摘要
为解决Android手机获取Root权限系统安全性的降低,非Root授权下Android手机安全应用防护效果不理想的一系列问题,研究了ART运行时工作原理、Java反射机制和AOP原理,设计验证了一套免Root主动防御机制,避免了传统防护应用在系统内核层Hook系统关键函数需要Root授权带来的安全问题以及在应用层调用API效果不理想的现状,实现了对手机应用的敏感行为拦截,能够达到增强Android手机防护的效果。
In order to solve the problem that the system security is reduced through getting Root permission and that the security of Android smartphone is not effective without Root permission, the working principle of ART, the Java reflection mechanism and AOP principle were studied. The new mechanism was designed and implemented to avoid the security problem caused by the traditional protection application of Hooking system function in the kernel layer and the limitations with calling API in the application layer ineffectively. The interception of sensitive behavior and the protection of smartphone were both achieved.
出处
《网络与信息安全学报》
2016年第1期65-73,共9页
Chinese Journal of Network and Information Security
