WO2018068633A1 - 一种防重打包的方法及其装置 - Google Patents

一种防重打包的方法及其装置 Download PDF

Info

Publication number
WO2018068633A1
WO2018068633A1 PCT/CN2017/103403 CN2017103403W WO2018068633A1 WO 2018068633 A1 WO2018068633 A1 WO 2018068633A1 CN 2017103403 W CN2017103403 W CN 2017103403W WO 2018068633 A1 WO2018068633 A1 WO 2018068633A1
Authority
WO
WIPO (PCT)
Prior art keywords
installation package
digital watermark
watermark information
repackaged
consistent
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2017/103403
Other languages
English (en)
French (fr)
Chinese (zh)
Inventor
陈耀光
王加水
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to EP17859699.5A priority Critical patent/EP3528149B1/en
Priority to KR1020197013506A priority patent/KR102192880B1/ko
Priority to SG11201903264RA priority patent/SG11201903264RA/en
Priority to JP2019520118A priority patent/JP6746156B2/ja
Priority to PL17859699T priority patent/PL3528149T3/pl
Priority to ES17859699T priority patent/ES2874781T3/es
Publication of WO2018068633A1 publication Critical patent/WO2018068633A1/zh
Priority to US16/381,857 priority patent/US10685117B2/en
Priority to PH12019500785A priority patent/PH12019500785A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/106Enforcing content protection by specific content processing
    • G06F21/1063Personalisation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Definitions

  • the present application relates to the field of computer technology, and in particular, to a method and apparatus for anti-heavy packing.
  • the process of repackaging is as shown in Figure 1: First, the original installation package is decompiled to obtain the source code of the original installation package, and then the user modifies the source code, for example, adding other code, the added code may be Advertisements can also be programs that automatically download malware, etc. Finally, the modified files are repackaged to obtain a repackaged installation package.
  • the anti-repackaging method can verify whether the installation package is repackaged by verifying the self-signature of the installation package, and the specific verification process is as shown in FIG. 2:
  • the target files in the installation package will be run, and the security dynamic library in the installation package will also be loaded.
  • some verification information will be used.
  • the verification information includes: the self-signed of the original installation package corresponding to the installation package. Since the operating system provides an interface for verifying the self-signed installation package, the operating system obtains the self-signature of the installation package from the target file, and obtains the self-signature of the original installation package from the security dynamic library, and then verifies the installation package.
  • the self-signature is consistent with the self-signature of the original installation package, if it is consistent, it is determined that the installation package is the original installation package, and if it is inconsistent, it is determined that the installation package is a repackaged installation package.
  • the anti-repackaging method may further be: the operating system calculates a hash value of the installation package installed this time, and checks the hash value, specifically, the hash value and Compare the hash values of the original installation package. If they are consistent, determine that the installation package is the original installation package. If they are inconsistent, determine that the installation package is a repackaged installation package.
  • the above two prior art anti-repackaging methods must be built under a fully trusted operating system to effectively prevent repackaging.
  • the operating system is modified so that the operating system does not perform the process of verifying the installation package self-signature, and the process of verifying the installation package hash value is not performed, so that whether the installation package downloaded by the user is a repackaged installation package, the operation The system will default to the original installation package.
  • the memory occupied by the installation package to be installed may be large, so that the operating system may affect the verification efficiency of the operating system when calculating the hash value of the installation package.
  • the present application provides a method for anti-repackaging and a device thereof for solving the problem that the system self-signs by verifying the installation package in the prior art, and sometimes cannot effectively verify whether the installation package is repackaged.
  • the system checks whether the installation package is repackaged by calculating the hash value of the installation package, sometimes the installation package occupies a large memory, resulting in a low verification efficiency.
  • the application provides a method for anti-heavy packaging, the method comprising:
  • the present application also provides a device for anti-heavy packing, the device comprising:
  • Run unit and execution unit where:
  • the running unit runs an object file in the installation package and loads a security dynamic library in the installation package;
  • the execution unit performs the following steps according to the code in the object file:
  • the installation package itself includes a verification code.
  • the operating system acquires the digital watermark information embedded in the target file according to the code, and obtains the installation package.
  • the installation package itself contains the code for verifying whether the installation package is repackaged, no matter how the operating system is modified, the process of verifying the installation package cannot be avoided, and the prior art is solved by the system.
  • the installation package is self-signed to verify that the installation package is repackaged, the system sometimes bypasses the process of verifying the installation self-signature, which makes it impossible to effectively verify whether the installation package is repackaged.
  • the method for verifying whether the installation package is repackaged by calculating the installation package hash value is compared with the prior art. It is more efficient to apply to verify that the installation package is repackaged.
  • FIG. 1 is a schematic flow chart of a method for repackaging provided by the prior art
  • FIG. 2 is a schematic flow chart of a method for preventing heavy packing provided by the prior art
  • FIG. 3 is a schematic flowchart diagram of a method for anti-heavy packing according to an embodiment of the present application
  • FIG. 4 is a schematic flowchart of embedding digital watermark information in an object file according to an embodiment of the present application.
  • FIG. 5 is a schematic flowchart diagram of another method for anti-repackaging according to an embodiment of the present application.
  • FIG. 6 is a schematic flowchart of a method for searching for digital watermark information according to an embodiment of the present disclosure
  • FIG. 7 is a schematic flowchart diagram of still another method for anti-repackaging according to an embodiment of the present application.
  • FIG. 8 is a schematic flowchart diagram of still another method for anti-repackaging according to an embodiment of the present application.
  • FIG. 9 is a schematic structural diagram of a device for preventing heavy packing according to an embodiment of the present application.
  • the present invention provides a method for anti-repackaging, which is used to solve the problem in the prior art that the system self-signs by verifying the installation package, and sometimes cannot effectively verify whether the installation package is repackaged, and solves the problem in the prior art.
  • the system verifies that the installation package is repackaged by calculating the hash value of the installation package, sometimes the installation package occupies a large memory, resulting in low verification efficiency.
  • the specific process of the method is shown in FIG. 3, and specifically includes the following steps:
  • Step 301 Run the target file in the installation package and load the secure dynamic library in the installation package.
  • the operating system runs the target file in the installation package and simultaneously loads the security dynamic library in the installation package.
  • the object file is a target file compiled according to preset code, and digital watermark information is embedded in the compiled object file.
  • the digital watermark information may be a string, or may be an instruction, etc.
  • the security dynamic library stores verification information about the installation package, and the verification information is used to verify whether the installation package is a repackaged installation package.
  • the method of embedding the digital watermark information in the target file may be embedding the digital watermark information at the end of the target file, or embedding the digital watermark information at other positions of the target file.
  • the above operating system may be an Android system
  • the target file may be a dex file
  • the dex file is specifically an executable file type of the Android system, which is written in java code
  • the secure dynamic library may be a so library, written in c/c++. It is usually stored in the so library with some security information, for example, verification information.
  • the so library is loaded by the operating system; or the operating system can be windows
  • the target file can be exe Files
  • security dynamic libraries are dll libraries, etc.
  • the operating system, object files, and dynamic security libraries are not limited here.
  • the target file is a dex file
  • the digital watermark information is embedded in the target file
  • the target file is recalculated according to the digital watermark information.
  • the corresponding value of the checksum, signature, file size, etc. of the header is a dex file
  • the installation package is a repackaged installation package
  • the user when the user repackages the original installation package, although the user can modify the code of the original file in the original installation package, the original installation package is in the secure dynamic library.
  • the verification information is not easy to be modified, so the verification information of the original installation package will still be saved in the security dynamic library of the installation package.
  • the verification information stored in the secure dynamic library may be digital watermark information embedded in the original file. The specific reason is as shown in FIG. 5:
  • the original installation package When the original installation package is repackaged, the original installation package needs to be decompiled to obtain the source code file corresponding to the original installation package. Since the digital watermark information is compiled into the original file according to the preset code, it is embedded into the original installation package. In the original file, therefore, in the process of decompiling the original installation package, the digital watermark information A will be lost, and then the user modifies the source code file, as shown in FIG. 5, which may be to add other code. At the same time, in order to disguise the repackaged identity of the installation package, the user also embeds the digital watermark information B in the source code file. Finally, the source code file is repackaged, and the repackaged installation package is still stored in the secure dynamic library. There is verification information A. Therefore, the digital watermark information A can be used as an identifier of the original installation package for verifying whether the installation package is repackaged.
  • Step 302 Perform the following steps according to the code in the target file:
  • the method for the operating system to obtain the digital watermark information of the target file according to the code in the target file is as shown in FIG. 6 : determining the starting address of the digital watermark information in the target file according to the original length of the target file. And obtaining the digital watermark information from the target file according to the starting address, where the original length of the target file is the length of the target file before the digital watermark information is embedded.
  • the operating system After the operating system obtains the digital watermark information and obtains the verification information from the security dynamic library, according to the digital watermark information and the verification information, it is verified whether the installation package is a repackaged installation package, and the specific verification method may be performed by digital watermark information.
  • the type is determined as shown in Table 1:
  • the digital watermark information is a character string
  • verify whether the digital watermark information is consistent with the verification information If they are consistent, it is determined that the installation package is the original installation package. If they are inconsistent, it is determined that the installation package is a repackaged installation package.
  • the string may be a fixed length string or a string of random length.
  • the digital watermark information is a fixed length string, directly verify whether the string is consistent with the verification information in the security dynamic library; or calculate whether the watermark value corresponding to the current download installation package is consistent with the verification information in the security dynamic library, such as Figure 7 shows the method of verifying whether the installation package is repackaged by calculating the watermark value in the dex file, as follows:
  • the Dex file includes a dex header and a dex body.
  • the dex header contains data size and data off, the dex body contains data, and the data size indicates the size of the data, and the data off indicates the offset of the data.
  • the digital watermark information is embedded in the original dex file.
  • the code corresponding to the data part of the dex body is modified, and the digital watermark embedded in the original dex file is modified.
  • the information will be lost, and the size of the data will change.
  • the value corresponding to the data size in the dex header will change.
  • the original dex file will be repackaged, or it can be corresponding to other parts of the dex body except data.
  • the digital watermark information embedded in the original dex file will be lost, and the position of the data in the dex body will be offset (as shown in Figure 7), then the value corresponding to the data off in the dex header Will change.
  • the calculation method of the watermark value corresponding to the original installation package is “data size+data off”, that is, the watermark value is the value corresponding to the data size plus the value corresponding to the data off.
  • the value corresponding to data off or data size changes, and the watermark value corresponding to the repackaged installation package also changes.
  • the operating system only needs to verify the repackaged installation. Whether the watermark value corresponding to the packet is consistent with the verification information in the security dynamic library, it can be determined whether the installation package is repackaged.
  • the calculation method of the watermark value is only an exemplary description. In practical applications, the calculation method of the watermark value may be set according to actual conditions, for example, “data size-data off” or “data size/data off”. ",and many more.
  • the operating system can accurately determine whether the installation package is repackaged according to the watermark value of the installation package.
  • the length of the string may be calculated first, and then the length of the string is verified to be consistent with the length of the verification information in the secure dynamic library. If not, the installation is directly determined.
  • the package is a repackaged installation package. If it is consistent, verify that the string is consistent with the verification information in the security dynamic library. If it is still consistent, determine that the installation package is the original installation package. If they are inconsistent, determine that the installation package is Repackaged installation package.
  • the first method is similar to the method for verifying the installation package when the digital watermark information is a character string, that is, the operating system verifies whether the instruction is consistent with the verification information in the security dynamic library. If they are consistent, it is determined that the installation package is the original installation. If the package is inconsistent, it is determined that the installation package is a repackaged installation package.
  • the operating system performs the corresponding operation according to the instruction, obtains the operation result, and then verifies whether the operation result is consistent with the verification information. If they are consistent, it is determined that the installation package is the original installation package, and if not, the installation is determined.
  • the package is a repackaged installation package.
  • the instruction may be “Querying the content in the XX address, whether it is consistent with the verification information in the security dynamic library”, and the operating system queries the content corresponding to the address from the XX address in the target file according to the instruction (operation result) And verify that the content is consistent with the verification information in the security dynamic library. If they are consistent, it is determined that the installation package is the original installation package. If they are inconsistent, it is determined that the installation package is a repackaged installation package.
  • the operating system performs a corresponding operation according to the instruction, obtains an operation result, verifies whether the operation result is consistent with the operation result in the verification information, and verifies whether the instruction is consistent with the instruction in the verification information, if twice If the result of the verification is "consistent", it is determined that the installation package is the original installation package. If the result of any verification in the two verifications is "inconsistent", or the result of the two verifications is "inconsistent”, then it is determined that The installation package is a repackaged installation package.
  • the verification method is illustrated by a simple example. It is assumed that the operation result in the verification information in the security dynamic library is "2", and the operation instruction is "1+1", and the target file is The instruction corresponding to the digital watermark information is “3-1”. After the operating system performs the operation according to the instruction, the obtained operation result is also “2”. If the operating system only verifies whether the operation result is consistent with the operation result in the verification information, It will be mistaken that the package is the original installation package, but if the operating system also verifies that the instructions in the instruction and the verification information are consistent, it will accurately determine whether the installation package is repackaged.
  • the instruction corresponding to the digital watermark information in the above object file may be a simple "return” instruction, or another instruction that implements interaction with the operating system.
  • the instruction may be "letting the operating system verify the target file self-signature and security dynamics. Whether the verification information in the library is consistent, for example, the instruction may also be "allowing the operating system to verify the length of the target file before embedding the digital watermark information, whether it is consistent with the saved verification information in the secure dynamic library", etc. Set the command according to the user's needs.
  • the installation package is a repackaged installation package
  • digital watermark information is embedded in the original file corresponding to the installation package
  • the foregoing content shows that the process of repackaging the original installation package is known.
  • the digital watermark information in the original installation package will be lost. If the user does not add the digital watermark information after modifying the code of the original file, the operating system only needs to query the code according to the code in the installation package. Whether the digital watermark information is present in the target file in the installation package.
  • the method for verifying the installation package is only an exemplary description. In practical applications, there are many types of digital watermark information, and there are many corresponding verification methods, which are not specifically limited herein.
  • the installation package itself includes a verification code.
  • the operating system obtains the security dynamic library in the installation package according to the code. And verifying the digital watermark information embedded in the target file, and verifying, according to the digital watermark information and the verification information, whether the installation package is a repackaged installation package.
  • the installation package itself in this application contains a generation for verifying whether the installation package is repackaged Code, therefore, no matter how the operating system is modified, it can not avoid the process of verifying the installation package, and solves the problem that the prior art verifies that the installation package is repackaged by the system verification installation package self-signature, because the system sometimes bypasses Verifying the installation of the self-signed process results in an inability to validate the issue of whether the installation package was repackaged.
  • the method for verifying whether the installation package is repackaged by calculating the installation package hash value is compared with the prior art. It is more efficient to apply to verify that the installation package is repackaged.
  • the present application also provides an anti-repackaging device, which is also used to solve the problem in the prior art that the system is self-signed by verifying the installation package, and sometimes cannot effectively verify whether the installation package is repackaged, and
  • an anti-repackaging device which is also used to solve the problem in the prior art that the system is self-signed by verifying the installation package, and sometimes cannot effectively verify whether the installation package is repackaged, and
  • the system checks whether the installation package is repackaged by calculating the hash value of the installation package sometimes the installation package occupies a large memory, resulting in a low verification efficiency.
  • the specific structure of the device is shown in Figure 9, specifically including the following units:
  • the running unit 901 runs an object file in the installation package and loads a security dynamic library in the installation package;
  • the executing unit 902 performs the following steps according to the code in the target file:
  • the workflow of the embodiment of the device is: first, the running unit 901 runs the target file in the installation package, and loads the secure dynamic library in the installation package. Secondly, the executing unit 902 performs the following steps according to the code in the target file. Obtaining the digital watermark information embedded in the target file and the verification information stored in the security dynamic library, and verifying whether the installation package is a repackaged installation package according to the digital watermark information and the verification information.
  • the target file is an object file obtained by compiling a preset code; the digital watermark information is embedded at the end of the compiled target file.
  • the acquiring the digital watermark information embedded in the target file includes:
  • the verification whether the installation package is a repackaged installation package, according to the digital watermark information and the verification information, specifically includes:
  • the installation package is an original installation package
  • the installation package is a repackaged installation package.
  • the verification whether the installation package is a repackaged installation package, according to the digital watermark information and the verification information, specifically includes:
  • the digital watermark information is an instruction, performing an operation according to the instruction, obtaining an operation result;
  • the installation package is an original installation package
  • the installation package is a repackaged installation package.
  • the verification whether the installation package is a repackaged installation package, according to the digital watermark information and the verification information, specifically includes:
  • the digital watermark information is an instruction, performing an operation according to the instruction, obtaining an operation result;
  • Verifying whether the operation result is consistent with the operation result in the verification information and verifying whether the instruction is consistent with an instruction in the verification information
  • the installation package is an original installation package
  • the installation package is a repackaged installation package.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
  • processors CPUs
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • the memory may include non-persistent memory, random access memory (RAM), and/or non-volatile memory in a computer readable medium, such as read only memory (ROM) or flash memory.
  • RAM random access memory
  • ROM read only memory
  • Memory is an example of a computer readable medium.
  • Computer readable media includes both permanent and non-persistent, removable and non-removable media.
  • Information storage can be implemented by any method or technology.
  • the information can be computer readable instructions, data structures, modules of programs, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory. (ROM), electrically erasable programmable read only memory (EEPROM), flash memory or other memory technology, compact disk read only memory (CD-ROM), digital versatile disk (DVD) or other optical storage, Magnetic tape cartridges, magnetic tape storage or other magnetic storage devices or any other non-transportable media can be used to store information that can be accessed by a computing device.
  • computer readable media does not include temporary storage of computer readable media, such as modulated data signals and carrier waves.
  • embodiments of the present application can be provided as a method, system, or computer program product.
  • the present application can take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment in combination of software and hardware.
  • the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • Editing Of Facsimile Originals (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Medical Treatment And Welfare Office Work (AREA)
  • Stored Programmes (AREA)
  • Debugging And Monitoring (AREA)
PCT/CN2017/103403 2016-10-11 2017-09-26 一种防重打包的方法及其装置 Ceased WO2018068633A1 (zh)

Priority Applications (8)

Application Number Priority Date Filing Date Title
EP17859699.5A EP3528149B1 (en) 2016-10-11 2017-09-26 Software repackaging prevention method and device
KR1020197013506A KR102192880B1 (ko) 2016-10-11 2017-09-26 소프트웨어 재패키징 방지 방법 및 장치
SG11201903264RA SG11201903264RA (en) 2016-10-11 2017-09-26 Method And Apparatus For Anti-Repackaging
JP2019520118A JP6746156B2 (ja) 2016-10-11 2017-09-26 ソフトウェアリパッケージング防止方法および装置
PL17859699T PL3528149T3 (pl) 2016-10-11 2017-09-26 Sposób i przyrząd do przeciwdziałania przepakowywaniu
ES17859699T ES2874781T3 (es) 2016-10-11 2017-09-26 Procedimiento y dispositivo de prevención de reempaquetado de software
US16/381,857 US10685117B2 (en) 2016-10-11 2019-04-11 Method and apparatus for anti-repackaging
PH12019500785A PH12019500785A1 (en) 2016-10-11 2019-04-11 Method and apparatus for anti-repackaging

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610887188.5 2016-10-11
CN201610887188.5A CN106971098B (zh) 2016-10-11 2016-10-11 一种防重打包的方法及其装置

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US16/381,857 Continuation US10685117B2 (en) 2016-10-11 2019-04-11 Method and apparatus for anti-repackaging

Publications (1)

Publication Number Publication Date
WO2018068633A1 true WO2018068633A1 (zh) 2018-04-19

Family

ID=59334735

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/103403 Ceased WO2018068633A1 (zh) 2016-10-11 2017-09-26 一种防重打包的方法及其装置

Country Status (11)

Country Link
US (1) US10685117B2 (enExample)
EP (1) EP3528149B1 (enExample)
JP (1) JP6746156B2 (enExample)
KR (1) KR102192880B1 (enExample)
CN (1) CN106971098B (enExample)
ES (1) ES2874781T3 (enExample)
PH (1) PH12019500785A1 (enExample)
PL (1) PL3528149T3 (enExample)
SG (1) SG11201903264RA (enExample)
TW (1) TWI675310B (enExample)
WO (1) WO2018068633A1 (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109739544A (zh) * 2018-12-25 2019-05-10 北京三快在线科技有限公司 用于生成应用安装包的方法、装置及电子设备

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106971098B (zh) 2016-10-11 2020-06-02 阿里巴巴集团控股有限公司 一种防重打包的方法及其装置
CN107256349B (zh) * 2017-06-13 2020-02-28 广州阿里巴巴文学信息技术有限公司 动态库防盗用方法、装置、电子设备及可读存储介质
KR101920597B1 (ko) * 2017-11-16 2018-11-21 숭실대학교산학협력단 동적 코드 추출 기반 자동 분석 방지 우회 및 코드 로직 해석 장치
CN108304697B (zh) * 2017-12-11 2020-05-19 深圳壹账通智能科技有限公司 检测app二次打包的方法、装置及移动终端
CN109901981A (zh) * 2019-02-28 2019-06-18 北京智游网安科技有限公司 一种截屏泄露处理方法、智能终端及存储介质
CN110704816B (zh) * 2019-09-29 2021-10-22 武汉极意网络科技有限公司 接口破解的识别方法、装置、设备及存储介质
CN113127859B (zh) * 2019-12-30 2024-04-12 Oppo广东移动通信有限公司 待检测文件的检测方法、装置、终端及存储介质
CN113127418B (zh) * 2019-12-30 2024-08-27 Oppo广东移动通信有限公司 文件检测方法、装置、终端及存储介质
CN113132421B (zh) * 2019-12-30 2022-11-04 Oppo广东移动通信有限公司 文件检测方法、装置、终端及存储介质
CN113709195B (zh) * 2020-05-20 2024-05-28 广州汽车集团股份有限公司 一种车辆软件升级方法、装置及系统
CN112069468B (zh) * 2020-08-26 2023-05-30 上海上讯信息技术股份有限公司 一种页面动态水印的方法及设备
CN113641964B (zh) * 2021-10-19 2022-05-17 北京邮电大学 重打包应用检测方法、电子设备及存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130232540A1 (en) * 2012-03-02 2013-09-05 Hassen Saidi Method and system for application-based policy monitoring and enforcement on a mobile device
CN104239757A (zh) * 2014-09-30 2014-12-24 北京奇虎科技有限公司 应用程序防止逆向的方法及装置、运行方法及终端
CN104932902A (zh) * 2015-07-09 2015-09-23 魅族科技(中国)有限公司 一种生成apk文件的方法及终端
CN106971098A (zh) * 2016-10-11 2017-07-21 阿里巴巴集团控股有限公司 一种防重打包的方法及其装置

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3989577B2 (ja) * 1996-10-22 2007-10-10 株式会社野村総合研究所 デジタル文書のマーキング装置及びマーク認識装置
TW480439B (en) * 1998-12-17 2002-03-21 Inventec Corp Method for examining correctness of system operation
US7421586B2 (en) * 1999-05-12 2008-09-02 Fraunhofer Gesselschaft Protecting mobile code against malicious hosts
US20060010430A1 (en) * 2001-05-04 2006-01-12 Thales Device and process for the signature, the marking and the authentication of computer programs
US7877613B2 (en) * 2002-09-04 2011-01-25 Fraunhofer-Gesellschaft Zur Foerderung Der Angewandten Forschung E.V. Protecting mobile code against malicious hosts
US7784044B2 (en) * 2002-12-02 2010-08-24 Microsoft Corporation Patching of in-use functions on a running computer system
US8302188B2 (en) * 2006-07-18 2012-10-30 Panasonic Corporation Instruction generation apparatus for generating a computer program resistant to unauthorized analyses and tampering
US8024571B2 (en) * 2006-12-22 2011-09-20 Schlumberger Technology Corporation Method of and system for watermarking application modules
US8375458B2 (en) * 2007-01-05 2013-02-12 Apple Inc. System and method for authenticating code executing on computer system
US8950007B1 (en) * 2008-04-07 2015-02-03 Lumension Security, Inc. Policy-based whitelisting with system change management based on trust framework
MY152342A (en) * 2008-12-10 2014-09-15 Sumitomo Bakelite Co Granular epoxy resin composition for encapsulating semiconductor, semiconductor device using the same and method for producing semiconductor device
JP5056995B1 (ja) * 2012-04-24 2012-10-24 大日本印刷株式会社 改竄検知が可能なアプリケーションプログラムの配布実行方法
US20120317421A1 (en) * 2012-06-19 2012-12-13 Concurix Corporation Fingerprinting Executable Code
KR101498820B1 (ko) * 2013-11-06 2015-03-05 순천향대학교 산학협력단 안드로이드 환경에서의 어플리케이션 리패키징 탐지 방법
US9619665B2 (en) * 2014-07-22 2017-04-11 Cheng-Han KO Method and system for adding dynamic labels to a file and encrypting the file
KR101695639B1 (ko) * 2014-08-13 2017-01-16 (주)잉카엔트웍스 클라우드 기반의 애플리케이션 보안 서비스 제공 방법 및 시스템
CN105205356B (zh) * 2015-09-17 2017-12-29 清华大学深圳研究生院 一种app应用重打包检测方法
CN105956456B (zh) * 2016-04-26 2019-02-19 南京邮电大学 一种对Android系统进行四重联合签名验证的实现方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130232540A1 (en) * 2012-03-02 2013-09-05 Hassen Saidi Method and system for application-based policy monitoring and enforcement on a mobile device
CN104239757A (zh) * 2014-09-30 2014-12-24 北京奇虎科技有限公司 应用程序防止逆向的方法及装置、运行方法及终端
CN104932902A (zh) * 2015-07-09 2015-09-23 魅族科技(中国)有限公司 一种生成apk文件的方法及终端
CN106971098A (zh) * 2016-10-11 2017-07-21 阿里巴巴集团控股有限公司 一种防重打包的方法及其装置

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3528149A4 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109739544A (zh) * 2018-12-25 2019-05-10 北京三快在线科技有限公司 用于生成应用安装包的方法、装置及电子设备

Also Published As

Publication number Publication date
KR102192880B1 (ko) 2020-12-22
EP3528149A1 (en) 2019-08-21
PH12019500785A1 (en) 2019-11-11
TWI675310B (zh) 2019-10-21
ES2874781T3 (es) 2021-11-05
US20190243974A1 (en) 2019-08-08
US10685117B2 (en) 2020-06-16
SG11201903264RA (en) 2019-05-30
JP2019535087A (ja) 2019-12-05
JP6746156B2 (ja) 2020-08-26
EP3528149B1 (en) 2021-04-07
CN106971098B (zh) 2020-06-02
KR20190061075A (ko) 2019-06-04
TW201814576A (zh) 2018-04-16
CN106971098A (zh) 2017-07-21
PL3528149T3 (pl) 2021-10-11
EP3528149A4 (en) 2019-10-16

Similar Documents

Publication Publication Date Title
TWI675310B (zh) 防止重打包的方法及其裝置
US9948670B2 (en) Cloud security-based file processing by generating feedback message based on signature information and file features
CN103646082B (zh) 一种文件校验的方法及装置
US11507669B1 (en) Characterizing, detecting and healing vulnerabilities in computer code
CN102880456B (zh) 插件加载方法及系统
US20170262656A1 (en) Method and device for providing verifying application integrity
CN110162332A (zh) 一种rn项目的构建方法及系统
WO2016078130A1 (zh) 一种防逆向apk文件的动态加载方法
CN107003916A (zh) 用于提供验证应用完整性的方法和设备
CN113326058A (zh) 一种应用的版本更新方法、装置、设备及介质
JP2017538217A (ja) アプリケーション整合性の検証を提供する方法及びデバイス
WO2022252637A1 (zh) 基于浏览器的rpa实现方法、装置、设备及介质
TWI687840B (zh) 記憶體子系統、安全客戶端裝置與認證方法
WO2016119548A1 (zh) 防软件反编译的方法、防反编译软件启动的方法和装置
CN104699511A (zh) 插件升级方法及装置
US9513762B1 (en) Static content updates
CN106909409A (zh) 一种运行应用程序的apk插件的方法及装置
EP2511820A1 (en) Bypassing user mode redirection
WO2016095566A1 (zh) 一种可执行模块的提供、加载方法及终端
CN109815682B (zh) 一种对权限进行追踪管理的方法、装置和计算机记录介质
WO2019024392A1 (zh) 依赖包工具的验证方法、存储介质、电子设备及系统
CN106155709B (zh) 插件加载方法、装置及设备
CN108052344A (zh) 一种内核差异检测方法及装置
CN108572853A (zh) 系统隐藏方法的接口提供方法、装置和计算设备
CN115544496A (zh) 基于可信执行环境的无服务器计算方法、装置及设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17859699

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2019520118

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 20197013506

Country of ref document: KR

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 2017859699

Country of ref document: EP

Effective date: 20190513