CN102760219A - Android platform software protecting system, method and equipment - Google Patents
Android platform software protecting system, method and equipmentDownload PDFInfo
- Publication number
- CN102760219A CN102760219ACN2011104296612ACN201110429661ACN102760219ACN 102760219 ACN102760219 ACN 102760219ACN 2011104296612 ACN2011104296612 ACN 2011104296612ACN 201110429661 ACN201110429661 ACN 201110429661ACN 102760219 ACN102760219 ACN 102760219A
- Authority
- CN
- China
- Prior art keywords
- core code
- application software
- code
- file
- android
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034methodMethods0.000titleclaimsabstractdescription81
- 230000006870functionEffects0.000claimsdescription35
- 238000003860storageMethods0.000claimsdescription21
- 230000005540biological transmissionEffects0.000claimsdescription7
- 238000012795verificationMethods0.000claimsdescription5
- 238000004458analytical methodMethods0.000abstractdescription28
- 230000008569processEffects0.000description10
- 238000004891communicationMethods0.000description6
- 238000005516engineering processMethods0.000description6
- 238000011161developmentMethods0.000description5
- 238000010586diagramMethods0.000description5
- 230000003068static effectEffects0.000description5
- 239000011800void materialSubstances0.000description4
- 230000008859changeEffects0.000description3
- 230000004048modificationEffects0.000description3
- 238000012986modificationMethods0.000description3
- 101100217298Mus musculus Aspm geneProteins0.000description2
- 230000000840anti-viral effectEffects0.000description2
- 238000005336crackingMethods0.000description2
- 238000001514detection methodMethods0.000description2
- 238000009826distributionMethods0.000description2
- 239000012467final productSubstances0.000description2
- 230000007774longtermEffects0.000description2
- 238000013459approachMethods0.000description1
- 238000003491arrayMethods0.000description1
- 230000009286beneficial effectEffects0.000description1
- 230000008901benefitEffects0.000description1
- 238000007796conventional methodMethods0.000description1
- 238000002513implantationMethods0.000description1
- 238000009434installationMethods0.000description1
- 230000003993interactionEffects0.000description1
- 230000035800maturationEffects0.000description1
- 238000005457optimizationMethods0.000description1
- 229910052709silverInorganic materials0.000description1
- 210000003813thumbAnatomy0.000description1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Description
Technical field
The present invention relates to a kind of protecting computer software technology, divulge a secret and copyright protecting system and method, server and intelligent terminal especially for the software of Android platform is anti-.
Background technology
At present, the Android operating system by the leading exploitation of Google company has been the highest mobile intelligent terminal platform of world market occupation rate.The application software quantity of Android constantly increases, and has set up good software marketing pattern.The same with conventional P C platform, the successful commercialization of Android application software, also caused to they conversed analysis with crack.
Conversed analysis (reversing analysis) to using software comprising:
One, the executable code of software is adopted methods such as dis-assembling, decompiling, debugging analyze, with the execution flow process of understanding its code and algorithm realization etc.;
Two, the configuration file and the data file of software are analyzed, with the form that obtains these files and semanteme etc.;
Three, the network communication data of software is analyzed, to obtain protocol format, protocol semantics, data ciphering method and the concrete implication of data etc. of software and server communication.
Wherein, back two alanysis are based upon on the basis that the first kind analyzes, and promptly need to analyze earlier executable code, further analysis configuration file, data file, network communication data etc.
Through conversed analysis, the assailant can obtain the trade secret in the software.For example; In the anti-viral software of mobile phone; Executable codes such as malicious code detection algorithm, characteristic matching algorithm, and data file such as malicious code feature database are in case the victim conversed analysis obtains detail; Both possibly utilized, also possibly carried out specific aim defence or attack by malicious code authors by other similar software.For another example; In the e-Bank payment software of mobile phone; The authentication and the financial account information that relate to the user through the data of Network Transmission; In case victims such as software code, configuration file, network communication data are thoroughly understood through conversed analysis, just might cause further malicious attack, individual and bank are caused direct economic loss.
Cracking (cracking) is a kind of attack with special purpose on the conversed analysis basis.Business software needs to use after the user charges.To the unpaid expense family, generally do not allow to use, maybe can only use a small amount of function, maybe can only use one period trial period.In order to ensure this strategy, whether business software comprises the discriminating (the following code snippet that will be responsible for this discriminating work is called " authentication code ") to user's permission (License) and user identity usually, pay with judges.The assailant is through the conversed analysis to authentication code; And further distort code and carry out flow process, distort, duplicate or forge the relevant configuration file, distort network data, revise internal storage data etc., make the unpaid expense family also can obtain the function that the paying customer just has.This attack is referred to as to crack, and it has greatly damaged software developer's economic rights and interests, has violated the relevant law of intellectual property protection.
The applied software development of Android platform generally adopts Java language.Source code is compiled into the java class file; Use Android SDK (Software Development Kit again; SDK) instrument in converts the binary executable of DEX form into; Be packaged into the APK formatted file with software arrangements, resource file etc. at last, i.e. Android application software installation kit.User's download APK formatted file, and be installed to the Android terminal.During the application software operation, carry out among the Dalvik virtual machine of the instruction in the DEX formatted file in the Android system.
Android is the wide-open operating system of source code.No matter be the instruction coding method of DEX formatted file, or the principle of work of Dalvik virtual machine, all known by people because source code is open.All kinds of conversed analysis instruments occurred at present, comprised disassemblers smali, decompiling instrument dex2jar to the DEX formatted file, and the automation tools such as apktool that are directed against the APK formatted file.In addition, conversed analysis has occurred for many years on conventional P C platform with the technology that cracks, and the assailant of Android platform has used for reference traditional method.Under the help of these tool and methods, the assailant can carry out conversed analysis and crack most Android application software easily at present.
For example, the common flow process that cracks is: use apktool to untie the APK file, apktool can call smali wherein DEX formatted file is carried out dis-assembling; The assailant analyzes the dis-assembling result of smali, understands the code flow of this application software; Find authentication code then, the part of key is made amendment, the condition jump instruction during for example authentication makes the unconditional jump instruction into; Re-use apktool these codes of revising are repackaged into the APK formatted file, the new signature of laying equal stress on.So just obtained the APK file after is cracked.
In addition, the Android application program can also be used NDK (Native Development Kit, primary development kit) exploitation.The Android system runs on the Linux, and the Dalvik virtual machine at each application software place is an independently Linux process.Android NDK provides a kind of like this development approach: the programmer is with the partial function of C language software, by the instrument of NDK source code is compiled as the dynamic link file (SO formatted file) among the Linux; Write other functions with Java language, be compiled as the DEX formatted file with the SDK instrument; By SDK SO formatted file and DEX formatted file are packaged as the APK formatted file together at last.When operation, the code among the DEX loads the SO formatted file, and calls the function interface that it provides.
SO formatted file in the NDK exploitation is a kind of of Linux ELF format standard, and order format wherein is the ARM instruction set or the Thumb instruction set of ARM architecture.There are decompiling instruments such as disassemblers such as IDA Pro and x86/ARM Decompiler to carry out conversed analysis at present to this file.
This platform defence conversed analysis and crack method comprise at present:
One, code is obscured.Be that equivalence is used but the hand-written Java source code of redundant complicated code replacement developer in robotization ground, the raising assailant carries out the workload of conversed analysis.
Two, change character string information.In high-quality Java source code, bag, class, method, name of variables often have readable preferably, promptly have clear and definite implication, therefore can be through its function of title conjecture.The DEX file has intactly been preserved these names, for conversed analysis provides convenience.But most of name is only the inner use of application program, for example self-defining type.If these names are replaced with insignificant character string, can't influence the operation of program, but being absorbed in, conversed analysis understands difficulty.ProGuard instrument among the Android SDK just utilizes this method to protect software.
Three, use the NDK exploitation.As previously mentioned, the conversed analysis of SO file is related to the understanding to ARM form assembly language, improved the difficulty of software code being carried out conversed analysis to a certain extent.
There is following problem in these methods:
1. no matter be code or data encrypted, all with the document form long-term existence among Android installs file and Android equipment, the assailant can obtain easily;
2. obscure through code, code still can just have been improved the needed time of code of understanding by dis-assembling and decompiling;
3. through the change character string information, the logic of code itself does not change, and still can equally just have been improved the needed time of code of understanding by dis-assembling and decompiling;
4. be familiar with ARM form assembly language along with the assailant understands gradually, and along with the continuous maturation of this platform decompiling instrument, adopt the conversed analysis difficulty that method improved of NDK exploitation can be more and more lower.
In theory, the execution of application software in computing equipment finally all can't be hidden by conversed analysis.The essence of software protection is to improve constantly conversed analysis and the difficulty and the time cost that crack, makes the assailant obtain the cost that valuable informational needs pays and is higher than its obtainable interests.
The software protection meeting brings extra software development cost, for example increases development difficulty, prolongs the development time etc.Therefore, from whether needing the angle of special protection, can the code of application software be divided into two parts in logic:
One, non-core code does not need special protection, for example with the interface of user interactions, multiplexing third party library code etc.;
Two, core code needs special protection, for example important algorithm, authentication code, important configuration data etc.
How these two parts divide, and do not have method in common, by the actual conditions decision of each application software.For example, in anti-viral software, malicious code detection algorithm, characteristic matching algorithm etc. all is a nucleus module; In Net silver software, User login code, financial transaction code etc. all is a nucleus module; In the charge business software, paying code, authentication code etc. all are nucleus modules.
The invention still further relates to modification to DEX file dynamic load technology in the Android system.
Generally, the DEX file in the Android application software is to be kept at appointed positions by system when mounted.For the ability of expanded application software, Android provides DEX file dynamic load technology.Particularly; Application software is when operation; Can load an APK form or a JAR formatted file that does not have installation before through the dalvik.system.DexClassLoader class, and the DEX formatted file of " classes.dex " by name that comprised in this document is loaded on the Dalvik virtual machine; Further, can call the code of realizing in this DEX formatted file through such findClass methods such as ().
Up to the present Android version (from 1.0 to 4.0); Have following requirement through said method dynamic load DEX formatted file: the APK or the JAR formatted file that have comprised " classes.dex " must be physical files, in nand flash memory that the equipment that is kept at is built-in or the external SD card; During dynamic load, system can generate a temporary file in built-in nand flash memory of equipment or external SD card, and this document is to the optimization of DEX formatted file (expansion .odex by name).
Summary of the invention
To above technical matters, the present invention mainly discloses a kind of application software of in the Android system, protecting and has not received conversed analysis and crack system and method.For Dalvik virtual machine in the Android system and linux system storehouse increase interface, make Android have the ability that from internal memory, directly loads DEX formatted file and SO formatted file; The core code of application software is stored in the line server, sends to the application software that is installed in client behind encryption and the signature; Application software receives certifying signature and deciphering behind the core code, then with stored in clear in internal memory, directly be loaded in the system, call code wherein then, last releasing memory.This method has greatly increased the assailant and has carried out conversed analysis and the difficulty that cracks, and can effectively protect the safety of Android application software.
The present invention is made up of three parts:
1, the Android operating system of revising realizes the dynamic load of DEX formatted file in internal memory;
2, the non-core code of application software be installed in the intelligent terminal (comprising mobile phone, panel computer etc.), and this intelligent terminal uses the Android operating system of above-mentioned modification;
3, the core code of application software is stored in the long-term online server.
At first, the source code of Android operating system is made amendment.On the Dalvik virtual machine, increase such function; Make the Dalvik virtual machine directly load a DEX formatted file from the memory address of appointment; And make application program can pass through wherein bag name, class name, the method name of code, call these codes and in the Dalvik virtual machine, carry out.On the Linux of Android bottom, increase such function, make Linux directly load a SO formatted file, and make application program can pass through the wherein api interface of code, call these codes and in Linux, carry out from the memory address of appointment.
The core code of application software is to pass through the DEX formatted file that the instrument among the Android SDK is compiled into by the Java source code, or passes through the SO formatted file that the instrument among the Android NDK is compiled into by the C source code.The server of storing these core codes receives the non-core code sent request of application software in the intelligent terminal, and the core code of its request is encrypted, carried out digital signature, sends to the application software in the intelligent terminal then.
The non-core code of application software is positioned among the complete Android application program (being the APK formatted file).The software developer openly distributes this application program, and the user is mounted to it in intelligent terminal.Non-core code also possesses following function except accomplishing the needed function of application software: send request to server, receive the core code of sending, and verify its digital signature; Apply for one section internal memory, core code is deciphered to this section internal memory; According to core code is DEX form or SO form, makes Dalvik virtual machine or Linux from this section internal memory, directly load core code, calls the function of core code then as required through api interface; When application software does not re-use core code, discharge this section internal memory at last.
Particularly, the invention provides a kind of Android platform software protection system, comprise intelligent terminal and line server:
Said intelligent terminal comprises the non-core code of amended Android operating system and application software; Said amended Android operating system is made amendment to the source code of Android operating system, realizes the dynamic load of core code in internal memory of application software; The non-core code of said application software is among complete Android application program; Possesses the function beyond the needed function of application software; Comprise: send request to line server; Receive the core code that line server is sent,, pass through the core code of api interface calling application software as required through verifying the core code of loading application software in internal memory afterwards;
The core code of line server storage application software receives the non-core code sent request of application software in the intelligent terminal, and requested core code is sent to the non-core code of application software in the intelligent terminal through after handling.
The core code of said system software comprises DEX formatted file and SO formatted file.
The core code of the line server storage application software of said system; Receive the non-core code sent request of application software in the intelligent terminal, some or all of requested core code is encrypted and/or requested core code is carried out sending to the non-core code of application software in the intelligent terminal after the digital signature.
The present invention also provides a kind of source code amending method of Android operating system, is applicable to described system, and said method comprises:
Dalvik virtual machine to Android operating system; The function of dalvik.system.DexClassLoader class among the expansion Android Framework; Dalvik.system.DexClassLoader class after the expansion provides calling interface; Receive the DEX formatted file in the internal memory, load described DEX formatted file with the mode that loads the DEX formatted file;
The source code of linux kernel and system library partly increases an interface in the Android source code, and said interface loads the SO formatted file from the memory address of appointment;
Compile whole Android source code engineering, generate corresponding system image and developing instrument.
The .odex temporary file that said method produces when loading described DEX formatted file is kept in the internal memory.
The present invention also provides the guard method of a kind of Android platform software, is applicable to described system, and said method comprises:
Line server is encrypted the core code of the part or all of application software of storage;
Line server carries out digital signature to the core code of the application software of storage;
The file and the corresponding ciphertext at the core code of application software place are sent to intelligent terminal.
A kind of server provided by the invention, the line server in the said system of said server, said server comprises:
Ciphering unit is used for the core code of part or all of application software of storage is encrypted;
The digital signature unit is used for the core code of application software of storage is carried out digital signature;
Transmitting element is used for the file and the corresponding ciphertext at the core code of application software place are sent to intelligent terminal.
A kind of Android platform software provided by the invention guard method is applicable to described system, and said method comprises:
The file at the core code place of the application software that intelligent terminal reception line server sends and corresponding ciphertext;
Also decipher the core code file of the software that is applied according to the file verification digital signature that receives;
In internal memory, the interface that calls amended Android operating system is accomplished the loading of core code file with the core code document copying of application software;
Pass through the core code of api interface calling application software as required;
Discharge the internal memory of storage core code.
Further, intelligent terminal needed the request of application software core code to the line server transmission before the file and corresponding ciphertext at the core code place of the application software that the reception line server sends.
The invention provides a kind of intelligent terminal, said intelligent terminal is the intelligent terminal in the said system, and said intelligent terminal comprises amended Android operating system, also comprises:
Receiving element is used to receive the file and the corresponding ciphertext at the core code place of the application software that line server sends;
Authentication unit is used for according to the be applied core code file of software of the file verification digital signature that receives and deciphering;
Loading unit is used for core code document copying with application software to internal memory, and the interface that calls amended Android operating system is accomplished the loading of core code file;
Call unit is used for as required the core code through api interface calling application software;
Releasing unit is used to discharge the internal memory of storing core code.
Described intelligent terminal also comprises:
Transmitting element needing to the line server transmission to be used for the request of application software core code.
The invention has the beneficial effects as follows:
One of which is compared with the existing software protection scheme, and the method for the invention makes the extremely difficult core code that obtains application software of assailant, thereby can't carry out conversed analysis to it.
At first; The application software of open distribution does not comprise core code; The assailant can't look like to download to application software from software market or download website in the past; Directly it is done static dis-assembling and just can see all codes, obtain this partial code must move this application software, makes its Connection Service device.
Secondly, adopt encryption and digital signature fully,, do not having under the situation of key, can't solve core code expressly even if the assailant has grasped network communication data in the communication between the application software on server and the intelligent terminal.Use digital signature, guaranteed that also the assailant can't pseudo-ly in this course produce false core code, gains application software by cheating and loads.
At last; In the Android of intelligent terminal operating system; Core code only is present in the internal memory all the time, and only when application software needs wherein function, is present in the internal memory, and is not present in built-in nand flash memory of equipment or the external SD card with document form.At present, the Dalvik virtual machine that the Android application program is moved is positioned at independently on the Linux process, and the process authority is that the exclusive user of this application program creates, and the assailant is difficult to read the virtual memory space at core code place.Even if the assailant can read; Because the memory headroom of storage core code is when operation dynamic assignment; Consider Linux and the Dalvik complicacy in memory management, the assailant also is difficult to accurately find core code concrete which address in internal memory, and the physical length of this section internal memory.In addition, all begin to adopt ASLR (address space distribution randomization) technology after present linux kernel and the Android 4.0, this further strengthened the assailant locate the core code memory address difficulty.
Moreover; Even if the assailant has finally obtained core code; To its conversed analysis with after revising; In the also extremely difficult memory headroom, more be difficult to the requirement application program and load the application heap (this relates to on-the-fly modifying of new Memory Allocation, programmed instruction etc.) that this part quilt is implanted its implantation application software place process.Therefore, can't crack using software.
In addition, the protection philosophy of Software Protection Technique according to the invention and other existing Software Protection Technique is also inequality, does not therefore also conflict, and can use jointly with existing other resist technologies, and for example character string information etc. is obscured, changed to code.Therefore, this scheme can be used with prior art jointly, protects software security more all sidedly.
Description of drawings
In order to be illustrated more clearly in the present invention or technical scheme of the prior art; To do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below; Obviously, the accompanying drawing in describing below only is some embodiment that put down in writing among the present invention, for those of ordinary skills; Under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is a kind of Android platform software of the present invention protection system synoptic diagram;
Fig. 2 is the source code amending method process flow diagram of a kind of Android operating system of the present invention;
Fig. 3 is a line server workflow diagram of the present invention;
Fig. 4 is a line server system schematic of the present invention;
Fig. 5 is an intelligent terminal workflow diagram of the present invention;
Fig. 6 is an intelligent terminal system synoptic diagram of the present invention.
Embodiment
In order to make those skilled in the art person understand the technical scheme in the embodiment of the invention better, and make above-mentioned purpose of the present invention, feature and advantage can be more obviously understandable, below in conjunction with accompanying drawing technical scheme among the present invention done further detailed explanation.
At first introduce a kind of Android platform software protection system provided by the invention, as shown in Figure 1, comprise intelligent terminal 101 and line server 102:
Said intelligent terminal 101 comprises the non-core code of amended Android operating system and application software; Said amended Android operating system is made amendment to the source code of Android operating system, realizes the dynamic load of core code in internal memory of application software; The non-core code of said application software is among complete Android application program; Possesses the function beyond the needed function of application software; Comprise: send request to line server 102; Receive the core code that line server 102 is sent,, pass through the core code of api interface calling application software as required through verifying the core code of loading application software in internal memory afterwards;
The core code of line server 102 storage application software receives the non-core code sent request of application software in the intelligent terminal 101, and requested core code is sent to the non-core code of application software in the intelligent terminal 101 through after handling.
The core code of application software comprises DEX formatted file and SO formatted file.
The core code of line server 102 storage application software; Receive the non-core code sent request of application software in the intelligent terminal 101, some or all of requested core code is encrypted and/or requested core code is carried out sending to the non-core code of application software in the intelligent terminal 101 after the digital signature.
The present invention includes the method for revising Dalvik virtual machine and linux system, main flow process is as shown in Figure 2.
S201: revise the Dalvik virtual machine
The groundwork of revising the Dalvik virtual machine is; The ability of dalvik.system.DexClassLoader class among the expansion Android Framework; Make it receive the data of one section DEX formatted file in the internal memory; Mode to load the DEX formatted file loads this segment data, and provides with existing interface and similarly call the wherein interface of code.In addition, consider, the .odex temporary file that produces in the loading procedure is not stored in built-in nand flash memory of equipment or the external SD card, but also is kept in the internal memory from the angle of safety.
In the source code of Android 4.0.1_r1 version, realized a part of code of above-mentioned functions.
Particularly; In the libcore/dalvik/src/main/java/dalvik/system/DexFile.java of source code file; Have following JNI interface statement: native private static int openDexFile (byte [] fileContents), the function of this interface is to read a DEX formatted file in the byte arrays from internal memory.The function of this JNI interface realizes being positioned at the dalvik/vm/native/dalvik_system_DexFile.cpp file (the 248th row) of source code; Function name is Dalvik_dalvik_system_DexFile_openDexFile_bytearray; It has called the dvmRawDexFileOpenArray function, and the latter's realization is positioned at the dalvik/vm/RawDexFile.cpp file (the 249th row) of source code.Analyzing these two functions can know, it is when DEX formatted file structure of structure, and the .odex temporary file of generation also has been kept in the internal memory.
