基于DexClassLoader的Android加固保护技术研究

发布时间：2018-11-06 09:34

【摘要】：Android系统已经成为移动端操作系统领军者,Android应用也以爆发式的飞速发展。伴随而来的则是隐藏在普通应用中的恶意应用,这些应用可能盗取个人隐私,恶意扣费,暴露账号信息等,对用户造成威胁。攻击者通过反编译获得应用源代码,向其中植入恶意代码生成恶意应用后再重打包分发,用户在不知情的情况下下载使用了这些伪装的应用将会导致危害发生。Android加固技术是针对这种威胁的有效防御措施,通过对应用源代码进行加壳保护可以防止黑客获取源代码实施攻击。本文首先分析了 Android加固的现状及现有加固技术的弊端,并针对弊端提出针对性改进的措施,设计并实现了安全高效的基于DexClassLoader的应用加固技术。本文所做的工作主要如下:1)介绍了 Android系统架构和应用程序结构、组件及应用程序启动流程,分析应用程序面临的主要威胁以及Android加固的有效性和必要性。2)介绍加固技术的概念,分析了现有的三种主流加固技术(基于UPX的加固技术、基于Dex嵌入的加固技术和基于DexClassLoader的传统加固技术)的实现流程,并从加固方案的广泛性、安全性和简洁性三个方面指出了它们各自的优点和缺陷。3)基于传统加固技术和所研究的关于Android原理和Android安全的相关技术,提出了针对Android应用程序的一整套新型的加固解决方案。4)对本文所提出的关键技术进行了技术研究和编程实现,包括对二进制Manifest的文件格式解析和加密,基于DexClassLoader原理的Dex文件内存型加载,Android加固防调试的模拟器检测技术,so库静态保护技术。最后本文设计并实现了基于DexClassloader的Android加固系统,通过和和传统加固技术进行实验对比,得出本文实现的应用加固解决方案比传统加固技术具有更广泛的平台和系统适用性,更强大的防破解安全保障以及更简洁的加固流程的结论。
[Abstract]:Android system has become the leader of mobile operating system, and Android application is developing rapidly. Along with it are malicious applications hidden in ordinary applications, which may steal personal privacy, maliciously withhold fees, expose account information, and pose a threat to users. An attacker obtains the application source code through decompilation, implants malicious code into it, generates a malicious application, and repackages and distributes, Using these camouflage applications without the user's knowledge can lead to harm. Android reinforcement is an effective defense against this threat. Through the application source code shell protection can prevent the hacker to obtain the source code to carry out the attack. This paper first analyzes the present situation of Android reinforcement and the disadvantages of existing reinforcement technology, and puts forward targeted improvement measures, and designs and implements a safe and efficient application reinforcement technology based on DexClassLoader. The main work of this paper is as follows: 1) introduce the Android system architecture and application program structure, components and application startup process, This paper analyzes the main threats faced by the application program and the effectiveness and necessity of Android reinforcement. 2) the concept of reinforcement technology is introduced, and three kinds of existing main reinforcement technologies (UPX based reinforcement technology, UPX based reinforcement technology) are analyzed. Based on the Dex embedded reinforcement technology and the traditional reinforcement technology based on DexClassLoader, the implementation process, and the extensiveness of the reinforcement scheme, The advantages and disadvantages of the three aspects of security and brevity are pointed out. 3) based on the traditional reinforcement technology and the related technologies about Android principle and Android security, A set of new reinforcement solutions for Android applications are proposed. 4) the key technologies proposed in this paper are studied and programmed, including the file format parsing and encryption of binary Manifest. Based on the principle of DexClassLoader, Dex file memory loading, Android strengthening and anti-debugging simulator detection technology, so library static protection technology. Finally, this paper designs and implements the Android reinforcement system based on DexClassloader. By comparing with the traditional reinforcement technology, it is concluded that the application reinforcement solution realized in this paper has more extensive platform and system applicability than the traditional reinforcement technology. More powerful anti-crack security and more concise reinforcement process conclusions.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：TP316;TP309

【参考文献】