Sandbox shelling method and system based on Android virtual machine
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A virtual machine and sandbox technology, applied in the field of information security, can solve problems such as system crashes, security risks, mobile phone sensitive information theft, etc., and achieve the effect of simple use, high efficiency, and ensuring the security of the equipment environment
Active Publication Date: 2018-06-29
WUHAN ANTIY MOBILE SECURITY
View PDF4 Cites 12 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
At the same time, other malicious programs can also obtain root privileges, resulting in the tampering of the system, or the theft of sensitive information in the mobile phone, resulting in security risks
Secondly, the hook technology uses the replacement of key functions in the system layer to achieve the goal of obtaining memory. Improper handling may lead to system crashes
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
specific Embodiment 1
[0097] combine image 3 As shown, the present invention provides a function of modifying the framework code of the Android system based on the principles of the Android system. The functional steps are as follows:
[0098] S01, start the Android virtual machine until the system framework code is loaded.
[0099] S02, use the system dvmJarOpen to load the custom Android virtual machine code package of the present invention to obtain a DexFile object.
[0100] S03, calling dvmSetBootPathExtraDex to store the above-mentioned DexFile object in bootClassPathOptExtra.
[0101] S04, call loadAllClass, search for the classes in the above-mentioned DexFile in a loop, and add them all to the hashTable for subsequent use.
[0102] S041, classloader and DvmDex are not provided here for class search, use dvmFindSystemClassNoInit to search from bootclass.
[0103] S042, use dexFindClass to directly search from bootClassPathOptExtra, return if found, otherwise go to the next step.
[01...
specific Embodiment 2
[0106] This system refers to the operating principle of the Android system, and realizes the interface from Activity, Application to ActivityThread, etc., which can be directly called by the application. Also implemented ApplicationInfo, LoadedApk, Context and other classes related to the environment and resources. Since many system principles are involved, this embodiment only describes the reference steps.
[0107] S01, the control module starts the dalvik virtual machine.
[0108] S02, the control module uses the function of Embodiment 1 to load the system framework jar package.
[0109] S03, pass in the app path of the target application, analyze and obtain the Application name and the main Activity name.
[0110] S04, use the Jni interface FindClass to find the target Application class, and call The initialization function calls NewObject to generate an object.
[0111] S05, use the Jni interface FindClass to find the ActivityThread, and the ActivityThread is the Ac...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The invention discloses a sandbox shelling method and system based on an Android virtual machine. The method comprises the steps that the Android virtual machine is started, the class loader of a system is replaced with a predefined class loader to load a custom Android virtual machine code package used for shelling of a sandbox, and the run-time environment capable of executing Android shelling codes is obtained; the package name and the main Acitivity name of a to-be-shelled target application are read in the virtual machine, and the context and resource accessing interface of the target application are constructed according to the package name and the main Acitivity name; the resource accessing interface of the target application is constructed to simulate the normal execution procedureof the target application, the context matching with the target application is transmitted to the start parameters of the target application, and program code decryption is conducted on the target application in the sandbox to obtain the program code of the target application. According to the method, the execution environment does not need to provide the highest access authorization, the environmental safety of a device of a user is ensured, and the method is simple to use and high in execution efficiency.
Description
technical field [0001] The invention relates to the technical field of information security, in particular to a sandbox unpacking method and system based on an Android virtual machine. Background technique [0002] Android devices are developing rapidly, expanding from mobile phones to tablets, smart TVs, etc., and there are more and more risky and malicious applications on the devices. The general malicious detection methods are mostly based on feature detection, which are basically ineffective for the malicious behavior of hardened samples. Therefore, there is an urgent need for a solution that can provide a fast detection function in user scenarios. [0003] Generally, the unpacking technology on the client side needs to use the hook (hook) technology, and involves the system root (obtaining the highest authority), which is equivalent to opening a door to the mobile terminal system, causing security risks. The system root is based on a linux-like account authority mecha...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more