CN116028898A - Java application protection method, device, system, server and readable storage medium - Google Patents
Java application protection method, device, system, server and readable storage medium Download PDFInfo
- Publication number
- CN116028898A CN116028898A CN202310035018.4A CN202310035018A CN116028898A CN 116028898 A CN116028898 A CN 116028898A CN 202310035018 A CN202310035018 A CN 202310035018A CN 116028898 A CN116028898 A CN 116028898A
- Authority
- CN
- China
- Prior art keywords
- class file
- isomerization
- class
- file
- processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The application discloses a Java application protection method, a device, a system, a server and a readable storage medium, wherein the class file in an engineering code packet corresponding to an application is subjected to isomerization processing in advance, the engineering code packet subjected to isomerization processing is deployed, on the basis, when a user request is received, a preset arbitration algorithm is used for judging whether the class file is the file subjected to isomerization processing, the arbitration algorithm corresponds to the algorithm subjected to isomerization processing, if not, the class file subjected to isomerization processing in advance is tampered maliciously or is a newly added file of an attacker, if yes, the class file is discarded, if not, the class file is not attacked, the isomerization processing is carried out on the class file, the isomerization class file is obtained, and the isomerization class file is executed to respond to the user request, so that an attacker cannot tamper the class file or construct a class file in a mode of newly adding the class file, and the security of Java application is improved.
Description
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a Java application protection method, device, system, server, and readable storage medium.
Background
In the current network environment, the Web service system is an important service bearing and providing platform, is a virtual representation of government, enterprise and individual on the internet, gathers massive data resources such as user information, enterprise data, financial finance, business confidentiality, intellectual property rights, customer order information and the like, and the importance degree is self-evident, so that the Web server becomes a main attack object of a network hacker, and the network hacker obtains the information wanted by various ways, various attack tools and various deception means.
In general, most of development languages adopted by applications are Java, an attacker cannot always request services from a Web server through a form of attacking Java application source codes to construct a webshell (the webshell is a malicious script which is executed by utilizing the environment of the Web server) in the Java application, and an attempt is made to obtain higher control rights.
Disclosure of Invention
In view of this, the present application provides a method, device, system, server and readable storage medium for protecting Java applications, which are used for solving the problem that the existing protection mode of Java applications cannot avoid that the source code of the Java applications is attacked by an attacker, and cannot avoid that the attacker constructs webshell in the Java applications.
In order to achieve the above object, the following solutions have been proposed:
a Java application protection method, comprising:
when a user request is received, acquiring a class file in an engineering code package corresponding to the request, wherein the engineering code package is a code package deployed after carrying out isomerization processing on the class file contained in the engineering code package;
judging whether the class file is the file subjected to the isomerization processing or not by using a preset arbitration algorithm, wherein the arbitration algorithm corresponds to the isomerization processing algorithm;
if not, discarding the class file;
if yes, carrying out isomerisation treatment on the class file according to the isomerisation treatment algorithm to obtain a isomerised class file;
and executing the deisogenic class file.
Preferably, before receiving the user request, the method further comprises:
and acquiring an engineering code packet which is uploaded by the client and obtained by carrying out isomerization processing on class files in the initial engineering code packet by using a preset isomerization algorithm.
Preferably, the heterogeneous algorithm comprises:
and performing any one or more of insertion custom variable processing, reload construction method processing and insertion custom method processing on the class file in the initial engineering code packet.
Preferably, the determining, by using a preset arbitration algorithm, whether the class file is the file subjected to the isomerization processing includes:
judging whether the class file contains any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method;
if yes, determining the class file as the file subjected to the isomerization treatment;
if not, determining that the class file is not the file subjected to the isomerization treatment;
preferably, the step of performing a de-isomerization process on the class file according to the algorithm of the isomerization process to obtain a de-isomerized class file includes:
deleting any one or more of the custom variables inserted in the class file, the construction method of the reload and the custom method inserted to obtain the de-isomerized class file.