Next begin in source code, to increase some codes, to accomplish modification to the Dalvik virtual machine.
In the libcore/dalvik/src/main/java/dalvik/system/DexFile.java of source code file; For the DexFile class increases a constructed fuction, prototype is private DexFile (byte [] fileContents, int flags); Its code and existing private DexFile (String sourceName; String outputName, int flags) code of function is the same, but openDexFile wherein calls and uses foregoing that JNI interface.
In the libcore/dalvik/src/main/java/dalvik/system/DexFile.java of source code file; For the DexFile class increases a method; Prototype is static public DexFile loadDex (byte [] fileContents; Int flags), its code is similar with existing loadDex method, and difference is to call this DexFile constructed fuction that realize the front.
In the libcore/dalvik/src/main/java/dalvik/system/DexPathList.j of source code ava file; For the DexPathList class increases a method; Prototype is private static DexFile loadDexFile (byte [] fileContents); Modern in fact sign indicating number is similar with existing loadDexFile method, but calls the loadDex method of the DexFile class that realizes the front.
In the libcore/dalvik/src/main/java/dalvik/system/DexPathList.j of source code ava file; For the DexPathList class increases a method; Prototype is private static Element [] makeDexElements (byte [] fileContents); Modern in fact sign indicating number is similar with existing makeDexElements method, but in the if statement of the 207th row, only gets into article one branch, and calls the loadDexFile method of the DexPathList class that realizes the front.
In the libcore/dalvik/src/main/java/dalvik/system/DexPathList.j of source code ava file; For the DexPathList class increases a constructed fuction; Prototype is public DexPathList (ClassLoader definingContext; Byte [] fileContents), modern in fact sign indicating number is similar with existing constructed fuction, but calls the makeDexElements method of the DexPathList class that realizes the front.
In the libcore/dalvik/src/main/java/dalvik/system/BaseDexClassL of source code oader.java file; For the BaseDexClassLoader class increases a constructed fuction; Prototype is public BaseDexClassLoader (byte [] fileContents); Modern in fact sign indicating number is similar with existing constructed fuction, but calls the constructed fuction of the DexPathList class that realizes the front.
In the libcore/dalvik/src/main/java/dalvik/system/DexClassLoade of source code r.java file; For the DexClassLoader class increases a constructed fuction; Prototype is public DexClassLoader (byte [] fileContents); Modern in fact sign indicating number is the same with existing constructed fuction, but calls the constructed fuction of the BaseDexClassLoader class that realizes the front.
So far, we have obtained meeting amended Dalvik virtual machine source code of the presently claimed invention.
S202: revise linux system
The fundamental purpose of revising linux system is, linux kernel and system library in Android source code engineering partly increase partial code, make it increase an interface, and the major function of this interface is the data from one section SO formatted file of memory address loading of appointment.
The in the industry cycle existing at present accomplished in many ways of this work.For example; In glibc, increase the system call of a dlopen_mem (), prototype is void * dlopen_mem (char * addr, size_t len; Int flag), revise on the source code basis that modern in fact sign indicating number is existing dlopen () system call in the glibc java standard library and form.Particularly, first parameter of dlopen () is the disk path of the SO formatted file that will open, and it can be opened this file and its full content is read out.In the realization of dlopen_mem (), directly from parameter addr and len reading of data, the follow-up code that continues execution dlopen () then gets final product.
So far, we have obtained meeting amended linux system source code of the presently claimed invention.
S203: compiling Android engineering
Adopt conventional method with whole Android source code engineering compiling, generate corresponding system image, SDK developing instrument, NDK developing instrument.
Like this, in the SDK developing instrument that obtains, just can use newly-increased DexClassLoader (byte [] fileContents) interface, dynamic load DEX formatted file from internal memory; In the NDK developing instrument that obtains, just can use newly-increased dlopen_mem () system call, dynamic load SO formatted file from internal memory; In new system image, used the application software of above-mentioned interface and system call just can normally move.
The present invention also provides the workflow of the line server of storage core code, and is as shown in Figure 3, comprising:
S301: encryption core code
Core code exists with the form of DEX formatted file or SO formatted file, the general cryptographic algorithm of all or part of employing of core code is encrypted, to guarantee its confidentiality in transmission course.Symmetric cryptography can be used, also asymmetric encryption can be used.
For example, select symmetric encipherment algorithm AES, the key of use is designated as akey, and the file f ile that core code is belonged to encrypts the file f ile_enc after obtaining encrypting.
Select a rivest, shamir, adelman again, for example RSA is designated as rkey_pub with the PKI that uses, and private key is designated as rkey_pri.Use private key rkey_pri that AES key akey is encrypted, obtain the ciphertext akey_enc of akey.
Here, PKI that RSA Algorithm uses and private key are just generating in advance, and PKI rkey_pub is programmed in the corresponding client application software.
S302: signature core code
Adopt general Digital Signature Algorithm to sign to core code, to guarantee the integrality of file.
For example, adopt the most classical a kind of digital signature method.Use hash algorithm SHA1 that core code place file cipher text file_enc is carried out digital digest, obtain a cryptographic hash hvalue.
Use RSA Algorithm and above-mentioned private key rkey_pri that this cryptographic hash hvalue is encrypted, obtain ciphertext hvalue_enc.
S303: send to client
Core code is belonged to the ciphertext akey_enc of file cipher text file_enc, the used key of aes algorithm, the ciphertext hvalue_enc of cryptographic hash, together send to client.
Accordingly, the present invention also provides a kind of server, and is as shown in Figure 4, and said server is the line server 102 in the said system, and said server comprises:
Ciphering unit 401 is used for the core code of part or all of application software of storage is encrypted;
Digital signature unit 402 is used for the core code of application software of storage is carried out digital signature;
Transmitting element 403 is used for the file and the corresponding ciphertext at the core code of application software place are sent to intelligent terminal.
The present invention also provides the workflow of non-core code in the application software, in being installed to the application software of client, has comprised non-core code.These codes can be divided into two parts: one, with the relevant code of the concrete application of this software; Two, be responsible for loading the code of core code.The present invention only relates to a part of code in back, provides its groundwork flow process and implementation method below.As shown in Figure 5, comprising:
S501: receive file_enc, akey_enc, the hvalue_enc that S303 sends to client from server.
S502: certifying digital signature, to guarantee the integrality of file.
For example, to the endorsement method described in the S302, at first with the RSA PKI rkey_pub that selects and be programmed into application software in advance, deciphering hvalue_enc obtains cryptographic hash hvalue.
Next, with the SHA1 algorithm file_enc that sends is carried out digital digest, obtain another cryptographic hash hvalue2, relatively whether hvalue and hvalue2 be identical.
If inequality, think that then the core code that receives is incomplete, might be distorted, report unusually and withdraw from software.
If identical, think that then the core code that receives is complete, gets into next step.
S503:, obtain aes algorithm key akey with RSA PKI rkey_pub deciphering akey_enc.Use aes algorithm, as key, deciphering file_enc obtains the complete content that core code belongs to file f ile with akey.
S504: according to core code place file is DEX form or SO form, applies for the internal memory of this document size in Java or among the C, and file content is copied to wherein.
Particularly,, then adopt the byte array record memory address in the Java language,, use System.arraycopy method copy through new method application internal memory if file is the DEX form; If file is the SO form, then in NDK, use the char * pointer record memory address of C language, through malloc function application internal memory, use memcpy function copy, use int type variable record data length.
S505: call and revise the new function interface that Dalvik virtual machine and linux system obtain before this, from the internal memory of back, directly load core code.
If file is the DEX form; Then call public DexClassLoader (byte [] fileContents) constructed fuction that obtains among the S201; Memory address as parameter, is obtained a DexClassLoader object, promptly accomplished the dynamic load of DEX form object;
If file is the SO form, then call the void * dlopen_mem (char * addr, the size_t len that obtain among the S202; Int flag) system call; Its parameter addr is the memory address that obtains among the S504, and parameter l en is a data recorded length among the S504, and parameter f lag is 0; Obtain the handle of a void * type, promptly accomplished the dynamic load of SO form object.
S506:, call class in the core code, method, function etc. according to the real needs of application software.
If file is the DEX form, then use the loadClass () method of the DexClassLoader object that obtains among the S505, obtain such Class object according to the title of java class in the core code; Further, use the getDeclaredMethod method of this Class object,, obtain the Method object of the method in such according to the title of the method for the java class in the core code.Now, just can call the invoke method of this Method object, call this method.
If file is the SO form, then use the handle of the void * type that obtains among the S505, according to the title of C language function in the core code,, obtain the pointer of this function through dlsym () system call.Now, just can directly call this function pointer, move the code of wherein realization.
S507: but application software discharges the internal memory of having stored core code no longer need use core code the time.File is the DEX form when the core code place, then calls the delete method of byte [] object in the Java language; When file is the SO form, then call the free method in the C language.
Accordingly, the present invention also provides a kind of intelligent terminal, and said intelligent terminal is the intelligent terminal 101 in the said system, and said intelligent terminal 101 comprises amended Android operating system, also comprises:
Receivingelement 601 is used to receive the file and the corresponding ciphertext at the core code place of the application software that line server sends;
Callunit 604 is used for as required the core code through api interface calling application software;
Releasingunit 605 is used to discharge the internal memory of storing core code.
Described intelligent terminal 101 also comprises:
Transmittingelement 600 needing to the line server transmission to be used for the request of application software core code.
The embodiment of method adopts the mode of going forward one by one to describe in this instructions, and for the system implementation example, because it is basically similar in appearance to method embodiment, so description is fairly simple, relevant part gets final product referring to the part explanation of method embodiment.
Though described the present invention through embodiment, those of ordinary skills know, the present invention has many distortion and variation and do not break away from spirit of the present invention, hope that appended claim comprises these distortion and variation and do not break away from spirit of the present invention.
Claims (11)
1. an Android platform software protection system is characterized in that, comprises intelligent terminal and line server:
Said intelligent terminal comprises the non-core code of amended Android operating system and application software; Said amended Android operating system is made amendment to the source code of Android operating system, realizes the dynamic load of core code in internal memory of application software; The non-core code of said application software is among complete Android application program; Possesses the function beyond the needed function of application software; Comprise: send request to line server; Receive the core code that line server is sent,, pass through the core code of api interface calling application software as required through verifying the core code of loading application software in internal memory afterwards;
The core code of line server storage application software receives the non-core code sent request of application software in the intelligent terminal, and requested core code is sent to the non-core code of application software in the intelligent terminal through after handling.
2. Android platform software protection system as claimed in claim 1 is characterized in that the core code of application software comprises DEX formatted file and SO formatted file.
3. Android platform software protection system as claimed in claim 1; It is characterized in that; The core code of line server storage application software; Receive the non-core code sent request of application software in the intelligent terminal, some or all of requested core code is encrypted and/or requested core code is carried out sending to the non-core code of application software in the intelligent terminal after the digital signature.
4. the source code amending method of an Android operating system is characterized in that, is applicable to the described system of claim 1, and said method comprises:
Dalvik virtual machine to Android operating system; The function of dalvik.system.DexClassLoader class among the expansion Android Framework; Dalvik.system.DexClassLoader class after the expansion provides calling interface; Receive the DEX formatted file in the internal memory, load described DEX formatted file with the mode that loads the DEX formatted file;
The source code of linux kernel and system library partly increases an interface in the Android source code, and said interface loads the SO formatted file from the memory address of appointment;
Compile whole Android source code engineering, generate corresponding system image and developing instrument.
5. the source code amending method of Android operating system as claimed in claim 4 is characterized in that, the .odex temporary file that produces when loading described DEX formatted file is kept in the internal memory.
6. Android platform software guard method is characterized in that, is applicable to the described system of claim 1, and said method comprises:
Line server is encrypted the core code of the part or all of application software of storage;
Line server carries out digital signature to the core code of the application software of storage;
The file and the corresponding ciphertext at the core code of application software place are sent to intelligent terminal.
7. a server is characterized in that, said server is the line server in the said system of claim 1, and said server comprises:
Ciphering unit is used for the core code of part or all of application software of storage is encrypted;
The digital signature unit is used for the core code of application software of storage is carried out digital signature;
Transmitting element is used for the file and the corresponding ciphertext at the core code of application software place are sent to intelligent terminal.
8. Android platform software guard method is characterized in that, is applicable to the described system of claim 1, and said method comprises:
The file at the core code place of the application software that intelligent terminal reception line server sends and corresponding ciphertext;
Also decipher the core code file of the software that is applied according to the file verification digital signature that receives;
In internal memory, the interface that calls amended Android operating system is accomplished the loading of core code file with the core code document copying of application software;
Pass through the core code of api interface calling application software as required;
Discharge the internal memory of storage core code.
9. Android platform software as claimed in claim 8 guard method; It is characterized in that; Intelligent terminal needed the request of application software core code to the line server transmission before the file and corresponding ciphertext at the core code place of the application software that the reception line server sends.
10. an intelligent terminal is characterized in that said intelligent terminal is the intelligent terminal in the said system of claim 1, and said intelligent terminal comprises amended Android operating system, also comprises:
Receiving element is used to receive the file and the corresponding ciphertext at the core code place of the application software that line server sends;
Authentication unit is used for according to the be applied core code file of software of the file verification digital signature that receives and deciphering;
Loading unit is used for core code document copying with application software to internal memory, and the interface that calls amended Android operating system is accomplished the loading of core code file;
Call unit is used for as required the core code through api interface calling application software;
Releasing unit is used to discharge the internal memory of storing core code.
11. intelligent terminal as claimed in claim 10 is characterized in that, also comprises:
Transmitting element needing to the line server transmission to be used for the request of application software core code.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110429661.2ACN102760219B (en) | 2011-12-20 | 2011-12-20 | A kind of Android platform software protection system, method and apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110429661.2ACN102760219B (en) | 2011-12-20 | 2011-12-20 | A kind of Android platform software protection system, method and apparatus |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102760219Atrue CN102760219A (en) | 2012-10-31 |
| CN102760219B CN102760219B (en) | 2015-12-16 |
Family
ID=47054674
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110429661.2AActiveCN102760219B (en) | 2011-12-20 | 2011-12-20 | A kind of Android platform software protection system, method and apparatus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102760219B (en) |
Cited By (38)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103365699A (en)* | 2012-12-21 | 2013-10-23 | 北京安天电子设备有限公司 | System API and running character string extraction method and system based on APK |
| CN103544414A (en)* | 2013-10-25 | 2014-01-29 | 苏州通付盾信息技术有限公司 | Deep code obfuscation method for Android system applications |
| CN103593185A (en)* | 2013-11-04 | 2014-02-19 | 浙江大学 | Single-Linux-inner-core-based method for multiple Android systems to share input equipment and display equipment |
| CN103809992A (en)* | 2012-11-13 | 2014-05-21 | 中兴通讯股份有限公司 | Method and device for enabling Dalvik virtual machine to be compatible with different file format java application |
| CN103902857A (en)* | 2012-12-25 | 2014-07-02 | 深圳市腾讯计算机系统有限公司 | Method and device for protecting software programs |
| CN103902910A (en)* | 2013-12-30 | 2014-07-02 | 北京奇虎科技有限公司 | Method and device for detecting malicious codes in intelligent terminal |
| CN104298932A (en)* | 2014-10-27 | 2015-01-21 | 中国建设银行股份有限公司 | Method and device for calling SO file |
| CN104346572A (en)* | 2013-07-25 | 2015-02-11 | 中国科学院信息工程研究所 | Construction method of universal external intelligent terminal safety operation environment |
| CN104539432A (en)* | 2014-12-31 | 2015-04-22 | 北京奇虎科技有限公司 | Method and device for signing file |
| CN104573416A (en)* | 2013-10-25 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Method and device for generating application installation package and executing application |
| CN104866294A (en)* | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | Method and device for extending Android software function |
| CN104866504A (en)* | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | Method and device for extending Android software function |
| CN104866734A (en)* | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | DEX (Dalvik VM executes) file protecting method and device |
| CN104866741A (en)* | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | APK (Android package) file protecting method and device |
| WO2016062193A1 (en)* | 2014-10-22 | 2016-04-28 | 中国银联股份有限公司 | Method for dynamically controlling application function based on environment detection |
| WO2016078130A1 (en)* | 2014-11-18 | 2016-05-26 | 刘鹏 | Dynamic loading method for preventing reverse of apk file |
| CN105760721A (en)* | 2016-01-29 | 2016-07-13 | 北京奇虎科技有限公司 | Software hardening method and system |
| CN105843635A (en)* | 2016-03-01 | 2016-08-10 | 乐视云计算有限公司 | Application localized installation method and apparatus of Android device |
| CN105930695A (en)* | 2016-04-11 | 2016-09-07 | 江苏通付盾科技有限公司 | Protection method and device for software development kit |
| CN106355049A (en)* | 2016-08-19 | 2017-01-25 | 北京奇虎科技有限公司 | Method and device for reinforcing dynamic linking library SO file of Android installation package |
| US9792433B2 (en) | 2013-12-30 | 2017-10-17 | Beijing Qihoo Technology Company Limited | Method and device for detecting malicious code in an intelligent terminal |
| CN107871065A (en)* | 2016-09-27 | 2018-04-03 | 武汉安天信息技术有限责任公司 | The guard method of dex files and device under a kind of Dalvik patterns |
| CN107977553A (en)* | 2017-12-25 | 2018-05-01 | 中国电子产品可靠性与环境试验研究所 | The method and device of the security hardening of mobile applications |
| CN108229148A (en)* | 2016-12-21 | 2018-06-29 | 武汉安天信息技术有限责任公司 | A kind of sandbox hulling method and system based on Android virtual machines |
| CN108334756A (en)* | 2017-01-20 | 2018-07-27 | 武汉斗鱼网络科技有限公司 | A kind of interference method and device to recursive decrease formula analyzer decompiling |
| CN108595989A (en)* | 2018-03-15 | 2018-09-28 | 杭州电子科技大学 | Mobile APP security protection systems and method under a kind of iOS |
| CN109150956A (en)* | 2018-06-25 | 2019-01-04 | 百度在线网络技术(北京)有限公司 | A kind of implementation method, device, equipment and computer storage medium pushing SDK |
| TWI648648B (en)* | 2017-04-19 | 2019-01-21 | 大陸商北京梆梆安全科技有限公司 | Protection method of executable program on android platform |
| CN109255235A (en)* | 2018-09-17 | 2019-01-22 | 西安电子科技大学 | Mobile application third party library partition method based on User space sandbox |
| CN110046479A (en)* | 2019-03-21 | 2019-07-23 | 腾讯科技(深圳)有限公司 | A kind of chained library file reverse adjustment method and device based on Android operation system |
| CN110765423A (en)* | 2018-07-27 | 2020-02-07 | 北京京东尚科信息技术有限公司 | Application program confusion encryption method and device |
| CN111651156A (en)* | 2020-06-04 | 2020-09-11 | 广州鲁邦通物联网科技有限公司 | Software development kit adaptive to multiple development languages and calling method |
| CN112084490A (en)* | 2020-09-09 | 2020-12-15 | 南京烽火星空通信发展有限公司 | Method and system for realizing protection of software source code based on Linux kernel calling |
| CN113360181A (en)* | 2021-05-20 | 2021-09-07 | 武汉虹旭信息技术有限责任公司 | Code calling method and device for industrial Internet |
| CN113642021A (en)* | 2021-08-20 | 2021-11-12 | 深信服科技股份有限公司 | Business code submitting method, processing method, device and electronic equipment |
| CN113946801A (en)* | 2021-11-01 | 2022-01-18 | 苏州浪潮智能科技有限公司 | SGX-based Python source code protection method and device |
| CN114675840A (en)* | 2020-12-24 | 2022-06-28 | 花瓣云科技有限公司 | Method and electronic equipment for generating installation package of application program |
| CN115567461A (en)* | 2022-09-08 | 2023-01-03 | 杭州大拙信息技术有限公司 | A Grading-Based API Dynamic Protection Method |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106250771A (en)* | 2016-07-27 | 2016-12-21 | 北京邮电大学 | A kind of encryption method for Android program code |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6343280B2 (en)* | 1998-12-15 | 2002-01-29 | Jonathan Clark | Distributed execution software license server |
| CN1606027A (en)* | 2003-10-10 | 2005-04-13 | 深圳市派思数码科技有限公司 | Method for software copyright protection by utilizing fingerprint and application apparatus thereof |
| US7634521B1 (en)* | 2006-04-27 | 2009-12-15 | Symantec Corporation | Technique for scanning stealthed, locked, and encrypted files |
| CN102087605A (en)* | 2011-01-28 | 2011-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Android-based platform application installation control method and system |
| CN102236757A (en)* | 2011-06-30 | 2011-11-09 | 北京邮电大学 | Software protection method and system applicable to Android system |
- 2011
- 2011-12-20CNCN201110429661.2Apatent/CN102760219B/enactiveActive
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6343280B2 (en)* | 1998-12-15 | 2002-01-29 | Jonathan Clark | Distributed execution software license server |
| CN1606027A (en)* | 2003-10-10 | 2005-04-13 | 深圳市派思数码科技有限公司 | Method for software copyright protection by utilizing fingerprint and application apparatus thereof |
| US7634521B1 (en)* | 2006-04-27 | 2009-12-15 | Symantec Corporation | Technique for scanning stealthed, locked, and encrypted files |
| CN102087605A (en)* | 2011-01-28 | 2011-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Android-based platform application installation control method and system |
| CN102236757A (en)* | 2011-06-30 | 2011-11-09 | 北京邮电大学 | Software protection method and system applicable to Android system |
Non-Patent Citations (1)
| Title |
|---|
| ZH.WEIR: "Android类动态加载技术", 《HTTP://WWW.BLOGJAVA.NET/ZH-WEIR/ARCHIVE/2011/10/29/362294.HTML》* |
Cited By (64)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103809992B (en)* | 2012-11-13 | 2018-01-09 | 中兴通讯股份有限公司 | A kind of method and device of the compatible different file format java applications of Dalvik virtual machine |
| CN103809992A (en)* | 2012-11-13 | 2014-05-21 | 中兴通讯股份有限公司 | Method and device for enabling Dalvik virtual machine to be compatible with different file format java application |
| CN103365699B (en)* | 2012-12-21 | 2016-08-03 | 北京安天电子设备有限公司 | System API based on APK and the extracting method of character string and system when running |
| CN103365699A (en)* | 2012-12-21 | 2013-10-23 | 北京安天电子设备有限公司 | System API and running character string extraction method and system based on APK |
| CN103902857A (en)* | 2012-12-25 | 2014-07-02 | 深圳市腾讯计算机系统有限公司 | Method and device for protecting software programs |
| CN103902857B (en)* | 2012-12-25 | 2017-11-14 | 深圳市腾讯计算机系统有限公司 | A kind of guard method of software program and device |
| CN104346572B (en)* | 2013-07-25 | 2017-11-14 | 中国科学院信息工程研究所 | A kind of general external intelligent terminal secure operating environment construction method |
| CN104346572A (en)* | 2013-07-25 | 2015-02-11 | 中国科学院信息工程研究所 | Construction method of universal external intelligent terminal safety operation environment |
| WO2015058620A1 (en)* | 2013-10-25 | 2015-04-30 | Tencent Technology (Shenzhen) Company Limited | Method and apparatus for generating installation package corresponding to an application and executing application |
| CN103544414B (en)* | 2013-10-25 | 2015-08-19 | 江苏通付盾信息科技有限公司 | A kind of degree of depth Code obfuscation method of android system application |
| CN103544414A (en)* | 2013-10-25 | 2014-01-29 | 苏州通付盾信息技术有限公司 | Deep code obfuscation method for Android system applications |
| CN104573416A (en)* | 2013-10-25 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Method and device for generating application installation package and executing application |
| CN104573416B (en)* | 2013-10-25 | 2018-07-17 | 腾讯科技(深圳)有限公司 | A kind of method and device for generating application installation package, executing application |
| CN103593185B (en)* | 2013-11-04 | 2017-01-04 | 浙江大学 | The method that many android system based on single linux kernel share input display device |
| CN103593185A (en)* | 2013-11-04 | 2014-02-19 | 浙江大学 | Single-Linux-inner-core-based method for multiple Android systems to share input equipment and display equipment |
| CN103902910B (en)* | 2013-12-30 | 2016-07-13 | 北京奇虎科技有限公司 | Method and device for detecting malicious code in smart terminal |
| CN103902910A (en)* | 2013-12-30 | 2014-07-02 | 北京奇虎科技有限公司 | Method and device for detecting malicious codes in intelligent terminal |
| US9792433B2 (en) | 2013-12-30 | 2017-10-17 | Beijing Qihoo Technology Company Limited | Method and device for detecting malicious code in an intelligent terminal |
| CN104866504A (en)* | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | Method and device for extending Android software function |
| CN104866504B (en)* | 2014-02-25 | 2018-07-06 | 北京娜迦信息科技发展有限公司 | A kind of method and device that Function Extension is carried out to Android software |
| CN104866741A (en)* | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | APK (Android package) file protecting method and device |
| CN104866294B (en)* | 2014-02-25 | 2018-06-15 | 北京娜迦信息科技发展有限公司 | A kind of method and device for extending Android software function |
| CN104866734A (en)* | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | DEX (Dalvik VM executes) file protecting method and device |
| CN104866294A (en)* | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | Method and device for extending Android software function |
| CN104866734B (en)* | 2014-02-25 | 2018-10-09 | 北京娜迦信息科技发展有限公司 | A kind of guard method of DEX file and device |
| WO2016062193A1 (en)* | 2014-10-22 | 2016-04-28 | 中国银联股份有限公司 | Method for dynamically controlling application function based on environment detection |
| US10719605B2 (en) | 2014-10-22 | 2020-07-21 | China Unionpay Co., Ltd. | Method for dynamically controlling application function based on environment detection |
| CN104298932B (en)* | 2014-10-27 | 2017-12-12 | 中国建设银行股份有限公司 | A kind of call method and device of SO files |
| CN104298932A (en)* | 2014-10-27 | 2015-01-21 | 中国建设银行股份有限公司 | Method and device for calling SO file |
| WO2016078130A1 (en)* | 2014-11-18 | 2016-05-26 | 刘鹏 | Dynamic loading method for preventing reverse of apk file |
| CN104539432A (en)* | 2014-12-31 | 2015-04-22 | 北京奇虎科技有限公司 | Method and device for signing file |
| CN105760721B (en)* | 2016-01-29 | 2019-02-12 | 北京奇虎科技有限公司 | A software reinforcement method and system |
| CN105760721A (en)* | 2016-01-29 | 2016-07-13 | 北京奇虎科技有限公司 | Software hardening method and system |
| CN105843635A (en)* | 2016-03-01 | 2016-08-10 | 乐视云计算有限公司 | Application localized installation method and apparatus of Android device |
| CN105930695A (en)* | 2016-04-11 | 2016-09-07 | 江苏通付盾科技有限公司 | Protection method and device for software development kit |
| CN105930695B (en)* | 2016-04-11 | 2019-03-19 | 江苏通付盾科技有限公司 | Protection method and device for software development kit |
| CN106355049B (en)* | 2016-08-19 | 2020-02-11 | 北京奇虎科技有限公司 | Method and device for reinforcing SO file of dynamic link library of android installation package |
| CN106355049A (en)* | 2016-08-19 | 2017-01-25 | 北京奇虎科技有限公司 | Method and device for reinforcing dynamic linking library SO file of Android installation package |
| CN107871065A (en)* | 2016-09-27 | 2018-04-03 | 武汉安天信息技术有限责任公司 | The guard method of dex files and device under a kind of Dalvik patterns |
| CN107871065B (en)* | 2016-09-27 | 2019-12-20 | 武汉安天信息技术有限责任公司 | Method and device for protecting dex file in Dalvik mode |
| CN108229148A (en)* | 2016-12-21 | 2018-06-29 | 武汉安天信息技术有限责任公司 | A kind of sandbox hulling method and system based on Android virtual machines |
| CN108229148B (en)* | 2016-12-21 | 2022-06-21 | 武汉安天信息技术有限责任公司 | Sandbox unshelling method and sandbox unshelling system based on Android virtual machine |
| CN108334756A (en)* | 2017-01-20 | 2018-07-27 | 武汉斗鱼网络科技有限公司 | A kind of interference method and device to recursive decrease formula analyzer decompiling |
| CN108334756B (en)* | 2017-01-20 | 2020-05-12 | 武汉斗鱼网络科技有限公司 | Interference method and device for decompiling recursive descent type analyzer |
| TWI648648B (en)* | 2017-04-19 | 2019-01-21 | 大陸商北京梆梆安全科技有限公司 | Protection method of executable program on android platform |
| CN107977553A (en)* | 2017-12-25 | 2018-05-01 | 中国电子产品可靠性与环境试验研究所 | The method and device of the security hardening of mobile applications |
| CN108595989A (en)* | 2018-03-15 | 2018-09-28 | 杭州电子科技大学 | Mobile APP security protection systems and method under a kind of iOS |
| CN108595989B (en)* | 2018-03-15 | 2020-06-30 | 杭州电子科技大学 | Mobile APP safety protection system and method under iOS |
| CN109150956A (en)* | 2018-06-25 | 2019-01-04 | 百度在线网络技术(北京)有限公司 | A kind of implementation method, device, equipment and computer storage medium pushing SDK |
| CN109150956B (en)* | 2018-06-25 | 2021-04-16 | 百度在线网络技术(北京)有限公司 | Method, device and equipment for realizing SDK pushing and computer storage medium |
| CN110765423A (en)* | 2018-07-27 | 2020-02-07 | 北京京东尚科信息技术有限公司 | Application program confusion encryption method and device |
| CN109255235B (en)* | 2018-09-17 | 2021-08-24 | 西安电子科技大学 | Mobile application third-party library isolation method based on user mode sandbox |
| CN109255235A (en)* | 2018-09-17 | 2019-01-22 | 西安电子科技大学 | Mobile application third party library partition method based on User space sandbox |
| CN110046479A (en)* | 2019-03-21 | 2019-07-23 | 腾讯科技(深圳)有限公司 | A kind of chained library file reverse adjustment method and device based on Android operation system |
| CN111651156A (en)* | 2020-06-04 | 2020-09-11 | 广州鲁邦通物联网科技有限公司 | Software development kit adaptive to multiple development languages and calling method |
| CN112084490A (en)* | 2020-09-09 | 2020-12-15 | 南京烽火星空通信发展有限公司 | Method and system for realizing protection of software source code based on Linux kernel calling |
| CN114675840A (en)* | 2020-12-24 | 2022-06-28 | 花瓣云科技有限公司 | Method and electronic equipment for generating installation package of application program |
| CN114675840B (en)* | 2020-12-24 | 2025-01-10 | 花瓣云科技有限公司 | Method for generating installation package of application program and electronic device |
| CN113360181A (en)* | 2021-05-20 | 2021-09-07 | 武汉虹旭信息技术有限责任公司 | Code calling method and device for industrial Internet |
| CN113642021A (en)* | 2021-08-20 | 2021-11-12 | 深信服科技股份有限公司 | Business code submitting method, processing method, device and electronic equipment |
| CN113642021B (en)* | 2021-08-20 | 2024-05-28 | 深信服科技股份有限公司 | Service code submitting method, processing method, device and electronic equipment |
| CN113946801A (en)* | 2021-11-01 | 2022-01-18 | 苏州浪潮智能科技有限公司 | SGX-based Python source code protection method and device |
| CN113946801B (en)* | 2021-11-01 | 2024-06-04 | 苏州浪潮智能科技有限公司 | Python source code protection method and device based on SGX |
| CN115567461A (en)* | 2022-09-08 | 2023-01-03 | 杭州大拙信息技术有限公司 | A Grading-Based API Dynamic Protection Method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102760219B (en) | 2015-12-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102760219B (en) | A kind of Android platform software protection system, method and apparatus | |
| US12050904B2 (en) | Secure application distribution systems and methods | |
| CN101908119B (en) | Method and device for processing dynamic link library (DLL) file | |
| US20170116410A1 (en) | Software protection | |
| US9846789B2 (en) | Protecting application programs from malicious software or malware | |
| CN100354786C (en) | Open type general-purpose attack-resistant CPU and application system thereof | |
| US10503931B2 (en) | Method and apparatus for dynamic executable verification | |
| CN109992987B (en) | Script file protection method and device based on Nginx and terminal equipment | |
| CN106650341A (en) | Android application reinforcement method based on the process confusion technology | |
| CN104462959A (en) | Reinforcement protection method, sever and system for android app | |
| CN103886230A (en) | Software copyright protection method of android system and system thereof | |
| CN101199159A (en) | Secure boot | |
| CN106022098A (en) | Signature verification method and device for application | |
| CN104318135A (en) | Java code safety dynamic loading method on basis of trusted execution environment | |
| CN107273723A (en) | A kind of Android platform applied software protection method based on so file shell addings | |
| Ozkan et al. | Security analysis of mobile authenticator applications | |
| CN103971034A (en) | Method and device for protecting Java software | |
| US20240211609A1 (en) | Method and system of protecting model, device, and storage medium | |
| Cohen et al. | Towards a trusted HDFS storage platform: Mitigating threats to Hadoop infrastructures using hardware-accelerated encryption with TPM-rooted key protection | |
| Cooijmans et al. | Secure key storage and secure computation in Android | |
| Lee et al. | Classification and analysis of security techniques for the user terminal area in the Internet banking service | |
| CN104504310A (en) | Method and device for software protection based on shell technology | |
| CN116910712A (en) | Code protection method, system, electronic equipment and storage medium | |
| DONG et al. | Sesoa: Security enhancement system with online authentication for android apk | |
| JP2010535372A (en) | Computer-implemented method and system for embedding and authenticating auxiliary information in digitally signed content |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information | Address after:100080 Haidian District City, Zhongguancun, the main street, No. 1 Hailong building, room 1415, room 14 Applicant after:Beijing Antiy Electronic Installation Co., Ltd. Address before:100084, 2B-521, bright city, No. 1, Nongda South Road, Beijing, Haidian District Applicant before:Beijing Antiy Electronic Installation Co., Ltd. | |
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address | Address after:100080 Beijing city Haidian District minzhuang Road No. 3, Tsinghua Science Park Building 1 Yuquan Huigu a Patentee after:Beijing ahtech network Safe Technology Ltd Address before:100080 Haidian District City, Zhongguancun, the main street, No. 1 Hailong building, room 1415, room 14 Patentee before:Beijing Antiy Electronic Installation Co., Ltd. | |
| PE01 | Entry into force of the registration of the contract for pledge of patent right | Denomination of invention:Android platform software protecting system, method and equipment Effective date of registration:20170821 Granted publication date:20151216 Pledgee:CITIC Bank Harbin branch Pledgor:Beijing ahtech network Safe Technology Ltd Registration number:2017990000776 | |
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right | Date of cancellation:20180817 Granted publication date:20151216 Pledgee:CITIC Bank Harbin branch Pledgor:Beijing ahtech network Safe Technology Ltd Registration number:2017990000776 | |
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | Denomination of invention:Android platform software protecting system, method and equipment Effective date of registration:20180817 Granted publication date:20151216 Pledgee:CITIC Bank Harbin branch Pledgor:Beijing ahtech network Safe Technology Ltd Registration number:2018990000700 | |
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right | Date of cancellation:20191021 Granted publication date:20151216 Pledgee:CITIC Bank Harbin branch Pledgor:Beijing ahtech network Safe Technology Ltd Registration number:2018990000700 | |
| PC01 | Cancellation of the registration of the contract for pledge of patent right |