CN111767539A - APK safety system and safety verification method - Google Patents
APK safety system and safety verification method Download PDFInfo
- Publication number
- CN111767539A CN111767539A CN202010413374.1A CN202010413374A CN111767539A CN 111767539 A CN111767539 A CN 111767539A CN 202010413374 A CN202010413374 A CN 202010413374A CN 111767539 A CN111767539 A CN 111767539A
- Authority
- CN
- China
- Prior art keywords
- file
- dex
- check
- apk
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/08—Error detection or correction by redundancy in data representation, e.g. by using checking codes
- G06F11/10—Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's
- G06F11/1004—Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's to protect a block of data words, e.g. CRC or checksum
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- Quality & Reliability (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to an APK safety system and a safety verification method, wherein the safety system of an application server comprises a Dex file acquisition module, a calculation module and a parameter storage module; the calculation module is configured to calculate a plurality of Dex files respectively according to one or more check functions to obtain a plurality of preset check codes. The safety system of the user terminal comprises a monitoring module, a parameter acquisition module and a verification module; wherein the check module is configured to calculate a check code of the Dex file to be currently loaded according to the one or more check functions and compare the check code with a corresponding preset check code. The invention adopts different algorithms to calculate different Dex files to obtain the preset check codes, and checks according to the preset check codes when the APK file is loaded, thereby not only increasing the difficulty of cracking the safety check measures when the Dex file is packaged for the second time, but also checking whether the Dex file is falsified when being loaded, and further improving the safety of the APK file.
Description
Technical Field
The invention relates to a network application technology, in particular to an APK security system and a security verification method.
Background
Android applications are widely available with the popularity of Android devices and platforms. In order to run the Android application code on the Android device, the Android application code needs to be compiled first and then packaged into an APK (Android application package) that can be recognized by the Android system. And when the user downloads the Android application program, downloading the APK to the Android equipment. And verifying when the APK is installed, and after verification and installation are completed, the Android application program can run on the Android equipment.
Due to the opening of the Android system and the problems of distribution and management of Android applications, Android client application codes can be maliciously tampered and packaged for the second time, for example, executable file contents are modified by using some decompilation tools, so that phishing website information is increased, trojan programs are inserted, advertisements are implanted, and the like. These malicious tampering activities seriously undermine the interests of users and application developers.
In order to prevent the Android application program from being tampered, some coping methods have been developed in the industry: obfuscating code, for example, at the time of development; dex file in APK is encrypted; and performing security and integrity check on the Android application program during installation (detecting a signature, checking class. Although the technical schemes can find out whether the APK is tampered and packaged for the second time to a certain extent, the verification speed is slow, and some of the technical schemes also have the risk of being easily cracked.
Disclosure of Invention
Aiming at the technical problems in the prior art, the invention provides an APK safety system and a safety verification method, which are used for improving the difficulty of cracking safety measures when the APK is tampered, so that the safety of the application is improved.
In order to solve the technical problem, according to an aspect of the present invention, the present invention provides an APK security system, including a Dex file acquisition module, a calculation module, and a parameter storage module; wherein the Dex file acquisition module is configured to acquire a compiled plurality of Dex files at an application server; the calculation module is configured to calculate a plurality of Dex files respectively according to one or more check functions to obtain a plurality of preset check codes; the parameter storage module is configured to store a plurality of preset check codes of a plurality of Dex files and check functions thereof as check parameters to preset positions.
According to one aspect of the invention, the invention provides an APK safety system, which comprises a monitoring module, a parameter acquisition module and a checking module; wherein the monitoring module is configured to monitor loading of an APK file at a user terminal; the parameter acquisition module is configured to acquire check parameters of a plurality of Dex files in an APK file, wherein the check parameters at least comprise a plurality of preset check codes and one or more check functions; the check module is configured to calculate a check code of the Dex file to be currently loaded according to the one or more check functions and compare the check code with a corresponding preset check code.
According to one aspect of the present invention, the present invention provides an APK security verification method, including the following steps:
acquiring a plurality of compiled Dex files at an application server;
respectively calculating the Dex files according to one or more check functions to obtain a plurality of preset check codes; and
and storing a plurality of preset check codes of a plurality of Dex files and corresponding check functions thereof as check parameters to preset positions.