Preferably, before determining whether the class file includes any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method, the method further includes:
obtaining any one or more of all variables, all current construction methods and all methods in the class file by using a reflection mode in a Java tool class;
judging whether the class file contains any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method or not, wherein the method comprises the following steps:
judging whether all the variables in the class file contain the inserted custom variables or not; and/or the number of the groups of groups,
judging whether all the current construction methods comprise the construction method for reloading or not; and/or the number of the groups of groups,
and judging whether all the methods comprise the inserted custom method or not.
Preferably, the method further includes, after performing a de-isomerization process on the class file according to the algorithm of the isomerization process to obtain a de-isomerized class file:
sending the deisoidal class file to a Java virtual machine;
executing the deisogenic class file, comprising:
and executing the deisoized class file by using the Java virtual machine.
A Java application guard comprising:
the system comprises a class file acquisition unit, a class file generation unit and a class management unit, wherein the class file acquisition unit is used for acquiring class files in an engineering code package corresponding to a user request when the user request is received, and the engineering code package is a code package deployed after isomerization processing is carried out on the class files contained in the engineering code package;
the judging unit is used for judging whether the class file is the file subjected to the isomerization processing or not by using a preset judging algorithm, and the judging algorithm corresponds to the algorithm of the isomerization processing;
if not, executing the following steps of discarding the unit, and if so, executing the following steps of de-isomerising the unit;
a discarding unit, configured to discard the class file;
the isomerisation processing unit is used for carrying out isomerisation processing on the class file according to the isomerisation processing algorithm to obtain a isomerised class file;
and the execution unit is used for executing the deironized class file.
A Java application protection system comprising: the system comprises a client and a server, wherein the client is used for carrying out isomerization processing on class files in an initial engineering code packet to obtain the engineering code packet, uploading the engineering code packet to the server, and the server is used for realizing the steps of the Java application protection method.
A Java application protection server comprising a memory and a processor;
the memory is used for storing programs;
the processor is configured to execute the program to implement the steps of the Java application protection method.
A readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of a Java application protection method as described above.
According to the technical scheme, the Java application protection method provided by the embodiment of the application can be used for carrying out isomerization processing on the class file in the corresponding engineering code packet in advance, then disposing the engineering code packet subjected to isomerization processing on the class file, on the basis of the isomerization processing, when a user request is received, the class file in the engineering code packet corresponding to the user request is not directly executed, but firstly, whether the class file is the file subjected to isomerization processing is judged by using a preset decision algorithm, wherein the decision algorithm corresponds to the algorithm subjected to isomerization processing, if not, the class file representing the class file subjected to isomerization processing in advance is tampered maliciously or is a newly added file of an attacker, and if the class file is discarded, the class file is not attacked, at the moment, the class file is normally executed, and the class file is subjected to isomerization processing according to the algorithm subjected to isomerization processing, and is judged to be a failure mode that the class file cannot be replaced by the attacker when the class file is increased by the new class file, and if the class file is not subjected to isomerization processing, and if the class file cannot be replaced by the attacker, and if the class file cannot be constructed in a mode of the new class file is not subjected to the isomerization processing, and the class file cannot be replaced by the attacker, and the class file cannot be constructed by the way of the attacker.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present application, and that other drawings may be obtained according to the provided drawings without inventive effort to a person skilled in the art.
Fig. 1 is a flowchart of a method for protecting Java applications according to an embodiment of the present disclosure;
fig. 2 is a schematic structural diagram of a Java application protection method device according to an embodiment of the present disclosure;
FIG. 3 is a system architecture diagram for implementing Java application protection in accordance with an embodiment of the present disclosure;
fig. 4 is a hardware structure block diagram of a Java application protection server according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
The application provides a Java application protection method which can be suitable for various types of applications developed by using Java language, such as various websites, APP and the like.
The scheme can be realized based on the terminal with the data processing capability, and the terminal can be a computer, a server, a cloud end and the like.
An embodiment of the present application provides a Java application protection scheme, and a Java application protection method of the present application is described below through fig. 1, where as shown in fig. 1, the method may include:
and step S100, when a user request is received, acquiring a class file in an engineering code packet corresponding to the request.
The engineering code package is a final executable program of an application project, for example, the final executable program of a Spring Boot project is an app.jar file, and then the app.jar file can be called as the engineering code package of the project, the engineering code package mentioned in the step is a code package deployed after isomerization processing is performed on a class file contained in the engineering code package, the class file is named as a Java class file, and the class file is a byte code file compiled by a Java source code file, so that a binary form service independent of an underlying host platform is provided for the Java program.
Specifically, in the embodiment of the present application, after a developer discovers that after the client finishes development of an application, the developer directly uploads an engineering code packet corresponding to the application to a server to complete deployment of the application in the server, when a user request is received, the developer directly executes a class file in the engineering code packet corresponding to the user request to respond to the user request, and an attacker constructs a webshell by modifying a class file in the engineering code packet corresponding to the application in the server or newly adding the class file in the engineering code packet.
Step S110, judging whether the class file is the file subjected to the isomerization processing by using a preset arbitration algorithm.
The isomerization processing refers to a process of realizing diversification processing of codes by using a code instrumentation technology so as to realize isomerization of the codes, and the arbitration algorithm corresponds to the algorithm of the isomerization processing.
Specifically, after a class file in an engineering code packet corresponding to a user request is obtained, if the class file is directly executed, if the class file is maliciously tampered by an attacker or is a newly added file of the attacker, the direct execution can cause the attacker to successfully construct a webshell, and because the engineering code packet in the embodiment of the application is a code packet deployed after the isomerization processing is performed on the class file contained in the engineering code packet in advance, a preset arbitration algorithm can be used to determine whether the class file is an isomerized file, if not, the class file representing the prior isomerization processing of the application is maliciously tampered or the class file is the newly added file of the attacker, and if the class file cannot be executed, the class file is represented not to be attacked, and the class file can be normally executed.
If not, the following step S120 is executed, and if yes, the following step S130 is executed.
Step S120, discarding the class file.
Specifically, if the obtained class file is not the file subjected to the isomerization process, it indicates that the class file is maliciously tampered by an attacker or a newly added file is an attacker, so that the class file cannot be executed at this time and should be discarded.
And step S130, performing the isomerisation treatment on the class file according to the isomerisation treatment algorithm to obtain the isomerised class file.
Specifically, if the obtained class file is a file subjected to isomerization processing, it indicates that the class file is a normal file and is not attacked by an attacker, and in order to normally respond to a request of a user, the class file should be subjected to isomerization processing according to an algorithm of isomerization processing, so as to obtain a deironized class file.
And step S140, executing the deironized class file.
Specifically, the isomerised class file obtained after isomerising the class file is the original file written by the developer during development, and the isomerised file can be executed at this time to respond to the request of the user.
According to the Java application protection method provided by the embodiment of the application, the class files in the corresponding engineering code packages are subjected to isomerization processing in advance, the engineering code packages subjected to isomerization processing are deployed, on the basis, when a user request is received, the class files in the engineering code packages corresponding to the user request are not directly executed, but a preset arbitration algorithm is used for judging whether the class files are files subjected to isomerization processing or not, wherein the arbitration algorithm corresponds to the algorithm subjected to isomerization processing, if not, the class files representing the application subjected to isomerization processing in advance are maliciously tampered or the class files are newly added files of an attacker, and if yes, the class files are discarded, then the class files are not attacked, at this time, the class files are subjected to isomerization processing according to the algorithm subjected to isomerization processing, so that the class files are obtained, and the class files are not subjected to isomerization processing, when the attacker wants to construct the class files through the new class files, the class files cannot be replaced by the attacker, and if the class files cannot be replaced by the attacker, and the class files cannot be obtained through the method of the application, and if the class files cannot be replaced by the class files in the mode of the application, and the class files cannot be obtained through the transformation of the method of the files.
In the embodiment of the present application, it is found that, because the client uploads the engineering code package to be deployed, when a user request is received in the step S100, before the class file in the engineering code package corresponding to the request is obtained, the engineering code package obtained after the class file in the initial engineering code package is isomerized by using a preset isomerization algorithm and uploaded by the client is first obtained.
Specifically, in order to avoid malicious tampering of a class file in an engineering code packet by an attacker or newly adding the class file in the engineering code packet, a client side uses a preset heterogeneous algorithm to carry out heterogeneous processing on the class file in an initial engineering code packet in advance to obtain the engineering code packet, and then uploads the obtained engineering code packet.
In the embodiment of the application, the obtained engineering code package is the engineering code package obtained by carrying out the isomerization processing on the class files in the initial engineering code package by using the preset isomerization algorithm uploaded by the client, so that the difficulty of modifying the source codes in the class files by an attacker is greatly improved, and the attacker cannot know the isomerization algorithm for carrying out the isomerization processing, so that the class files which are also subjected to the isomerization processing cannot be newly added in the engineering code package, and the situation that the attacker constructs webshell by tampering the class files in the engineering code package or newly adding the class files in the engineering code package is avoided.
Alternatively, the heterogeneous algorithm may include: and performing any one or more of insertion custom variable processing, reload construction method processing and insertion custom method processing on the class file in the initial engineering code packet.
Specifically, the variable refers to an abstract concept capable of storing a calculation result or representing a value in a computer language, some custom variables can be preset, then the set custom variables are inserted into class files in an initial engineering code package, the construction method is a special method with the same name as the class, the creation of the object is accomplished through the construction method, the function of the object is mainly accomplished by initializing the object, the reloading construction method refers to that a plurality of construction methods can be defined in one class, as long as the parameter type or parameter of each construction method is different, the construction method can be reloaded in the class files in the initial engineering code package, the method is a functional block in a program, namely, a collection of statement blocks for realizing a certain function, some custom methods can be preset, and the set custom method is inserted into the class files in the initial engineering code package.
Optionally, the user may select any one or more of inserting the custom variable processing, reloading the construction method processing and inserting the custom method processing for the class file in the initial engineering code packet, and may also randomly select any one or more of inserting the custom variable processing, reloading the construction method processing and inserting the custom method processing for the class file in the initial engineering code packet.
In the embodiment of the application, the obtained engineering code package is the code package obtained after any one or more of the process of inserting the custom variable, the process of reloading the construction method and the process of inserting the custom method into the class file in the initial engineering code package, so that the dynamic thought is combined, the uncertainty of constructing the webshell by an attacker is increased due to the dynamic nature of the selection of the algorithm for carrying out the isomerization process, and the attack difficulty of the attacker is improved.
Based on the above embodiments, in some embodiments of the present application, a process of determining whether the class file is the file subjected to the isomerization processing in the step S110 by using a preset arbitration algorithm is described, where the process may include:
judging whether the class file contains any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method.
If yes, determining the class file as the file subjected to the isomerization treatment.
If not, determining that the class file is not the file subjected to the isomerization processing.
Specifically, since the engineering code package is an engineering code package obtained by performing any one or more of insertion custom variable processing, reloading construction method processing and insertion custom method processing on the class file in the initial engineering code package in advance, whether the class file is a file subjected to the isomerization processing or not can be judged by judging whether the class file contains any one or more of the inserted custom variable, reloading construction method and inserted custom method, if so, the class file is not tampered by an attacker after the class file is subjected to the isomerization processing, and if not, the class file is maliciously tampered by the attacker or is a newly added file of the attacker after the class file is subjected to the isomerization processing.
Whether the class file contains the inserted custom variable, the reloading construction method and which of the inserted custom variable and the inserted custom method is required to be determined by a specific heterogeneous algorithm used by the client, for example, the client performs the process of inserting the custom variable and the process of reloading the construction method on the class file in the initial engineering code package in advance, and then whether the class file contains the inserted custom variable and the reloading construction method is required to be determined.
Based on the foregoing embodiments, in some embodiments of the present application, the process of performing the isomerization processing on the class file according to the isomerization processing algorithm in the step S130 to obtain the isomerization class file is described, where the process may include:
deleting any one or more of the custom variables inserted in the class file, the construction method of the reload and the custom method inserted to obtain the de-isomerized class file.
Specifically, as can be seen from the above embodiment, the class file includes any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method, and is a file that is subjected to isomerization processing, so that in order to normally respond to a user's request, any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method in the class file need to be deleted, and a de-isomerization class file is obtained.
