Android encryption communication detection device and method based on dynamic linking library injection
A dynamic link library and encrypted communication technology, which is applied in the field of network security in information security, can solve problems such as difficult analysis and inability to obtain correct results, and achieve the effects of strong applicability, good promotion and application prospects, and convenient use
Inactive Publication Date: 2014-11-19
BEIJING SOFTSEC TECH
View PDF5 Cites 14 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, due to the Android application of encrypted communication, most of the monitored data is in an unrecognizable data format, and the above-mentioned traditional methods have been difficult to analyze, let alone obtain correct results
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0051] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings.
[0052] The object of the present invention is to develop an Android platform encrypted communication detection device based on the way of dynamic link library injection, which can capture and record encrypted communication packets sent and / or received by Android smart terminals. Therefore, how to find monitoring points is the key to encrypted communication detection.
[0053] see figure 1 , introduce the Android encrypted communication device of the present invention: the detection device is provided with: a dynamic link library injection module, a monitoring point implant module, and a data packet analyzer are three modules in total, and it does not change the system ROM and is not in the debugging state. Detect and analyze terminal encrypted communication: use ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more PUM
Login to view more Abstract
The invention discloses an Android encryption communication detection device and method based on dynamic linking library injection. The detection device is provided with a dynamic linking library injection module, a monitoring point implantation module and a data packet analysis module. The detection device and method are used for detecting and analyzing terminal encryption communication on the conditions that the system ROM is not changed and the system is not in the debugging state. The detection method comprises the steps that the dynamic linking library injection mode is adopted, a shellcode is injected into the set process space of an intelligent terminal, the shellcode is searched for an API used by system encryption communication, the API is used as a monitoring point set and implanted at the Android system encryption communication position, unencrypted communication data packets sent and received by an Android intelligent terminal are captured and recorded, and the unencrypted communication data packets are detected and analyzed based on an Android platform, so that the safety problem caused by encryption communication for stealing user or enterprise privacy information and spreading illegal information is solved. The Android encryption communication detection device and method based on dynamic linking library injection have the advantages that the applicability is good, the monitoring point is extensible and comprehensive, data packet analysis and analysis cost are small, and therefore the Android encryption communication detection device and method have good application and popularization prospects.
Description
technical field [0001] The invention relates to an encrypted communication detection device for a mobile Android platform, more precisely, to an Android encrypted communication detection device and method based on dynamic link library injection, and belongs to the technical field of network security in information security. Background technique [0002] At present, there are many research literatures on the detection and analysis technology of PC-side software encrypted communication. However, the research on the detection and analysis technology of mobile Android platform encrypted communication is still in its infancy, so mature detection tools have not yet been formed. Like the PC side, its detection is usually based on software reverse analysis technology. Therefore, commonly used encrypted communication detection tools and auxiliary tools include: Gdbserver, Andbug, Taintdroid and IDA Pro, etc. Here is an introduction to these tools: [0003] Gdbserver, as a powerful ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more Application Information
Patent Timeline
Login to view more Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30H04L29/06
CPCG06F21/566H04L63/1416
Inventor 徐国爱张淼
Owner BEIJING SOFTSEC TECH
Who we serve
- R&D Engineer
- R&D Manager
- IP Professional
Why Eureka
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Social media
Try Eureka
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap