the memory, thereby achieving the function of loading without falling to the ground.
Although specific embodiments of the invention have been described above, it will be understood by those skilled in the art that the specific embodiments described are illustrative only and are not limiting upon the scope of the invention, and that equivalent modifications and variations can be made by those skilled in the art without departing from the spirit of the invention, which is to be limited only by the appended claims.
Claims (4)
1. An android application reinforcement method is characterized by comprising the following steps: the method comprises the following steps:
step 1, obtaining an APK to be reinforced, and obtaining a dex file from the APK;
step 2, compressing and encrypting the dex file, and writing a decryption strategy and a memory adaptation scheme into the so file; the memory adaptation scheme is as follows:
if the application system is android4.4, loading a dex file by using dalvik so as to obtain a dex instance;
if the application systems are android5.0 to android6.0, calling an openmemory method of libart. so as to load a dex file, thereby obtaining a dex instance;
if the application systems are from android 7.0 to android7.1.2, replacing the virtual dex in the load in the memory by using a hook scheme so as to obtain a dex instance;
if the application systems are android8.0 to android9.0, loading dex in the memory by using a class loader loaded by a new mechanism memory of the android to obtain a dex instance;
and 3, recompiling to obtain the reinforced APK.
2. The android application reinforcement method of claim 1, wherein the android application reinforcement method comprises the following steps: the step 1 is further specifically as follows: and obtaining the APK to be reinforced, and then performing decompiling to obtain a dex file.
3. A computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein: the processor implements the following steps when executing the program:
step 1, obtaining an APK to be reinforced, and obtaining a dex file from the APK;
step 2, compressing and encrypting the dex file, and writing a decryption strategy and a memory adaptation scheme into the so file; the memory adaptation scheme is as follows:
if the application system is android4.4, loading a dex file by using dalvik so as to obtain a dex instance;
if the application systems are android5.0 to android6.0, calling an openmemory method of libart. so as to load a dex file, thereby obtaining a dex instance;
if the application systems are from android 7.0 to android7.1.2, replacing the virtual dex in the load in the memory by using a hook scheme so as to obtain a dex instance;
if the application systems are android8.0 to android9.0, loading dex in the memory by using a class loader loaded by a new mechanism memory of the android to obtain a dex instance;
and 3, recompiling to obtain the reinforced APK.
4. A computer device according to claim 3, wherein: the step 1 is further specifically as follows: and obtaining the APK to be reinforced, and then performing decompiling to obtain a dex file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911007092.5A CN110765424B (en) | 2019-10-22 | 2019-10-22 | Android application reinforcement method and computer equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911007092.5A CN110765424B (en) | 2019-10-22 | 2019-10-22 | Android application reinforcement method and computer equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110765424A CN110765424A (en) | 2020-02-07 |
| CN110765424B true CN110765424B (en) | 2021-07-09 |
Family
ID=69331304
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911007092.5A Active CN110765424B (en) | 2019-10-22 | 2019-10-22 | Android application reinforcement method and computer equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110765424B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104965712A (en) * | 2015-07-17 | 2015-10-07 | 北京奇虎科技有限公司 | Application reinforcing protection method and apparatus and mobile terminal |
| CN106650330A (en) * | 2016-12-22 | 2017-05-10 | 合肥国信车联网研究院有限公司 | Android application software reinforcement protection method based on DexClassloader |
| CN106778103A (en) * | 2016-12-30 | 2017-05-31 | 上海掌门科技有限公司 | Reinforcement means, system and decryption method that a kind of Android application program anti-reversing is cracked |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101518420B1 (en) * | 2014-11-11 | 2015-05-07 | 주식회사 에스이웍스 | Apparatus and method for managing apk file in a android platform |
| CN106709286A (en) * | 2016-11-30 | 2017-05-24 | 江苏神州信源系统工程有限公司 | Method for performing security reinforcement on apk resource package |
-
2019
- 2019-10-22 CN CN201911007092.5A patent/CN110765424B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104965712A (en) * | 2015-07-17 | 2015-10-07 | 北京奇虎科技有限公司 | Application reinforcing protection method and apparatus and mobile terminal |
| CN106650330A (en) * | 2016-12-22 | 2017-05-10 | 合肥国信车联网研究院有限公司 | Android application software reinforcement protection method based on DexClassloader |
| CN106778103A (en) * | 2016-12-30 | 2017-05-31 | 上海掌门科技有限公司 | Reinforcement means, system and decryption method that a kind of Android application program anti-reversing is cracked |
Non-Patent Citations (1)
| Title |
|---|
| Android应用运行模式及安全技术研究;张洪睿;《中国优秀硕士学位论文全文数据库·信息科技辑》;20180415;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110765424A (en) | 2020-02-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107977553B (en) | Method and device for security reinforcement of mobile application program | |
| US8892876B1 (en) | Secured application package files for mobile computing devices | |
| CN106778103B (en) | Reinforcement method, system and decryption method for preventing reverse cracking of android application program | |
| US10867041B2 (en) | Static and dynamic security analysis of apps for mobile devices | |
| WO2016078130A1 (en) | Dynamic loading method for preventing reverse of apk file | |
| KR101857001B1 (en) | Android dynamic loading file extraction method, recording medium and system for performing the method | |
| KR101471589B1 (en) | Method for Providing Security for Common Intermediate Language Program | |
| US8955142B2 (en) | Secure execution of unsecured apps on a device | |
| US8887152B1 (en) | Android application virtual environment | |
| US8549656B2 (en) | Securing and managing apps on a device | |
| JP6227772B2 (en) | Method and apparatus for protecting a dynamic library | |
| CN108491235B (en) | DEX protection method combining dynamic loading and function Native | |
| US20180129794A1 (en) | Method for Protecting Dex File from Decompilation in Android System | |
| CN109255235B (en) | Mobile application third-party library isolation method based on user state sandbox | |
| CN104680039A (en) | Data protection method and device of application installation package | |
| CN103067392A (en) | Security access control method based on Android terminal | |
| WO2019062015A1 (en) | Source code protection method, application server, and computer-readable storage medium | |
| CN112052461B (en) | Code processing method, terminal and storage medium based on instruction injection | |
| CN111045686A (en) | Method for improving application decompilation speed, intelligent terminal and storage medium | |
| US9990493B2 (en) | Data processing system security device and security method | |
| US9672353B2 (en) | Securing and managing apps on a device using policy gates | |
| CN110502874B (en) | Android App reinforcement method based on file self-modification | |
| CN110348206B (en) | Protection method, medium, device and computing equipment applied to android installation package (APK) | |
| CN110764813A (en) | Upgrading method of system software and running method thereof | |
| KR101557455B1 (en) | Application Code Analysis Apparatus and Method For Code Analysis Using The Same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: Room 201-9, Zone C, No. 18 Guanri Road, Phase II, Software Park, Torch High tech Zone, Xiamen City, Fujian Province, 361000 Patentee after: Fujian Huisibo Digital Technology Co.,Ltd. Address before: No. 89 Software Avenue, Tongpan Road, Gulou District, Fuzhou City, Fujian Province, 350001, No. 34 # 5th Floor, Zone C, Fuzhou Software Park, 510 Patentee before: FUZHOU HUISIBO INFORMATION TECHNOLOGY Co.,Ltd. |