CN112052464B - Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium - Google Patents
Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium Download PDFInfo
- Publication number
- CN112052464B CN112052464B CN202010847444.4A CN202010847444A CN112052464B CN 112052464 B CN112052464 B CN 112052464B CN 202010847444 A CN202010847444 A CN 202010847444A CN 112052464 B CN112052464 B CN 112052464B
- Authority
- CN
- China
- Prior art keywords
- protected
- resource file
- file
- application
- memory
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000012545 processing Methods 0.000 claims abstract description 28
- 230000006870 function Effects 0.000 claims abstract description 27
- 230000008569 process Effects 0.000 claims abstract description 24
- 238000010276 construction Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 5
- 238000004590 computer program Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000006835 compression Effects 0.000 description 2
- 238000007906 compression Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 239000000243 solution Substances 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The invention discloses a method for carrying out virtualization protection on a resource file, an intelligent terminal and a storage medium, wherein the method comprises the following steps: acquiring a resource file to be protected, and performing protection treatment on the resource file to be protected to obtain a key folder; acquiring a memory of the resource file to be protected in an application, and carrying out virtualization processing on the memory to obtain a virtualized protection application; when the resource file to be protected is needed to be used in the running process of the virtualized protection application, the resource file to be protected is acquired and recalled to realize the corresponding function of the application so as to protect the resource file to be protected. In the embodiment of the invention, the core resource file in the application can be protected, the virtual file is obtained by extracting the resource file to be protected and carrying out virtualization processing on the corresponding space in the application, and then the resource file to be protected is called back when the resource file to be protected is needed to be used, so that the protection of the resource file is realized.
Description
Technical Field
The present invention relates to the field of data security technologies, and in particular, to a method, an intelligent terminal, and a storage medium for performing virtualization protection on a resource file.
Background
With the development of network informatization, people pay more and more attention to data security, and in order to protect computer software data from being destroyed, altered and leaked due to accidental and malicious reasons, some measures are taken in advance to ensure the availability, integrity and confidentiality of network data.
After the mobile terminal application is released, an APK file of the mobile terminal application can be decompressed and opened through a zip or rar compression tool, the application structure is disclosed, the application comprises a directory such as dex, res, assets, lib and resource files under the directory, and therefore various resources used by the application can be stolen, copied, analyzed and disguised, and the security risk exists in the resource files of the mobile terminal application.
Accordingly, there is a need for improvement and development in the art.
Disclosure of Invention
The invention aims to solve the technical problems that the method, the intelligent terminal and the storage medium for carrying out virtualization protection on the resource file are provided for overcoming the defects in the prior art, and aims to solve the problem that the resource file applied by the mobile terminal has safety risks caused by the fact that the resource file applied in the prior art is stolen, copied, analyzed and disguised.
The technical scheme adopted by the invention for solving the problems is as follows:
in a first aspect, an embodiment of the present invention provides a method for performing virtualization protection on a resource file, where the method includes:
acquiring a resource file to be protected, and performing protection treatment on the resource file to be protected to obtain a key folder;
acquiring a memory of the resource file to be protected in an application, and carrying out virtualization processing on the memory to obtain a virtualized protection application;
when the resource file to be protected is needed to be used in the running process of the virtualized protection application, the resource file to be protected is acquired and recalled to realize the corresponding function of the application so as to protect the resource file to be protected.
In one implementation manner, the method for obtaining the resource file to be protected includes:
acquiring a file name before loading of the resource file to be protected;
and acquiring the resource file to be protected according to the file name before loading.
In one implementation manner, the protecting the resource file to be protected, to obtain a key folder includes:
saving the resource file to be protected to a ZIP folder;
and encrypting the ZIP folder to obtain a key folder.
In one implementation, the saving the resource file to be protected to the ZIP folder includes:
acquiring a folder construction instruction and generating a ZIP folder with the same application structure;
and storing the resource file to be protected in a ZIP folder.
In one implementation manner, the obtaining the memory of the resource file to be protected in the application, and performing virtualization processing on the memory, to obtain a virtualized protection application includes:
acquiring the memory of the resource file to be protected in the application;
acquiring the ID and the virtual file of the resource file to be protected;
and storing the virtual file and the ID in the memory to obtain the virtualized protection application.
In one implementation manner, the obtaining the memory of the resource file to be protected in the application, and performing virtualization processing on the memory, to obtain the virtualized protection application further includes: and storing the corresponding relation between the ID and the virtual file in a first file of the virtualization protection application.
In one implementation manner, when the resource file to be protected needs to be used in the running process of the virtualized protection application, the obtaining the resource file to be protected includes:
loading an executable shared library file, decrypting the key folder to obtain a decrypted folder;
acquiring a loaded file name of a resource file to be accessed, and acquiring a corresponding ID (identity) of the resource file in the first file according to the loaded file name;
and searching the corresponding resource file to be protected in the decryption folder according to the corresponding ID.
In one implementation, the callback to the resource file to be protected to implement protection of the resource file to be protected includes:
loading the executable shared library file and calling the resource file to be protected;
and covering the virtual file with the resource file to be protected so as to realize the protection of the resource file to be protected.
In a second aspect, an embodiment of the present invention further provides an apparatus for performing virtualization protection on a resource file, where the apparatus includes:
the resource file processing unit to be protected is used for acquiring the resource file to be protected and protecting the resource file to be protected to obtain a key folder;
the virtual file generation unit is used for obtaining the memory of the resource file to be protected in the application, and carrying out virtualization treatment on the memory to obtain a virtualized protection application;
and the callback unit is used for acquiring and callback the resource file to be protected when the resource file to be protected is required to be used in the running process of the virtualized protection application so as to realize the protection of the resource file to be protected.
In a third aspect, an embodiment of the present invention further provides an intelligent terminal, including a memory, and one or more programs, where the one or more programs are stored in the memory, and configured to be executed by the one or more processors, where the one or more programs include a method for performing the virtualized protection of a resource file according to any one of the above.
In a fourth aspect, embodiments of the present invention further provide a non-transitory computer-readable storage medium, which when executed by a processor of an electronic device, enables the electronic device to perform a method for virtualizing protecting a resource file as described in any one of the above.
The invention has the beneficial effects that: firstly, acquiring a resource file to be protected, and carrying out protection treatment on the resource file to be protected to obtain a key folder; then, acquiring a memory of the resource file to be protected in an application, and carrying out virtualization processing on the memory to obtain a virtualized protection application; finally, when the resource file to be protected is needed to be used in the running process of the virtualized protection application, the resource file to be protected is obtained and recalled to realize the corresponding function of the application so as to protect the resource file to be protected; therefore, in the embodiment of the invention, the core resource file in the application can be protected, the resource file to be protected in the application is extracted into a ZIP folder, the corresponding space in the application is virtualized to obtain the virtual file, and then the resource file to be protected is called back when the resource file to be protected is needed in the application operation process, so that the protection of the resource file is realized.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings may be obtained according to the drawings without inventive effort to those skilled in the art.
FIG. 1 is a schematic flow chart of a method for performing virtualization protection on a resource file according to an embodiment of the present invention
FIG. 2 is a schematic block diagram of an apparatus for performing virtualization protection on a resource file according to an embodiment of the present invention.
Fig. 3 is a schematic block diagram of an internal structure of an intelligent terminal according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more clear and clear, the present invention will be further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
It should be noted that, if directional indications (such as up, down, left, right, front, and rear … …) are included in the embodiments of the present invention, the directional indications are merely used to explain the relative positional relationship, movement conditions, etc. between the components in a specific posture (as shown in the drawings), and if the specific posture is changed, the directional indications are correspondingly changed.
In the prior art, after an application of a mobile terminal is released, an APK file of the application can be decompressed and opened through a zip or rar compression tool, and the structure of the application is disclosed, including a directory such as dex, res, assets, lib and a resource file under the directory, which means that various resources used by the application can be stolen, copied, analyzed and camouflaged, so that the security risk exists in the resource file of the application of the mobile terminal.
In order to solve the problems in the prior art, the present embodiment provides a method for performing virtualization protection on a resource file, by extracting a resource file to be protected into a ZIP folder, performing virtualization processing on a corresponding space in an application to obtain a virtual file, and then calling back the resource file to be protected when the resource file to be protected is needed in the application running process, so as to realize protection on the resource file. In practice, the resource file refers to a resource file in an application, such as an APK of a mobile terminal, where the APK is an application package file format used by an Android operating system, and is used for distributing and installing mobile applications and middleware. Code of an Android application program is expected to run on an Android device, and the code must be compiled first and then packaged into a file which can be identified by an Android system and can be run, and the file format which can be identified and run by the Android system is "APK". An APK file contains compiled code files (.dex files), file resources (resources), native resource files (assets), certificates (certificates), and manifest files (manifest files). When the method is implemented, firstly, a resource file to be protected is obtained, and protection treatment is carried out on the resource file to be protected to obtain a key folder; then, acquiring a memory of the resource file to be protected in an application, and carrying out virtualization processing on the memory to obtain a virtualized protection application; and finally, when the resource file to be protected is needed to be used in the running process of the virtualized protection application, acquiring and calling back the resource file to be protected to realize the corresponding function of the application so as to protect the resource file to be protected.
For example, the original APK structure includes the following list: the parameters, lib, res, class. Dex, androidManifest, xml, resources. Firstly extracting resource files to be protected in the categories of the assets, the libs and the res to the patch.zip folder, and then carrying out protection processing on the patch.zip folder to generate the patch.zip folder. In this way, the memory in the original APK, from which the resource file to be protected is extracted, is empty, at this time, the virtual file and the ID corresponding to the resource file to be protected are replaced in the memory, if there are multiple extracted resource files to be protected, at this time, the multiple virtual files are replaced in the memory according to the ID corresponding order, for example, the ID of the first virtual file is 1, which replaces the memory corresponding to the first resource file to be protected, the ID of the second virtual file is 2, which replaces the memory corresponding to the second resource file to be protected. The patch.so is copied in a subdirectory of the lib directory in the original APK structure. When the virtualized protection application needs to use the resource file to be protected in the running process, a small code is inserted into a class. Dex decompilation entry for loading the patch. So, the patch. So file can realize the decorotection processing of the encrypted patch. Zip folder, and meanwhile, the patch. So file can be used for HOOK to an export function and an import function of an Android system access resource to take over an Android system running resource access interface. The HOOK function can process (change) the execution behavior of the function and can force the end of the message transfer. After taking over, when the virtualized Apk application running program accesses a certain resource file to be protected, the corresponding resource file to be protected is obtained, otherwise, when the virtualized Apk application running program does not need to access the resource file to be protected, the memory of the virtualized Apk application running is an empty file, even if the memory is externally HOOK, the HOOK-to-HOOK file is unidentifiable, the leakage and the theft of the resource file cannot be caused, and the core function in the application is extracted into another folder to be protected, so that the protection of the resource file to be protected in the Apk application is realized.
Exemplary method
The embodiment provides a method for carrying out virtualization protection on a resource file, which can be applied to an intelligent terminal for data security protection. As shown in fig. 1, the method includes:
step S100, obtaining a resource file to be protected, and carrying out protection treatment on the resource file to be protected to obtain a key folder;
firstly, a technician determines resource files to be protected and the number of the resource files to be protected according to the importance of the resource files in the application, then obtains all the resource files to be protected, stores the resource files in sequence according to a certain relation, and performs protection treatment on the stored folders to ensure the safety of the folders, wherein the protection treatment method can be encryption or shell-added files, and is not limited in particular, and in addition, the encryption method can be an encryption algorithm or simple AND or operation, and is not limited in particular. The key folder can be obtained after the above processing.
In practice, after the technician determines the resource files to be protected, the technician needs to find the resource files to be protected in the original APK application, and in one implementation manner, the obtaining the resource files to be protected includes the following steps:
step S101, acquiring a file name before loading of the resource file to be protected;
and step S102, acquiring the resource file to be protected according to the file name before loading.
