CN112052464A - Method for performing virtualization protection on resource file, intelligent terminal and storage medium - Google Patents
Method for performing virtualization protection on resource file, intelligent terminal and storage medium Download PDFInfo
- Publication number
- CN112052464A CN112052464A CN202010847444.4A CN202010847444A CN112052464A CN 112052464 A CN112052464 A CN 112052464A CN 202010847444 A CN202010847444 A CN 202010847444A CN 112052464 A CN112052464 A CN 112052464A
- Authority
- CN
- China
- Prior art keywords
- protected
- resource file
- file
- application
- resource
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 230000006870 function Effects 0.000 claims abstract description 27
- 230000008569 process Effects 0.000 claims abstract description 24
- 238000004422 calculation algorithm Methods 0.000 description 16
- 238000010586 diagram Methods 0.000 description 5
- 238000004590 computer program Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000006835 compression Effects 0.000 description 2
- 238000007906 compression Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The invention discloses a method for performing virtualization protection on a resource file, an intelligent terminal and a storage medium, wherein the method comprises the following steps: acquiring a resource file to be protected, and protecting the resource file to be protected to obtain a key folder; acquiring a memory of the resource file to be protected in the application, and performing virtualization processing on the memory to obtain a virtualization protection application; when the resource file to be protected needs to be used in the running process of the virtualization protection application, the resource file to be protected is acquired and called back to realize the corresponding function of the application, so that the resource file to be protected is protected. The embodiment of the invention can protect the core resource file in the application, perform virtualization processing in the corresponding space in the application to obtain the virtual file by extracting the resource file to be protected, and then call back the resource file to be protected when the resource file to be protected needs to be used so as to protect the resource file.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a method, an intelligent terminal and a storage medium for performing virtualization protection on a resource file.
Background
With the development of network informatization, people pay more and more attention to data security, and in order to protect computer software data from being damaged, changed and leaked due to accidental and malicious reasons, some measures are taken in advance to ensure the availability, integrity and confidentiality of network data.
After a mobile terminal application is released, an APK file of the mobile terminal application can be decompressed and opened through a zip or rar compression tool, the structure of the application itself is disclosed, including directories such as dex, res, assets, lib and the like and resource files under the directories, which means that various resources used by the application can be stolen, copied, analyzed and disguised, so that the resource files applied by the mobile terminal have security risks.
Thus, there is still a need for improvement and development of the prior art.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a method, an intelligent terminal, and a storage medium for performing virtualization protection on a resource file, aiming at solving the problem that the resource file applied at a mobile terminal has a security risk due to stealing, copying, analyzing, and disguising of the resource file applied in the prior art.
The technical scheme adopted by the invention for solving the problems is as follows:
in a first aspect, an embodiment of the present invention provides a method for performing virtualization protection on a resource file, where the method includes:
acquiring a resource file to be protected, and protecting the resource file to be protected to obtain a key folder;
acquiring a memory of the resource file to be protected in the application, and performing virtualization processing on the memory to obtain a virtualization protection application;
when the resource file to be protected needs to be used in the running process of the virtualization protection application, the resource file to be protected is acquired and called back to realize the corresponding function of the application, so that the resource file to be protected is protected.
In one implementation manner, the method for acquiring a resource file to be protected includes:
acquiring a file name before loading of the resource file to be protected;
and acquiring the resource file to be protected according to the file name before loading.
In an implementation manner, the protecting the resource file to be protected to obtain the key folder includes:
saving the resource file to be protected to a ZIP folder;
and encrypting the ZIP folder to obtain a key folder.
In one implementation, the saving the resource file to be protected to the ZIP folder includes:
acquiring a folder building instruction and generating a ZIP folder with the same structure as the application structure;
and storing the resource file to be protected in a ZIP folder.
In an implementation manner, the obtaining a memory of the resource file to be protected in an application and performing virtualization processing on the memory to obtain a virtualization protection application includes:
acquiring the memory of the resource file to be protected in the application;
acquiring the ID and the virtual file of the resource file to be protected;
and storing the virtual file and the ID in the memory to obtain the virtualization protection application.
In an implementation manner, the obtaining a memory of the resource file to be protected in the application and performing virtualization processing on the memory to obtain the virtualization protected application further includes: and storing the corresponding relation between the ID and the virtual file in a first file of the virtualization protection application.
In an implementation manner, when the resource file to be protected needs to be used in the running process of the virtualization protection application, the obtaining the resource file to be protected includes:
loading an executable shared library file, and decrypting the key folder to obtain a decrypted folder;
acquiring a loaded file name of a resource file to be accessed, and acquiring a corresponding ID of the resource file in the first file according to the loaded file name;
and searching the corresponding resource file to be protected in the decryption folder according to the corresponding ID.
In one implementation, the callback of the resource file to be protected to achieve protection of the resource file to be protected includes:
loading the executable shared library file and calling the resource file to be protected;
and covering the resource file to be protected with the virtual file to realize the protection of the resource file to be protected.
In a second aspect, an embodiment of the present invention further provides an apparatus for performing virtualization protection on a resource file, where the apparatus includes:
the resource file processing unit to be protected is used for acquiring the resource file to be protected and protecting the resource file to be protected to obtain a key folder;
the virtual file generation unit is used for acquiring the memory of the resource file to be protected in the application and carrying out virtualization processing on the memory to obtain a virtualization protection application;
and the callback unit is used for acquiring and calling back the resource file to be protected when the resource file to be protected needs to be used in the running process of the virtualization protection application so as to protect the resource file to be protected.
In a third aspect, an embodiment of the present invention further provides an intelligent terminal, including a memory and one or more programs, where the one or more programs are stored in the memory, and configured to be executed by one or more processors includes a method for performing virtualization protection on a resource file as described in any one of the above.
In a fourth aspect, an embodiment of the present invention further provides a non-transitory computer-readable storage medium, where instructions in the storage medium, when executed by a processor of an electronic device, enable the electronic device to perform a method for protecting a resource file in a virtualization manner as described in any one of the above.
The invention has the beneficial effects that: the method comprises the steps of firstly obtaining a resource file to be protected, and protecting the resource file to be protected to obtain a key folder; then obtaining the memory of the resource file to be protected in the application, and performing virtualization processing on the memory to obtain a virtualization protection application; finally, when the resource file to be protected needs to be used in the running process of the virtualization protection application, the resource file to be protected is acquired and called back to realize the corresponding function of the application so as to protect the resource file to be protected; therefore, in the embodiment of the invention, the core resource file in the application can be protected, the resource file to be protected in the application is extracted into a ZIP folder, the virtual file is obtained by performing virtualization processing on the corresponding space in the application, and then the resource file to be protected is called back when the resource file to be protected needs to be used in the application running process, so that the resource file is protected.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of a method for performing virtualization protection on a resource file according to an embodiment of the present invention
Fig. 2 is a schematic block diagram of an apparatus for performing virtualization protection on a resource file according to an embodiment of the present invention.
Fig. 3 is a schematic block diagram of an internal structure of an intelligent terminal according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer and clearer, the present invention is further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
It should be noted that, if directional indications (such as up, down, left, right, front, and back … …) are involved in the embodiment of the present invention, the directional indications are only used to explain the relative positional relationship between the components, the movement situation, and the like in a specific posture (as shown in the drawing), and if the specific posture is changed, the directional indications are changed accordingly.
In the prior art, after a mobile terminal application is released, an APK file of the mobile terminal application can be decompressed and opened by a zip or rar compression tool, and the structure of the application itself is disclosed, including directories such as dex, res, assets, lib and the like and resource files under the directories, which means that various resources used by the application can be stolen, copied, analyzed and disguised, so that the resource file of the mobile terminal application has a security risk.
In order to solve the problems in the prior art, this embodiment provides a method for protecting a resource file in a virtualized manner, where a resource file to be protected is extracted into a ZIP folder, a corresponding space in an application is virtualized to obtain a virtual file, and then the resource file to be protected is recalled when the resource file to be protected needs to be used in an application running process, so as to protect the resource file. In practice, the resource file refers to a resource file in an application, such as a mobile terminal application APK, and the APK is an application package file format used by an Android operating system and used for distributing and installing a mobile application and a middleware. The code of an Android application program is required to be run on an Android device, and the code must be compiled first and then packaged into a file which can be recognized by an Android system to be run, and the file format which can be recognized and run by the Android system is 'APK'. An APK file contains compiled code files (. dex files), file resources (resources), native resource files (assets), certificates (certifies), and manifest files (manifest files). In specific implementation, firstly, a resource file to be protected is obtained, and the resource file to be protected is protected to obtain a key folder; then obtaining the memory of the resource file to be protected in the application, and performing virtualization processing on the memory to obtain a virtualization protection application; and finally, when the resource file to be protected needs to be used in the running process of the virtualization protection application, acquiring and calling back the resource file to be protected to realize the corresponding function of the application so as to protect the resource file to be protected.
By way of example, the original APK structure contains the following list: assets/, lib/, res/, classes. Extracting resource files to be protected in the assets, lib and res directories to a patch. Thus, the memory from which the resource file to be protected is extracted in the original APK is empty, the virtual file and the ID corresponding to the resource file to be protected are replaced in the memory, if a plurality of resource files to be protected are extracted, the virtual files are replaced in the memory according to the corresponding sequence of the ID, for example, the ID of the first virtual file is 1, the first virtual file replaces the memory corresponding to the first resource file to be protected, the ID of the second virtual file is 2, and the second virtual file replaces the memory corresponding to the second resource file to be protected. So is copied in the subdirectory of the lib directory in the original APK structure. When the virtualization protection application is used in the operation process and needs to use the resource file to be protected, a small segment of code is inserted at a class. The HOOK program captures the message before the system does not call the function, and the HOOK function obtains the control right first, and the HOOK function can process (change) the execution behavior of the function and also can forcibly end the message transmission. After taking over, when a virtualized Apk application runtime program needs to access a certain resource file to be protected, the corresponding resource file to be protected is acquired, otherwise, when the virtualized Apk application runtime program does not need to access the resource file to be protected, the internal memory of the virtualized Apk application runtime is an empty shell file, even if being externally HOOK, the file to which HOOK is made is unidentifiable, which can not cause the leakage and theft of the resource file, and the kernel function in the application is extracted into another folder for protection processing, thus realizing the protection of the resource file to be protected in the APK application.
Exemplary method
The embodiment provides a method for performing virtualization protection on a resource file, which can be applied to an intelligent terminal for data security protection. As shown in fig. 1 in detail, the method includes:
s100, acquiring a resource file to be protected, and protecting the resource file to be protected to obtain a key folder;
firstly, a technician determines resource files to be protected and the number of the resource files to be protected according to the importance of the resource files in application, then obtains all the resource files to be protected, and stores the resource files in sequence according to a certain relation, and protects the folder after storage in order to ensure the safety of the folder, wherein the protection processing method can be encryption or shell-added files, and is not limited specifically. The key folder can be obtained through the processing.
In practice, after a technician determines the resource files to be protected, the technician needs to find the resource files to be protected in the original APK application, and in an implementation manner, the acquiring the resource files to be protected in this embodiment includes the following steps:
s101, acquiring a file name of the resource file to be protected before loading;
and S102, acquiring the resource file to be protected according to the file name before loading.
After the technician determines the resource file to be protected, an instruction containing the file name of the resource file to be protected is input into the terminal, so that the terminal can obtain the file name of the resource file to be protected before loading, the file name before loading is searched in the files in the Assets directory, the files in the lib and the files in the res in the original APK structure according to the file name before loading, and the terminal can obtain the resource file to be protected in the corresponding files in the Assets directory according to the file name before loading.
Considering that the obtained resource file to be protected may also be leaked and stolen by other unpredictable ways, and therefore needs to be protected, the embodiment of protecting the resource file to be protected to obtain the key folder includes the following steps:
step S111, storing the resource file to be protected to a ZIP folder;
and S112, encrypting the ZIP folder to obtain a key folder.
In order to ensure the absolute security of the resource file to be protected, after the resource file to be protected is acquired, the resource file to be protected is stored in a ZIP folder, wherein the ZIP folder is a folder independent of the APK application, and when the APK application runs, the ZIP folder is not loaded, so that the ZIP folder has certain security relative to the folder loaded in the application. In addition, in consideration of the fact that other unpredictable factors can be stolen and leaked, the ZIP folder is encrypted to obtain the key folder, and the encryption method can adopt an encryption algorithm and can also be obtained in a simple AND/OR mode. The encryption algorithm may also adopt DES encryption algorithm, AES encryption algorithm, RSA encryption algorithm, Base64 encryption algorithm, MD5 encryption algorithm, SHA1 encryption algorithm, and is not particularly limited. The DES encryption algorithm has the advantage of faster speed. The AES encryption algorithm has the advantages of high speed and high security level. The RSA encryption algorithm is a public key algorithm that supports variable-length keys. Base64 encryption algorithm.
In consideration of the fact that after protection processing, when the APK application needs to use the resource file to be protected during actual operation, the resource file to be protected needs to be found according to a certain corresponding relationship, and therefore, the step of saving the resource file to be protected to the ZIP folder includes the following steps:
s1111, acquiring a folder construction instruction and generating a ZIP folder with the same structure as the application structure;
step S1112, storing the resource file to be protected in the ZIP folder.
In practice, when a technician inputs an instruction for constructing a folder to a terminal, the terminal receives and acquires the instruction for constructing the folder, and then constructs a patch.zip folder, in consideration of that resource files to be protected stored in the patch.zip folder are originated from an original APK application, after a program runs, the APK application recalls the resource files to be protected, so as to conveniently search the resource files to be protected, the resource files to be protected need to be stored in the patch.zip folder according to a certain relationship, and the relationship must be matched with the resource files in a sub-directory in the original APK structure, and therefore, in order to construct a folder with the above relationship, the architecture of the patch.zip folder is similar to the APK structure. And then storing the resource file to be protected in the patch folder. Therefore, convenience is provided for recalling the resource file to be protected in the subsequent program loading process.
After the resource to be protected in the APK application is extracted, the memory space occupied by the resource to be protected in the APK application before the resource to be protected needs to be processed, step S200 shown in fig. 1 is executed, the memory of the resource file to be protected in the application is obtained, and the memory is virtualized, so that the virtualized protection application is obtained.
In practice, since the sub-directories of the original APK structure, assets/, lib/, and res/are taken away from the resource file to be protected, and the sub-directories of the original APK structure, assets/, lib/, and res/are left out of the memory space, in order to implement the virtualization protection, the memory space of the sub-directories of the original APK structure, assets/, lib/, and res/is virtualized, and the APK application after the virtualization processing becomes the virtualization protection application.
In order to implement the virtualization processing, the following operations need to be performed to obtain the virtualized application, and in this embodiment, the obtaining a memory of the resource file to be protected in the application, and performing virtualization processing on the memory to obtain the virtualized protected application includes the following steps:
step S201, obtaining the memory of the resource file to be protected in the application;
step S202, obtaining the ID and the virtual file of the resource file to be protected;
step S203, storing the virtual file and the ID in the memory to obtain a virtualized protection application.
In practice, the APK application needs to be loaded during the program running process, and in consideration of the fact that when the APK application needs to use the resource file during the loading process, the resource file needs to be retrieved correspondingly, so that the memory space of the folder in the APK structure from which the resource file is extracted cannot be empty, and therefore the memory space needs to be filled. Therefore, the memory space of the resource file is first extracted from the sub-directory of the APK structure. Considering that when a program calls the resource file to be protected last, the resource file to be protected needs to be recalled according to a certain corresponding relationship, and the step of extracting the resource file to be protected includes the following operations: if the resource file to be protected is set with one ID, the ID of the first extracted resource file may be set to 1, the ID of the second extracted resource file may be set to 2, and so on, then after the memory space of the resource file to be protected in the application is used, the ID of the resource file to be protected needs to be acquired here. In addition, the memory space needs to be filled with a folder, so that the terminal needs to acquire the virtual file first. The virtual file can also be injected with a protection code, such as Framework, or a library function is added for judgment, and if the virtual file is not a library of the virtual file, loading is not carried out, so that even if the APK application calls back the resource file to be protected, the resource file to be protected can also be prevented from being FISHHOOK, and the safety of the resource file to be protected in the APK application can be better ensured. After the terminal acquires the memory space and the virtual file, the memory space and the virtual file are stored in the memory space together, so that the APK application becomes the virtual protection APK application.
