Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Android encryption communication detection device and method based on dynamic linking library injection

A dynamic link library and encrypted communication technology, which is applied in the field of network security in information security, can solve problems such as difficult analysis and inability to obtain correct results, and achieve the effects of strong applicability, good promotion and application prospects, and convenient use

Inactive Publication Date: 2014-11-19
BEIJING SOFTSEC TECH
View PDF5 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the Android application of encrypted communication, most of the monitored data is in an unrecognizable data format, and the above-mentioned traditional methods have been difficult to analyze, let alone obtain correct results

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android encryption communication detection device and method based on dynamic linking library injection
  • Android encryption communication detection device and method based on dynamic linking library injection
  • Android encryption communication detection device and method based on dynamic linking library injection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0052] The object of the present invention is to develop an Android platform encrypted communication detection device based on the way of dynamic link library injection, which can capture and record encrypted communication packets sent and / or received by Android smart terminals. Therefore, how to find monitoring points is the key to encrypted communication detection.

[0053] see figure 1 , introduce the Android encrypted communication device of the present invention: the detection device is provided with: a dynamic link library injection module, a monitoring point implant module, and a data packet analyzer are three modules in total, and it does not change the system ROM and is not in the debugging state. Detect and analyze terminal encrypted communication: use ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an Android encryption communication detection device and method based on dynamic linking library injection. The detection device is provided with a dynamic linking library injection module, a monitoring point implantation module and a data packet analysis module. The detection device and method are used for detecting and analyzing terminal encryption communication on the conditions that the system ROM is not changed and the system is not in the debugging state. The detection method comprises the steps that the dynamic linking library injection mode is adopted, a shellcode is injected into the set process space of an intelligent terminal, the shellcode is searched for an API used by system encryption communication, the API is used as a monitoring point set and implanted at the Android system encryption communication position, unencrypted communication data packets sent and received by an Android intelligent terminal are captured and recorded, and the unencrypted communication data packets are detected and analyzed based on an Android platform, so that the safety problem caused by encryption communication for stealing user or enterprise privacy information and spreading illegal information is solved. The Android encryption communication detection device and method based on dynamic linking library injection have the advantages that the applicability is good, the monitoring point is extensible and comprehensive, data packet analysis and analysis cost are small, and therefore the Android encryption communication detection device and method have good application and popularization prospects.

Description

technical field [0001] The invention relates to an encrypted communication detection device for a mobile Android platform, more precisely, to an Android encrypted communication detection device and method based on dynamic link library injection, and belongs to the technical field of network security in information security. Background technique [0002] At present, there are many research literatures on the detection and analysis technology of PC-side software encrypted communication. However, the research on the detection and analysis technology of mobile Android platform encrypted communication is still in its infancy, so mature detection tools have not yet been formed. Like the PC side, its detection is usually based on software reverse analysis technology. Therefore, commonly used encrypted communication detection tools and auxiliary tools include: Gdbserver, Andbug, Taintdroid and IDA Pro, etc. Here is an introduction to these tools: [0003] Gdbserver, as a powerful ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30H04L29/06
CPCG06F21/566H04L63/1416
Inventor 徐国爱张淼
Owner BEIJING SOFTSEC TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com