Android application program protection method based on Dex2C and LLVM

A technology for application programs and protected objects, applied in the field of virtualization, can solve problems such as reduced efficiency and insufficient protection capabilities, and achieve the effect of raising the threshold, avoiding reflective calls and redundant loop operations, and preventing reverse cracking

Active Publication Date: 2019-09-17
NORTHWEST UNIV(CN)
View PDF7 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It can be seen that, on the one hand, the current protection scheme has the problems of insufficient protection capability and reduced efficiency after protection; on the other hand, there is currently no system on the market that can protect Dex files and So files at the same time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android application program protection method based on Dex2C and LLVM
  • Android application program protection method based on Dex2C and LLVM
  • Android application program protection method based on Dex2C and LLVM

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041]The present invention proposes an Android application program protection method based on Dex2C and LLVM, the core of which is to convert the method to be protected in the Dex layer into corresponding C code and use LLVM-based virtualization during compilation. Dex2C first decompresses the APK file and parses the Dex file to obtain the Node node information of each instruction, and then converts the function declaration and function body. This solution designs three conversion logics for 256 assembly instructions, compiles the converted C code through the LLVM virtualization module, forms a virtualized binary So file specific to the CPU architecture, and repackages and signs to generate a new APK. The application program protected by the present invention can effectively reduce the volume of APK and improve the execution efficiency of APK on the one hand; on the other hand, it can also increase the reverse attack cost of malicious attackers on the Dex layer and the local l...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Android application program protection method based on Dex2C and LLVM. The method comprises the following steps: decompressing an APK to obtain and analyze a Dex file, obtaining all necessary information, capable of recovering C codes, of each assembly instruction; selecting whether to carry out Dex2C conversion or not according to the evaluation model, and if the Dex2C conversion exceeds a threshold value, carrying out Dex2C conversion: carrying out conversion preprocessing operation, including searching a to-be-protected method, inserting assembly instruction statements, establishing an adjacency relation of instructions and the like, and selecting one of the three sets of conversion logics one by one according to the type of the assembly instruction to carry out conversion; achieving virtualization during compiling based on the LLVM, and if the threshold value is not exceeded, executing an LLVM compiling virtualization module directly; after the So file is generated through the framework, repackaging and signing are carried out, and generating the APK with the equivalent function. According to the invention, the protection methods of the Dex layer and the local layer are combined, on one hand, the execution efficiency of the APK can be improved, and on the other hand, the attack difficulty and cost of malicious attackers are greatly improved.

Description

technical field [0001] The invention belongs to the technical field of Dex file encryption and So file compilation virtualization in Android application programs, and specifically relates to the conversion of Dex files to C files and a virtual Android application program protection method based on LLVM compilation. Background technique [0002] In recent years, with the booming mobile Internet ecosystem, the number of mobile applications has grown exponentially. According to a survey by Statista, as of March 2019, Google Play offers a total of 2.6 million Android applications. However, due to the maturity of the reverse tool chain, attackers can easily obtain the core logic of So (shared object) files or classes.dex files in legitimate applications by using reverse tools, and then tamper with them, such as adding malicious code or replacing original advertisements , and finally repackage and sign, and flow into the market through illegal channels. This not only damages the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/14
CPCG06F21/14
Inventor 汤战勇何中凯张宇翔王薇龚晓庆陈晓江房鼎益
Owner NORTHWEST UNIV(CN)
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap