北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2015, Vol. 38 ›› Issue (1): 21-25.doi: 10.13190/j.jbupt.2015.01.004

• 论文 • 上一篇    下一篇

增强本地代码安全性的Android软件保护方法

张鹏1,2, 张文1, 牛少彰1, 黄振鹏1   

  1. 1. 北京邮电大学 智能通信软件与多媒体北京市重点实验室, 北京 100876;
    2. 宁夏大学 物理电气信息学院, 银川 750021
  • 收稿日期:2014-03-18 出版日期:2015-02-28 发布日期:2015-03-30
  • 作者简介:张鹏(1980—),男,博士生,E-mail:longbow27@163.com;牛少彰(1963—),男,教授,博士生导师.
  • 基金资助:

    国家自然科学基金项目(61070207,61370195);北京市自然科学基金项目(4132060);"十二五"国家密码发展基金密码理论课题(MMJJ201201002)

Android Software Protection Method by Enhancing Security of Native Programs

ZHANG Peng1,2, ZHANG Wen1, NIU Shao-zhang1, HUANG Zhen-peng1   

  1. 1. Beijing Key Laboratory of Intelligent Telecommunication Software and Multimedia, Beijing University of Posts and Telecommunications, Beijing 100876, China;
    2. School of Physics Electrical Engineering, Ningxia University, Yinchuan 750021, China
  • Received:2014-03-18 Online:2015-02-28 Published:2015-03-30

摘要:

目前针对Android平台的软件保护大多集中在如何保护Dalvik字节码程序,对于本地代码程序的安全性还没有引起人们足够的重视. 为了阻止攻击者对本地代码的破坏,设计实现了一种Android平台本地代码保护方法. 在原始代码中插入多个冗余数据和完整性校验代码,并且对编译后的程序进行加密,使本地代码具备了抵抗攻击者静态分析和动态篡改的能力. 实验结果表明,该方法可以在攻击者对本地代码进行篡改时及时地发现篡改行为,从而有效地保护Android平台本地代码,增强整个应用软件的安全性.

关键词: Android, 软件保护, 完整性校验, 代码加密, 本地代码

Abstract:

Most research of Android software protection focuses on how to protect the Dalvik bytecode program. However, the security of native program has not been paid enough attention. In order to prevent possible attacks for Android native program, a protecting method was proposed. By inserting multiple redundant data and integrity check code into the source code, the native program will have abilities to resist dynamic tampering. It also can resist disassembling attack by combining with code encryption technology. Experiment shows that this method can protect the Android native program effectively when attacker tries to crack it by dynamically altering program code or disassembling the program.

Key words: Android, software protection, integrity verification, code encryption, native program

中图分类号: