Android应用自动安全加固关键技术的设计与实现
发布时间:2018-09-10 21:15
【摘要】:Android系统发布以来,以其基于Linux内核、开放源码的特性,迅速得到广大开发者以及许多厂商的支持,基于Android平台的应用程序数目飞速增长,Android应用的功能也日益丰富。Android系统几年间发展迅猛,已经占据了移动平台领域84%以上的市场份额,并且还在不断扩大,用户在享受移动终端带来的便利的同时也面临着越来越多的安全风险,例如越权广告、隐私窃取等。近年来针对Android平台的应用的攻击越来越多,不仅损害了开发者的利益,也威胁着用户的隐私和财产安全。本文主要研究了 Android平台的应用安全保护方法,指出Android应用现面临的威胁,设计并实现了一套Android应用自动加固保护方案,能够对任意应用进行加固的同时不影响原应用的功能,保证应用的安全。本文的主要工作如下:1.介绍Android平台系统框架,提出Android应用如今常面临的威胁,结合近期已知的攻击案例,分析总结Android应用安全需求。2.根据Android应用安全需求,设计一套应用保护方案,结合在线认证、代码混淆、完整性校验、软件加壳、二次加载、防动态调试等多种技术,为Android应用提供保护,防止攻击者对应用进行篡改、逆向和调试。3.根据提出的保护方案,实现了一个针对Android应用的保护系统,该系统对Android应用提供有效的保护手段,包括对Android应用的防篡改、防调试、防逆向等。
[Abstract]:Since the release of Android system, with its Linux kernel and open source features, it has been quickly supported by many developers and many vendors. The number of applications based on the Android platform is increasing rapidly. The Android system has developed rapidly in recent years, accounting for more than 84% of the market in the mobile platform field and is still expanding. Users are facing more and more security risks while enjoying the convenience brought by mobile terminals, such as ultra vires advertising, privacy theft and so on. In recent years, there are more and more attacks on the application of Android platform, which not only damages the interests of developers, but also threatens the privacy and property security of users. This paper mainly studies the application security protection method of Android platform, points out the threat to Android application, designs and implements a set of automatic reinforcement and protection scheme for Android application, which can reinforce any application without affecting the function of the original application. Ensure application security. The main work of this paper is as follows: 1. This paper introduces the system framework of Android platform, puts forward the threats that Android applications often face now, and analyzes and summarizes the security requirements of Android applications. 2. Combined with the known attack cases in recent years, this paper analyzes and summarizes the security requirements of Android applications. According to the security requirement of Android application, a set of application protection scheme is designed, which combines online authentication, code confusion, integrity check, software shell, secondary loading, anti-dynamic debugging and other technologies to provide protection for Android applications. Prevent attackers from tampering, reversing, and debugging applications. According to the proposed protection scheme, a protection system for Android applications is implemented. The system provides effective protection for Android applications, including anti-tampering, anti-debugging and anti-reverse of Android applications.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP316;TP309
[Abstract]:Since the release of Android system, with its Linux kernel and open source features, it has been quickly supported by many developers and many vendors. The number of applications based on the Android platform is increasing rapidly. The Android system has developed rapidly in recent years, accounting for more than 84% of the market in the mobile platform field and is still expanding. Users are facing more and more security risks while enjoying the convenience brought by mobile terminals, such as ultra vires advertising, privacy theft and so on. In recent years, there are more and more attacks on the application of Android platform, which not only damages the interests of developers, but also threatens the privacy and property security of users. This paper mainly studies the application security protection method of Android platform, points out the threat to Android application, designs and implements a set of automatic reinforcement and protection scheme for Android application, which can reinforce any application without affecting the function of the original application. Ensure application security. The main work of this paper is as follows: 1. This paper introduces the system framework of Android platform, puts forward the threats that Android applications often face now, and analyzes and summarizes the security requirements of Android applications. 2. Combined with the known attack cases in recent years, this paper analyzes and summarizes the security requirements of Android applications. According to the security requirement of Android application, a set of application protection scheme is designed, which combines online authentication, code confusion, integrity check, software shell, secondary loading, anti-dynamic debugging and other technologies to provide protection for Android applications. Prevent attackers from tampering, reversing, and debugging applications. According to the proposed protection scheme, a protection system for Android applications is implemented. The system provides effective protection for Android applications, including anti-tampering, anti-debugging and anti-reverse of Android applications.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP316;TP309
【相似文献】
相关期刊论文 前10条
1 袁萌;;Android计划为什么要悬赏1000万[J];信息系统工程;2007年12期
2 林耕宇;;观摩50名Google Android程序开发竞赛作品[J];电子与电脑;2008年08期
3 树子;;Android中文版不完全体验[J];互联网天地;2009年04期
4 Jason Whitmire;;产业软件专家如何协助解决Android的分裂困境[J];电子与电脑;2010年02期
5 蒋彬;;10款Android手机必备应用——Android操作系下的软件评测[J];微电脑世界;2010年04期
6 ;PCWorld Windows Phone 7挑战Android 毅然崛起的AndroidⅠ洗心革面的Windows Phone 7[J];微电脑世界;2010年08期
7 韩青;;Android平台发展的动力与挑战[J];中国电子商情(基础电子);2010年09期
8 方智勇;;Android手机这样用[J];电脑迷;2010年15期
9 缺少浪漫;;Android的另一面[J];电脑迷;2010年13期
10 ;ZTE and Three Release Android ,
本文编号:2235630
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2235630.html