After the technician determines the resource file to be protected, inputting an instruction containing the file name of the resource file to be protected into the terminal, so that the terminal can acquire all the file names before loading of the resource file to be protected, and according to the file names before loading, searching the file names before loading in files in an assembly catalog, files in lib and files in res in an original APK structure, and according to the file names before loading, the terminal can acquire the resource file to be protected in the corresponding files in the assembly catalog.
Considering that the obtained resource file to be protected may have leakage and theft in other unpredictable ways, protection processing is required, and the method for protecting the resource file to be protected to obtain the key folder includes the following steps:
step S111, saving the resource file to be protected to a ZIP folder;
and step S112, encrypting the ZIP folder to obtain a key folder.
In order to ensure the absolute security of the resource file to be protected, after the resource file to be protected is obtained, the resource file to be protected is saved in a ZIP folder, which is a folder independent of the APK application, and when the APK application is running, the ZIP folder is not loaded, so that the ZIP folder has a certain security with respect to the folder loaded in the application. In addition, in consideration of the fact that other unpredictable factors may be stolen or leaked, the ZIP folder is encrypted to obtain the key folder, and the encryption method can be obtained by adopting an encryption algorithm or a simple AND or mode. The encryption algorithm may be DES encryption algorithm, AES encryption algorithm, RSA encryption algorithm, base64 encryption algorithm, MD5 encryption algorithm, SHA1 encryption algorithm, which is not particularly limited. The DES encryption algorithm has the advantage of faster speed. The AES encryption algorithm has the advantages of high speed and high security level. The RSA encryption algorithm is a public key algorithm that supports variable length keys. Base64 encryption algorithm.
Considering that after the protection process, when the APK application needs to use the resource file to be protected in the actual running process, the resource file to be protected needs to be found according to a certain corresponding relationship, so the saving the resource file to be protected to the ZIP folder in this embodiment includes the following steps:
step S1111, acquiring a folder construction instruction and generating a ZIP folder with the same application structure;
step S1112, storing the resource file to be protected in a ZIP folder.
In practice, when a technician inputs an instruction for building a folder to a terminal, the terminal receives and obtains the instruction for building the folder, and builds a patch.zip folder, considering that the resource files to be protected stored in the patch.zip folder originate from an original APK application, after the program runs, the APK application recalls the resource files to be protected, so that for convenience in searching the resource files to be protected, the resource files to be protected need to be stored in the patch.zip folder according to a certain relationship, and the relationship must be matched with the resource files under the sub-directory in the original APK structure, so that in order to build a folder of the relationship, the architecture of the patch.zip folder and the APK structure are similar. And then, storing the resource file to be protected in the patch. Zip folder. Thus, convenience is provided for readjusting back the resource file to be protected in the subsequent program loading process.
After the resources to be protected in the APK application are pumped away, the memory space occupied before the resources to be protected in the APK application needs to be processed, step S200 shown in fig. 1 is executed, the memory of the resource file to be protected in the application is obtained, and the memory is subjected to virtualization processing, so that the virtualized protection application is obtained.
In practice, since the sub-directory packages/, lib/, res/under the original APK structure are extracted, the memory space under the sub-directory packages/, lib/, res/under the original APK structure is free, and in order to implement the virtualized protection, the sub-directory packages/, lib/, res/under the original APK structure are subjected to the virtualized processing, and the APK application after the virtualized processing becomes the virtualized protection application.
In order to implement the virtualization processing to obtain the above virtualized application, the following operations are required, and in this embodiment, obtaining a memory of the resource file to be protected in the application, and performing virtualization processing on the memory to obtain a virtualized protection application includes the following steps:
step S201, obtaining the memory of the resource file to be protected in the application;
step S202, obtaining the ID and the virtual file of the resource file to be protected;
and step 203, storing the virtual file and the ID in the memory to obtain a virtualized protection application.
In practice, the APK application needs to be loaded in the program running process, and considering that when the APK application needs to use the resource file in the loading process, the resource file needs to be correspondingly tuned back, so that the memory space of the folder from which the resource file is extracted in the APK structure is not empty, and therefore, the memory space needs to be filled. Therefore, the memory space of the resource file is required to be extracted from the sub-directory packages/, lib/, res/under the APK structure. Considering that when the program finally calls the resource file to be protected, the resource file to be protected needs to be called back according to a certain corresponding relation, and the following operations are performed in the step of extracting the resource file to be protected: if the resource file to be protected is set to an ID, then the ID of the first extracted resource file may be set to 1, the ID of the second extracted resource file may be set to 2, and so on, and then after the memory space of the resource file to be protected in the application has elapsed, the ID of the resource file to be protected needs to be obtained. In addition, the memory space needs to be filled with folders, so that the terminal needs to acquire the virtual file first. And a protection code can be injected into the virtual file, such as frame injection, or library function judgment is added, if the virtual file is not a library of the virtual file, loading is not allowed, so that even if the resource file to be protected is called back by the APK application, the resource file to be protected can be prevented from being subjected to FISHHOOK, and the safety of the resource file to be protected in the APK application can be better ensured. After the terminal acquires the memory space and the virtual file, the memory space and the virtual file are stored together in the memory space, so that the APK application becomes a virtualized protection APK application.
The corresponding relation between the ID and the resource file to be protected is confirmed, so that in order to enable the APK application to call back the resource file to be protected, the corresponding relation between the ID and the virtual file needs to be established, therefore, the memory of the resource file to be protected in the application is obtained, the memory is virtualized, and the virtualized protection application further comprises the following steps: step S211, storing the correspondence between the ID and the virtual file in the first file of the virtualization protection application.
In practice, the ID and the resource file correspond to the first extracted resource file according to the ID number 1, the ID number 2 corresponds to the second extracted resource file, and so on. When the APK application needs to use the resource file to be protected in operation, the resource file to be protected needs to be accurately called back, and then the same needs to be called back to a place corresponding to the APK application according to the ID corresponding relation, so that virtual files placed in a corresponding memory of the APK application need to be stored in the same mode. In order to facilitate callback of the resource file to be protected, the corresponding relationship between the ID and the virtual file needs to be stored in the first file of the virtualized protection application. That is, the ID of the virtual file stored in the memory space of the first extracted resource file in the original APK application corresponds to 1, the ID of the virtual file stored in the memory space of the second extracted resource file in the original APK application corresponds to 2, and so on.
Considering that the purpose of the virtual protection APK application running in the program is to protect the resource file to be protected, if the resource file to be protected is to be used or the resource file to be protected is to be called back in actual running, the following steps as shown in fig. 1 need to be performed:
and step 300, when the resource file to be protected is needed to be used in the running process of the virtualized protection application, acquiring and calling back the resource file to be protected to realize the corresponding function of the application so as to protect the resource file to be protected.
In practice, the resource files to be protected in the APK application are all protected, and the corresponding memory space in the application is all empty files, so that even if the empty files are attacked by fishook, the resource files to be protected are not revealed or stolen. However, when a specific function is to be realized in the running process of the APK application, the resource file to be protected needs to be called, at this time, the resource file to be protected needs to be obtained from the key folder, and then the resource file to be protected is restored to the original memory position in the APK application in a callback mode, so that the corresponding function of the APK application is realized, and meanwhile, the resource file to be protected is protected.
Because the resource file to be protected is correspondingly protected, the resource file to be protected needs to be acquired first when the resource file to be protected is actually returned, and therefore, when the resource file to be protected needs to be used in the running process of the virtualized protection application, the step of acquiring the resource file to be protected in the embodiment includes the following steps:
step S301, loading an executable shared library file, decrypting the key folder to obtain a decrypted folder;
step S302, obtaining a loaded file name of a resource file to be accessed, and obtaining a corresponding ID of the resource file in the first file according to the loaded file name;
and step S303, searching the corresponding resource file to be protected in the decryption folder according to the corresponding ID.
Because the resource file to be protected is protected in order to realize the protection of the resource file to be protected, the resource file to be protected needs to be acquired first when the resource file to be protected is called. In addition, since the resource file to be protected is stored in the key folder, it is necessary to decrypt it first. Specifically, firstly, an executable file library file is loaded, and the key folder is decrypted to obtain a decrypted folder. The decryption algorithm corresponds to the encryption algorithm and is a reverse algorithm, and is not limited in this regard. Then, when the APK application needs to call a resource file in operation, generating a file name of the resource file to be accessed, acquiring a loaded file name of the resource file to be accessed by a terminal, and searching in the first file according to the loaded file name to find a corresponding ID; then the corresponding ID of the loaded file name is found to be 5, and then the corresponding extracted resource file is the 5 th resource file, so as to find the corresponding resource file to be protected.
When the terminal obtains the resource file to be protected, a callback is needed to be performed to realize the corresponding function, so that the callback in the embodiment realizes the corresponding function of the application on the resource file to be protected, and the protection of the resource file to be protected comprises the following steps:
step S311, loading the executable shared library file, and calling the resource file to be protected to realize the corresponding function of the application;
step S312, the resource file to be protected is covered on the virtual file, so that the resource file to be protected is protected.
In practice, when the resource file to be protected is obtained, in this embodiment, for example, the resource file to be protected is the 5 th extracted resource file, and then the corresponding function of APK can be implemented only when callback is performed on the 5 th extracted resource file. Therefore, the executable shared library file needs to be loaded again, the resource file to be protected, such as the 5 th extracted resource file, is called, and then in the APK original structure, the 5 th extracted resource file is covered in the virtual file corresponding to the memory space, so that the corresponding function of the 5 th extracted resource file, such as a voice function, a video function, and the like, can be realized, which is not limited further herein. Thus, when the APK application does not use the resource to be protected, the resource file to be protected is protected in another safe folder, and encryption processing is carried out, so that the safety of the resource file is ensured; when the APK application uses the resource file to be protected, the resource file to be protected is called, and at the moment, the internal HOOK is the resource file to be protected at the first time, so that the internal HOOK is not easy to obtain by other FISHHOOK, and the function of protecting the security of the resource file to be protected is also achieved.
Exemplary apparatus
As shown in fig. 2, an embodiment of the present invention provides an apparatus for performing virtualization protection on a resource file, where the apparatus includes: the resource file processing unit 201 to be protected, the virtual file generating unit 202 and the callback unit 203. Specifically, a resource file processing unit 201 to be protected is configured to obtain a resource file to be protected, and perform protection processing on the resource file to be protected to obtain a key folder; the virtual file generating unit 202 obtains the memory of the resource file to be protected in the application, and performs virtualization processing on the memory to obtain a virtualized protection application; and the callback unit 203 is configured to obtain and callback the resource file to be protected to implement a corresponding function of the application when the resource file to be protected needs to be used in the running process of the virtualized protection application, so as to protect the resource file to be protected.
Based on the above embodiment, the present invention also provides an intelligent terminal, and a functional block diagram thereof may be shown in fig. 3. The intelligent terminal comprises a processor, a memory, a network interface, a display screen and a temperature sensor which are connected through a system bus. The processor of the intelligent terminal is used for providing computing and control capabilities. The memory of the intelligent terminal comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The network interface of the intelligent terminal is used for communicating with an external terminal through network connection. The computer program, when executed by a processor, implements a method for virtualizing protecting resource files. The display screen of the intelligent terminal can be a liquid crystal display screen or an electronic ink display screen, and a temperature sensor of the intelligent terminal is arranged in the intelligent terminal in advance and used for detecting the running temperature of internal equipment.
It will be appreciated by those skilled in the art that the schematic diagram in fig. 2 is merely a block diagram of a portion of the structure related to the present invention and is not limiting of the smart terminal to which the present invention is applied, and that a specific smart terminal may include more or less components than those shown in the drawings, or may combine some components, or have a different arrangement of components.
In one embodiment, a smart terminal is provided that includes a memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs comprising instructions for: acquiring a resource file to be protected, and performing protection treatment on the resource file to be protected to obtain a key folder; acquiring a memory of the resource file to be protected in an application, and carrying out virtualization processing on the memory to obtain a virtualized protection application; when the resource file to be protected is needed to be used in the running process of the virtualized protection application, the resource file to be protected is acquired and recalled to realize the corresponding function of the application so as to protect the resource file to be protected.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), memory bus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
In summary, the invention discloses a method for carrying out virtualization protection on a resource file, an intelligent terminal and a storage medium, wherein the method comprises the following steps: acquiring a resource file to be protected, and performing protection treatment on the resource file to be protected to obtain a key folder; acquiring a memory of the resource file to be protected in an application, and carrying out virtualization processing on the memory to obtain a virtualized protection application; when the resource file to be protected is needed to be used in the running process of the virtualized protection application, the resource file to be protected is acquired and recalled to realize the corresponding function of the application so as to protect the resource file to be protected. The method and the device can protect the core resource files in the application, the resource files to be protected in the application are pulled out to a ZIP folder, the corresponding space in the application is virtualized to obtain the virtual files, and then the resource files to be protected are called back when the resource files to be protected are needed in the application operation process, so that the resource files are protected.
It is to be understood that the present invention discloses a kind of application of the present invention which is not limited to the examples described above, but may be modified or changed by those skilled in the art based on the above description, and all such modifications and changes should fall within the scope of the appended claims.
Claims (6)
1. A method for virtualizing and protecting a resource file, the method comprising:
acquiring a resource file to be protected, and performing protection treatment on the resource file to be protected to obtain a key folder;
acquiring a memory of the resource file to be protected in an application, and carrying out virtualization processing on the memory to obtain a virtualized protection application;
when the resource file to be protected is needed to be used in the running process of the virtualized protection application, the resource file to be protected is acquired and recalled, so that the resource file to be protected is restored to an original memory position in the application, the corresponding function of the application is realized, and the protection of the resource file to be protected is realized;
the step of protecting the resource file to be protected to obtain a key folder comprises the following steps: saving the resource file to be protected to a ZIP folder; encrypting the ZIP folder to obtain a key folder;
the step of saving the resource file to be protected to the ZIP folder comprises the following steps: acquiring a folder construction instruction and generating a ZIP folder with the same application structure; storing the resource file to be protected in a ZIP folder;
the obtaining the memory of the resource file to be protected in the application, and carrying out virtualization processing on the memory, the obtaining the virtualized protection application includes: acquiring the memory of the resource file to be protected in the application; acquiring the ID and the virtual file of the resource file to be protected; storing the virtual file and the ID in the memory to obtain a virtualized protection application;
the obtaining the memory of the resource file to be protected in the application, and carrying out virtualization processing on the memory, and obtaining the virtualized protection application further comprises: and storing the corresponding relation between the ID and the virtual file in a first file of the virtualization protection application.
2. The method for virtualizing and protecting a resource file according to claim 1, wherein the obtaining the resource file to be protected comprises:
acquiring a file name before loading of the resource file to be protected;
and acquiring the resource file to be protected according to the file name before loading.
3. The method for performing virtualization protection on a resource file according to claim 1, wherein when the resource file to be protected needs to be used in the running process of the virtualization protection application, obtaining the resource file to be protected includes:
loading an executable shared library file, decrypting the key folder to obtain a decrypted folder;
acquiring a loaded file name of a resource file to be accessed, and acquiring a corresponding ID (identity) of the resource file in the first file according to the loaded file name;
and searching the corresponding resource file to be protected in the decryption folder according to the corresponding ID.
4. A method for virtualizing and protecting a resource file according to claim 3, wherein said calling back the resource file to be protected to implement the function corresponding to the application, so as to protect the resource file to be protected includes:
loading the executable shared library file and calling the resource file to be protected;
and covering the resource file to be protected with the virtual file to realize the corresponding function of the application so as to realize the protection of the resource file to be protected.
5. An intelligent terminal comprising a memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by one or more processors, the one or more programs comprising instructions for performing the method of any of claims 1-4.
