| Due to the features of open and portability and the better performance made by the manufacturers in the mobile phone open alliance, Android system now has the largest market share of smartphone operating systems. As an important tool in daily communication, mobile phones are carrying a lot of private information, which make Android applications become the ideal target of the attackers. At present, the protection technologies for Android applications are still weak, so they have to face with many serious hidden troubles, such as malicious alteration or pirate. It not only threated the privacy information and property safety of users,but also damaged the vested interests of developers. Therefore, the security problems of Android applications are becoming more and more important.At present, most of the security reinforcement methods for Android application include two steps: they encrypt the dex file firstly, then decrypt and dynamic load the dex file when the program starts running, and determine whether the program is under the state of being debugged depend on the specified characteristic value of system. To some extent, this method can resist the attacks on Android applications, but attackers can still obtain the complete decrypted dex file. To solve the above problems, the present thesis analyzed the main attacks on Android applications and the major defects of current reinforcement methods, and then proposed a security reinforcement scheme named ‘ApkProtect’. The main problems which can be solved by this scheme are described as follow:1. This thesis combines the static and dynamic defense, static defense can do the protection on the original code of Android applications and the shell code, dynamic defense can run through shell code, they are complementary to each other.2. This thesis implements static defense against dex files, so files and resource files. For dex file, proposed a reinforcement scheme which extract class method instruction at first, then encrypted the whole dex file, so as to prevent the attacker from doing an overall dump attack on dex file; for so file, the present thesis proposed a reinforcement scheme which encrypt the code of specified area and do a overall UPX compression, thus it can improve the security while reduce the size of so file; for resource file, we confuse the resource name to improve the difficulty of reverse and reduce the size of resource file.3. Dynamic defense mainly works on anti-debug and anti virtual machine technology. For anti-debug, the present thesis proposed a commissioning scheme named ‘active connection method’ to prevent the debugger from normally working, and realize anti-debugging ability of application; for anti virtual machine, the present thesis analyzed the shortage of current detecting techniques, and proposed a mobile phone temperature difference-based virtual machine detection technology.4. This thesis implements a security reinforcement system for Android applications, and strengthens the safety of the applications. The test results show that this system can successfully complete the reinforcement of applications, and can run successfully according to the original logic of the application; Besides, it can provide Andoid applications with new functions, such as extract method instruction, encryption, confusion, debugging and the virtual machine, enhance the security of application; Furthermore, the efficiency of application reinforcement is close to commercial reinforcement system. |
PDF Full Text Request