| With the development of Android platform, the number of applications based on Android system is increasing rapidly. In the Android application development process, the hook technology has been noticed and used to complete the application process, such as customization and software update by more and more developers, because it can make the applications easy to be integrated and updated. But most of the existing Android platform hook framework were designed focusing on the realization of the function and stability of the overall framework of hook, but did not delve into the framework of their own security, which led to the existence of security risks in the hook framework.In this paper, we focuse on the Android platform hook technology,summarizes the general realization principle of the current Android platform hook technology and the use of the existing Android platform hook framework through the principle analysis of the current Android platform framework layer hook technology; summarize the security thr-eats of the Xposed framework through the analysis of the implementation of Xposed and the analysis of the use of Xposed, we have designed and implemented a security framework of hook in the Android platform framework-layer hook. The main works of this paper are as follows:1. The realization of hook technology of Android platform framework layer is studied, and the realization principle of Java hook technology on Android platform and the implementation principle of native hook of Android platform is summarized.2. The Xposed framework is studied, which is the existing main hook framework on the Android platform. We analyze the using process of the framework and the implementation principle of framework. After the analyses, we summarizes the security risks of the framework which leads to the security framework X-Semo.3. Through the analyses of the Xposed framework, we design and implement the X-Semo framework, the security hook framework of the Android platform. On the one hand, X-Semo improves the security of the framework by secondary loader module, security module and so on. On the other hand, X-Semo achieves the hook function of the whole framework through the changes of the start process and so on.4. The functional testing and the security testing of X-Semo security framework are finished. The results show that the X-Semo framework proposed in this paper can complete the hook work for Android Application. What’s more, the X-Semo framework improves the security of the whole framework through the security monitoring of the custom module. |
