Unlock instant, AI-driven research and patent intelligence for your innovation.

Code instrumentation detection method and device, equipment and medium

A technology of code instrumentation and detection methods, which is applied in the field of program analysis and can solve problems such as heavy workload and errors

Active Publication Date: 2020-02-14
HANGZHOU FRAUDMETRIX TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, there is an urgent need for a method of detecting code insertion to overcome the security risks caused by insertion
However, the existing code instrumentation detection methods rely on a large number of manual analysis, the workload is heavy, and there are errors

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Code instrumentation detection method and device, equipment and medium
  • Code instrumentation detection method and device, equipment and medium
  • Code instrumentation detection method and device, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] This embodiment provides a code instrumentation detection method, which aims to parse the DEX file in the APK to obtain the function instruction length in the DEX file. After running the APK, obtain the function instruction length in the DEX file again, and compare the function instructions Length, judge whether the code is instrumented, so as to realize code instrumentation detection.

[0039] Based on the above principles, the code instrumentation detection method is introduced, such as figure 1 As shown, the code instrumentation detection method specifically includes the following steps:

[0040] Obtain the DEX file in the APK, parse the DEX file, and obtain the original function instruction length of the DEX file;

[0041] Run the APK to obtain the memory address of the DEX file;

[0042] Obtaining a function offset value, and obtaining the target function instruction length according to the memory address of the DEX file and the function offset value;

[0043] The length of...

Embodiment 2

[0066] This embodiment discloses a code instrumentation detection device corresponding to the code instrumentation detection method of embodiment 1, which is a virtual structure device, such as figure 2 Shown, including:

[0067] The DEX parsing module 210 is configured to obtain the DEX file in the APK, parse the DEX file, and obtain the original function instruction length of the DEX file;

[0068] The memory address obtaining module 220 is configured to run the APK and obtain the memory address of the DEX file;

[0069] The function length calculation module 230 is configured to obtain a function offset value, and obtain the target function instruction length according to the memory address of the DEX file and the function offset value;

[0070] The comparison output module 240 is configured to compare the length of the original function instruction and the length of the target function instruction, and output the instrumentation detection result.

[0071] The above-mentioned DEX pa...

Embodiment 3

[0079] image 3 This is a schematic structural diagram of an electronic device provided in Embodiment 3 of the present invention, such as image 3 As shown, the electronic device includes a processor 310, a memory 320, an input device 330, and an output device 340; the number of processors 310 in the computer device may be one or more, image 3 Take a processor 310 as an example; the processor 310, the memory 320, the input device 330, and the output device 340 in the electronic device may be connected by a bus or other means, image 3 Take the bus connection as an example.

[0080] As a computer-readable storage medium, the memory 320 can be used to store software programs, computer-executable programs, and modules, such as program instructions / modules corresponding to the code instrumentation detection method in the embodiment of the present invention (for example, a code instrumentation detection device). The DEX analysis module 210, the memory address acquisition module 220...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a code instrumentation detection method, relates to the technical field of program analysis, and aims to complete code instrumentation detection by comparing function instruction lengths before and after running, the method comprises the following steps: obtaining a DEX file in an APK, and analyzing the DEX file to obtain an original function instruction length of the DEX file; running the APK, and obtaining a memory address of the DEX file; obtaining a function offset value, and obtaining a target function instruction length according to the memory address of the DEX file and the function offset value; and comparing the original function instruction length with the target function instruction length, and outputting an instrumentation detection result. The inventionfurther discloses a code instrumentation detection device, electronic equipment and a computer storage medium.

Description

Technical field [0001] The invention relates to the technical field of program analysis, in particular to a method, device, equipment and medium for detecting code plugging. Background technique [0002] With the development of the mobile Internet, the security of smart phones has become one of the most important issues for the mobile Internet industry and mobile Internet users. With the increase of Android system devices, the security of Android applications is particularly valued. [0003] After the development of the Android application is completed, its interaction process is confidential. If the Android application is instrumented in the user access phase, the interaction process of the application will be intercepted by the user, causing most of the business logic of the Android application to be exposed to the user. This brings security risks. Common instrumentation operations are as follows: [0004] 1. Insert a stake in the network request section to obtain the transmissio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36G06F8/41
CPCG06F8/427G06F11/3624G06F11/3644
Inventor 谢开兵高岳
Owner HANGZHOU FRAUDMETRIX TECH CO LTD