Research And Implementation Of Android Application Security Hardening Technology

With the rapid development of mobile Internet promoting the prosperity of smart phone applications,Android system quickly gains the largest market share of smart phone systems due to its open source features.However,Android applications face diversified serious security threats,including reverse tampering and so forth,not only leading to users' concerning about privacy and assets,but also damaging application developers' legitimate rights.Meanwhile,how to effectively protect Android applications has become a hot topic in the context of mobile security.The traditional methods of application reinforcement of Android include re-packing detection,code confusion,self-checking.Although these methods have achieved certain results,they generally encounter couples of problems such as fixed principle and vulnerableness to attackers.Packed,as an effective anti-reverse technology,has been widely concerned,gradually becoming the trend of Android application security consolidation.However,on the condition that the current mainstream classloader-based and approach based on the replacement shell technology has emerged in the automatic shell cracking program,a more secure reinforcement technology is warranted.To tackle these issues,this paper proposes an Android application protection approach based on the custom virtual machine,on the basis of in-depth studies of both the security of Android and the protection techniques of virtual machines.Besides,this study designs an Android application security reinforcement system,combined with other security reinforcement techniques.The main work is as follows:(1)Research and analysis Android system security mechanism,common types of attack on Android applications,and existing Android application reinforcement technology.In addition,this study edits the main current attack means and decides to begin with reverse analysis of Android applications and memory attacks of DUMP.Most importantly,this study investigates and accesses to the technical routes and ideas on the basis of Android application protection method based on the custom virtual machine.(2)Propose an Android application protection method based on the custom virtual machine.First and foremost,in terms of key codes of Android application,this study extracts the instructions via static analysis technology.As for Dalvik instructions which are hard to resist memory analyzing,this paper randomly transforms instructions of key codes into custom instruction formats according to instruction operand group.When it comes to the same semantic virtual instructions derived from mapping,a self-defined bytecode interpreter of customized virtual machines operates and explains execution engine.Thus,on the premise of achieving semantics of original Android applications,the reverse analysis and memory attacks aiming at Android applications can be avoided as much as possible.(3)A prototype of Android application security reinforcement system was designed and implemented,base on virtual machine customization and other security enhancement technology,it can achieve Android application security with instruction-level,effective against Android application reverse and memory attacks;using anti-debugging and signature verification and other technical means to effectively prevent the debugging attack and re-packing attack.(4)Theoretical analysis and experimental results show that the proposed method and the system can effectively achieve the Android application instruction-level code confusion,and improve the unreadability of the code effectively,and thus increase the difficulty of the reverse analysis of the attacker at lower cost of time and space overhead.achieving reinforcement for Android applications.