Unlock instant, AI-driven research and patent intelligence for your innovation.

Security detection method, device and system based on iOS application

A security detection and safety technology, applied in decompilation/disassembly, program code conversion, instrumentation, etc., can solve problems such as incomplete detection, unautomated security detection, and damage to user experience

Inactive Publication Date: 2019-08-20
JIANGSU PAYEGIS INFORMATION SECURITY TECH CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] It can be seen that there is currently no standard security detection tool for iOS platform applications on the market, and the security detection of applications cannot be automated. At the same time, most iOS application detection is static detection, that is, from the perspective of static code Comparing the key strings, the detection is not comprehensive
Therefore, mobile applications on the iOS platform cannot conduct comprehensive security testing before they are put on the market, and developers cannot make targeted modifications to the functions of mobile applications in advance, which will cause various problems in subsequent use and seriously damage the user's safety. Experience

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security detection method, device and system based on iOS application
  • Security detection method, device and system based on iOS application
  • Security detection method, device and system based on iOS application

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0031] figure 1 A flow chart of a security detection method for an iOS application according to Embodiment 1 is shown. Such as figure 1 As shown, the method includes the following steps:

[0032] Step S110: Decompile the acquired binary file of the target application.

[0033] The execution subject of the present invention can be various, for example, it can be a security software client installed inside the mobile terminal where the target application is located, or a security testing terminal or a security testing terminal capable of communicating with the mobile terminal where the target application is located. server.

[0034] Wherein, the target application is an application to be detected, the application is an iOS application, and the binary file of the target application specifically includes: using a decompression tool to decompress the IPA package of the target application to obtain the binary file of the target application.

[0035] Specifically, in this step, a...

Embodiment 2

[0045] figure 2 A flow chart of a method for detecting security of a target application according to Embodiment 2 is shown.

[0046] In this embodiment, security detection is performed on the target application from the perspective of the running environment of the target application. Since iOS applications can run on various iOS systems and different iPhone devices, but the iOS system version of iOS applications and different iPhone device models are iteratively updated very quickly, it is necessary to ensure that iOS applications can run normally in various operating environments.

[0047] Such as figure 2 As shown, the method includes the following steps:

[0048] Step S210: When an activation instruction corresponding to the target application is detected, determine an application running environment corresponding to the target application according to the activation instruction.

[0049] The execution subject of the present invention can be various, for example, it c...

Embodiment 3

[0075] image 3 A flow chart of a method for detecting security of a target application according to Embodiment 3 is shown.

[0076] This embodiment performs security detection on the target application from the perspective of anti-reversal of the target application. At present, the phenomenon of debugging the source code of the application, intercepting the running process of the application, and injecting the dynamic library is serious. The anti-reverse function detection of the application can evaluate the strength of the anti-reverse function of the application, and find the defects of the anti-reverse function of the application early.

[0077] Such as image 3 As shown, the method includes the following steps:

[0078] Step S310: sending an anti-reverse test instruction corresponding to a preset anti-reverse function to the target application.

[0079] The execution subject of the present invention can be various, for example, it can be a security software client inst...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security detection method, device and system based on an iOS application. The security detection method comprises the steps: carrying out decompilation of an obtained binaryfile of a target application; obtaining a decompiled code corresponding to the target application and obtained after decompilation; extracting a target code corresponding to the preset target area andcontained in the decompiled code; and judging whether the target code contains the content matching the preset confusion identifier or not, and determining the security level of the target application according to the judgment result. According to the security detection method, security detection is carried out on a target application from a data security angle of the target application; comparing the target code with a preset confusion identifier, the security detection method judges whether the data in the target application is confused or not according to a comparison result, and judges whether the target application has a data security protection function or not, so as to realize the detection of the data security protection degree of the target application.

Description

technical field [0001] The invention relates to the technical field of computer software, in particular to an iOS application-based operating environment detection method, device and system. Background technique [0002] With the rapid development of network technology, the number of Internet users has increased exponentially, and the sales of smart phones have increased significantly. In the high-end market, the mobile terminal business market share of the iOS platform is very large. The design of mobile applications based on the iOS platform is becoming increasingly complex, the scale of development is increasing, and the quality of applications is becoming more and more important. In particular, the number of payment-related applications is growing rapidly, and the security of payment-related applications is crucial throughout the application's life cycle. [0003] However, the inventor found in the process of implementing the present invention that the application secu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06F8/53
CPCG06F8/53G06F21/57G06F2221/033
Inventor 汪德嘉华保健邵根波钱潇龄孟啸龙郑小敏
Owner JIANGSU PAYEGIS INFORMATION SECURITY TECH CO LTD