Supercharge Your Innovation With Domain-Expert AI Agents!

Method and device for forensic analysis of application program

A technology of application program and reverse analysis, which is applied in the computer field, can solve problems such as inability to apply program forensic analysis, and achieve the effect of forensic analysis

Pending Publication Date: 2022-04-08
奇安盘古(上海)信息技术有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Such a forensics method limits the requirements of some forensic scenarios without a network, resulting in the inability to perform forensic analysis on applications in non-networked application scenarios

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for forensic analysis of application program
  • Method and device for forensic analysis of application program
  • Method and device for forensic analysis of application program

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to make the purpose, technical solutions and advantages of the present invention clearer, the technical solutions in the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the present invention. Obviously, the described embodiments are part of the embodiments of the present invention , but not all examples. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0036] At present, the decryption key of the database file of the Windows version of the application in the forensic analysis is obtained by connecting to the Internet. For example, the acquisition of the decryption key of the database file of the Windows version of a chat tool application is triggered by software simulation The login QR code of the chat tool, the account number of the chat t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method and a device for forensic analysis of an application program. The method comprises the following steps: acquiring a historical login account of the application program and a database file corresponding to the historical login account; determining a decryption key of the database file in a memory mirror image file corresponding to the application program through a reverse analysis method; and decrypting the database file based on the decryption key, obtaining record information corresponding to the historical login account, and completing forensic analysis of the application program. Therefore, evidence obtaining and analysis can be carried out on the application program under the condition that networking is not carried out.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a method and device for forensic analysis of application programs. Background technique [0002] In the prior art, in the method for forensic analysis of the application program, the database file is decrypted, and the decryption key is obtained by connecting to the Internet, and the forensic analysis of the application program is realized in a networked state. Such a forensics method limits the requirements of some forensics scenarios without a network, resulting in the inability to perform forensic analysis on applications in an application scenario without a network. Contents of the invention [0003] The invention provides a method and device for analyzing application program forensics, which realizes the application program forensic analysis without being connected to the Internet. [0004] In a first aspect, an embodiment of the present invention provides a method for ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/62
Inventor 王圣东李亚洲李小军
Owner 奇安盘古(上海)信息技术有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com