Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Sandbox shelling method and system based on Android virtual machine

A virtual machine and sandbox technology, applied in the field of information security, can solve problems such as system crashes, security risks, mobile phone sensitive information theft, etc., and achieve the effect of simple use, high efficiency, and ensuring the security of the equipment environment

Active Publication Date: 2018-06-29
WUHAN ANTIY MOBILE SECURITY
View PDF4 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At the same time, other malicious programs can also obtain root privileges, resulting in the tampering of the system, or the theft of sensitive information in the mobile phone, resulting in security risks
Secondly, the hook technology uses the replacement of key functions in the system layer to achieve the goal of obtaining memory. Improper handling may lead to system crashes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sandbox shelling method and system based on Android virtual machine
  • Sandbox shelling method and system based on Android virtual machine
  • Sandbox shelling method and system based on Android virtual machine

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment 1

[0097] combine image 3 As shown, the present invention provides a function of modifying the framework code of the Android system based on the principles of the Android system. The functional steps are as follows:

[0098] S01, start the Android virtual machine until the system framework code is loaded.

[0099] S02, use the system dvmJarOpen to load the custom Android virtual machine code package of the present invention to obtain a DexFile object.

[0100] S03, calling dvmSetBootPathExtraDex to store the above-mentioned DexFile object in bootClassPathOptExtra.

[0101] S04, call loadAllClass, search for the classes in the above-mentioned DexFile in a loop, and add them all to the hashTable for subsequent use.

[0102] S041, classloader and DvmDex are not provided here for class search, use dvmFindSystemClassNoInit to search from bootclass.

[0103] S042, use dexFindClass to directly search from bootClassPathOptExtra, return if found, otherwise go to the next step.

[01...

specific Embodiment 2

[0106] This system refers to the operating principle of the Android system, and realizes the interface from Activity, Application to ActivityThread, etc., which can be directly called by the application. Also implemented ApplicationInfo, LoadedApk, Context and other classes related to the environment and resources. Since many system principles are involved, this embodiment only describes the reference steps.

[0107] S01, the control module starts the dalvik virtual machine.

[0108] S02, the control module uses the function of Embodiment 1 to load the system framework jar package.

[0109] S03, pass in the app path of the target application, analyze and obtain the Application name and the main Activity name.

[0110] S04, use the Jni interface FindClass to find the target Application class, and call The initialization function calls NewObject to generate an object.

[0111] S05, use the Jni interface FindClass to find the ActivityThread, and the ActivityThread is the Ac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a sandbox shelling method and system based on an Android virtual machine. The method comprises the steps that the Android virtual machine is started, the class loader of a system is replaced with a predefined class loader to load a custom Android virtual machine code package used for shelling of a sandbox, and the run-time environment capable of executing Android shelling codes is obtained; the package name and the main Acitivity name of a to-be-shelled target application are read in the virtual machine, and the context and resource accessing interface of the target application are constructed according to the package name and the main Acitivity name; the resource accessing interface of the target application is constructed to simulate the normal execution procedureof the target application, the context matching with the target application is transmitted to the start parameters of the target application, and program code decryption is conducted on the target application in the sandbox to obtain the program code of the target application. According to the method, the execution environment does not need to provide the highest access authorization, the environmental safety of a device of a user is ensured, and the method is simple to use and high in execution efficiency.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a sandbox unpacking method and system based on an Android virtual machine. Background technique [0002] Android devices are developing rapidly, expanding from mobile phones to tablets, smart TVs, etc., and there are more and more risky and malicious applications on the devices. The general malicious detection methods are mostly based on feature detection, which are basically ineffective for the malicious behavior of hardened samples. Therefore, there is an urgent need for a solution that can provide a fast detection function in user scenarios. [0003] Generally, the unpacking technology on the client side needs to use the hook (hook) technology, and involves the system root (obtaining the highest authority), which is equivalent to opening a door to the mobile terminal system, causing security risks. The system root is based on a linux-like account authority mecha...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53G06F9/455
CPCG06F9/45558G06F21/53
Inventor 唐浩乔伟
Owner WUHAN ANTIY MOBILE SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com