The corresponding relationship between the ID and the resource file to be protected is already confirmed, and in order to enable the APK application to call back the resource file to be protected, the corresponding relationship between the ID and the virtual file needs to be established, so that the obtaining of the memory of the resource file to be protected in the application and the virtualization of the memory result in the virtualization protected application further includes the following steps: step S211, storing the corresponding relationship between the ID and the virtual file in the first file of the virtualization protection application.
In practice, the ID and the resource file correspond to the first extracted resource file with ID number 1, the second extracted resource file with ID number 2, and so on. When the APK application needs to use the resource file to be protected during operation, the resource file to be protected needs to be accurately recalled, and then the same callback needs to be performed to a place corresponding to the APK application according to the ID correspondence, so that the virtual file placed in the corresponding memory of the APK application needs to be stored in the same manner. In order to facilitate the callback of the resource file to be protected, the corresponding relationship between the ID and the virtual file needs to be stored in the first file of the virtualized protection application. That is, the ID of the virtual file stored in the memory space of the first extracted resource file in the original APK application corresponds to 1, the ID of the virtual file stored in the memory space of the second extracted resource file in the original APK application corresponds to 2, and so on.
Considering that the purpose of running the virtual protection APK application in a program is to protect the resource file to be protected, and if the resource file to be protected is to be used in actual running or the resource file to be protected is to be called back, the following steps need to be performed as shown in fig. 1:
step S300, when the resource file to be protected needs to be used in the running process of the virtualization protection application, the resource file to be protected is acquired and called back to realize the corresponding function of the application, so as to protect the resource file to be protected.
In practice, the resource files to be protected in the APK application are all protected due to the fact that all the empty files are stored in the corresponding memory space in the application, and even if the empty files are attacked by the fish-in-shell-type application, the resource files to be protected cannot be leaked or stolen. However, when a specific function is to be implemented in the running process of the APK application, the resource file to be protected needs to be called, and at this time, the resource file to be protected needs to be acquired from the key folder, and then the resource file to be protected is restored to the original memory location in the APK application in the prior art in a callback manner, so that the corresponding function of the APK application is implemented, and the resource file to be protected is protected.
Because the resource file to be protected is subjected to the corresponding protection processing, the resource file to be protected needs to be obtained first when the resource file to be protected is actually called back, and therefore, in this embodiment, when the resource file to be protected needs to be used in the running process of the virtualization protection application, obtaining the resource file to be protected includes the following steps:
s301, loading an executable shared library file, and decrypting a key folder to obtain a decrypted folder;
step S302, acquiring a loaded file name of a resource file to be accessed, and acquiring a corresponding ID of the resource file in the first file according to the loaded file name;
step S303, according to the corresponding ID, searching the corresponding resource file to be protected in the decryption folder.
Since the resource file to be protected is protected in order to implement protection of the resource file to be protected, the resource file to be protected needs to be acquired first when the resource file to be protected is called. In addition, since the resource file to be protected is stored in the key folder, it needs to be decrypted first. Specifically, first, the executable file library file is loaded, and the key folder is decrypted to obtain a decrypted folder. The decryption algorithm corresponds to the encryption algorithm and is a reverse algorithm, and no further limitation is made here. Then, when the APK application needs to call the resource file during operation, the file name of the resource file to be accessed is generated, the terminal obtains the loaded file name of the resource file to be accessed, and then the first file is searched according to the loaded file name, so that the corresponding ID can be searched; then the corresponding ID of the file name after the loading is found to be 5, and then the 5 th extracted resource file is corresponded to find the corresponding resource file to be protected.
After the terminal obtains the resource file to be protected, a callback is required to implement a corresponding function, so that the callback of the resource file to be protected to implement the corresponding function of the application to protect the resource file to be protected in this embodiment includes the following steps:
step S311, loading the executable shared library file, and calling the resource file to be protected to realize the corresponding function of the application;
step S312, the virtual file is covered with the resource file to be protected, so as to protect the resource file to be protected.
In practice, when the resource file to be protected is obtained, in this embodiment, for example, the resource file to be protected is the 5 th extracted resource file, then the corresponding function of the APK can be realized only by calling back the 5 th extracted resource file. Therefore, the executable shared library file needs to be loaded again, the resource file to be protected is called as the 5 th extracted resource file, and then the 5 th extracted resource file is covered in the virtual file of the corresponding memory space in the APK original structure, so that the corresponding function of the 5 th extracted resource file, such as a voice function or a video function, can be implemented, without further limitation. Thus, when the APK application does not use the resource to be protected, the resource file to be protected is protected in another safe folder and is encrypted, and the safety of the resource file is ensured; when the APK application uses the resource file to be protected, the resource file to be protected is called, and at the moment, because the internal HOOK is used for HOOK the resource file to be protected at the first time, the resource file is not easy to be obtained by other FISHHOOKs, and the function of protecting the safety of the resource file to be protected is also realized.
Exemplary device
As shown in fig. 2, an embodiment of the present invention provides an apparatus for performing virtualization protection on a resource file, where the apparatus includes: a resource file processing unit 201 to be protected, a virtual file generating unit 202 and a callback unit 203. Specifically, the resource file to be protected processing unit 201 is configured to obtain a resource file to be protected, and perform protection processing on the resource file to be protected to obtain a key folder; the virtual file generation unit 202 is configured to obtain a memory of the resource file to be protected in the application, and perform virtualization processing on the memory to obtain a virtualization protection application; a callback unit 203, configured to, when the resource file to be protected needs to be used in the running process of the virtualization protection application, acquire and callback the resource file to be protected to implement a corresponding function of the application, so as to protect the resource file to be protected.
Based on the above embodiment, the present invention further provides an intelligent terminal, and a schematic block diagram thereof may be as shown in fig. 3. The intelligent terminal comprises a processor, a memory, a network interface, a display screen and a temperature sensor which are connected through a system bus. Wherein, the processor of the intelligent terminal is used for providing calculation and control capability. The memory of the intelligent terminal comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the intelligent terminal is used for being connected and communicated with an external terminal through a network. The computer program is executed by a processor to implement a method of virtually protecting a resource file. The display screen of the intelligent terminal can be a liquid crystal display screen or an electronic ink display screen, and the temperature sensor of the intelligent terminal is arranged inside the intelligent terminal in advance and used for detecting the operating temperature of internal equipment.
Those skilled in the art will appreciate that the schematic diagram of fig. 2 is only a block diagram of a part of the structure related to the solution of the present invention, and does not constitute a limitation to the intelligent terminal to which the solution of the present invention is applied, and a specific intelligent terminal may include more or less components than those shown in the figure, or combine some components, or have different arrangements of components.
In one embodiment, an intelligent terminal is provided that includes a memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs including instructions for: acquiring a resource file to be protected, and protecting the resource file to be protected to obtain a key folder; acquiring a memory of the resource file to be protected in the application, and performing virtualization processing on the memory to obtain a virtualization protection application; when the resource file to be protected needs to be used in the running process of the virtualization protection application, the resource file to be protected is acquired and called back to realize the corresponding function of the application, so that the resource file to be protected is protected.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, databases, or other media used in embodiments provided herein may include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
In summary, the present invention discloses a method, an intelligent terminal, and a storage medium for performing virtualization protection on a resource file, where the method includes: acquiring a resource file to be protected, and protecting the resource file to be protected to obtain a key folder; acquiring a memory of the resource file to be protected in the application, and performing virtualization processing on the memory to obtain a virtualization protection application; when the resource file to be protected needs to be used in the running process of the virtualization protection application, the resource file to be protected is acquired and called back to realize the corresponding function of the application, so that the resource file to be protected is protected. The embodiment of the invention can protect the core resource file in the application, extract the resource file to be protected in the application into a ZIP folder, perform virtualization processing in the corresponding space in the application to obtain the virtual file, and then call back the resource file to be protected when the resource file to be protected needs to be used in the application running process, so as to protect the resource file.
It is to be understood that the invention has been disclosed by way of example only and that modifications and alterations in the light thereof will be suggested to persons skilled in the art and are to be included within the scope of the appended claims.
Claims (10)
1. A method for performing virtualization protection on a resource file, the method comprising:
acquiring a resource file to be protected, and protecting the resource file to be protected to obtain a key folder;
acquiring a memory of the resource file to be protected in the application, and performing virtualization processing on the memory to obtain a virtualization protection application;
when the resource file to be protected needs to be used in the running process of the virtualization protection application, the resource file to be protected is acquired and called back to realize the corresponding function of the application, so that the resource file to be protected is protected.
2. The method for protecting the resource file in the virtualization manner according to claim 1, wherein the obtaining the resource file to be protected comprises:
acquiring a file name before loading of the resource file to be protected;
and acquiring the resource file to be protected according to the file name before loading.
3. The method for protecting the resource file in the virtualization manner according to claim 1, wherein the protecting the resource file to be protected to obtain the key folder comprises:
saving the resource file to be protected to a ZIP folder;
and encrypting the ZIP folder to obtain a key folder.
4. The method for virtually protecting a resource file according to claim 3, wherein the saving the resource file to be protected to a ZIP folder comprises:
acquiring a folder building instruction and generating a ZIP folder with the same structure as the application structure;
and storing the resource file to be protected in a ZIP folder.
5. The method according to claim 4, wherein the obtaining a memory of the resource file to be protected in an application and performing virtualization processing on the memory to obtain a virtualization protected application comprises:
acquiring the memory of the resource file to be protected in the application;
acquiring the ID and the virtual file of the resource file to be protected;
and storing the virtual file and the ID in the memory to obtain the virtualization protection application.
6. The method for performing virtualization protection on a resource file according to claim 5, wherein the obtaining a memory of the resource file to be protected in an application and performing virtualization processing on the memory to obtain a virtualization protection application further comprises: and storing the corresponding relation between the ID and the virtual file in a first file of the virtualization protection application.
7. The method for performing virtualization protection on a resource file according to claim 6, wherein when the resource file to be protected needs to be used in the running process of the virtualization protection application, the obtaining the resource file to be protected comprises:
loading an executable shared library file, and decrypting the key folder to obtain a decrypted folder;
acquiring a loaded file name of a resource file to be accessed, and acquiring a corresponding ID of the resource file in the first file according to the loaded file name;
and searching the corresponding resource file to be protected in the decryption folder according to the corresponding ID.
8. The method for virtually protecting a resource file according to claim 7, wherein the callback of the resource file to be protected implements a corresponding function of the application, so as to protect the resource file to be protected, including:
loading the executable shared library file and calling the resource file to be protected;
and covering the resource file to be protected with the virtual file to realize the corresponding function of the application so as to realize the protection of the resource file to be protected.
9. An intelligent terminal comprising a memory, and one or more programs, wherein the one or more programs are stored in the memory, and wherein the one or more programs being configured to be executed by the one or more processors comprises instructions for performing the method of any of claims 1-8.
10. A non-transitory computer readable storage medium having instructions therein, which when executed by a processor of an electronic device, enable the electronic device to perform the method of any one of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010847444.4A CN112052464B (en) | 2020-08-21 | 2020-08-21 | Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010847444.4A CN112052464B (en) | 2020-08-21 | 2020-08-21 | Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112052464A true CN112052464A (en) | 2020-12-08 |
| CN112052464B CN112052464B (en) | 2024-03-22 |
Family
ID=73600751
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010847444.4A Active CN112052464B (en) | 2020-08-21 | 2020-08-21 | Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112052464B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106293852A (en) * | 2016-08-19 | 2017-01-04 | 北京奇虎科技有限公司 | A kind of method and apparatus of the resource file reinforcing installation kit |
| CN108089880A (en) * | 2017-12-28 | 2018-05-29 | 北京奇虎科技有限公司 | The method, apparatus and server pre-processed to application program installation file |
| CN109657488A (en) * | 2019-02-26 | 2019-04-19 | 北京智游网安科技有限公司 | A kind of resource file cipher processing method, intelligent terminal and storage medium |
| CN109871704A (en) * | 2019-03-19 | 2019-06-11 | 北京智游网安科技有限公司 | Android resource file means of defence, equipment and storage medium based on Hook |
| CN110781462A (en) * | 2019-10-10 | 2020-02-11 | 郑州阿帕斯科技有限公司 | Resource confusion method and device |
-
2020
- 2020-08-21 CN CN202010847444.4A patent/CN112052464B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106293852A (en) * | 2016-08-19 | 2017-01-04 | 北京奇虎科技有限公司 | A kind of method and apparatus of the resource file reinforcing installation kit |
| CN108089880A (en) * | 2017-12-28 | 2018-05-29 | 北京奇虎科技有限公司 | The method, apparatus and server pre-processed to application program installation file |
| CN109657488A (en) * | 2019-02-26 | 2019-04-19 | 北京智游网安科技有限公司 | A kind of resource file cipher processing method, intelligent terminal and storage medium |
| CN109871704A (en) * | 2019-03-19 | 2019-06-11 | 北京智游网安科技有限公司 | Android resource file means of defence, equipment and storage medium based on Hook |
| CN110781462A (en) * | 2019-10-10 | 2020-02-11 | 郑州阿帕斯科技有限公司 | Resource confusion method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112052464B (en) | 2024-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8892876B1 (en) | Secured application package files for mobile computing devices | |
| KR101471589B1 (en) | Method for Providing Security for Common Intermediate Language Program | |
| US20160275019A1 (en) | Method and apparatus for protecting dynamic libraries | |
| CN111143869B (en) | Application package processing method and device, electronic equipment and storage medium | |
| CN109871704B (en) | Android resource file protection method, equipment and storage medium based on Hook | |
| WO2016078130A1 (en) | Dynamic loading method for preventing reverse of apk file | |
| US20140258717A1 (en) | Cloud application installed in client terminal connected to cloud server | |
| KR20140077188A (en) | Method for the dynamic creation of an application execution environment for securing said application, and associated computer program product and computing device | |
| US20210306304A1 (en) | Method and apparatus for distributing confidential execution software | |
| CN111193740B (en) | Encryption method, device, decryption method, computer device and storage medium | |
| US20180025177A1 (en) | Method for protecting pin code on android platform | |
| CN113553204B (en) | Data transmission method and device | |
| WO2014150339A2 (en) | Method and system for enabling communications between unrelated applications | |
| CN108595950A (en) | A kind of safe Enhancement Methods of SGX of combination remote authentication | |
| US9292708B2 (en) | Protection of interpreted source code in virtual appliances | |
| US20100153667A1 (en) | Method, computer program and electronic device | |
| CN111159658B (en) | Byte code processing method, system, device, computer equipment and storage medium | |
| CN108985096B (en) | Security enhancement and security operation method and device for Android SQLite database | |
| CN111737718A (en) | Encryption and decryption method and device for jar packet, terminal equipment and storage medium | |
| CN111382425A (en) | Application installation management method under multi-signature mechanism, intelligent terminal and storage medium | |
| CN112052464B (en) | Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium | |
| CN111931222B (en) | Application data encryption method, device, terminal and storage medium | |
| CN110046504B (en) | SO file hiding method, storage medium and device based on Linker | |
| US11061998B2 (en) | Apparatus and method for providing security and apparatus and method for executing security to protect code of shared object | |
| CN114444028A (en) | Method and device for improving code security, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |