Unlock instant, AI-driven research and patent intelligence for your innovation.

Code instrumentation detection method, device, equipment and medium

A technology of code instrumentation and detection methods, which is applied in the field of program analysis and can solve problems such as errors and heavy workload

Active Publication Date: 2020-04-07
HANGZHOU FRAUDMETRIX TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, there is an urgent need for a method of detecting code insertion to overcome the security risks caused by insertion
However, the existing code instrumentation detection methods rely on a large number of manual analysis, the workload is heavy, and there are errors

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Code instrumentation detection method, device, equipment and medium
  • Code instrumentation detection method, device, equipment and medium
  • Code instrumentation detection method, device, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] This embodiment provides a code instrumentation detection method, which aims to analyze the DEX file in the APK to obtain the length of the function instruction in the DEX file. After running the APK, obtain the length of the function instruction in the DEX file again, and compare the function instructions Length, to determine whether the code has been instrumented, so as to realize code instrumentation detection.

[0039] According to the above principles, the code instrumentation detection method is introduced, such as figure 1 As shown, the code instrumentation detection method specifically includes the following steps:

[0040] Obtaining the DEX file in the APK, parsing the DEX file, and obtaining the original function instruction length of the DEX file;

[0041] Run the APK to obtain the memory address of the DEX file;

[0042] Obtain a function offset value, and obtain the target function instruction length according to the memory address of the DEX file and the...

Embodiment 2

[0066] This embodiment discloses a code stub detection device corresponding to the code stub detection method in Embodiment 1, which is a virtual structure device, such as figure 2 shown, including:

[0067] The DEX parsing module 210 is used to obtain the DEX file in the APK, parse the DEX file, and obtain the original function instruction length of the DEX file;

[0068] A memory address obtaining module 220, configured to run the APK to obtain the memory address of the DEX file;

[0069] The function length calculation module 230 is used to obtain the function offset value, and obtain the target function instruction length according to the memory address of the DEX file and the function offset value;

[0070] The comparison and output module 240 is configured to compare the length of the original function instruction with the length of the target function instruction, and output a stubbing detection result.

[0071] The DEX parsing module 210 invokes a preset Python scri...

Embodiment 3

[0079] image 3 A schematic structural diagram of an electronic device provided by Embodiment 3 of the present invention, such as image 3 As shown, the electronic device includes a processor 310, a memory 320, an input device 330, and an output device 340; the number of processors 310 in a computer device may be one or more, image 3 Take a processor 310 as an example; the processor 310, memory 320, input device 330 and output device 340 in the electronic device can be connected by bus or other methods, image 3 Take connection via bus as an example.

[0080] The memory 320, as a computer-readable storage medium, can be used to store software programs, computer-executable programs, and modules, such as program instructions / modules corresponding to the code instrumentation detection method in the embodiment of the present invention (for example, a code instrumentation detection device DEX analysis module 210, memory address acquisition module 220, function length calculation...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a code instrumentation detection method, relates to the technical field of program analysis, and aims to complete code instrumentation detection by comparing function instruction lengths before and after running, the method comprises the following steps: obtaining a DEX file in an APK, and analyzing the DEX file to obtain an original function instruction length of the DEX file; running the APK, and obtaining a memory address of the DEX file; obtaining a function offset value, and obtaining a target function instruction length according to the memory address of the DEX file and the function offset value; and comparing the original function instruction length with the target function instruction length, and outputting an instrumentation detection result. The inventionfurther discloses a code instrumentation detection device, electronic equipment and a computer storage medium.

Description

technical field [0001] The present invention relates to the technical field of program analysis, in particular to a method, device, equipment and medium for code stub detection. Background technique [0002] With the development of the mobile Internet, the security of smart phones has become one of the most important issues for the mobile Internet industry and mobile Internet users. Among them, with the increase of Android system devices, the security of Android applications has been paid special attention. [0003] After the development of the Android application is completed, its interaction process is kept secret. If the Android application is inserted during the user access stage, the interaction process of the application will be intercepted by the user, resulting in most of the business logic of the Android application being exposed to the user. This creates a security risk. Common piling operations are as follows: [0004] 1. Insert stubs in the network request part...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36G06F8/41
CPCG06F8/427G06F11/3624G06F11/3644
Inventor 谢开兵高岳
Owner HANGZHOU FRAUDMETRIX TECH CO LTD