An Android application security protection method based on dynamic virtual instruction transformation

A virtual instruction and application security technology, applied in the direction of program/content distribution protection, etc., can solve the problems of static analysis and dynamic analysis that cannot completely resist attackers, cannot effectively solve memory dump, and fixed principle.

Pending Publication Date: 2019-04-30
NANJING UNIV OF SCI & TECH
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] At present, the existing protection methods for Android applications mainly include code obfuscation, integrity verification, DEX packing, etc. Although these methods can protect Android applications to a certain extent, they cannot completely resist the attacks of attackers. Static Analysis vs. Dynamic Analysis
In addition, the principles of these security hardening methods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An Android application security protection method based on dynamic virtual instruction transformation
  • An Android application security protection method based on dynamic virtual instruction transformation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The Android application security protection method based on the dynamic virtual instruction set of the present invention comprises the following steps:

[0023] 1. Determine the protected object in the Android application. The protected object is the key method in the Android application. The key method includes two parts. The first part is provided by the developer. The developer provides which methods they think are very important during the running of the program Need to be protected, the second part is given by the present invention, the present invention analyzes the application program and takes the method of accessing system sensitive resources as the key method.

[0024] 2. According to the set of key methods obtained in step 1, extract information such as method instructions of key methods from the DEX file. The key method in the program is a class method belonging to a certain class. Its related information is stored in the class data area of ​​the class it be...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Android application security protection method based on dynamic virtual instruction transformation. According to the invention, a user-defined virtual instruction set and avirtual machine interpreter are defined; converting the Dalvik instruction set into a self-defined virtual instruction set through an instruction obfuscation operation; during execution, the mapping relation between the instruction sets is dynamically transformed, and the transformed instruction is interpreted and executed by the user-defined virtual machine interpreter, so that the protection ofthe key method and execution logic in the Android application is realized. Meanwhile, the Android application code based on the user-defined virtual instruction set and the virtual machine interpretercorresponding to the Android application code are embedded in the Android application, and therefore Root authority does not need to be owned or an Android underlying system does not need to be modified. According to the method, effective protection can be provided for key methods and execution logic in the Android application, the confusion degree and the non-readability of the application program are improved, the time and space complexity of an attacker for implementing reverse analysis and code dump attack can be effectively improved, and safety reinforcement of the Android application isachieved.

Description

technical field [0001] The invention relates to a method for protecting Android application software security, in particular to a method for protecting Android application software based on dynamic virtual instruction transformation, which fully protects the security of Android application software by combining the advantages of virtual instructions and self-defined interpreters. Background technique [0002] Google launched the Android system in 2007, and quickly occupied the mobile smartphone market in just a few years, becoming the most popular mobile operating system at present. According to the data provided by Statcounter, a communication traffic monitoring organization, Android surpassed Windows for the first time in March 2017. It has become the world's largest operating system, accounting for 37.93%, surpassing the 37.91% of Microsoft's Windows system. [0003] Although the source code open source feature of the Android system brings convenience to developers to a c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/14
CPCG06F21/14
Inventor 俞研胡恒伟付安民苏铓黄婵颖
Owner NANJING UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap