摘要
针对安卓应用容易被恶意逆向工程,引起代码注入、隐私数据泄露和侵害知识产权等安全问题.提出一种结合Java方法抽离和映射的代码混淆技术.其中,Java方法抽离利用了安卓Native化特性,将Java方法从DEX中抽离后封装到SO中.此外,Java方法映射对其指令操作码进行映射混淆构造不透明指令.随后通过Java方法注册和映射解释执行环境,对抽离映射混淆后的Java方法进行Native层的映射解释执行,确保混淆后的安卓应用运行逻辑的正确性.最后,从抗逆向工程有效性和运行性能两方面对安卓应用混淆效果进行实验.实验结果表明本文技术在不影响正常运行性能的情况下,具有良好的抵御逆向工程分析效果.
Currently,malicious reverse engineering of android applications is very easy,which results in security problems such as code injection,disclosure of privacy data and infringement of intellectual property. To address these problems,this paper proposes a code obfuscation technique based on separation and mapping of Java method. In which,the Java method is separated in DEX file,then encapsulated to SO file in native layer through native property of android application. Besides,the instruction operating code of Java method is obfuscated through Java method mapping to construct opaque instruction. Then,the obfuscated Java method is parsed by mapping interpreter in native layer through Java method registration and execution environment of mapping interpretation,which ensures the execution of obfuscated application correctly. At last,the test is performed from the aspects of anti-reverse engineering effectiveness and performance. The results of test show the proposed technique protects against reverse engineering effectively without affecting normal execution performance.
作者
乐德广
赵杰
龚声蓉
LE De-guang;ZHAO Jie;GONG Sheng-rong(School of Computer Science & Engineering, Changshu Institute of Technology, Changshu 215500, China;Suzhou Tongcheng Tourism Network Technology Co. , Ltd. , Suzhou 215123, China)
出处
《小型微型计算机系统》
CSCD
北大核心
2018年第7期1512-1517,共6页
Journal of Chinese Computer Systems
基金
江苏省产学研前瞻性联合研究基金项目(BY2016050-01)资助
江苏省科技计划基金项目(BK20160411)资助
关键词
安卓应用
逆向工程
代码混淆
字节码
Android application
reverse engineering
code obfuscation
byte code
