Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, system and related device for acquiring Android application primary layer code

A code and target application technology, applied in computer security devices, program code conversion, decompilation/disassembly, etc., can solve problems such as low survival rate, insufficient time to obtain decrypted code, and difficulty in escaping antivirus software interception, etc. , to achieve high accuracy and improve acquisition efficiency

Active Publication Date: 2018-07-06
广州汇智通信技术有限公司
View PDF3 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Since the birth of the Android (also known as Android) system, software security issues have been criticized by the majority of developers. On the one hand, many hard-developed applications have been cracked to obtain source codes through reverse engineering, and secondary packaging and packaging; On the one hand, the internal code logic of many simple viruses and Trojan horses is also easily obtained by virus analysts, resulting in low survival rates and difficulty in escaping the interception of anti-virus software.
[0004] In addition to routine automatic detection, it is still necessary to manually analyze some applications that are difficult to judge malicious applications after using encryption technology. The industry now uses the dd command that comes with the Linux system (the function of this command is to use a specified size Block copy a file, and perform specified conversion while copying) DUMP the decrypted code (an operation of copying the memory image in the software process, that is, the memory data) when the target application is running, this method can To a certain extent, it helps malicious application analysts to obtain the decrypted code, but because the timing of this technology to obtain the decrypted code is not early enough, in the face of some anti-dump operations or the code will be re-dumped after running Very weak when encrypted malicious applications

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, system and related device for acquiring Android application primary layer code
  • Method, system and related device for acquiring Android application primary layer code
  • Method, system and related device for acquiring Android application primary layer code

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] In view of the fact that the existing decrypted code acquisition method cannot achieve the purpose of accurately obtaining the decrypted code, it will waste the time of analysts and even lead to erroneous analysis results. Therefore, this application re-examines the running process of the Android application, and aims to provide a method that can overcome various technical defects existing in the prior art starting from the bottom layer of the running of the Android system. Here is a brief background description of the running process of the Android application on the Android system:

[0044] Linker is the loading / linker of the Android system, mainly used to realize the loading and linking of the shared library. The shared library is a collection of functions that may be called and used by various applications running on the Android system. Common components are convenient for the calling of various applications, just like the environment components we need to install a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for obtaining an Android application primary layer code. The method starts with Linker which needs to be used when all Android applications are operated normally and has high accuracy; by utilizing the reverse compilation technology, combining with default key string, the initialization function contained is determined. In order to finally determine whether the initialization function is called to decrypt the encrypted code, and the DUMP operation is performed immediately after the decryption is complete, the decrypted code can be intercepted in advance beforethe target application executes the anti-DUMP operation and the secondary encryption, so that the encryption code self-decryption process of the malicious application itself is fully utilized, manualdecryption is not needed, and the code acquisition efficiency after decryption can be remarkably improved. The method also discloses a system, a device and a computer-readable storage medium for obtaining Android application primary layer code and has the advantageous effect.

Description

technical field [0001] The present application relates to the technical field of obtaining application running codes, and in particular to a method, system, device and computer-readable storage medium for obtaining native layer codes of Android applications. Background technique [0002] Since the birth of the Android (also known as Android) system, software security issues have been criticized by the majority of developers. On the one hand, many hard-developed applications have been cracked to obtain source codes through reverse engineering, and secondary packaging and packaging; On the one hand, the internal code logic of many simple virus and Trojan horses is also easily obtained by virus analysts, resulting in low survival rates and difficulty in escaping the interception of anti-virus software. [0003] In this context, some virus developers move the internal code logic from the Java layer, which is easily decompiled and cracked by reverse engineering, to the native lay...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F8/53G06F8/74G06F21/56
CPCG06F8/53G06F8/74G06F21/563G06F2221/033
Inventor 陈凯佳黄河昌黄昌金
Owner 广州汇智通信技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com