Android应用运行模式及安全技术研究

发布时间：2019-05-10 15:14

【摘要】：随着安卓的迅速发展,安卓安全的问题越来越受到大家的重视。安卓系统为使用者提供了诸多安全机制以保证用户的财产安全,但却忽略了保护安卓应用开发者的知识产权不受侵害。诸多仅使用安卓开发工具进行开发的安卓应用不能抵抗攻击者的静态分析、动态调试等攻击,容易被攻击者获取到实现代码进行攻击,因此需要应用加固系统对安卓应用进行处理,达到抵抗此类攻击的效果。另外,为了提高安卓应用的启动及执行效率,安卓采取了一种新的应用运行模式ART模式,该模式与原有应用运行模式Dalvik模式兼容,但应用的安装、执行过程,两者均有所不同,使得采用原有安全加固技术加固后的应用无法在ART模式下运行,因此迫切需要对可支持两种模式下的安全加固关键技术进行研究。本文主要研究了 android应用在Dalvik模式及ART模式下的具体运行过程及其区别,分析了安卓应用运行时使用的字节码及机器码的文件格式,设计并实现了同时支持这两种模式的安卓应用加固系统,满足经过应用加固系统处理后的应用可以在不同运行模式下的安卓终端上成功运行的需求。本文主要工作及成果如下:1、安卓应用运行模式分析。主要分析Dalvik及ART模式下应用安装、启动、执行等步骤及其区别,对两种模式下使用到的字节码及机器码文件格式进行分析。2、安卓应用加固方案设计。针对新的应用运行模式ART模式以及Dalvik模式,设计应用加固方案,并将两者进行整合,使应用加固方案达到较好的兼容性,两种模式下均可正确运行。同时加固方案将满足抵抗静态分析、动态调试等攻击。3、安卓应用加固方案具体实现。具体设计并实现基于代理Application框架的壳模板,实现对字节码文件的隐藏及加固逻辑的执行。设计并实现两种应用运行模式下应用加固系统优化文件的生成及动态加载优化文件,实现原应用逻辑的调用和处理。经测试所实现方案达到两种应用模式下成功运行并较小影响原应用性能的效果,同时保证了加固后应用能抵抗静态调试及动态攻击等攻击。
[Abstract]:With the rapid development of Android, the issue of Android security has been paid more and more attention. Android provides users with many security mechanisms to ensure the security of users' property, but neglects to protect the intellectual property of Android application developers from infringement. Many Android applications developed only using Android development tools cannot resist attacks such as static analysis, dynamic debugging and other attacks by attackers, and can be easily acquired by attackers to attack the implementation code. Therefore, Android applications need to be treated with a reinforcement system to resist such attacks. In addition, in order to improve the startup and execution efficiency of Android applications, Android adopts a new application running mode ART mode, which is compatible with the original application running mode Dalvik mode, but the installation and execution process of the application are different. The application of the original safety reinforcement technology can not operate in ART mode, so it is urgent to study the key technology which can support the two modes of safety reinforcement. This paper mainly studies the running process and difference of android application in Dalvik mode and ART mode, and analyzes the file format of bytecode and machine code used in Android application. The Android application reinforcement system which supports these two modes is designed and implemented to meet the requirement that the application processed by the application reinforcement system can run successfully on Android terminals in different operating modes. The main work and achievements of this paper are as follows: 1. Android application running mode analysis. This paper mainly analyzes the steps and differences of application installation, startup and execution in Dalvik and ART modes, and analyzes the bytecode and machine code file format used in the two modes. 2. Android application reinforcement scheme design. Aiming at the new application operation mode ART mode and Dalvik mode, the application reinforcement scheme is designed and integrated, so that the application reinforcement scheme can achieve better compatibility, and both modes can run correctly. At the same time, the reinforcement scheme will be able to resist static analysis, dynamic debugging and other attacks. 3, Android application reinforcement scheme will be realized. The shell template based on proxy Application framework is designed and implemented to realize the hiding and reinforcement logic of bytecode file. This paper designs and implements the generation of optimization file and dynamic loading optimization file of application reinforcement system under two modes of application operation, and realizes the calling and processing of the original application logic. The tested scheme achieves the effect of successful operation under the two application modes and has little effect on the original application performance, and ensures that the strengthened application can resist static debugging and dynamic attacks.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：TP316;TP309

【相似文献】