Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and device for detecting tampered applications

A technology that has been tampered with and detected results, applied in the field of mobile Internet, can solve problems such as application integrity cannot be guaranteed, installation failures, smart card security risks, etc., and achieve the effect of avoiding detection of integrity verification.

Active Publication Date: 2021-06-15
SHANGHAI ZHANGMEN TECH
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Installing such an application on the card may bring many uncertain security risks to the smart card
[0006] (2) Application integrity cannot be guaranteed
Installing such an application on the card may cause the installation to fail, or cause the risk of user information being illegally stolen by criminals.
[0008] (3) Application authorization installation cannot be guaranteed
[0012] However, this direct interface reporting method is not concealed, and it is easy for hackers to detect and find opportunities to crack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for detecting tampered applications
  • A method and device for detecting tampered applications
  • A method and device for detecting tampered applications

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0062] A method for verifying the integrity of an APP with concealment capabilities on a mobile smart terminal, used in a verification system for the integrity of an application program, including such figure 1 The client and server shown, such as figure 2 shown, including the following steps:

[0063] S1. When the official APP is released, record the summary value T1 of the APP installation file on the server and save it on the server;

[0064] S2. After the user completes the APP installation, when the APP is activated for the first time, the APP starts the daemon process and calculates the summary value T2 of the current APP;

[0065] S3. When the user uses the APP, the APP prompts the user to perform some product process operations that will inevitably upload pictures (such as uploading avatars, setting background pictures, etc.), and the pictures generated during this process are recorded as P1; this picture is the normal use of the user When applying, apply the image ...

Embodiment 2

[0074] Corresponding to the method of the client, this embodiment provides a device for verifying the integrity of the application program, including:

[0075] The installation unit is used to download and install the current application program;

[0076] The verification code calculation unit is configured to activate the current application program and calculate the verification code of the current application program; preferably, the verification code is a summary value generated based on the core file and the resource file of the application program running.

[0077]a first prompting unit, configured to prompt the user to upload the first picture;

[0078] The image transformation unit is configured to acquire the first picture and perform image transformation on it to obtain the first frequency domain matrix; preferably, the image transformation is discrete cosine transformation.

[0079] An encryption and replacement unit, configured to encrypt the check code of the cur...

Embodiment 3

[0085] Corresponding to the method at the server end, this embodiment provides a device for verifying the integrity of an application program, including:

[0086] The recording unit is used to record and save the verification code of the legal application;

[0087] The image transformation unit is used to receive the picture uploaded by the client and perform image transformation; the image transformation is discrete cosine transform.

[0088] The check code extracting unit is used to extract the encrypted check code in the picture; the encrypted check code is obtained by encrypting the abstract value generated based on the core file and the resource file of the current application program.

[0089] The decryption unit is configured to decrypt the encrypted check code to obtain the check code of the current application; the check code is a summary value generated based on the core file and the resource file of the application program.

[0090] The comparison unit is configure...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for detecting tampered applications, including: calculating a verification code of the application installed on the terminal; after the application is started, obtaining the first image associated with the upload operation of the application , the upload operation is triggered by the use of the application function; use the verification code to process the data of the first image, and generate a second image according to the processed data, the visual effect of the second image is consistent with the similar to the first image; providing the second image to the server. The server compares whether the verification code obtained after the image transformation is the same as the official verification code to judge the legitimacy of the current application. The advantage of the present invention is that: the verification code of the APP is hidden in the normal user data for reporting, thus avoiding the process of the integrity verification by hackers.

Description

technical field [0001] The invention belongs to the technical field of mobile Internet, and in particular relates to a method and a device for detecting tampered applications on a mobile intelligent terminal with concealment capability. Background technique [0002] At present, counterfeit APPs on mobile terminals are relatively common. Counterfeit APPs will affect user privacy and user experience. Therefore, it is necessary to verify the integrity of the APP. If the APP is illegally tampered with, a judgment should be made on the server side to prohibit counterfeiting. APP usage function. [0003] Specifically, because the local application deployment is separated from the communication with the application platform server, this makes some of its security risks highlighted. Generally speaking, there are the following security issues: [0004] (1) App source cannot be guaranteed. [0005] The application installation files stored in the large-capacity area are stored on th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/565G06F21/56
Inventor 胡晨鹏
Owner SHANGHAI ZHANGMEN TECH