6. A non-transitory computer readable storage medium, which when executed by a processor of an electronic device, causes the electronic device to perform the method of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010847444.4A CN112052464B (en) | 2020-08-21 | 2020-08-21 | Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010847444.4A CN112052464B (en) | 2020-08-21 | 2020-08-21 | Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112052464A CN112052464A (en) | 2020-12-08 |
| CN112052464B true CN112052464B (en) | 2024-03-22 |
Family
ID=73600751
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010847444.4A Active CN112052464B (en) | 2020-08-21 | 2020-08-21 | Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112052464B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106293852A (en) * | 2016-08-19 | 2017-01-04 | 北京奇虎科技有限公司 | A kind of method and apparatus of the resource file reinforcing installation kit |
| CN108089880A (en) * | 2017-12-28 | 2018-05-29 | 北京奇虎科技有限公司 | The method, apparatus and server pre-processed to application program installation file |
| CN109657488A (en) * | 2019-02-26 | 2019-04-19 | 北京智游网安科技有限公司 | A kind of resource file cipher processing method, intelligent terminal and storage medium |
| CN109871704A (en) * | 2019-03-19 | 2019-06-11 | 北京智游网安科技有限公司 | Android resource file means of defence, equipment and storage medium based on Hook |
| CN110781462A (en) * | 2019-10-10 | 2020-02-11 | 郑州阿帕斯科技有限公司 | Resource confusion method and device |
-
2020
- 2020-08-21 CN CN202010847444.4A patent/CN112052464B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106293852A (en) * | 2016-08-19 | 2017-01-04 | 北京奇虎科技有限公司 | A kind of method and apparatus of the resource file reinforcing installation kit |
| CN108089880A (en) * | 2017-12-28 | 2018-05-29 | 北京奇虎科技有限公司 | The method, apparatus and server pre-processed to application program installation file |
| CN109657488A (en) * | 2019-02-26 | 2019-04-19 | 北京智游网安科技有限公司 | A kind of resource file cipher processing method, intelligent terminal and storage medium |
| CN109871704A (en) * | 2019-03-19 | 2019-06-11 | 北京智游网安科技有限公司 | Android resource file means of defence, equipment and storage medium based on Hook |
| CN110781462A (en) * | 2019-10-10 | 2020-02-11 | 郑州阿帕斯科技有限公司 | Resource confusion method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112052464A (en) | 2020-12-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6888011B2 (en) | Mobile device with a reliable execution environment | |
| CN108810894B (en) | Terminal authorization method, device, computer equipment and storage medium | |
| CN107659632B (en) | File encryption and decryption method and device and computer readable storage medium | |
| US8892876B1 (en) | Secured application package files for mobile computing devices | |
| AU2012337403B2 (en) | Cryptographic system and methodology for securing software cryptography | |
| US9536063B2 (en) | Methods and apparatus for protecting software from unauthorized copying | |
| CN111143869B (en) | Application package processing method and device, electronic equipment and storage medium | |
| WO2016078130A1 (en) | Dynamic loading method for preventing reverse of apk file | |
| US20160275019A1 (en) | Method and apparatus for protecting dynamic libraries | |
| EP2420949A1 (en) | Information processing system, information processing method, information processing program, computer readable medium and computer data signal | |
| CN111193740B (en) | Encryption method, device, decryption method, computer device and storage medium | |
| CN107430650B (en) | Securing computer programs against reverse engineering | |
| US20210306304A1 (en) | Method and apparatus for distributing confidential execution software | |
| US9935766B2 (en) | Processor and processor system | |
| WO2014150339A2 (en) | Method and system for enabling communications between unrelated applications | |
| CN111191195A (en) | Method and device for protecting APK | |
| CN108959943B (en) | Method, device, apparatus, storage medium and corresponding vehicle for managing an encryption key | |
| US9292708B2 (en) | Protection of interpreted source code in virtual appliances | |
| CN111159658B (en) | Byte code processing method, system, device, computer equipment and storage medium | |
| CN108133147B (en) | Method and device for protecting executable code and readable storage medium | |
| CN108985096B (en) | Security enhancement and security operation method and device for Android SQLite database | |
| CN112052464B (en) | Method for carrying out virtualization protection on resource file, intelligent terminal and storage medium | |
| CN108521419B (en) | Access processing method and device for monitoring system file and computer equipment | |
| US11061998B2 (en) | Apparatus and method for providing security and apparatus and method for executing security to protect code of shared object | |
| CN111931222A (en) | Application data encryption method, device, terminal and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |