| :With the rapid development of mobile internet in recent years, it has become one of main forms of internet, which has lots of applications and broad development. However, the security situation of mobile internet is not so optimistic. Smart phone, as one of main user terminal, is threatened by many potential problems, such as the safety of information transmission through smart phone, many unknown virus and so on.In this article, we focus on the key technology of user terminal security in mobile internet. The potential security threats in point to point communication through Smartphone, protection of mobile phone platform, reinforcing application software of Smartphone are studied. Some solutions are also proposed and demonstrated in this article.The Paper's innovation is reflected in three parts, the mobile terminal data communications security, the terminal system security and the terminal software security reinforcement, were achieved for the platform as Android and Windows Mobile (referred to as WM).(1) Mobile terminal data communications security, for the data services such as MMS, Internet surfing and so on. It is a problem because of the transmission data packets are expressly. The article proposed the solutions to protect the data security. It is concreted realization of the encryption in MMS send and receives in the end to end. For example, the MMS resource packet is encrypted in the section of the accessories, sent by the mobile terminal and another mobile terminal received and decrypted, in order to achieve the end to end communications security.(2) Mobile terminal system security is based on two different characteristics of mobile terminal operation system, mobile application software for the current potential security threat, were presented in the two phones as active defense and the "third-party signature protection" two solutions the program. In the WM, based on the specific realization of the theoretical basis for intrusion detection and prevention, to achieve the WM active defense system intercepted phone software can be a potential threat. In the Android phone, it is a concrete realization of APK tampering attacks launched against the attack exploited a lack of integrity protection APK defects, the introduction of a run-time protection of the "third-party signature protection" to prevent the APK tampering attacks.(3) The reinforcement of mobile phone software platform is based on phone software to protect data stored in security, integrity of thought, for the current lack of mobile phone software against reverse engineering problems, analysis of proposed anti-static, anti-dynamic debugging solution. It concrete realization of the two mobile phones, namely the application in WM and Android application installation package NDK module packers processing. And use of the two mobile operating system features, respectively, in WM and Android phones, to achieve a breakpoint set to monitor and track verification, in order to achieve dynamic software anti-debugging. |
PDF Full Text Request