|
|||||
|
|
| 面向Android应用程序的代码保护方法研究 | |
| 引用本文: | 徐剑,武爽,孙琦,周福才.面向Android应用程序的代码保护方法研究[J].信息网络安全,2014(10):11-17. |
| 作者姓名: | 徐剑 武爽 孙琦 周福才 |
| 作者单位: | 1. 东北大学软件学院,辽宁沈阳110819;中国科学院信息工程研究所信息安全国家重点实验室,北京100093 2. 公安边防部队广州指挥学校,广东广州,510663 3. 东北大学软件学院,辽宁沈阳,110819 |
| 基金项目: | 国家科技重大专项基金[2013ZX03002006]、辽宁省科技攻关项目[2013217004]、辽宁省博士启动基金[20141012]、中央高校基本科研业务费专项资金 |
| 摘 要: | 近年来,Android操作系统快速发展,逐渐成为移动设备最常用的操作系统之一.与此同时,Android系统的安全问题也日益明显.由于Android系统自身的安全体系不够健全以及Android应用代码保护方法缺失,大量Android应用面临逆向工程、盗版、恶意代码植入等威胁.文章针对Android应用所面临的这些安全问题进行分析,并指出问题存在的原因.在此基础上,设计了一个完整的Android应用程序代码保护方法,该方法由PC端处理模块、Android端处理模块以及Android代码开发规范构成.为使该方法更具可操作性,文章还给出了一些关键技术的实现,包括基于AES算法的加密保护、伪加密、加壳、代码混淆以及特殊编码规则等.文章提出的面向Android应用程序的代码保护方法借鉴了传统的保护方法,结合Android系统的自身特性,采用文件加密、代码混淆、反动态调试、完整性校验以及加壳等技术,从对抗静态攻击和对抗动态调试两个方面提高了应用抗攻击的能力.因此,该方法不仅具有一定的理论意义,还具有一定的实际应用价值. |
| 关 键 词: | Android应用程序 代码保护 逆向工程 |
Research on Code Protection Method for Android Applications |
|
| XU Jian,WU Shuang,SUN Qi,ZHOU Fu-cai.Research on Code Protection Method for Android Applications[J].Netinfo Security,2014(10):11-17. | |
| Authors: | XU Jian WU Shuang SUN Qi ZHOU Fu-cai |
| Affiliation: | XU Jian, WU Shuang, SUN Qi, ZHOU Fu-cai (1. Software College, Northeastern University, Shenyang Liaoning 110819,China; 2.State Key Laboratory of Information Security, Institute of lnformation Engineering, Chinese Academy of Sciences, Beijing 100093,China; 3. Guangzhou Command School of The Public Security Border Forces, Guangzhou Guangdong 510663,China) |
| Abstract: | Android is gaining its popularity in recent years and it has become one of the most common operating systems for mobile devices. However, security problems of Android system appear to be increasingly severe. Due to the fact that security mechanism of Android is not perfect and the protection methods of Android application codes are insufficient, a vast majority of Android applications are confronted with reverse engineering, software pirating and malware implantation threats. This paper analyzes the security problems of Android applications and also points out the reasons of these security problems. The code protection method for Android applications is also given in this paper. The method includes module on pc, module on Android and code development specification of Android applications. In order to make the method more maneuverability, this paper also gives the implementations of some key technologies in the method, which include the encryption protection based on AES algorithm, pseudo encryption, packer, code confusion and special coding rules etc. Integrating with some tradition code protection methods, the proposed method of Android application code protection makes uses of file encryption, code obfuscation, anti-debugging techniques, integrity checkout and packer techniques in order to enhance the abilities of counteracting the static attacks and dynamic debugging. Therefore, this method not only has a certain theoretical significance, but also has certain actual application value. |
| Keywords: | Android application code protection reverse engineering |
| 本文献已被 维普 万方数据 等数据库收录! | |