Supercharge Your Innovation With Domain-Expert AI Agents!

Shell checking method based on dynamic behaviors of APK (android package) packing software

A software and behavioral technology, which is applied in the directions of instruments, electronic digital data processing, and platform integrity maintenance, etc., can solve the problems of low accuracy of shell checking results, low efficiency of shell checking, confusion of shell checking results, etc., and achieve the efficiency of shell checking Low, low accuracy, and increased difficulty effects

Inactive Publication Date: 2015-12-30
北京鼎源科技有限公司
View PDF1 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method of checking files based on static file features has relatively large limitations. The problem is that the result of file checking can be confused by modifying the binary file to erase the feature code or modifying the feature code, so that the accuracy of the file checking result can be improved. Low, low shell checking efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Shell checking method based on dynamic behaviors of APK (android package) packing software
  • Shell checking method based on dynamic behaviors of APK (android package) packing software
  • Shell checking method based on dynamic behaviors of APK (android package) packing software

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] Below in conjunction with accompanying drawing, further describe the present invention through embodiment, but do not limit the scope of the present invention in any way.

[0032] The present invention provides a shell checking method based on the dynamic behavior of APK shelling software. The Hook function monitors the call of the system function and feature function by the shell program, so that the packed program runs in the environment where the monitoring program is deployed. Once the monitored function is called, it jumps to the Hook function for recording. Thereby obtain the calling feature of packing software to system function and feature function, as detection feature; Then by feature comparison, obtain the type of the corresponding shell program of the program of packing; The present invention can effectively detect the type of mainstream APK shell , improve the accuracy and efficiency of analyzing packed malicious code.

[0033] figure 1 It is a flow chart...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a shell checking method based on dynamic behaviors of APK (android package) packing software. According to the method, aiming at a shell procedure, dynamic behavior monitoring is performed on call of a system function and a characteristic function through a Hook function of the android system; when the monitored functions are called, skip is performed to the Hook function for recording, and the type of the corresponding shell procedure is obtained through feature comparison, wherein call behaviors of the APK packer software on the general system function and the characteristic function are detected respectively through the Hook function, and features of a packing call general system function and features of a packing call characteristic function are constructed; corresponding feature libraries can be constructed. During shell checking, certain packing program is started; dynamic behavior monitoring is performed on function call of the packing program through the Hook function, features of function call are recorded and matched with the feature libraries, and a shell checking result is obtained. According to the method, the types of mainstream APK shells can be detected effectively, and the accuracy and efficiency for analyzing packing malicious codes are improved.

Description

technical field [0001] The invention belongs to mobile client App security technology, relates to the packing of an Android application program installation package (APK, AndroidPackage), and in particular relates to a shell checking method based on the dynamic behavior of APK packing software. Background technique [0002] With the increasing popularity of mobile technology applications, the mobile software industry has developed rapidly. At the same time, there are more and more Trojan horses and virus malicious code software targeting mobile terminals. Cheetah Mobile Security data shows that in 2014, 280 million Android phones were infected with viruses worldwide, with an average of 800,000 Android phones being infected every day. China topped the list with nearly 120 million phones being infected. According to the report of 360 Internet Security Center, in 2014, only 360 Internet Security Center intercepted a total of 3.26 million new malicious program samples on the And...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/563G06F21/566
Inventor 文伟平
Owner 北京鼎源科技有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com