The method for constructing the custom variable and the reload inserted in the class file is deleted, and which of the custom variable and the reload inserted in the class file is required to be determined by a specific heterogeneous algorithm used by the client, for example, the client performs the process of inserting the custom variable and the process of reload constructing the class file in the initial engineering code package in advance, so that the custom variable and the reload constructing method inserted in the class file are required to be deleted at this time, and the deisoized class file is obtained.
Optionally, a isomerization algorithm used by the client may be received, so as to determine whether the class file is an isomerized file according to the isomerization algorithm, and perform a de-isomerization process on the class file to obtain a de-isomerized class file.
In order to realize the above determination whether the class file contains any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method, before determining whether the class file contains any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method, the embodiment of the present application may further include:
and obtaining any one or more of all variables, all current construction methods and all methods in the class file by using a reflection mode in the Java tool class.
Specifically, any one or more of all variables, all current construction methods and all methods in the class file can be obtained by first using a reflection mode in the Java tool class.
Wherein, which of all variables, all current construction methods and all methods in the class file is obtained can be determined according to heterogeneous algorithms used by the client, for example, the client performs the process of inserting custom variables and the process of reloading construction methods on the class file in the initial engineering code package in advance, and then only the reflection mode in the Java tool class is needed to obtain all the variables and all the current construction methods in the class file.
Based on this, the above process of determining whether the class file includes any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method may include:
judging whether all the variables in the class file contain the inserted custom variables or not; and/or the number of the groups of groups,
judging whether all the current construction methods comprise the construction method for reloading or not; and/or the number of the groups of groups,
and judging whether all the methods comprise the inserted custom method or not.
Specifically, after any one or more of all the variables, all the current construction methods and all the methods in the class file are acquired, it may be determined whether the all the variables contain inserted custom variables, and/or whether all the current construction methods contain reloaded construction methods, and/or whether all the methods contain inserted custom methods.
The determining whether the inserted custom variable, the reloaded constructing method and the inserted custom method are included may be determined according to which of all variables, all current constructing methods and all methods in the obtained class file, for example, all variables and all current constructing methods in the class file are obtained, and then only whether the inserted custom variable and the reloaded constructing method are included in all the obtained variables is needed to be determined.
In some embodiments of the present application, considering a virtual machine mechanism in a Java application, after performing the de-isomerization processing on the class file according to the algorithm of the isomerization processing in the step S130, the method may further include:
and sending the deisoidal class file to a Java virtual machine.
Specifically, the Java virtual machine refers to a program capable of loading, analyzing and executing class files, and has the main function of replacing the original program implementation and the operating system to communicate, so that the cross-platform characteristic is realized, so that the obtained deisoid class files can be sent to the Java virtual machine, and the Java virtual machine can execute the deisoid class files.
Based on this, the above-mentioned step S140 executing the process of de-isomerizing the class file may include:
and executing the deisoized class file by using the Java virtual machine.
The following describes the Java application protection apparatus provided in the embodiments of the present application, and the Java application protection apparatus described below and the Java application protection method described above may be referred to correspondingly.
First, referring to fig. 2, a Java application guard is described, as shown in fig. 2, the Java application guard may include:
a class file obtaining unit 10, configured to obtain, when a user request is received, a class file in an engineering code package corresponding to the request, where the engineering code package is a code package deployed after performing isomerization processing on a class file included in the engineering code package;
a judging unit 20, configured to judge whether the class file is the file subjected to the isomerization processing using a preset arbitration algorithm, where the arbitration algorithm corresponds to the isomerization processing algorithm;
if not, the following step of discarding the unit 30 is performed, and if so, the following step of de-isomerising the unit 40 is performed;
a discarding unit 30, configured to discard the class file;
a deisomerization processing unit 40, configured to perform a deisomerization processing on the class file according to the algorithm of the isomerization processing, to obtain a deisomerized class file;
an execution unit 50 for executing the de-isomerised class file.
Optionally, the Java application protection apparatus may further include:
the engineering code package acquisition unit is used for acquiring the engineering code package which is uploaded by the client and obtained after the class file in the initial engineering code package is subjected to isomerization processing by using a preset isomerization algorithm.
Optionally, the heterogeneous algorithm used by the engineering code packet acquiring unit may include:
and performing any one or more of insertion custom variable processing, reload construction method processing and insertion custom method processing on the class file in the initial engineering code packet.
Optionally, the determining unit may determine, using a preset arbitration algorithm, whether the class file is the file subjected to the isomerization processing, including:
judging whether the class file contains any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method;
if yes, determining the class file as the file subjected to the isomerization treatment;
if not, determining that the class file is not the file subjected to the isomerization processing.
Optionally, the process of performing, by the deironization processing unit, the deironization processing on the class file according to the algorithm of the isomerization processing to obtain the deironized class file may include:
deleting any one or more of the custom variables inserted in the class file, the construction method of the reload and the custom method inserted to obtain the de-isomerized class file.
Optionally, the Java application protection apparatus may further include:
and the reflection unit is used for acquiring any one or more of all variables, all current construction methods and all methods in the class file by utilizing a reflection mode in the Java tool class.
Based on this, the process of determining whether the class file includes any one or more of the inserted custom variable, the reloaded construction method, and the inserted custom method may include:
judging whether all the variables in the class file contain the inserted custom variables or not; and/or the number of the groups of groups,
judging whether all the current construction methods comprise the construction method for reloading or not; and/or the number of the groups of groups,
and judging whether all the methods comprise the inserted custom method or not.
Optionally, the Java application protection apparatus may further include:
and the deisogenic class file sending unit is used for sending the deisogenic class file to the Java virtual machine.
Based on this, the executing unit executing the process of de-isomerizing the class file may include:
and executing the deisoized class file by using the Java virtual machine.
Referring to fig. 3, fig. 3 is a schematic structural diagram of a Java application protection system provided in an embodiment of the present application, where the Java application protection system provided in the embodiment of the present application may include: the client 200 is configured to perform isomerization processing on class files in an initial engineering code packet to obtain an engineering code packet, upload the engineering code packet to the server, and the server 300 is configured to implement each step of the Java application protection method.
Referring to fig. 3, the client 200 may include an isomerization processing module 201 and an engineering code packet uploading module 202;
the isomerization processing module 201 is configured to perform isomerization processing on a class file in an initial engineering code packet by using a preset isomerization algorithm in advance, obtain an engineering code packet, and send the engineering code packet to the engineering code packet uploading module 202;
the engineering code packet uploading module 202 is configured to upload the engineering code packet to the server 300 when receiving the engineering code packet sent by the isomerization processing module 201.
Optionally, the isomerization algorithm used by the isomerization processing module 201 may include: and performing any one or more of insertion custom variable processing, reload construction method processing and insertion custom method processing on the class file in the initial engineering code packet.
The server 200 may include an engineering code package acquisition module 301, a proxy module 302, an arbitration module 303, and a Java virtual machine 304;
the engineering code package obtaining module 301 is configured to obtain an engineering code package obtained by performing isomerization processing on a class file in an initial engineering code package by using a preset isomerization algorithm, where the engineering code package is uploaded by the client 200;
the agent module 302 is configured to, when receiving a user request, obtain a class file in an engineering code packet corresponding to the request, and send the class file to the arbitration module 303, where the engineering code packet is a code packet obtained after the engineering code packet obtaining module 301 performs isomerization processing on the class file that is included;
the arbitration module 303 is configured to determine whether the class file is the file subjected to the isomerization processing by using a preset arbitration algorithm, where the arbitration algorithm corresponds to the isomerization processing algorithm, and discard the class file if not, and if not, perform the isomerization processing on the class file according to the isomerization processing algorithm to obtain an isomerization class file, and send the isomerization class file to the Java virtual machine 304;
the Java virtual machine 304 is configured to receive the deisoed class file sent by the arbitration module 303, and execute the deisoed class file.
Optionally, the determining, by the arbitration module 303, whether the class file is the file subjected to the isomerization processing using a preset arbitration algorithm may include:
the arbitration module 303 determines whether the class file contains any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method, if so, it determines that the class file is the file subjected to the isomerization process, and if not, it determines that the class file is not the file subjected to the isomerization process.
Optionally, the process of performing, by the arbitration module 303, the isomerisation process on the class file according to the isomerisation algorithm to obtain the isomerised class file may include:
the arbitration module 303 deletes any one or more of the custom variables inserted in the class file, the construction method of the reload, and the custom method inserted, to obtain a deironized class file.
Optionally, the arbitration module 303 is further configured to obtain any one or more of all variables, all current construction methods, and all methods in the class file by using a reflection manner in a Java tool class;
based on this, the process of the arbitration module 303 determining whether the class file contains any one or more of the inserted custom variable, the reloaded construction method, and the inserted custom method may include:
judging whether all the variables in the class file contain the inserted custom variables or not; and/or the number of the groups of groups,
whether all the current construction methods comprise the construction method of reloading; and/or the number of the groups of groups,
whether all the methods include the inserted custom method or not.
The Java application protection device provided by the embodiment of the application can be applied to a Java application protection server. Fig. 4 shows a hardware structure block diagram of a Java application protection server, and referring to fig. 4, the hardware structure of the Java application protection server may include: at least one processor 1, at least one communication interface 2, at least one memory 3 and at least one communication bus 4;
in the embodiment of the application, the number of the processor 1, the communication interface 2, the memory 3 and the communication bus 4 is at least one, and the processor 1, the communication interface 2 and the memory 3 complete communication with each other through the communication bus 4;
processor 1 may be a central processing unit CPU, or a specific integrated circuit ASIC (Application Specific Integrated Circuit), or one or more integrated circuits configured to implement embodiments of the present invention, etc.;
the memory 3 may comprise a high-speed RAM memory, and may further comprise a non-volatile memory (non-volatile memory) or the like, such as at least one magnetic disk memory;
wherein the memory stores a program, the processor is operable to invoke the program stored in the memory, the program operable to: and realizing each processing flow in the Java application protection scheme.
The embodiment of the application also provides a storage medium, which may store a program adapted to be executed by a processor, the program being configured to: and realizing each processing flow in the Java application protection scheme.
Finally, it is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A Java application protection method, comprising:
when a user request is received, acquiring a class file in an engineering code package corresponding to the request, wherein the engineering code package is a code package deployed after carrying out isomerization processing on the class file contained in the engineering code package;
judging whether the class file is the file subjected to the isomerization processing or not by using a preset arbitration algorithm, wherein the arbitration algorithm corresponds to the isomerization processing algorithm;
if not, discarding the class file;
if yes, carrying out isomerisation treatment on the class file according to the isomerisation treatment algorithm to obtain a isomerised class file;
and executing the deisogenic class file.
2. The method of claim 1, further comprising, prior to receiving the user request:
and acquiring an engineering code packet which is uploaded by the client and obtained by carrying out isomerization processing on class files in the initial engineering code packet by using a preset isomerization algorithm.
3. The method of claim 2, wherein the heterogeneous algorithm comprises:
and performing any one or more of insertion custom variable processing, reload construction method processing and insertion custom method processing on the class file in the initial engineering code packet.
4. The method of claim 3, wherein the determining whether the class file is the isomerised file using a predetermined arbitration algorithm comprises:
judging whether the class file contains any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method;
if yes, determining the class file as the file subjected to the isomerization treatment;
if not, determining that the class file is not the file subjected to the isomerization treatment;
performing a de-isomerization process on the class file according to the algorithm of the isomerization process to obtain a de-isomerization class file, including:
deleting any one or more of the custom variables inserted in the class file, the construction method of the reload and the custom method inserted to obtain the de-isomerized class file.
5. The method of claim 4, wherein prior to determining whether the class file contains any one or more of the inserted custom variable, the reloaded construction method, and the inserted custom method, further comprising:
obtaining any one or more of all variables, all current construction methods and all methods in the class file by using a reflection mode in a Java tool class;
judging whether the class file contains any one or more of the inserted custom variable, the reloaded construction method and the inserted custom method or not, wherein the method comprises the following steps:
judging whether all the variables in the class file contain the inserted custom variables or not; and/or the number of the groups of groups,
judging whether all the current construction methods comprise the construction method for reloading or not; and/or the number of the groups of groups,
and judging whether all the methods comprise the inserted custom method or not.
6. The method according to any one of claims 1-5, wherein the step of performing a de-isomerization process on the class file according to the isomerization process algorithm to obtain a de-isomerized class file further comprises:
sending the deisoidal class file to a Java virtual machine;
executing the deisogenic class file, comprising:
and executing the deisoized class file by using the Java virtual machine.
7. A Java application guard, comprising:
the system comprises a class file acquisition unit, a class file generation unit and a class management unit, wherein the class file acquisition unit is used for acquiring class files in an engineering code package corresponding to a user request when the user request is received, and the engineering code package is a code package deployed after isomerization processing is carried out on the class files contained in the engineering code package;
the judging unit is used for judging whether the class file is the file subjected to the isomerization processing or not by using a preset judging algorithm, and the judging algorithm corresponds to the algorithm of the isomerization processing;
if not, executing the following steps of discarding the unit, and if so, executing the following steps of de-isomerising the unit;
a discarding unit, configured to discard the class file;
the isomerisation processing unit is used for carrying out isomerisation processing on the class file according to the isomerisation processing algorithm to obtain a isomerised class file;
and the execution unit is used for executing the deironized class file.
8. A Java application protection system, comprising: the system comprises a client and a server, wherein the client is used for carrying out isomerization treatment on class files in an initial engineering code packet to obtain the engineering code packet, uploading the engineering code packet to the server, and the server is used for realizing each step of the Java application protection method according to any one of claims 1-6.
9. A Java application protection server comprising a memory and a processor;
the memory is used for storing programs;
the processor is configured to execute the program to implement the steps of the Java application protection method according to any one of claims 1-6.
10. A readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the Java application protection method according to any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310035018.4A CN116028898A (en) | 2023-01-10 | 2023-01-10 | Java application protection method, device, system, server and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310035018.4A CN116028898A (en) | 2023-01-10 | 2023-01-10 | Java application protection method, device, system, server and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116028898A true CN116028898A (en) | 2023-04-28 |
Family
ID=86078018
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310035018.4A Pending CN116028898A (en) | 2023-01-10 | 2023-01-10 | Java application protection method, device, system, server and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116028898A (en) |
-
2023
- 2023-01-10 CN CN202310035018.4A patent/CN116028898A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9576131B2 (en) | Malware detection system and method for mobile platforms | |
| US20180373523A1 (en) | Application update method and apparatus | |
| AU2004218703B2 (en) | Security-related programming interface | |
| CN109997139B (en) | Detecting malware using hash-based fingerprints | |
| EP3712793A1 (en) | Integrity assurance and rebootless updating during runtime | |
| US9830434B2 (en) | System and method for security using one-time execution code | |
| US8051482B2 (en) | Nullification of malicious code by data file transformation | |
| US8800040B1 (en) | Methods and systems for prioritizing the monitoring of malicious uniform resource locators for new malware variants | |
| CN110888838A (en) | Object storage based request processing method, device, equipment and storage medium | |
| CN115859274B (en) | Method and system for monitoring event log behavior of Windows process emptying system | |
| US8799450B2 (en) | Server-based system, method, and computer program product for scanning data on a client using only a subset of the data | |
| CN112966229A (en) | Method and device for safely operating SDK | |
| US8706745B1 (en) | Systems and methods for determining a file set | |
| CN116028898A (en) | Java application protection method, device, system, server and readable storage medium | |
| CN110769016A (en) | File uploading method and computer storage medium | |
| CN114595457A (en) | Task processing method and device, computer equipment and storage medium | |
| CN109145645B (en) | Method for protecting short message verification code in android mobile phone | |
| KR20210083780A (en) | Method and system for improving android app security by DEX file segmentation and obfuscation | |
| US11017032B1 (en) | Document recovery utilizing serialized data | |
| KR102260404B1 (en) | Method for detecting malicious code with using physical machine and system thereof | |
| US20220366035A1 (en) | Execution control system, execution control method, and program | |
| KR101896679B1 (en) | Apparatus and method for detecting malicious code and method thereof | |
| CN115310143A (en) | Page display method, device and equipment based on block chain | |
| CN114357441A (en) | Distributed application detection method, device, apparatus, storage medium, and program | |
| CN112257087A (en) | File uplink method and system of block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |