CN111353154A - Application program shelling method and device, terminal equipment and medium - Google Patents
Application program shelling method and device, terminal equipment and medium Download PDFInfo
- Publication number
- CN111353154A CN111353154A CN201811580273.2A CN201811580273A CN111353154A CN 111353154 A CN111353154 A CN 111353154A CN 201811580273 A CN201811580273 A CN 201811580273A CN 111353154 A CN111353154 A CN 111353154A
- Authority
- CN
- China
- Prior art keywords
- file
- shelling
- openmemory
- application
- specified
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 101
- 238000004590 computer program Methods 0.000 claims description 11
- 238000012545 processing Methods 0.000 claims description 11
- 238000012544 monitoring process Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 11
- 238000012986 modification Methods 0.000 description 6
- 230000004048 modification Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000009434 installation Methods 0.000 description 4
- 230000004075 alteration Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The application discloses a shelling method, a shelling device, terminal equipment and a media of an application program, which belong to the technical field of communication, wherein the method comprises the steps of returning a specified file to a server based on a received file acquisition message containing a specified file name, wherein the specified file contains signature information of an OpenMemory method; receiving a shelling script which is sent by a server and contains signature information of an Openmemory method, wherein the shelling script is used for: intercepting an Openmemory method according to signature information of the Openmemory method to obtain address information of a shelling file of a target application, and exporting the shelling file according to the address information; and loading a shelling script and running the target application to obtain a shelling file. Therefore, the complicated operation of software shelling is simplified, the compatibility is high, and the application range is wide.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method and an apparatus for removing shells of an application, a terminal device, and a medium.
Background
With the development of terminal devices, the applications of Android (Android) platforms are increasing, and the malicious software of the Android platforms is also increasing. User privacy and asset security are severely compromised. Since the malicious application hides the malicious code logic through the shell adding technology, in order to analyze the behavior of the malicious software, a shell removing operation is usually performed on the shell added Android application, so that the code analysis is performed on the obtained shell removed file.
The software shell is a program specially responsible for protecting software from illegal modification or decompiling in some computer software. The software shelling is the inverse operation of adding a shell to the software, and the shell existing on the software is removed to obtain the source code of the software. And obtaining a dex file before shell adding on an Android platform.
In the prior art, when an application of an Android platform is unshelled, the following two methods are generally adopted:
the first mode is as follows: and (4) customizing the Android system, namely inserting an unshelling code into the Android system code to obtain an original dex file.
However, in this way, the source code needs to be familiar, and recompilation and flashing are needed after the source code of the system is modified every time, which is a complicated operation procedure.
The second way is: and dynamically loading the application needing shelling by adopting a container technology, and acquiring an original dex file by intercepting a key method called by dex.
However, many reinforced applications can detect their own operating environment, and if the applications exit when detecting that their own operations are in the container, they cannot be unshelled, and thus the compatibility problem exists, and the application range is small.
Disclosure of Invention
The embodiment of the application provides an application program shelling method, an application program shelling device, terminal equipment and a medium, and is used for simplifying complicated software shelling steps and expanding the application range when software shelling is carried out on an application.
In one aspect, a method for shelling an application program is provided, including:
returning a specified file to the server based on the received file acquisition message containing the specified file name, wherein the specified file contains signature information of the OpenMemory method;
receiving a shelling script which is sent by a server and contains signature information of an Openmemory method, wherein the shelling script is used for: intercepting an Openmemory method according to signature information of the Openmemory method to obtain address information of a shelling file of a target application, and exporting the shelling file according to the address information;
and loading a shelling script and running the target application to obtain a shelling file.
Preferably, loading the shelling script and running the target application to obtain a shelling file comprises:
running the target application;
according to the signature information of the Openmemory method, if the target application calls the Openmemory method, intercepting the Openmemory method through a specified interception hook application to obtain address information of a shelling file of the target application;
determining the file size of the unshelled file according to the address information of the unshelled file;
and exporting the unshelled file from the memory to a specified directory according to the address information and the file size of the unshelled file.
Preferably, before returning the specified file to the server based on the received file acquisition message containing the specified file name, the method further comprises:
acquiring system user authority;
installing and running a designated hook application;
snooping is established by specifying a hook application.
Preferably, the hook application is designated as a server application frida-server;
the file type of the dehulled file is a dex file.
In one aspect, an apparatus for shelling an application includes:
the return unit is used for returning a specified file to the server based on the received file acquisition message containing the specified file name, wherein the specified file contains signature information of the OpenMemory method;
a receiving unit, configured to receive a shelling script that includes signature information of an OpenMemory method and is sent by a server, where the shelling script is configured to: intercepting an Openmemory method according to signature information of the Openmemory method to obtain address information of a shelling file of a target application, and exporting the shelling file according to the address information;
and the obtaining unit is used for loading the shelling script and running the target application to obtain the shelling file.
Preferably, the obtaining unit is configured to:
running the target application;
according to the signature information of the Openmemory method, if the target application calls the Openmemory method, intercepting the Openmemory method through a specified interception hook application to obtain address information of a shelling file of the target application;
determining the file size of the unshelled file according to the address information of the unshelled file;
and exporting the unshelled file from the memory to a specified directory according to the address information and the file size of the unshelled file.
Preferably, the return unit is further configured to:
acquiring system user authority;
installing and running a designated hook application;
snooping is established by specifying a hook application.
Preferably, the hook application is designated as a server application frida-server;
the file type of the dehulled file is a dex file.
In one aspect, a terminal device is provided, which includes at least one processing unit and at least one storage unit, wherein the storage unit stores a computer program, and when the program is executed by the processing unit, the processing unit executes the steps of the shelling method for any one of the applications.
In one aspect, a computer-readable medium is provided, which stores a computer program executable by a terminal device, and when the program is run on the terminal device, causes the terminal device to execute the steps of the shelling method for any one of the applications described above.
In the method, the device, the terminal device and the medium for shelling the application program, the specified file is returned to the server based on the received file acquisition message containing the specified file name, and the specified file contains signature information of an OpenMemory method; receiving a shelling script which is sent by a server and contains signature information of an Openmemory method, wherein the shelling script is used for: intercepting an Openmemory method according to signature information of the Openmemory method to obtain address information of a shelling file of a target application, and exporting the shelling file according to the address information; and loading a shelling script and running the target application to obtain a shelling file. Therefore, the address information of the shelling file of the target application is obtained directly by intercepting the Openmemory method according to the signature information of the Openmemory method, and the shelling file is exported according to the address information, so that the complicated operation of software shelling is simplified, the method can be applied to different application environments, and is high in compatibility and wide in application range.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the application. The objectives and other advantages of the application may be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is an application scenario diagram provided in the present application;
FIG. 2 is a flowchart illustrating an implementation of a method for shelling an application according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of a shelling apparatus for an application according to an embodiment of the present disclosure.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more clearly apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
In order to simplify the complex steps of software shelling when an application is subjected to software shelling, avoid compatibility problems and enlarge an application range, embodiments of the present application provide a method, an apparatus, a terminal device and a medium for shelling an application program.
The application program shelling method in the embodiment of the present application may be applied to an application scenario as shown in fig. 1, where the application scenario includes: a server 101 and a terminal device 102.
The server 101 may be a server or a server cluster composed of several servers or a cloud computing center. The terminal device 102 is an electronic device with network communication capability, and the electronic device may be a smart phone, a tablet computer, a portable personal computer, or the like, and is mainly an electronic device adopting an Android system.
The terminal device 102 returns a specified file to the server 101 based on the received file acquisition message containing the specified file name, wherein the specified file contains signature information of the OpenMemory method; receiving a shell removing script containing signature information of an OpenMemory method sent by a server 101, where the shell removing script is used to: intercepting an Openmemory method according to signature information of the Openmemory method to obtain address information of a shelling file of a target application, and exporting the shelling file according to the address information; and loading a shelling script and running the target application to obtain a shelling file.
Therefore, the address information of the shelling file of the target application is obtained directly by intercepting the Openmemory method according to the signature information of the Openmemory method, and the shelling file is exported according to the address information, so that the complicated operation of software shelling is simplified, the method can be applied to different application environments, and is high in compatibility and wide in application range.
Referring to fig. 2, a flowchart of an application shelling method according to the present application is shown. The specific implementation flow of the method is as follows:
step 200: and the terminal equipment performs root operation according to the user instruction to obtain the system user permission.
Specifically, a user performs root operation on the terminal device through a root tool to obtain the system user permission.
The modern operating system generally belongs to a multi-user operating system, that is, the same machine can establish accounts for a plurality of users, the users are general users, the general users can log in the computer at the same time, the computer allocates certain resources to the users, and the general users perform respective operations in the allocated resources without influencing each other. But the permissions of these general users are limited and if there are too many users, the management is inconvenient, so that a root user is introduced, which is unique and has all the permissions of the system.
Step 201: and the terminal equipment installs and runs a hook application, and establishes monitoring.
Specifically, the terminal device directly downloads the hook installation package, or receives the hook installation package pushed by the server, and establishes monitoring through the hook installation package installation and the operation of the hook application.
Optionally, the hook application may be a frida-service application at the server side. fraida is a book frame based on python + java, can run on platforms such as android/ios/linux/winosx and the like, and mainly uses a dynamic binary instrumentation technology. Instrumentation refers to the injection of additional code into a program to gather information at runtime.
In the examples of the present application, hook using frida-serve is exemplified.
Step 202: the server acquires signature information of an OpenMemory method of the terminal device.
Specifically, the server sends a file acquisition message containing a specified file name to the terminal device, receives a specified file returned by the terminal device, and acquires signature information of the OpenMemory method from the specified file.
Alternatively, the specified file may be libart. The server can search and obtain signature information of the OpenMemory method in file contents contained in a libart.so by adopting a nm command 'nmlibart.so | grep OpenMemory' on a linux system.
Step 203: and the server generates a shelling script according to the signature information of the Openmemory method.
Specifically, the server generates a shelling script, the shelling script is used for intercepting an OpenMemory method of the terminal device according to signature information of the OpenMemory method, acquiring address information of a shelling file contained in the OpenMemory method, calculating the file size of the shelling file according to the address information, and exporting the shelling file to a specified directory of a target application according to the address information and the file size of the shelling file.
The parameters of the OpenMemory method at least include address information parameters of the shelling file. The dehulled file may be a dex file.
Step 204: and the terminal equipment receives the shelling script sent by the server.
Step 205: and the terminal equipment loads the shelling script and runs the target application to obtain the shelling file.
Specifically, the terminal device loads the shelling script and then runs the target application, executes various instructions of the shelling script, intercepts an OpenMemory method called when the target application is run through a hook application according to signature information of the OpenMemory method, obtains address information of the shelling file, calculates the size of the shelling file according to the address information of the shelling file, and exports the shelling file to a specified directory of the target application according to the address information and the size of the shelling file.
The OpenMemory method of the terminal device system is called when the target application runs, the OpenMemory method comprises a plurality of parameters, and address information of the shell file can be obtained through address parameters in the parameters of the OpenMemory method.
In an embodiment of the present application, an electronic device includes: one or more processors;
and one or more computer-readable media having stored thereon a program for shelling an application, wherein the program, when executed by one or more processors, performs the steps in the above-described embodiments.
In an embodiment of the present application, one or more computer-readable media having stored thereon a program for shelling an application program, wherein the program, when executed by one or more processors, causes a communication device to perform the steps of the above-described embodiments.
Based on the same inventive concept, the embodiment of the present application further provides a device for removing shells of application programs, and because the principle of solving the problems of the device and the equipment is similar to that of a method for removing shells of application programs, the implementation of the device can refer to the implementation of the method, and repeated details are omitted.
Fig. 3 is a schematic structural diagram of an application shelling apparatus according to an embodiment of the present application, including:
a returning unit 30, configured to return a specified file to the server based on the received file acquisition message including the specified file name, where the specified file includes signature information of the OpenMemory method;
a receiving unit 31, configured to receive a shelling script sent by a server and including signature information of an OpenMemory method, where the shelling script is configured to: intercepting an Openmemory method according to signature information of the Openmemory method to obtain address information of a shelling file of a target application, and exporting the shelling file according to the address information;
and an obtaining unit 32, configured to load a shelling script and run the target application to obtain a shelling file.
Preferably, the obtaining unit 32 is configured to:
running the target application;
according to the signature information of the Openmemory method, if the target application calls the Openmemory method, intercepting the Openmemory method through a specified interception hook application to obtain address information of a shelling file of the target application;
determining the file size of the unshelled file according to the address information of the unshelled file;
and exporting the unshelled file from the memory to a specified directory according to the address information and the file size of the unshelled file.
Preferably, the return unit 30 is further configured to:
acquiring system user authority;
installing and running a designated hook application;
snooping is established by specifying a hook application.
Preferably, the hook application is designated as a server application frida-server;
the file type of the dehulled file is a dex file.
In the method, the device, the terminal device and the medium for shelling the application program, the specified file is returned to the server based on the received file acquisition message containing the specified file name, and the specified file contains signature information of an OpenMemory method; receiving a shelling script which is sent by a server and contains signature information of an Openmemory method, wherein the shelling script is used for: intercepting an Openmemory method according to signature information of the Openmemory method to obtain address information of a shelling file of a target application, and exporting the shelling file according to the address information; and loading a shelling script and running the target application to obtain a shelling file. Therefore, the address information of the shelling file of the target application is obtained directly by intercepting the Openmemory method according to the signature information of the Openmemory method, and the shelling file is exported according to the address information, so that the complicated operation of software shelling is simplified, the method can be applied to different application environments, and is high in compatibility and wide in application range.
For convenience of description, the above parts are separately described as modules (or units) according to functional division. Of course, the functionality of the various modules (or units) may be implemented in the same one or more pieces of software or hardware when implementing the present application.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (7)
1. A method for shelling an application, comprising:
returning a specified file to a server based on a received file acquisition message containing a specified file name, wherein the specified file contains signature information of an open memory Openmemory method;
receiving a shelling script which is sent by the server and contains signature information of the OpenMememory method, wherein the shelling script is used for: intercepting an Openmemory method according to signature information of the Openmemory method to obtain address information of a shelling file of a target application, and exporting the shelling file according to the address information;
and loading the shelling script and running the target application to obtain a shelling file.
2. The method of claim 1, wherein loading the shelling script and running the target application to obtain a shelling file comprises:
running the target application;
according to the signature information of the Openmemory method, if the target application calls the Openmemory method, intercepting the Openmemory method through a specified interception hook application to obtain address information of a shelling file of the target application;
determining the file size of the unshelled file according to the address information of the unshelled file;
and exporting the unshelled file to a specified directory from a memory according to the address information and the file size of the unshelled file.
3. The method of claim 2, further comprising, prior to returning the specified file to the server based on the received file retrieve message containing the specified file name:
acquiring system user authority;
installing and running the specified hook application;
and establishing monitoring through the specified hook application.
4. The method of claim 2 or 3, wherein the designated hook application is a server application, frida-server;
the file type of the shelling file is a dex file.
5. An apparatus for shelling an application program, comprising:
the system comprises a returning unit, a sending unit and a processing unit, wherein the returning unit is used for returning a specified file to a server based on a received file acquisition message containing a specified file name, and the specified file contains signature information of an OpenMemory method;
a receiving unit, configured to receive a shelling script that includes signature information of the OpenMemory method and is sent by the server, where the shelling script is configured to: intercepting an Openmemory method according to signature information of the Openmemory method to obtain address information of a shelling file of a target application, and exporting the shelling file according to the address information;
and the obtaining unit is used for loading the shelling script and running the target application to obtain a shelling file.
6. A terminal device, comprising at least one processing unit and at least one memory unit, wherein the memory unit stores a computer program which, when executed by the processing unit, causes the processing unit to carry out the steps of the method according to any one of claims 1 to 4.
7. A computer-readable medium, in which a computer program executable by a terminal device is stored, which program, when run on the terminal device, causes the terminal device to carry out the steps of the method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811580273.2A CN111353154A (en) | 2018-12-24 | 2018-12-24 | Application program shelling method and device, terminal equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811580273.2A CN111353154A (en) | 2018-12-24 | 2018-12-24 | Application program shelling method and device, terminal equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111353154A true CN111353154A (en) | 2020-06-30 |
Family
ID=71195470
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811580273.2A Pending CN111353154A (en) | 2018-12-24 | 2018-12-24 | Application program shelling method and device, terminal equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111353154A (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20090088687A (en) * | 2008-02-15 | 2009-08-20 | 한국정보보호진흥원 | System for detecting webshell and method thereof |
| CN106709287A (en) * | 2016-12-15 | 2017-05-24 | 江苏通付盾科技有限公司 | Method and device of uncoating |
-
2018
- 2018-12-24 CN CN201811580273.2A patent/CN111353154A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20090088687A (en) * | 2008-02-15 | 2009-08-20 | 한국정보보호진흥원 | System for detecting webshell and method thereof |
| CN106709287A (en) * | 2016-12-15 | 2017-05-24 | 江苏通付盾科技有限公司 | Method and device of uncoating |
Non-Patent Citations (2)
| Title |
|---|
| FLY20141201: ""基于Frida框架打造Art模式下的脱壳工具(OpenMemory)的原理分析(https://blog.csdn.net/QQ1084283172/article/details/80956614)"", 《CSDN》 * |
| THAT_IS_THIS: ""基于frida的脱壳工具"", 《简书》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8099472B2 (en) | System and method for a mobile cross-platform software system | |
| CN105068932B (en) | A kind of detection method of Android application programs shell adding | |
| CN108229148B (en) | Sandbox unshelling method and sandbox unshelling system based on Android virtual machine | |
| CN108121594B (en) | Process management method and device | |
| US20220279012A1 (en) | Methods and apparatus to identify and report cloud-based security vulnerabilities | |
| US9811665B1 (en) | Static and dynamic security analysis of apps for mobile devices | |
| US20220405385A1 (en) | Secure container construction device and method executable by android application, and computer-readable recording medium on which program thereof is recorded | |
| US10664262B2 (en) | Binary suppression and modification for software upgrades | |
| CN111880987A (en) | Dynamic monitoring method and device of application program, storage medium and electronic device | |
| CN109784039B (en) | Construction method of safe operation space of mobile terminal, electronic equipment and storage medium | |
| CN104765624A (en) | Update processing method and device for virtual machine application | |
| CN107908957B (en) | Safe operation management method and system of intelligent terminal | |
| CA2954984A1 (en) | Systems and methods for enhancing mobile security via aspect oriented programming | |
| CN112199151B (en) | Application program running method and device | |
| KR101557455B1 (en) | Application Code Analysis Apparatus and Method For Code Analysis Using The Same | |
| CN110045998A (en) | Load the method and device of dynamic base | |
| CN111212418A (en) | Device and method for safely downloading mobile terminal application | |
| CN115809120A (en) | Attack simulation detection method, system, medium and electronic device for Docker container | |
| CN111353154A (en) | Application program shelling method and device, terminal equipment and medium | |
| CN115562807A (en) | Method and system for mounting dynamic equipment for android container in kubernets environment | |
| Ma et al. | Investigation of static and dynamic android anti-virus strategies | |
| CN113114681A (en) | Test message processing method, device, computer system and readable storage medium | |
| KR20210083780A (en) | Method and system for improving android app security by DEX file segmentation and obfuscation | |
| CN108063679B (en) | Method and device for upgrading cloud management platform | |
| CN108509329B (en) | Method and device for verifying operation executed on client |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200630 |