Research On Software Protection Of Smart Mobile Devices

In recent years, with the rapid development of Android, it has become one of the most popular operating systems in mobile intelligent terminals.The number of users and applications based on Android is dramatically increasing, but at the same time it brings a lot of security issues.The attckers decompile popular applications and steal source code of these applications, then insert malicious code and repack the malwares.Due to the bad management of Android application markets, the malwares can spread rapidly, which brings great threats to Android users.Based on the above background, this thesis put forward a method to protect Android software.This method is designed to secure the applications, improve the application’s capability to resist attacks, and prevent the source code from being tampered, as a result to protect the interests of Android developers and users.The main accomplishments of this thesis are as follows:(1) The thesis firstly analyzes the sandbox, permission and signature mechanisms of Android, and then summarize the common means of attack and defense, and analyze deficiencies of the existing techniques.(2) Focused on the limit of Android system, a modified watermarking algorithm apply to Android platform is proposed.The algorithm embeds watermarking into the program slicing, and then encrypt the slicing file.Several testing softwares are developed to test the invisibility, robustness and overhead of the watermarking algorithm.Experimental results show that embedding watermark increases little overhead to the software.(3) As required the thesis designs and realizes a software protection scheme for Android applications, in order to protect the copyright and source code of Android softwares at the same time. The scheme consists of three main modules, including software copyright protection, static tamper-proof and dynamic tamper-proof.Copyright protection module is realized based on the above watermarking algorithm;the static tamper-proof module is aimed at preventing attackers from stealing source code while the software is out of running; dynamic tamper-proof module is designed to prevent attackers from debugging softwares by calling ptrce function.(3) Several testing softwares are developed to test the correctness and the anti-attacking ability of the software protection scheme, and then analyze the overhead of the scheme, including memory occupation, installation time and startup time.Experimental results show that the scheme realizes Android software protection within the acceptable range in overhead.