According to one aspect of the present invention, the present invention provides an APK security verification method, including the following steps:
monitoring the loading of the APK file on the user terminal;
when loading an APK file, acquiring verification parameters of a plurality of Dex files in the APK file, wherein the verification parameters at least comprise a plurality of preset verification codes and one or more verification functions; and
calculating the check code of the Dex file to be loaded currently according to the corresponding check function, and corresponding to the preset check code
The invention adopts different algorithms, such as MD5, SHA-1, SHA-2 or CRC, to calculate different Dex files to obtain the preset check codes, and checks according to the preset check codes when the APK file is loaded, thereby not only increasing the difficulty of cracking the safety check measures when packing the Dex file for the second time, but also checking whether the Dex file is falsified when loading, and improving the safety of the APK file. And comparing the check codes.
Drawings
Preferred embodiments of the present invention will now be described in further detail with reference to the accompanying drawings, in which:
FIG. 1 is a functional block diagram of an APK security system applied to a server side according to one embodiment of the present invention;
FIG. 2 is a diagram of an APK packet structure according to one embodiment of the invention;
fig. 3 is a diagram of an APK packet structure according to another embodiment of the present invention;
fig. 4 is a diagram of an APK packet structure according to still another embodiment of the present invention;
FIG. 5 is a functional block diagram of a user terminal and APK security system according to one embodiment of the present invention;
fig. 6 is a flowchart of the APK security verification method applied to the server according to an embodiment of the present invention; and
fig. 7 is a flowchart of the APK security verification method applied to a user terminal according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the following detailed description, reference is made to the accompanying drawings that form a part hereof and in which is shown by way of illustration specific embodiments of the application. In the drawings, like numerals describe substantially similar components throughout the different views. Various specific embodiments of the present application are described in sufficient detail below to enable those skilled in the art to practice the teachings of the present application. It is to be understood that other embodiments may be utilized and structural, logical or electrical changes may be made to the embodiments of the present application.
In a specific application example, in order to solve the problem that the number of methods in a Dex file is too large to install on some Android devices due to complex functions and large code quantity, an Android Application (APP) splits and packages a compiled Class file into a plurality of Dex sub-packets, wherein the number of methods in each Dex file is not more than 65536. Therefore, the APK obtained by the multi-packetization system includes a plurality of Dex packets. In order to find out whether the APK is packaged for the second time, the invention provides an APK safety system and a safety verification method, wherein the safety verification method comprises the following steps: determining a preset check code for a Dex file in an APK file at an application server; when the user terminal loads the APK, the Dex file is checked, and whether the APK is safe or not is monitored, and whether the APK is packaged for the second time or not is judged.
Fig. 1 is a functional block diagram of an APK security system applied to a server according to one embodiment of the present invention. The APK security system described in fig. 1 is applied to a server, and includes: a Dex file acquisition module 10, a calculation module 12 and a parameter storage module 14; the Dex file obtaining module 10 obtains a plurality of Dex files that have been compiled. In an application development process, the generated APK package typically includes the files/folders shown in fig. 2.Dex file is an executable file which can be executed by the Android system Dalvik virtual machine of the client. When the functions of the applications are complex and the code amount is large, too many methods are used in class. Thus, a packetization system is presented, which packetizes classes.dex using a packetization system, resulting in a plurality of Dex packetizations, as shown in fig. 3 and 4.
After generating a plurality of Dex files by packetization, the Dex file acquisition module 10 reads the plurality of Dex files and sends the plurality of Dex files to the calculation module 12. The calculation module 12 calculates a plurality of Dex files according to one or more different check functions, respectively, to obtain corresponding preset check codes. Wherein, further, the calculation module 12 comprises a recognition unit 120 and a first calculation unit 122. The identifying unit 120 identifies the compiled Dex files. For example, the Dex file is identified by a file name, or each Dex file is identified by reading a file header of the Dex file. The structure of the Dex file is shown in table 1 below.
TABLE 1
The file header (header) records attribute information of the whole Dex file, so that a signature field or a magic field in the file header (header) can be adopted to identify the current Dex file, and the Dex file can be determined more accurately.
The first calculating unit 122 calculates each Dex file to determine a check code thereof, and uses the calculated check code as a preset check code for checking when the APK is installed. In order to improve the difficulty of cracking APK check, different check functions (or check methods) are adopted for different Dex files, for example, an MD5 abstract information method, a CRC calculation method or an SHA-1 or SHA-2 value calculation algorithm is adopted, and therefore the obtained check codes are MD5 values, SHA-1 or SHA-2 values or CRC codes, such as CRC32 codes and the like. In a better scheme, all data or partial data of the Dex file is used as a calculation data source. As shown in the structure of the Dex file in the above table, only one or more of the file header, the index area, or the data area may be calculated when calculating the check code. For example, the first Dex file is verified by using an MD5 digest information method, and the data source of the first Dex file is a file header; the second Dex adopts CRC32 method for checking, and the data source is the index area; the third Dex file is verified by using the MD5 digest information method, and the data source of the third Dex file is a data area and the like. Different verification methods and calculation data sources are set for different Dex files, even if the same verification method is adopted, the data sources are different, and therefore the cracking difficulty is further increased. Taking the APK package in fig. 3 as an example, the classes are verified by using an MD5 digest information method, and all data of the file are used as a calculation data source to obtain a check code 1, which is an MD5 value; calculating the file header of classes2.dex by adopting a CRC32 method to obtain a check code 2; and (5) checking classes3.dex by adopting an MD5 digest information method, and taking a data area of the classes3.dex as a calculation data source to obtain a check code 3. The first calculation unit 122 sends its calculation result to the parameter storage module 14.
The parameter storage module 14 stores the file identifiers of all the Dex files, the preset check codes and the check functions thereof (including the data source identifiers used in calculation if different data sources are adopted) as the check parameters to preset positions. In order to facilitate file management and query the verification parameters during client verification, the parameter storage module 14 further stores the verification parameters in the parameter file. The check parameters of all the Dex files can be recorded in the parameter file in the form of a parameter table. The parameter table generated by the Dex file shown in fig. 3 is shown in the following table 2:
TABLE 2
| File identification | Check function | Check code | Data source identification |
| classes.dex | MD5 | Check code 1 | All field |
| classes2.dex | CRC32 | Check code 2 | Header field |
| classes3.dex | MD5 | Check code 3 | All data field |
The parameter storage module 14 names the parameter file and stores the name in the server or the APK file package.
Fig. 5 is a schematic block diagram of an APK security system applied to a user terminal according to an embodiment of the present invention, wherein the system includes a monitoring module 20, a parameter obtaining module 22 and a verification module 24. The monitoring module 20 is configured to monitor loading of the APK file in the user terminal. For example, when monitoring that a pm (package manager) manager in an Android system of the device side performs installation of an application program, or loads the application program in a device starting process, or loads a Dex file in an application program running process, the monitoring module 20 generates a trigger signal.
The parameter obtaining module 22 is connected to the monitoring module 20, and receives the trigger signal sent by the monitoring module 20 to obtain a parameter file recorded with a preset check code and a check function. Since the APK file may include a plurality of Dex files and the currently loaded Dex file may be any one of the Dex files, the current Dex file needs to be identified to obtain the preset check code and the check function corresponding to the current Dex file.
In one embodiment, the parameter obtaining module 22 includes a file obtaining unit 220, a file identifying unit 222, and a querying unit 224, wherein the file obtaining unit 220 reads a Dex file to be loaded currently, and sends a notification to the file identifying unit 222. The file identification unit 222 identifies the Dex file after receiving the notification, for example, reads the file name of the current Dex file and uses the file name as the identifier of the Dex file; or inquiring a corresponding field in a file header (header) of the current Dex file, and using the field as the identifier of the current Dex file. Specifically, which is used as the identifier of the Dex file corresponds to the identifier type of the Dex file in the parameter table generated by the server. That is, if the parameter table is identified by a file name, the file identification unit 222 acquires the file name of the current Dex file. If a field in the file header of the Dex file in the parameter table is an identifier, the file identification unit 222 queries a corresponding field in the file header (header) of the current Dex file.
The file identifying unit 222 obtains the identification information of the Dex file and sends the Dex file to the querying unit 224. After the query unit 224 obtains the identification information of the Dex file, the parameter file is obtained according to the storage address of the parameter file, the parameter table therein is read, the parameter table is queried according to the identified Dex file identification information to obtain a preset check code and a check function matched with the parameter table, and the preset check code and the check function are sent to the check module 24.
The check module 24 calculates the check code of the Dex file by using the check function, and determines the consistency between the check code and the corresponding preset check code. Specifically, the verification module 24 includes a second calculation unit 240 and a matching unit 242. The second calculating unit 240 calculates the Dex file to be loaded currently according to the received check function to obtain a calculation check code; the matching unit 242 compares the calculated check code with the corresponding preset check code, and if the calculated check code is the same as the preset check code, the calculated check code is consistent with the preset check code, which indicates that the check is passed. If the calculated check code is different from the preset check code, the current Dex file is different from the originally compiled Dex file, and the change occurs.
In another embodiment, the system further comprises an output module 26. When the matching unit 242 determines through comparison that the calculated check code does not coincide with the preset check code, it sends a notification to the output module 26. The output module 26 outputs an instruction to stop loading to the device system, for example, to issue an instruction to stop loading to a PM manager for installing an APK in the Android system. And the PM manager stops loading the current APK file after receiving the instruction. In another embodiment, the output module 26 also outputs a risk prompt to the user and receives a user response to whether to continue loading when the PM manager stops loading the current APK file. If the user selects to continue loading, the output module 26 sends a loading continuing instruction to the PM manager, and the PM manager continues loading until the installation is finished after receiving the loading continuing instruction.
According to another aspect of the invention, the invention also provides an APK security verification method. Fig. 6 is a flowchart illustrating an APK security verification method according to an embodiment of the present invention. The embodiment is applied to a server, and executed by the application server, and specifically includes:
in step S10, a plurality of Dex files that have been compiled are acquired. When the application compilation is complete, the APK packet structure is shown in fig. 2-4. And reading the corresponding Dex file from the APK package.
In step S11, one of the recalculated Dex files is selected.
Step S12, acquiring identification information of the Dex file, such as a file name, or information in a magic field or a signature field in a file header.
Step S13, reading a data source used for calculation, such as all data, or local data from the Dex file, where the local data includes data of one or more areas in a file header, an index area, and a data area.
And step S14, calculating the data in the data source of the Dex file according to a preset check function to obtain a corresponding preset check code.
And step S15, storing the identification information of the Dex file, the verification method or the verification function, the obtained verification code and the data source identification adopted in calculation as verification parameters into a parameter table in a parameter file.
Step S16, determine whether there is any un-calculated Dex file, if yes, return to step S10. If all the Dex files have been calculated, step S17 is performed.
Step S17, the parameter file is stored in a specific location, for example, a specific folder in the APK package, such as the res folder, or in an address corresponding to the application at the server, so as to be read when the user terminal verifies the parameter file.
And when the APK of the application is installed at the equipment end, carrying out safety verification on the APK. As shown in fig. 7, a flowchart of security verification when the user terminal performs APK installation according to an embodiment of the present invention specifically includes:
step S20, the loading of the APK file on the device side is monitored. The loading of the APK file at the user terminal may occur in different scenarios, such as the installation of an application program, the loading of the application program during the device startup process, or the loading of a slave Dex file after the application program is started.
And step S21, judging whether the loading of the Dex file is monitored, and if so, executing the step S22. If not, return to step S20 for continued monitoring.
In step S22, a Dex file in the file to be currently loaded is identified. For example, reading the file name thereof, or reading the corresponding field information in the file header thereof.
In step S23, a parameter file is acquired. For example, the parameter file is read from a preset address, such as a resource folder, or requested from the application server to obtain the parameter file from the application server.
Step S24, querying the parameter table in the parameter file according to the current Dex file identifier, obtaining the corresponding preset check code, check function or method, and calculating the check parameters such as data source identifier. The check function or method is an MD5 digest information method or an SHA-1 and SHA-2 calculation method or a CRC calculation method, and the corresponding preset check code is an MD5 value, an SHA-1 value, an SHA-2 value or a CRC code.
And step S25, reading the data to be calculated from the current Dex file according to the data source identification.
And step S26, calculating the data of the Dex file according to the check function to generate a check code.
And step S27, comparing the calculated check code with the corresponding preset check code, and judging whether the check code and the corresponding preset check code are consistent. If the Dex file and the compiled file are consistent, the verification is passed, and if the Dex file and the compiled file are not consistent, the current Dex file is different from the original compiled file, and a tampered risk exists. Step S28 is thus executed.
In step S28, a stop file loading information is output to the PM manager to stop the loading of the current APK file. Still further, the method comprises the following steps:
step S29, risk prompt information is output to the user. Wherein the risk prompt information comprises information that the currently loaded content is possibly tampered and information that asks the user whether to continue loading.
Step S30, determining whether the response message of the user is a load continuation message, if yes, outputting a load continuation command to the PM manager in step S31, instructing the PM manager to continue loading, and ending the current checking process. And if the response information of the user is not loaded, ending the current verification process.
The flows shown in fig. 6 and fig. 7 are only specific embodiments provided by the present invention, and some steps may be omitted or replaced, for example, a fixed data source may be used as the data source instead of specifying the data source for calculation, for example, all data may be used as the data source, or data in the data area in the Dex file may be used as the data source, so that it is not necessary to specify the data source identifier in the parameter table, and it is also not necessary to read data according to the data source identifier during verification.
The invention calculates the executable file Dex file in the APK file to obtain the check code, and checks the check code when loading, thereby checking whether the Dex file is falsified, and increasing the difficulty of cracking the Dex file through checking when packaging the Dex file for the second time, thereby improving the safety of the APK file.
The above embodiments are provided only for illustrating the present invention and not for limiting the present invention, and those skilled in the art can make various changes and modifications without departing from the scope of the present invention, and therefore, all equivalent technical solutions should fall within the scope of the present invention.
Claims (26)
1. An APK security system comprising:
a Dex file acquisition module configured to acquire the compiled plurality of Dex files at an application server;
the calculation module is configured to calculate a plurality of Dex files respectively according to one or more check functions to obtain a plurality of preset check codes; and
and the parameter storage module is configured to store a plurality of preset check codes of the plurality of Dex files and check functions thereof as check parameters to preset positions.
2. The APK security system of claim 1, wherein the computing module comprises an identification unit configured to identify the plurality of Dex files that are compiled complete.
3. The APK security system of claim 2, wherein the identification unit is further configured to identify the Dex file by reading a file name of the Dex file or reading a header of the Dex file.
4. The APK security system of claim 1, wherein the computation module comprises a first computation unit configured to read all or part of data from one Dex file to be computed as a computation data source, wherein the computation data source of the Dex file is used to compute the preset check code.
5. The APK security system of claim 4, wherein the calculation module calculates different data sources if the same check function is used when calculating different Dex files.
6. The APK security system of claim 4, wherein the verification parameters comprise a data source identification configured to record a calculation data source used to calculate a Dex file preset check code.
7. The APK security system of claim 1, wherein the parameter storage module stores the verification parameters in a parameter file.
8. The APK security system of claim 7, wherein the parameter storage module stores the parameter file at an application server and/or in an APK package.
9. An APK security system comprising:
a monitoring module configured to monitor loading of an APK file at a user terminal;
the device comprises a parameter acquisition module, a verification module and a verification module, wherein the parameter acquisition module is configured to acquire verification parameters of a plurality of Dex files in an APK file, and the verification parameters at least comprise a plurality of preset verification codes and one or more verification functions; and
and the checking module is configured to calculate the checking code of the Dex file to be loaded currently according to the one or more checking functions and compare the checking code with the corresponding preset checking code.
10. The system of claim 9, wherein the parameter acquisition module further comprises: and the file acquisition unit is configured to acquire the Dex file to be loaded currently.
11. The system of claim 10, wherein the parameter acquisition module further comprises:
a file identification unit configured to identify the Dex file by a file name of the Dex file or header information of the Dex file; and
and the query unit is configured to query the parameter file according to the identified Dex file to acquire a corresponding preset check code and a check function.
12. The system of claim 11, wherein the query unit obtains the parameter file from an APK package; or, the query unit acquires the parameter file from a server.
13. The system of claim 9, wherein the verification module comprises:
the second calculation unit is configured to calculate the check code of the Dex file to be loaded currently according to the check function; and
and the matching unit is configured to match the consistency of the calculated check code and the corresponding preset check code.
14. The system according to claim 13, wherein when the verification parameter includes a data source identifier, the second calculation unit is further configured to read data from the Dex file to be currently loaded according to the data source identifier, and calculate the verification code according to the verification function.
15. The system of claim 9, wherein further configured comprises an output module configured to output stop file loading information in response to the calculated check code not being consistent with a preset check code.
16. The system of claim 15, wherein the output module is further configured to output risk reminder information to a user.
17. An APK security verification method, comprising:
acquiring a plurality of compiled Dex files at an application server;
respectively calculating the Dex files according to one or more check functions to obtain a plurality of preset check codes; and
and storing a plurality of preset check codes of a plurality of Dex files and corresponding check functions thereof as check parameters to preset positions.
18. The method of claim 17, further comprising, when computing the Dex file:
identifying a Dex file which is completed by compiling;
reading all or part of data from a Dex file to be calculated as a calculation data source;
calculating the data of the Dex file according to a check function to obtain a corresponding preset check code; when a plurality of Dex files are calculated, when the same check function is adopted for calculation, the data sources of different Dex files are different.
19. The method of claim 18, further comprising, when computing the plurality of Dex files:
and recording a data source identifier of each Dex file for calculating a preset check code, and storing the data source identifier as a check parameter to the preset position.
20. The method of claim 18, further comprising: and identifying the Dex file by reading the file name of the Dex file or reading the file header of the Dex file.
21. The method of claim 17, further comprising: and storing the verification parameters into a parameter file, wherein the parameter file is stored into an APK package or an application server.
22. An APK security verification method, comprising:
monitoring the loading of the APK file on the user terminal;
when loading an APK file, acquiring verification parameters of a plurality of Dex files in the APK file, wherein the verification parameters at least comprise a plurality of preset verification codes and one or more verification functions; and
and calculating the check code of the Dex file to be loaded currently according to the corresponding check function, and comparing the check code with the corresponding preset check code.
23. The method of claim 22, further comprising:
acquiring a Dex file to be loaded currently;
identifying the Dex file according to the name of the Dex file or by inquiring the file header information of the Dex file; and
and inquiring a preset parameter file according to the identified Dex file to obtain a corresponding preset check code and a check function.
24. The method of claim 22, wherein the check code is an MD5 value, an SHA-1 value, an SHA-2 value, or a CRC code, and the corresponding check function is an MD5, an SHA-1, an SHA-2, or a CRC calculation method.
25. The method of claim 22, wherein when the verification parameters further include a computed data source identification, further comprising: and reading corresponding data from the Dex file to be loaded currently according to the data source identification, and calculating according to a corresponding check function to obtain a check code.
26. The system of claim 19, further comprising: and responding to the inconsistency between the check code obtained by calculation and a preset check code, and outputting information for stopping loading the Dex file and/or risk prompt information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010413374.1A CN111767539A (en) | 2020-05-15 | 2020-05-15 | APK safety system and safety verification method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010413374.1A CN111767539A (en) | 2020-05-15 | 2020-05-15 | APK safety system and safety verification method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111767539A true CN111767539A (en) | 2020-10-13 |
Family
ID=72719286
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010413374.1A Pending CN111767539A (en) | 2020-05-15 | 2020-05-15 | APK safety system and safety verification method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111767539A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112560042A (en) * | 2020-11-25 | 2021-03-26 | 北京交大微联科技有限公司 | Data configuration method and device for computer interlocking system |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104123481A (en) * | 2013-04-24 | 2014-10-29 | 贝壳网际(北京)安全技术有限公司 | Method and device for preventing application program from being tampered |
| CN105262589A (en) * | 2014-07-16 | 2016-01-20 | 阿里巴巴集团控股有限公司 | Data security check method and apparatus and check device |
| CN106055341A (en) * | 2016-06-14 | 2016-10-26 | 北京奇虎科技有限公司 | Application installation package checking method and device |
| EP3113065A1 (en) * | 2015-06-30 | 2017-01-04 | Kaspersky Lab AO | System and method of detecting malicious files on mobile devices |
| CN106933695A (en) * | 2017-02-28 | 2017-07-07 | 武汉斗鱼网络科技有限公司 | A kind of method of calibration and system of SWF files |
| CN107908931A (en) * | 2017-11-16 | 2018-04-13 | 四川长虹电器股份有限公司 | Digital television software mixing verification encryption method |
| CN108229112A (en) * | 2016-12-22 | 2018-06-29 | 阿里巴巴集团控股有限公司 | A kind of operation method and device for protecting application program, application program |
| CN108847926A (en) * | 2018-06-22 | 2018-11-20 | 武汉斗鱼网络科技有限公司 | A kind of client secure detection method, device and client device |
| US20180373523A1 (en) * | 2016-05-07 | 2018-12-27 | Tencent Technology (Shenzhen) Company Limited | Application update method and apparatus |
-
2020
- 2020-05-15 CN CN202010413374.1A patent/CN111767539A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104123481A (en) * | 2013-04-24 | 2014-10-29 | 贝壳网际(北京)安全技术有限公司 | Method and device for preventing application program from being tampered |
| CN105262589A (en) * | 2014-07-16 | 2016-01-20 | 阿里巴巴集团控股有限公司 | Data security check method and apparatus and check device |
| EP3113065A1 (en) * | 2015-06-30 | 2017-01-04 | Kaspersky Lab AO | System and method of detecting malicious files on mobile devices |
| US20180373523A1 (en) * | 2016-05-07 | 2018-12-27 | Tencent Technology (Shenzhen) Company Limited | Application update method and apparatus |
| CN106055341A (en) * | 2016-06-14 | 2016-10-26 | 北京奇虎科技有限公司 | Application installation package checking method and device |
| CN108229112A (en) * | 2016-12-22 | 2018-06-29 | 阿里巴巴集团控股有限公司 | A kind of operation method and device for protecting application program, application program |
| CN106933695A (en) * | 2017-02-28 | 2017-07-07 | 武汉斗鱼网络科技有限公司 | A kind of method of calibration and system of SWF files |
| CN107908931A (en) * | 2017-11-16 | 2018-04-13 | 四川长虹电器股份有限公司 | Digital television software mixing verification encryption method |
| CN108847926A (en) * | 2018-06-22 | 2018-11-20 | 武汉斗鱼网络科技有限公司 | A kind of client secure detection method, device and client device |
Non-Patent Citations (1)
| Title |
|---|
| 马亮: "基于ART虚拟机的安卓应用安全防护***设计与实现", 《硕士论文电子期刊》, pages 37 - 42 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112560042A (en) * | 2020-11-25 | 2021-03-26 | 北京交大微联科技有限公司 | Data configuration method and device for computer interlocking system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5507176B2 (en) | Method and apparatus for measuring software reliability | |
| US8931086B2 (en) | Method and apparatus for reducing false positive detection of malware | |
| US8356351B2 (en) | Method and device for verification of code module in virtual machine | |
| US9256765B2 (en) | System and method for identifying software changes | |
| CN102799500B (en) | System repair method and device | |
| KR101214893B1 (en) | Apparatus and method for detecting similarity amongf applications | |
| EP3859579B1 (en) | Trusted computing method, and server | |
| CN104751048A (en) | Dynamic link library integrity measuring method under perlink mechanism | |
| KR20060045146A (en) | Confirmatinon method of software and apparatus for executing software | |
| US20160380771A1 (en) | Binary code authentication | |
| US20230261882A1 (en) | Image Management Method and Apparatus | |
| US9122864B2 (en) | Method and apparatus for transitive program verification | |
| CN106980800B (en) | Measurement method and system for authentication partition of encrypted solid state disk | |
| EP1303802B1 (en) | System and method of verifying the authenticity of dynamically connectable executable images | |
| CN111767539A (en) | APK safety system and safety verification method | |
| JP4680562B2 (en) | Secure identification of executable files for trust determination entities | |
| CN112099909B (en) | Virtual machine memory measurement method, device, processor chip and system | |
| CN111814138B (en) | Cloud platform-based software security management system | |
| CN111953475B (en) | Method and device for repairing code loopholes | |
| KR101320680B1 (en) | Method and apparatus for integrity check of software | |
| CN116992438A (en) | Method, device, equipment and medium for repairing real-time loopholes based on code vaccine | |
| CN111090442A (en) | Application updating method and device and storage medium | |
| CN112445705B (en) | Software running system, method and device based on trusted verification and computer equipment | |
| CN114238940A (en) | Software installation package processing method and device and readable storage medium | |
| CN114139215A (en) | Dynamic library file loading method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |