CN109918872A - Android application reinforcement means - Google Patents

Android application reinforcement means Download PDF

Info

Publication number
CN109918872A
CN109918872A CN201910109822.6A CN201910109822A CN109918872A CN 109918872 A CN109918872 A CN 109918872A CN 201910109822 A CN201910109822 A CN 201910109822A CN 109918872 A CN109918872 A CN 109918872A
Authority
CN
China
Prior art keywords
code
called
android application
call
new
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910109822.6A
Other languages
Chinese (zh)
Other versions
CN109918872B (en
Inventor
杨学轶
***
单亦伟
李一鸣
杨明阳
刘宗斌
张令臣
马存庆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Data Assurance and Communication Security Research Center of CAS
Original Assignee
Data Assurance and Communication Security Research Center of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Data Assurance and Communication Security Research Center of CAS filed Critical Data Assurance and Communication Security Research Center of CAS
Priority to CN201910109822.6A priority Critical patent/CN109918872B/en
Publication of CN109918872A publication Critical patent/CN109918872A/en
Application granted granted Critical
Publication of CN109918872B publication Critical patent/CN109918872B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Devices For Executing Special Programs (AREA)

Abstract

The embodiment of the present invention provides a kind of Android application reinforcement means, comprising: to partial code to be protected is needed in the original source code of Android application, extracts the information of method call and called method in partial code;For each called method, the called corresponding uncorrelated method of method being determined, and new method call being generated according to corresponding uncorrelated method, new method call is replaced into the called corresponding method call of method, generates new source code;Semantic recovery code is write, the Android application according to new source code and semantic recovery code, after generating reinforcing.Android application reinforcement means provided in an embodiment of the present invention, by carrying out code morphing and Java method redirection in Java code level, operation difficulty, the expansion scope of application that Android application is reinforced can be reduced, and increases reverse difficulty, safety can be improved.

Description

Android application reinforcement means
Technical field
The present embodiments relate to field of information security technology more particularly to a kind of Android application reinforcement means.
Background technique
Today's society, with popularizing for intelligent movable equipment, smart phone, which is gradually replacing traditional PC, becomes main Individual calculus platform.As more and more people carry out the daily routines such as social, amusement and shopping using mobile application, this A little applications also bring biggish security risk while bringing convenient, ensure the safety of intelligent mobile application also at opening One of the major issue that originator and ordinary user are concerned about.
Android has incurred a large amount of attacker and has created piracy as the maximum Mobile operating system of world market share, The application program of correcting infects user equipment come the economic interests or implantation malicious code for stealing former developer.In order to reach This purpose, attacker will use various reverse tool and methods to analyze the Program Semantics of well behaved program code.Application software The case where being cracked is commonplace, and it is also to often occur that malice, which is implanted into function, these malicious acts all greatly compromise application Developer and interests using person, also constrain the sound development of Android operation system.
Currently, needing equipment to prevent the software developed anti-by other people for Android Application developer Compiling, inversely, ensures that the core code of software is not understood by other people, plagiarizes, so that the interests of Android developer are protected, Simultaneously ensured Android application using safe.
And existing some Android code protection technologies all there is a problem of it is various.It is mixed based on conventional source code Confuse and scheme that Android component characteristic is obscured all is difficult to resist more and more mature at present reverse Engineering Technology and code analysis Technology.A large amount of static and dynamic analysis and the methods of machine learning and probabilistic model is utilized in these code analysis techniques, theoretical As long as the semanteme of upper program kernel code is certain to be parsed out also in code.Also in that Java code itself ten Partial volume is easily by decompiling, so the protecting effect of such methods is not ideal.And some other code in system level is protected Shield technology and application reinforcement means due to hierarchy of operation it is too low, it is difficult to used by common developer.
Summary of the invention
In view of the problems of the existing technology, the embodiment of the present invention provides one kind and overcomes the above problem or at least partly The Android application reinforcement means to solve the above problems.
The embodiment of the present invention provides a kind of Android application reinforcement means, comprising:
To partial code to be protected is needed in the original source code of Android application, method in the partial code is extracted The information of calling and called method;
For each called method, the corresponding uncorrelated method of the called method is determined, and according to the correspondence Uncorrelated method generate new method call, by the corresponding method tune of the new method call replacement called method With generating new source code;
Semantic recovery code is write, according to the new source code and the semantic recovery code, is generated after reinforcing Android application;
Wherein, the original source code is Java code;The semantic recovery code, for according to the new source code That restores the original source code executes semanteme.
Android application reinforcement means provided in an embodiment of the present invention, it is raw by carrying out code morphing in source code level The source code of Cheng Xin generates after reinforcing according to new source code and for the semantic recovery code that Java method redirects Android application carries out code morphing in Java code level, and operation difficulty is extremely low, can be widely used in general Android application and development work can reduce operation difficulty, the expansion scope of application that Android application is reinforced, and increase reverse Difficulty can improve safety;The literal semanteme of program is thoroughly changed by the way of the deformation of Android source code, thus The reverse attack technology based on code analysis is resisted, program can be effectively reduced in the code morphing that source code level carries out and reinforced The use cost of scheme, when program is executed by quickly positioning the holding come recovery routine code with reorientation method entrance Row is semantic, so that the performance cost of scheme is minimum and is not easy to be detected.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root Other attached drawings are obtained according to these attached drawings.
Fig. 1 is the flow diagram according to Android application reinforcement means provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Embodiment in the present invention, those of ordinary skill in the art are not having Every other embodiment obtained under the premise of creative work is made, shall fall within the protection scope of the present invention.
In order to overcome the above problem of the prior art, the embodiment of the present invention provides a kind of Android application reinforcement means, Inventive concept is that the original of serial number in the chained list of global all Java methods is dynamically distributed using Android device end compiler It manages to hide the information of original method, to realize the reinforcing applied to Android.
Fig. 1 is the flow diagram according to Android application reinforcement means provided in an embodiment of the present invention.As shown in Figure 1, A kind of Android application reinforcement means includes: step S101, to needing portion to be protected in the original source code of Android application Divide code, extracts the information of method call and called method in partial code;Wherein, original source code is Java code.
Specifically, original source code P, for the source code for reinforcing preceding Android application.
For code critical in original source code, there is necessity of protection, therefore, in original source code needs to be protected Partial code refers to the above-mentioned necessary critical code for having protection.There is the necessary code of protection, refers to comprising important method The code of calling and called method.
Original source code is write by Java language, to wherein needing partial code to be protected to carry out code morphing, is made Android application code is obtained to be protected.
Code morphing is carried out, is become to method call and the sentence of called method in need partial code to be protected Shape.Therefore, it obtains after needing partial code to be protected, above-mentioned partial code is pre-processed, extracted by analysis above-mentioned The information of method call and called method in partial code.
The information of method call and called method, the information of information and called method including method call.
Step S102, for each called method, the called corresponding uncorrelated method of method is determined, and according to correspondence Uncorrelated method generate new method call, new method call is replaced into the called corresponding method call of method, is generated New source code.
For each called method, is called according to the above method and the information of called method, selection one are uncorrelated Method is as the corresponding uncorrelated method of the method that is called.
Uncorrelated method refers to and needs the incoherent other methods of partial code to be protected.For example, in nominally not phase It closes, uncorrelated, the upper incoherent method of method parameter signature can be used as uncorrelated method on method packet signature.
After determining the called corresponding uncorrelated method of method, according to the corresponding uncorrelated side of the method that is called Method generates a new method call.The new method call, for the calling to the uncorrelated method.The uncorrelated method, can Referred to as new independent methodology.Called method, is referred to alternatively as original method.
By the sentence of the new method call, it is inserted into the called corresponding method call of method of this in above-mentioned partial code The position of sentence, instead of the sentence of the corresponding method call of the method that is called.
The sentence that each method is called is all with the calling for calling the corresponding uncorrelated method of called method to this method Sentence replace after, generate new source code P '.
The principle for carrying out above-mentioned replacement is to dynamically distribute global all Java methods using Android device end compiler Chained list in serial number principle.The distribution of serial number is based on all methods used in entire application code.Therefore, for new Source code, developer can obtain the serial number of original method in code by subsequent step S103, but attacker is difficult to pass through Serial number in new source code infers the serial number of original method.It is thus able to achieve hiding to the information of original method, is completed Reinforcing to Android application.
Step S103, semantic recovery code is write, according to new source code and semantic recovery code, after generating reinforcing Android application;Wherein, semantic to restore code, for executing semanteme according to new source code recovery original source code.
It will be appreciated that since include in new source code P ' is the sentence for calling independent method and each not phase The sentence of pass method, in order to guarantee Android application normal use and function realization, need to carry out language to new source code Justice is restored, so that the Android application after reinforcing is able to achieve the repertoire of the Android application before reinforcing.
Semantic recovery is carried out to new source code, is realized by executing the semantic code that restores.Semanteme restores the effect of code, It is to be redirected to the method in new source code, the entry address of each uncorrelated method is redirected to the uncorrelated side The entry address of the corresponding called method of method, to realize the function of program script and execute semanteme.
Semanteme restores after code executes, can be with jump routine control to original method, rather than new independent methodology, thus Recovery routine script function.
Due to being applied for the Android after reinforcing, the calling of original method will not be present in source code, thus really Can not also the serial number of original method be carried out inversely, to attempt to obtain after the source code P ' for taking the program after reinforcing by protecting attacker The information of original method is taken, so that the mode for forcing attacker that can only be traversed carries out Brute Force, attempting each application can Method interface, i.e., all system interfaces, application program method match serial number;And attacker is new in cut-and-try process The method of addition is possible to the serial number for causing compiler to redistribute original method, to further increase the difficulty inversely attacked Degree.
According to the above-mentioned semantic demand restored, semantic recovery code is write.Restore code according to new source code and semanteme, It is compiled packing, generates the Android application after reinforcing.
The embodiment of the present invention generates new source code, according to new source generation by carrying out code morphing in source code level Code and for Java method redirect it is semantic restore code, generate the Android application after reinforcing, Java code level into Line code deformation, operation difficulty is extremely low, can be widely used in general Android application and development work, can reduce Android Using the operation difficulty of reinforcing, expand the scope of application, and increase reverse difficulty, safety can be improved;Using the source Android generation The mode of code deformation thoroughly changes the literal semanteme of program, so that the reverse attack technology based on code analysis is resisted, The code morphing that source code level carries out can effectively reduce the use cost of program Scheme of Strengthening, when program is executed by fast What the positioning and reorientation method entrance of speed carried out recovery routine code executes semanteme so that the performance cost of scheme it is minimum and It is not easy to be detected.
Content based on the various embodiments described above, write the semantic specific steps for restoring code include: will be according to each method tune With on used addressing path and path offset and each new method call used on addressing path and path Offset, obtain the entrance of the method call of entrance and Ge Xin that each method is called, and entering each new method call The entrance that mouth is revised as the corresponding method call of new method call is shown a C language as code logic according to code logic Semanteme restores code.
It specifically, due to the semantic effect for restoring code, is redirected to the method in new source code, it will be each The entry address of uncorrelated method is redirected to the entry address of the corresponding called method of the uncorrelated method, and method enters Port address determines that therefore, semanteme restores algorithm logic (the i.e. generation of code according to the offset on addressing path and the addressing path Code logic) are as follows: by the offset on addressing path and addressing path according to used in method call each in original source code The entry address for obtaining each method call, according to addressing path used in new method call each in new source code and Offset on addressing path obtains the entry address of each new method call, and the entrance of each new method call is repaired It is changed to the entrance of the corresponding method call of new method call.
Wherein, entry address, the also known as value of entrance.Offset just includes the Android device compiler side of distributing to The serial number of method.
It is understood that the method call in original source code corresponding for each new method call, just needs Offset on addressing path and addressing path used in obtaining.
The semantic recovery code for meeting above-mentioned algorithm logic can be shown a C language.
The embodiment of the present invention can dynamically be modified by writing semantic recovery code by executing semantic recovery code The entrance of Java method executes semanteme to restore Program Semantics and the functional rehabilitation original source code of script, so that reinforcing Android application afterwards is able to achieve the function of program script and executes semanteme.
Content based on the various embodiments described above generates new source code and writes semantic restore between code further include: will Each method is called and each new method call is placed in transient program, executes transient program, obtains local machine code;To local Device code is analyzed, and the offset on addressing path and path used in each method calling and each new method tune are obtained With the offset on used addressing path and path.
Specifically, it before writing semantic recovery code, first obtains each new method call in new source code and is used Addressing path and addressing path on offset and the corresponding original source code of each new method call in method tune With the offset on used addressing path and addressing path.
It can be hard coded within due to serial number information in the local machine code of Android device compiler generation, it can To carry out the extraction and analysis of local machine code by an additional equipment.
The additional equipment is considered as experimental facilities.
A transient program is write, calls corresponding new method call to be placed in this each method call and this method and faces In Shi Chengxu.Execute the transient program, available local machine code.
When calling corresponding new method call to be placed in the transient program each method call and this method, it can incite somebody to action The original method and new independent methodology corresponding with original method for needing to analyze are placed in a newly-built short side method, thus reduction pair The difficulty that local machine code is analyzed, but not reduce the reverse difficulty of attacker.Attacker can only pass through traversal type Brute Force is attacked to test the available method of all applications and android system interface;And attacker is in cut-and-try process Newly added method is possible to the serial number for causing compiler to redistribute original method, to further increase the difficulty inversely attacked Degree.
By the analysis to local machine code, sought used in each new method call in available new source code The method call institute in offset and the corresponding original source code of each new method call on location path and addressing path The offset on addressing path and addressing path used.
The embodiment of the present invention executes the local machine code that transient program generates by analysis, obtains each method calling and is used Addressing path and path on offset and each new method call used in offset on addressing path and path Amount can reduce the difficulty of analysis but not reduce the reverse difficulty of attacker, so as to improve the convenience that Android application is reinforced Property and safety.
Content based on the various embodiments described above, the specific steps analyzed local machine code include: to set to Android The file comprising local machine code that standby compiler generates is analyzed, or in transient program execution, in transient program Local machine code File Mapping in depositing is analyzed.
Specifically, the analysis of local machine code can be completed by the transient program, it can also be by the additional equipment Other processes of operation are completed.
Local machine code is analyzed at least there are two types of implementation.
The first implementation is that the file comprising local machine code generated to Android device compiler divides Analysis.After executing the transient program, Android device compiler can generate file, and the file of generation includes comprising local Therefore the file of device code can analyze the file for including local machine code.
Second of implementation be, it is not necessary to until Android device compiler generates file, in transient program implementation procedure In, there are the mapping of local machine code file in the transient program memory, the mapping of local machine code file is known as local machine Therefore code File Mapping can analyze above-mentioned local machine code File Mapping.
The embodiment of the present invention can realize the analysis to local machine code by least two modes, obtain original method and call The offset on addressing path and addressing path used with new method call makes to write semantic recovery code accordingly Android application after must reinforcing is able to achieve the function of program script and executes semanteme.
Content based on the various embodiments described above generates after reinforcing according to new source code and semantic recovery code The specific steps of Android application include: that semanteme is restored code to be stored in the library C dynamic link library .so in the form that NDK is programmed In, and the library .so is called in the form of JNI, and call the library .so before execution part code;By the library .so and new source code Compiling is packaged, and generates the Android application after reinforcing.
Specifically, by the semantic shape restoring code and being programmed with NDK (local development kit, Native Development Kit) Formula is stored in the library C dynamic link library .so, and using the shape of JNI (Java local interface, Java Native Interface) Formula calls the sentence in the library bottom .so, it is ensured that being invoked at before the code execution for needing to restore semantic for the library .so.
Generate the library .so specific steps include:
It writes Java code (Java file), states the function in local file;
Newly-built .c file (semanteme restores code);
JNI entrance function is write, for loading semantic recovery code;
Project profile Android.mk file is write, for configuring project information;
Compiling generates the library .so.
After generating the library .so, the library .so and new source code P ' are compiled and are packaged, SDK compilation tool can by the library .so and New source code P ' is packed into the apk file of level of application, then the Android application program after being reinforced can To operate normally the Android application program after reinforcing.
Semanteme is restored code and is stored in C/C++ dynamic link library by the embodiment of the present invention by the way of NDK programming, Then the library .so that bottom is called using JNI technology, can either realize the former function of Android application program, and can prevent original Source code is easy by reverse hidden danger, to be able to achieve reinforcing, improve safety.
Content based on the various embodiments described above, extract partial code in the information of method call and called method it is specific Step includes: to be parsed according to Preprocessing Algorithm to partial code, method call and called method in fetching portion code Information;Wherein, the parameter type used when the information of method call includes call type and calling;The information of called method Title and signature including the method that is called.
Specifically, above-mentioned part generation can be determined by Preprocessing Algorithm to needing partial code to be protected to parse Method call and called method in code.
For each method call, by parsing, the parameter used when obtaining call type and calling that this method is called Type, the information that the parameter type used when using the call type and calling that this method is called is called as this method.
For each called method, by parsing, the title and signature of the called method are obtained, it is called as this The information of method.
The embodiment of the present invention is called and is called by analysis source code acquisition methods the information of method, can distinguish different Method call and called method, so as to realize that Android is applied in realization code morphing and on the basis of code morphing Program is reinforced.
Content based on the various embodiments described above determines that the specific steps of the called corresponding uncorrelated method of method include: It is corresponding according to the title of the called method of filtering algorithm analysis and signature and called method for each called method Method call call type and calling when the parameter type that uses, select the called corresponding uncorrelated method of method.
Specifically, for each called method, can by preset filtering algorithm, the title of the called method and The parameter type used when the call type and calling of signature and the called corresponding method call of method is analyzed, Select from all uncorrelated algorithms one as the corresponding uncorrelated method of method that is called.
The embodiment of the present invention is according to the title and signature of called method and the corresponding method call of called method The parameter type used when call type and calling determines the called corresponding uncorrelated method of method, so that new source code In there is no to the calling of original method, so that it is guaranteed that attacker can not carry out the serial number of original method inversely attempt to obtain original method Information, safety can be improved.
Content based on the various embodiments described above, the specific steps packet of uncorrelated method of the selection for replacing called method It includes: the number of actual parameter and size is not less than to the number of the actual parameter of called method and any not phase of size respectively Pass method, as the corresponding uncorrelated method of called method.
Specifically, for each called method, by the number and size of the actual parameter of each uncorrelated method, with this The number and size of the actual parameter of called method are compared, and determine the number of actual parameter not less than the called method Actual parameter number and size not less than the size of the called method uncorrelated method;From the number of above-mentioned actual parameter Mesh is not less than the uncorrelated side of the size of the called method not less than the number and size of the actual parameter of the called method In method, a uncorrelated method is arbitrarily selected, as the corresponding uncorrelated method of the method that is called.
Wherein, it is greater than or equal to not less than finger.
The number of actual parameter and size by being not less than any uncorrelated side of called method by the embodiment of the present invention Method, as the corresponding uncorrelated method of the method that is called, can ensure that attacker can not the serial number to original method inversely tried Figure obtains the information of original method and the semantic of this method restores, so as to improve safety.
Content based on the various embodiments described above, uncorrelated method are in internal system has method interface, Android is applied Portion has method interface or customized new method.
Specifically, uncorrelated method can be method interface, the Android application program existing inside android system Any one in internal existing other methods interface and customized new method.
The embodiment of the present invention by by internal system have method interface, the internal existing method interface of Android application or The customized new method of person has more flexibility, convenience as uncorrelated method, can reduce what Android application was reinforced Operation difficulty expands the scope of application.
Content based on the various embodiments described above, to Android application original source code in need partial code to be protected, It extracts in partial code before the information of method call and called method further include: read the original source generation of Android application Code, and partial code to be protected is needed in determining original source code.
Specifically, it to partial code to be protected is needed in the original source code applied to Android, extracts in partial code Before the information of method call and called method, the source code of Android application is first read, as original source code.
According to original source code, the wherein critical code of determination, as need partial code to be protected.
Critical code, referring to has the necessary code of protection.
The embodiment of the present invention determines by reading the original source code of Android application and needs to protect in original source code The partial code of shield so as to deform to above-mentioned partial code, and then realizes that Android application is reinforced, in Java code Level carries out code morphing, and operation difficulty is extremely low, can be widely used in general Android application and development work, can reduce The operation difficulty of Android application reinforcing expands the scope of application.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features; And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and Range.

Claims (10)

1. a kind of Android application reinforcement means characterized by comprising
To partial code to be protected is needed in the original source code of Android application, method call in the partial code is extracted With the information of called method;
For each called method, determine the corresponding uncorrelated method of the called method, and according to it is described it is corresponding not Correlation technique generates new method call, and the new method call is replaced the corresponding method call of the called method, Generate new source code;
Semantic recovery code is write, according to the new source code and the semantic Android for restoring code, generating after reinforcing Using;
Wherein, the original source code is Java code;The semantic recovery code, for being restored according to the new source code The original source code executes semanteme.
2. Android application reinforcement means according to claim 1, which is characterized in that write the semantic tool for restoring code Body step includes:
Offset and each new method tune on addressing path and path used in being called according to each the method With the offset on used addressing path and path, entrance and each new method tune that each the method is called are obtained Entrance, and the entrance of each new method call is revised as the corresponding method call of the new method call Entrance shows a C language the semantic recovery code as code logic, according to the code logic.
3. Android application reinforcement means according to claim 2, which is characterized in that generate new source code and write Semanteme restores between code further include:
Each the method is called and each new method call is placed in transient program, executes the transient program, is obtained Local machine code;
The local machine code is analyzed, the offset on addressing path and path used in each the method calling is obtained Offset on addressing path and path used in amount and each new method call.
4. Android application reinforcement means according to claim 3, which is characterized in that carried out to the local machine code The specific steps of analysis include:
The file comprising the local machine code generated to Android device compiler is analyzed, or described interim Program analyzes the local machine code File Mapping in the transient program memory in executing.
5. Android application reinforcement means according to claim 2, which is characterized in that according to the new source code and The semantic recovery code, the specific steps for generating the Android application after reinforcing include:
The semantic recovery code is stored in the library C dynamic link library .so in the form that NDK is programmed, and using the form of JNI The library .so is called, and calls the library .so before executing the partial code;
The library .so and the new compilation of source code are packaged, the Android application after reinforcing is generated.
6. Android application reinforcement means according to claim 1, which is characterized in that extract side in the partial code Method is called and the specific steps of the information of called method include:
The partial code is parsed according to Preprocessing Algorithm, obtains method call and called side in the partial code The information of method;
Wherein, the parameter type that the information that the method is called uses when including call type and calling;The called method Information include called method title and signature.
7. Android application reinforcement means according to claim 6, which is characterized in that determine the called method pair The specific steps for the uncorrelated method answered include:
For each called method, the title and signature of the called method, Yi Jisuo are analyzed according to filtering algorithm The parameter type used when stating the call type and calling of the corresponding method call of called method selects the called method Corresponding uncorrelated method.
8. Android application reinforcement means according to claim 7, which is characterized in that selection is for replacing described adjusted Specific steps with the uncorrelated method of method include:
The number of actual parameter and size are not less than the number of the actual parameter of the called method and appointing for size respectively One uncorrelated method, as the corresponding uncorrelated method of the called method.
9. Android application reinforcement means according to claim 1, which is characterized in that the uncorrelated method is system The existing method interface in inside, the internal existing method interface of Android application or customized new method.
10. Android application reinforcement means according to any one of claims 1 to 9, which is characterized in that applied to Android Original source code in need partial code to be protected, extract the information of method call and called method in the partial code Before further include:
The original source code of the Android application is read, and needs partial code to be protected in the determining original source code.
CN201910109822.6A 2019-01-28 2019-01-28 Android application reinforcing method Expired - Fee Related CN109918872B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910109822.6A CN109918872B (en) 2019-01-28 2019-01-28 Android application reinforcing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910109822.6A CN109918872B (en) 2019-01-28 2019-01-28 Android application reinforcing method

Publications (2)

Publication Number Publication Date
CN109918872A true CN109918872A (en) 2019-06-21
CN109918872B CN109918872B (en) 2021-06-29

Family

ID=66961458

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910109822.6A Expired - Fee Related CN109918872B (en) 2019-01-28 2019-01-28 Android application reinforcing method

Country Status (1)

Country Link
CN (1) CN109918872B (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102831342A (en) * 2012-07-28 2012-12-19 北京深思洛克软件技术股份有限公司 Method for improving protection strength of application program in Android system
CN103902858A (en) * 2013-12-25 2014-07-02 武汉安天信息技术有限责任公司 APK application reinforcing method and system
CN103902859A (en) * 2013-12-25 2014-07-02 武汉安天信息技术有限责任公司 Code protecting method and system based on hook technology in JAVA
CN104463002A (en) * 2014-12-24 2015-03-25 北京奇虎科技有限公司 APK reinforcing method and device and APK reinforcing client and server
CN106228041A (en) * 2016-07-21 2016-12-14 北京理工大学 A kind of for the precompiler code protection method of Android
CN106650330A (en) * 2016-12-22 2017-05-10 合肥国信车联网研究院有限公司 Android application software reinforcement protection method based on DexClassloader
CN107229848A (en) * 2017-06-12 2017-10-03 北京洋浦伟业科技发展有限公司 A kind of code reinforcement means and device
CN107977553A (en) * 2017-12-25 2018-05-01 中国电子产品可靠性与环境试验研究所 The method and device of the security hardening of mobile applications
CN108932407A (en) * 2018-05-22 2018-12-04 北京奇虎科技有限公司 A kind of program safety guard method and device
CN108985017A (en) * 2018-09-26 2018-12-11 北京京东金融科技控股有限公司 The reinforcement means and device of application program
CN109145619A (en) * 2018-08-13 2019-01-04 中金金融认证中心有限公司 A kind of Android application resource reinforcement means and system

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102831342A (en) * 2012-07-28 2012-12-19 北京深思洛克软件技术股份有限公司 Method for improving protection strength of application program in Android system
CN103902858A (en) * 2013-12-25 2014-07-02 武汉安天信息技术有限责任公司 APK application reinforcing method and system
CN103902859A (en) * 2013-12-25 2014-07-02 武汉安天信息技术有限责任公司 Code protecting method and system based on hook technology in JAVA
CN104463002A (en) * 2014-12-24 2015-03-25 北京奇虎科技有限公司 APK reinforcing method and device and APK reinforcing client and server
CN106228041A (en) * 2016-07-21 2016-12-14 北京理工大学 A kind of for the precompiler code protection method of Android
CN106650330A (en) * 2016-12-22 2017-05-10 合肥国信车联网研究院有限公司 Android application software reinforcement protection method based on DexClassloader
CN107229848A (en) * 2017-06-12 2017-10-03 北京洋浦伟业科技发展有限公司 A kind of code reinforcement means and device
CN107977553A (en) * 2017-12-25 2018-05-01 中国电子产品可靠性与环境试验研究所 The method and device of the security hardening of mobile applications
CN108932407A (en) * 2018-05-22 2018-12-04 北京奇虎科技有限公司 A kind of program safety guard method and device
CN109145619A (en) * 2018-08-13 2019-01-04 中金金融认证中心有限公司 A kind of Android application resource reinforcement means and system
CN108985017A (en) * 2018-09-26 2018-12-11 北京京东金融科技控股有限公司 The reinforcement means and device of application program

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
博客园: ""Android中的Apk的加固(加壳)原理解析和实现"", 《HTTPS://WWW.CNBLOGS.COM/ROCCHEUNG/P/5797273.HTML》 *
杨勇义: ""基于Android平台的软件保护技术研究"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Also Published As

Publication number Publication date
CN109918872B (en) 2021-06-29

Similar Documents

Publication Publication Date Title
CN108733988B (en) Method for protecting executable program on android platform
CN108932406B (en) Virtualization software protection method and device
CN108681457A (en) The Android application program guard methods explained with residual code based on code sinking
CN108491235B (en) DEX protection method combining dynamic loading and function Native
CN106326694A (en) Android application reinforcing method baed on C source code mixing
CN109684794B (en) Code protection virtual machine KVM system realization method, device, computer equipment and storage medium
KR101234591B1 (en) Method for Anti-Encoding Android by Using Java Native Interface
US8615735B2 (en) System and method for blurring instructions and data via binary obfuscation
CN105930694B (en) Flexible instruction set for fuzzy virtual machines
CN109598107B (en) Code conversion method and device based on application installation package file
KR101861341B1 (en) Deobfuscation apparatus of application code and method of deobfuscating application code using the same
CN111723345B (en) Callback function-based control flow obfuscation method and system
CN109829313B (en) Method and device for defending SGX side channel attack based on code multiplexing programming
US20140344924A1 (en) Preventing unauthorized calls to a protected function
US20110167407A1 (en) System and method for software data reference obfuscation
CN104298534A (en) Programming method and device based on Lua language
Payet et al. An operational semantics for Android activities
US8302210B2 (en) System and method for call path enforcement
CN112434266A (en) Shell code control flow flattening confusion method
CN113626773B (en) Code protection method based on intermediate language
CN109918872A (en) Android application reinforcement means
Bilge et al. Thwarting real-time dynamic unpacking
CN103106356A (en) Method for generating code in safe environment and improving software protection intensity
Orlov et al. FINCH: A system for evolving Java (bytecode)
CN112114809B (en) Program code safety protection method, device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20210629

CF01 Termination of patent right due to non-payment of annual fee