CN109918872B - Android application reinforcing method - Google Patents
Android application reinforcing method Download PDFInfo
- Publication number
- CN109918872B CN109918872B CN201910109822.6A CN201910109822A CN109918872B CN 109918872 B CN109918872 B CN 109918872B CN 201910109822 A CN201910109822 A CN 201910109822A CN 109918872 B CN109918872 B CN 109918872B
- Authority
- CN
- China
- Prior art keywords
- code
- called
- android application
- new
- call
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Devices For Executing Special Programs (AREA)
Abstract
The embodiment of the invention provides an Android application reinforcing method, which comprises the following steps: extracting method calling and called method information in a part of codes for the part of codes needing protection in an original source code of the Android application; for each called method, determining an irrelevant method corresponding to the called method, generating a new method call according to the corresponding irrelevant method, replacing the method call corresponding to the called method with the new method call, and generating a new source code; and writing a semantic recovery code, and generating the reinforced Android application according to the new source code and the semantic recovery code. According to the Android application reinforcement method provided by the embodiment of the invention, code deformation and Java method redirection are carried out on a Java code level, so that the operation difficulty of Android application reinforcement can be reduced, the application range can be expanded, the reverse difficulty can be increased, and the safety can be improved.
Description
Technical Field
The embodiment of the invention relates to the technical field of information security, in particular to an Android application reinforcement method.
Background
In modern society, with the popularization of mobile smart devices, smart phones are gradually replacing traditional PCs as the most important personal computing platform. With more and more people using mobile applications to perform daily activities such as social contact, entertainment and shopping, the applications bring convenience and great potential safety hazards, and the security of the intelligent mobile applications becomes one of the important issues concerned by developers and common users.
Android, as the mobile operating system with the largest global market share, incurs a large number of attackers to create pirates, and the application programs are modified to steal the economic benefit of the original developer or to implant malicious code to infect user equipment. To achieve this, attackers use various reverse tools and methods to analyze the program semantics of benign program code. The situation that the application software is cracked is frequent, the malicious implantation function is frequent, the malicious behaviors greatly damage the benefits of application developers and application users, and the healthy development of the Android operating system is also restricted.
At present, for Android application software developers, equipment is needed to prevent developed software from being decompiled and reversed by others, and core codes of the software are prevented from being understood and plagiarized by others, so that benefits of the Android developers are protected, and the use safety of Android applications is guaranteed.
Various problems exist in some existing Android code protection technologies. The traditional source code confusion and Android component characteristic confusion based schemes are difficult to resist the currently more mature reverse engineering technology and code analysis technology. These code analysis techniques utilize a large number of methods such as dynamic and static analysis, machine learning, probabilistic models, etc., and theoretically, the core code of a program can be analyzed as long as the semantics of the core code are still in the code. And because the Java code itself is easily decompiled, the protection effect of the method is not ideal. And other code protection technologies and application reinforcement methods at the system level are difficult to use by common developers due to the low operation level.
Disclosure of Invention
In view of the problems in the prior art, embodiments of the present invention provide an Android application reinforcement method that overcomes or at least partially solves the above problems.
The embodiment of the invention provides an Android application reinforcing method, which comprises the following steps:
extracting method calling and called method information in a part of codes to be protected in an original source code of an Android application;
for each called method, determining an irrelevant method corresponding to the called method, generating a new method call according to the corresponding irrelevant method, replacing the method call corresponding to the called method with the new method call, and generating a new source code;
writing a semantic recovery code, and generating a reinforced Android application according to the new source code and the semantic recovery code;
wherein the original source code is Java code; and the semantic recovery code is used for recovering the execution semantics of the original source code according to the new source code.
According to the Android application reinforcement method provided by the embodiment of the invention, a new source code is generated by performing code deformation on a source code level, a reinforced Android application is generated according to the new source code and a semantic recovery code for Java method redirection, and the code deformation is performed on a Java code level, so that the operation difficulty is extremely low, the method can be widely applied to general Android application development work, the operation difficulty of Android application reinforcement can be reduced, the application range can be expanded, the reverse difficulty is increased, and the safety can be improved; the method has the advantages that the literal semantics of the program are thoroughly changed by adopting an Android source code deformation mode, so that a reverse attack technology based on code analysis is resisted, the use cost of a program reinforcing scheme can be effectively reduced by carrying out code deformation at a source code level, the execution semantics of the program code is recovered through a quick positioning and redirection method entry point during program execution, and the performance overhead of the scheme is extremely low and is difficult to detect.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of an Android application reinforcement method provided by an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. The embodiments of the present invention, and all other embodiments obtained by a person of ordinary skill in the art without any inventive step, are within the scope of the present invention.
In order to solve the above problems in the prior art, an embodiment of the present invention provides an Android application reinforcement method, and an inventive concept thereof is to hide information of an original method by using a principle that an Android device side compiler dynamically allocates serial numbers in a linked list of all global Java methods, thereby implementing reinforcement of an Android application.
Fig. 1 is a schematic flowchart of an Android application reinforcement method provided by an embodiment of the present invention. As shown in fig. 1, an Android application reinforcement method includes: s101, extracting method calling and called method information in a part of codes for the part of codes needing protection in an original source code of the Android application; wherein the original source code is Java code.
Specifically, the original source code P is a source code of the pre-hardened Android application.
Protection is necessary for critical codes in the original source code, and therefore, the part of the code in the original source code that needs to be protected refers to the critical code that needs protection. The necessary code with protection refers to the code containing important method calls and called methods.
The original source code is written by Java language, and code deformation is carried out on part of the code needing to be protected, so that the Android application program code is protected.
And the code transformation is to transform the statements of the method calls and the called methods in the partial codes needing protection. Therefore, after a part of code needing protection is acquired, the part of code is preprocessed, and information of method calls and called methods in the part of code is extracted through analysis.
And the information of the method call and the called method comprises the information of the method call and the information of the called method.
Step S102, for each called method, determining an irrelevant method corresponding to the called method, generating a new method call according to the corresponding irrelevant method, replacing the method call corresponding to the called method with the new method call, and generating a new source code.
For each called method, according to the information of the method call and the called method, an irrelevant method is selected as the irrelevant method corresponding to the called method.
Irrelevant method refers to other methods that are not relevant to the portion of the code that needs to be protected. For example, methods that are not related in name, method package signature, and method parameter signature can all be considered unrelated methods.
After the irrelevant method corresponding to the called method is determined, a new method call is generated according to the irrelevant method corresponding to the called method. The new method call is a call to the unrelated method. This unrelated approach may be referred to as a new unrelated approach. The called method, may be referred to as the original method.
And inserting the new method calling statement into the position of the method calling statement corresponding to the called method in the partial code to replace the method calling statement corresponding to the called method.
And after the statements called by all the methods are replaced by the statements called by the irrelevant methods corresponding to the methods called by the method calls, generating a new source code P'.
The principle of replacing is to use the Android device compiler to dynamically allocate the serial numbers in the link lists of all the global Java methods. The assignment of sequence numbers is based on the overall method used by the entire application code. Therefore, for the new source code, the developer can acquire the sequence number of the original method in the code through the subsequent step S103, but it is difficult for the attacker to deduce the sequence number of the original method from the sequence number in the new source code. Therefore, the information of the original method can be hidden, and the Android application is reinforced.
S103, compiling a semantic recovery code, and generating a reinforced Android application according to a new source code and the semantic recovery code; and the semantic recovery code is used for recovering the execution semantics of the original source code according to the new source code.
It can be understood that, since the new source code P' includes statements for calling unrelated methods and statements for calling unrelated methods, in order to ensure normal use and function implementation of the Android application, semantic recovery needs to be performed on the new source code, so that the Android application after the reinforcement can implement all functions of the Android application before the reinforcement.
And performing semantic recovery on the new source code, and executing the semantic recovery code to realize the semantic recovery. The semantic recovery code functions to redirect the methods in the new source code and redirect the entry address of each unrelated method to the entry address of the called method corresponding to the unrelated method, thereby implementing the original function and execution semantics of the program.
After the semantic recovery code is executed, the control right of the program can be jumped to the original method instead of a new independent method, so that the original function of the program is recovered.
For the reinforced Android application, the calling of the original method cannot exist in the source code, so that an attacker cannot reverse the sequence number of the original method after taking the source code P' of the reinforced program to try to acquire the information of the original method, and the attacker is forced to crack violently only in a traversal mode and try to match the sequence number with each available method interface, namely all system interfaces and application program methods; moreover, the method newly added by the attacker in the process of trying out may cause the compiler to reassign the sequence number of the original method, thereby further increasing the difficulty of the reverse attack.
And writing a semantic recovery code according to the requirement of semantic recovery. And compiling and packaging according to the new source code and the semantic recovery code to generate the reinforced Android application.
According to the embodiment of the invention, code deformation is carried out on a source code level to generate a new source code, a reinforced Android application is generated according to the new source code and a semantic recovery code for Java method redirection, code deformation is carried out on a Java code level, the operation difficulty is extremely low, the method can be widely applied to general Android application development work, the Android application reinforcement operation difficulty can be reduced, the application range can be expanded, the reverse difficulty is increased, and the safety can be improved; the method has the advantages that the literal semantics of the program are thoroughly changed by adopting an Android source code deformation mode, so that a reverse attack technology based on code analysis is resisted, the use cost of a program reinforcing scheme can be effectively reduced by carrying out code deformation at a source code level, the execution semantics of the program code is recovered through a quick positioning and redirection method entry point during program execution, and the performance overhead of the scheme is extremely low and is difficult to detect.
Based on the content of the above embodiments, the specific steps of writing the semantic recovery code include: and acquiring the entries of each method call and the entries of each new method call according to the addressing path and the offset on the path used by each method call and the addressing path and the offset on the path used by each new method call, modifying the entry of each new method call into the entry of the method call corresponding to the new method call as code logic, and writing a semantic recovery code by using C language according to the code logic.
Specifically, since the semantic recovery code is used to redirect methods in the new source code, and redirect the entry address of each unrelated method to the entry address of the called method corresponding to the unrelated method, and the entry address of a method is determined according to the addressing path and the offset on the addressing path, the algorithmic logic (i.e., code logic) of the semantic recovery code is: the method comprises the steps of obtaining an entry address of each method call according to an addressing path and an offset on the addressing path used by each method call in an original source code, obtaining the entry address of each new method call according to the addressing path and the offset on the addressing path used by each new method call in a new source code, and modifying the entry of each new method call into the entry of the method call corresponding to the new method call.
The entry address is also called the value of the entry point. The offset includes the serial number assigned to the method by the Android device compiler.
It will be appreciated that for each new method call corresponding to a method call in the original source code, the addressing path used and the offset on the addressing path need only be retrieved.
Semantic recovery code that conforms to the above-described algorithmic logic may be written in C language.
According to the embodiment of the invention, by writing the semantic recovery code, the entry point of the Java method can be dynamically modified by executing the semantic recovery code so as to recover the original program semantic and function to recover the execution semantic of the original source code, so that the reinforced Android application can realize the original function and execution semantic of the program.
Based on the content of the above embodiments, generating new source code and writing semantic recovery code further includes: placing each method call and each new method call in a temporary program, executing the temporary program, and acquiring a local machine code; and analyzing the local machine code to obtain the addressing path and the offset on the path used by each method call and the addressing path and the offset on the path used by each new method call.
Specifically, before writing the semantic recovery code, the addressing path and the offset on the addressing path used by each new method call in the new source code, and the addressing path and the offset on the addressing path used by the method call in the original source code corresponding to each new method call are obtained.
Since the serial number information is hard-coded in the native machine code generated by the Android device compiler, the extraction and analysis of the native machine code can be performed by an additional device.
This additional device can be considered as an experimental device.
Writing a temporary program, and placing each method call and a new method call corresponding to the method call in the temporary program. The temporary program is executed, and the local machine code can be acquired.
When each method call and the new method call corresponding to the method call are placed in the temporary program, the original method to be analyzed and the new irrelevant method corresponding to the original method can be placed in a newly-built empty method, so that the difficulty of analyzing the local machine code is reduced, but the difficulty of the reverse direction of an attacker cannot be reduced. An attacker can only test all available methods and Android system interfaces of the application through ergodic type brute force attack; moreover, the method newly added by the attacker in the process of trying out may cause the compiler to reassign the sequence number of the original method, thereby further increasing the difficulty of the reverse attack.
By analyzing the local machine code, the addressing path and the offset on the addressing path used by each new method call in the new source code, and the addressing path and the offset on the addressing path used by the method call in the original source code corresponding to each new method call can be obtained.
According to the embodiment of the invention, the addressing path and the offset on the path used by each method call and the addressing path and the offset on the path used by each new method call are obtained by analyzing the local machine code generated by executing the temporary program, so that the analysis difficulty can be reduced, but the difficulty of the reverse direction of an attacker can not be reduced, and the convenience and the safety of Android application reinforcement can be improved.
Based on the content of the above embodiments, the specific step of analyzing the local machine code includes: and analyzing a file which is generated by the Android device compiler and contains the local machine code, or analyzing the local machine code file mapping in the temporary program memory during the execution of the temporary program.
In particular, the analysis of the local machine code may be done by the temporary program or by other processes running in the additional device.
There are at least two implementations of analyzing local machine code.
The first implementation manner is to analyze a file containing a local machine code generated by an Android device compiler. After the temporary program is executed, the Android device compiler generates a file, and the generated file includes a file containing the local machine code, so that the file containing the local machine code can be analyzed.
The second implementation manner is that it is not necessary to wait for the Android device compiler to generate a file, and during the execution of the temporary program, a mapping of a local machine code file exists in a memory of the temporary program, and the mapping of the local machine code file is referred to as a local machine code file mapping, so that the local machine code file mapping can be analyzed.
According to the embodiment of the invention, the local machine code can be analyzed in at least two ways, and the addressing path and the offset on the addressing path used by the original method call and the new method call are obtained, so that the semantic recovery code is compiled, and the original function and execution semantic of the program can be realized by the reinforced Android application.
Based on the content of the above embodiments, the specific steps of generating the reinforced Android application according to the new source code and the semantic recovery code include: the method comprises the steps of storing semantic recovery codes in a C dynamic link library in an NDK (named data link) programming mode, wherein the semantic recovery codes are called in a JNI mode in a so library; and compiling and packaging the so library and the new source code to generate the reinforced Android application.
Specifically, the semantic recovery code is stored in a C dynamic link library in a form of NDK (local Development Kit) programming, and the statements of the underlying SOS library are called in a form of JNI (Java Native Interface), so that the calling of the SOS library is ensured before the code needing the semantic recovery is executed.
The specific steps of the so library generation comprise:
writing Java code (Java file), declaring functions in the local file;
new files (semantic recovery codes);
writing a JNI entry function for loading a semantic recovery code;
compiling a project configuration file android.mk file for configuring project information;
and compiling to generate the so library.
And after the so library is generated, compiling and packaging the so library and the new source code P ', wherein the SDK compiling tool can pack the so library and the new source code P' into an apk file with an application degree to obtain a reinforced Android application program, and then the reinforced Android application program can be normally operated.
According to the embodiment of the invention, an NDK programming mode is adopted, the semantic recovery codes are stored in the C/C + + dynamic link library, and then a JNI technology is adopted to call the underlying so library, so that the original functions of the Android application program can be realized, the hidden danger that the original source codes are easy to reverse can be eliminated, and therefore, reinforcement and safety improvement can be realized.
Based on the content of the above embodiments, the specific step of extracting the information of the method call and the called method in the partial code includes: analyzing part of codes according to a preprocessing algorithm to acquire method calling and called method information in the part of codes; the method calling information comprises calling types and parameter types used in calling; the information of the called method includes the name and signature of the called method.
Specifically, a part of the code to be protected may be parsed by a preprocessing algorithm, and a method call and a called method in the part of the code may be determined.
And for each method call, acquiring the call type of the method call and the parameter type used during the call by analyzing, and taking the call type of the method call and the parameter type used during the call as the information of the method call.
For each called method, the name and the signature of the called method are obtained through analysis and serve as the information of the called method.
According to the method and the device for achieving Android application program reinforcement, the information of the method calling and the called method is obtained by analyzing the source code, different method calling and called methods can be distinguished, and therefore code deformation can be achieved, and Android application program reinforcement can be achieved on the basis of the code deformation.
Based on the content of the foregoing embodiments, the specific step of determining the unrelated method corresponding to the called method includes: and for each called method, analyzing the name and the signature of the called method according to a screening algorithm, and selecting an irrelevant method corresponding to the called method according to the calling type of the method call corresponding to the called method and the parameter type used in the calling.
Specifically, for each called method, the name and signature of the called method, the calling type of the method call corresponding to the called method and the parameter type used in the calling can be analyzed through a preset filtering algorithm, and one of all irrelevant algorithms is selected as an irrelevant method corresponding to the called method.
According to the name and the signature of the called method, the calling type of the method calling corresponding to the called method and the parameter type used in calling, the irrelevant method corresponding to the called method is determined, so that the calling of the original method does not exist in the new source code, an attacker cannot attempt to acquire the information of the original method in the reverse direction of the serial number of the original method, and the safety can be improved.
Based on the content of the above embodiments, the specific step of selecting an unrelated method for replacing the called method includes: and taking any irrelevant method of which the number and the size of the effective parameters are not less than those of the called method respectively as the irrelevant method corresponding to the called method.
Specifically, for each called method, comparing the number and size of the effective parameters of each irrelevant method with the number and size of the effective parameters of the called method, and determining the irrelevant method of which the number of the effective parameters is not less than the number of the effective parameters of the called method and the size is not less than the size of the called method; and selecting an irrelevant method as the irrelevant method corresponding to the called method from the irrelevant methods of which the number of the effective parameters is not less than that of the effective parameters of the called method and the size is not less than that of the called method.
Wherein not less means greater than or equal to.
The embodiment of the invention can ensure that an attacker can not reversely try to acquire the information of the original method and the semantic recovery of the method by taking any irrelevant method of which the number and the size of the effective parameters are not less than those of the called method as the irrelevant method corresponding to the called method, thereby improving the safety.
Based on the content of the above embodiments, the irrelevant method is an existing method interface inside the system, an existing method interface inside the Android application, or a custom new method.
Specifically, the irrelevant method may be any one of an existing method interface in the Android system, other existing method interfaces in the Android application program, and a custom new method.
According to the embodiment of the invention, the existing method interface in the system, the existing method interface in the Android application or the self-defined new method are used as unrelated methods, so that the method has the advantages of flexibility and convenience, and can reduce the operation difficulty of Android application reinforcement and expand the application range.
Based on the content of each embodiment, before extracting the information of the method call and the called method in the partial code, for the partial code needing protection in the original source code of the Android application, the method call and the called method further include: reading an original source code of the Android application, and determining a part of code needing to be protected in the original source code.
Specifically, for a part of codes needing protection in an original source code of the Android application, before extracting information of method calling and called methods in the part of codes, the source code of the Android application is read as the original source code.
And determining the critical code from the original source code as the partial code needing protection.
The critical code refers to the code necessary for protection.
According to the method and the device, the original source code of the Android application is read, and the part of the code needing to be protected in the original source code is determined, so that the part of the code can be deformed, the Android application is reinforced, the code deformation is carried out on a Java code level, the operation difficulty is extremely low, the method and the device can be widely applied to general Android application development work, the operation difficulty of Android application reinforcement can be reduced, and the application range is expanded.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (8)
1. An Android application reinforcement method is characterized by comprising the following steps:
extracting method calling and called method information in a part of codes to be protected in an original source code of an Android application;
for each called method, determining an irrelevant method corresponding to the called method, generating a new method call according to the corresponding irrelevant method, replacing the method call corresponding to the called method with the new method call, and generating a new source code;
writing a semantic recovery code, and generating a reinforced Android application according to the new source code and the semantic recovery code;
wherein the original source code is Java code; the semantic recovery code is used for recovering the execution semantics of the original source code according to the new source code;
the specific step of determining the irrelevant method corresponding to the called method comprises the following steps:
for each called method, analyzing the name and signature of the called method, the calling type of the method call corresponding to the called method and the parameter type used in the calling according to a screening algorithm, and selecting an irrelevant method corresponding to the called method;
the specific step of selecting an unrelated method for replacing the called method comprises:
taking any irrelevant method of which the number and the size of the effective parameters are not less than the number and the size of the effective parameters of the called method as the irrelevant method corresponding to the called method;
wherein, the irrelevant method refers to other methods irrelevant to the partial code needing protection.
2. The Android application hardening method of claim 1, wherein the specific step of writing semantic recovery code includes:
and acquiring an entry of each method call and an entry of each new method call according to an addressing path and an offset on the path used by each method call and the offset on the addressing path and the path used by each new method call, modifying the entry of each new method call into the entry of the method call corresponding to the new method call as code logic, and writing the semantic recovery code by using C language according to the code logic.
3. The Android application hardening method of claim 2, wherein generating new source code and writing semantic recovery code further comprises:
placing each method call and each new method call in a temporary program, executing the temporary program, and acquiring a local machine code;
and analyzing the local machine code to obtain an addressing path and an offset on the path used by each method call and an addressing path and an offset on the path used by each new method call.
4. The Android application hardening method of claim 3, wherein the specific step of analyzing the local machine code includes:
and analyzing a file which is generated by an Android device compiler and contains the local machine code, or analyzing the local machine code file mapping in the temporary program memory during the execution of the temporary program.
5. The Android application reinforcement method of claim 2, wherein the specific step of generating the reinforced Android application according to the new source code and the semantic recovery code includes:
the semantic recovery code is stored in a C dynamic link library in an NDK programming mode, a so library is called in a JNI mode, and the so library is called before the partial code is executed;
and compiling and packaging the so library and the new source code to generate the reinforced Android application.
6. The Android application reinforcement method of claim 1, wherein the specific step of extracting information of method calls and called methods in the partial code includes:
analyzing the partial code according to a preprocessing algorithm to acquire the information of method calling and called methods in the partial code;
the method calling information comprises a calling type and a parameter type used in calling; the information of the called method includes the name and signature of the called method.
7. The Android application reinforcement method according to claim 1, wherein the unrelated method is an existing method interface inside a system, an existing method interface inside the Android application, or a custom new method.
8. The Android application reinforcement method according to any one of claims 1 to 7, wherein before extracting information of method calls and called methods in a partial code of an original source code of the Android application, for the partial code needing protection, the method calls and called methods further include:
and reading an original source code of the Android application, and determining a part of codes needing to be protected in the original source code.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910109822.6A CN109918872B (en) | 2019-01-28 | 2019-01-28 | Android application reinforcing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910109822.6A CN109918872B (en) | 2019-01-28 | 2019-01-28 | Android application reinforcing method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109918872A CN109918872A (en) | 2019-06-21 |
| CN109918872B true CN109918872B (en) | 2021-06-29 |
Family
ID=66961458
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910109822.6A Expired - Fee Related CN109918872B (en) | 2019-01-28 | 2019-01-28 | Android application reinforcing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109918872B (en) |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102831342B (en) * | 2012-07-28 | 2016-01-06 | 北京深思数盾科技有限公司 | A kind of method improving application program protection intensity in Android system |
| CN103902859A (en) * | 2013-12-25 | 2014-07-02 | 武汉安天信息技术有限责任公司 | Code protecting method and system based on hook technology in JAVA |
| CN103902858A (en) * | 2013-12-25 | 2014-07-02 | 武汉安天信息技术有限责任公司 | APK application reinforcing method and system |
| CN104463002B (en) * | 2014-12-24 | 2017-04-05 | 北京奇虎科技有限公司 | A kind of method and apparatus of reinforcing APK and APK reinforce client and server |
| CN106228041B (en) * | 2016-07-21 | 2018-11-20 | 北京理工大学 | A kind of code protection method for Android precompile |
| CN106650330A (en) * | 2016-12-22 | 2017-05-10 | 合肥国信车联网研究院有限公司 | Android application software reinforcement protection method based on DexClassloader |
| CN107229848A (en) * | 2017-06-12 | 2017-10-03 | 北京洋浦伟业科技发展有限公司 | A kind of code reinforcement means and device |
| CN107977553B (en) * | 2017-12-25 | 2020-07-10 | 中国电子产品可靠性与环境试验研究所 | Method and device for security reinforcement of mobile application program |
| CN108932407B (en) * | 2018-05-22 | 2022-01-25 | 北京奇虎科技有限公司 | Program safety protection method and device |
| CN109145619A (en) * | 2018-08-13 | 2019-01-04 | 中金金融认证中心有限公司 | A kind of Android application resource reinforcement means and system |
| CN108985017A (en) * | 2018-09-26 | 2018-12-11 | 北京京东金融科技控股有限公司 | The reinforcement means and device of application program |
-
2019
- 2019-01-28 CN CN201910109822.6A patent/CN109918872B/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN109918872A (en) | 2019-06-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108681457B (en) | Android application program protection method based on code sinking and residual code interpretation | |
| CN108733988B (en) | Method for protecting executable program on android platform | |
| CN108932406B (en) | Virtualization software protection method and device | |
| EP2897074B1 (en) | Application code obfuscation device based on self-conversion and method therefor | |
| RU2439669C2 (en) | Method to prevent reverse engineering of software, unauthorised modification and data capture during performance | |
| CN108153518B (en) | JAVA program anti-confusion method and terminal | |
| CN109598107B (en) | Code conversion method and device based on application installation package file | |
| CN104680039B (en) | A kind of data guard method and device of application program installation kit | |
| US20160275019A1 (en) | Method and apparatus for protecting dynamic libraries | |
| CN108121594B (en) | Process management method and device | |
| KR101234591B1 (en) | Method for Anti-Encoding Android by Using Java Native Interface | |
| EP3296906A1 (en) | Method for protecting dex file from being decompiled in android system | |
| CN105930694B (en) | Flexible instruction set for fuzzy virtual machines | |
| KR20150024842A (en) | Adaptive portable libraries | |
| US9900324B1 (en) | System to discover and analyze evasive malware | |
| CN110059456B (en) | Code protection method, code protection device, storage medium and electronic equipment | |
| KR101861341B1 (en) | Deobfuscation apparatus of application code and method of deobfuscating application code using the same | |
| CN109829313B (en) | Method and device for defending SGX side channel attack based on code multiplexing programming | |
| CN111723345B (en) | Callback function-based control flow obfuscation method and system | |
| CN113761482A (en) | Program code protection method and device | |
| WO2011134207A1 (en) | Method for protecting software | |
| CN109614772B (en) | Code conversion method and device based on application installation package file | |
| CN112434266A (en) | Shell code control flow flattening confusion method | |
| JP2004303114A (en) | Interpreter and native code execution method | |
| CN108733990B (en) | Block chain-based file protection method and terminal equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20210629 |