期刊文献+

Android手机APK程序逆向分析取证 被引量:4

Reverse Analysis to Undertake Forensics into Mobile Phone-operated APK Program
下载PDF
导出
摘要 目前,新型电信诈骗案件中,使用手机恶意程序进行诈骗、网络赌博等违法犯罪的案件逐渐增多。本文将研究Android应用程序包(APK)取证方法,为网络诈骗案件侦查提供线索。本文对手机APK的结构、APK的提取方式、逆向工具分析、APK获取的权限进行了总结,并通过实际案例,从静态分析和动态分析两方面研究了手机APK的取证方法。静态分析是对证据进行固定,使用逆向分析工具对APK文件进行反编译,分析源码函数功能,找到回传邮箱,动态分析是通过安卓模拟器模拟手机APK和用Fiddler进行抓包测试,最终分析出APK的网络行为,并对涉案内容进行了证据固定。 Presently,illicit and maleficent cases are gradually increasing among the new telecom fraud crimes by way of mobile phone-implanted malicious programs to defraud and/or gamble online.Android application package(APK)was here parsed into electronic forensics so as to provide reference and impartation for investigation of relevant network fraud cases.The mobile phone-operated APK was therewith dissected into its structure,extraction method,reverse-analysis tool and access authorization.Through one actual case,the electronic forensics were probed into the mobile phone-running APK from both static and dynamic analysis.Static analysis was used to fix such the evidence that reverse-analysis tools can be deployed to decompile the APK file,analyze the source function plus its effect,and find the returned mailbox.The dynamic analysis was adopted to simulate the mobile phone-operated APK through an Android simulator,test the packet capture with Fiddler,unveil the network behavior of APK,and eventually fix the case-involved contents as evidence.
作者 戴芬 刘洪伟 樊婕 李璐 DAI Fen;LIU Hongwei;FAN Jie;LI Lu(Liaocheng Public Security Bureau,Liaocheng 252000,Shandong,China)
机构地区 聊城市公安局
出处 《刑事技术》 2021年第4期349-353,共5页 Forensic Science and Technology
关键词 电子取证 安卓系统 手机APK 逆向分析 electronic forensics Android system mobile phone-operating APK reverse analysis
  • 相关文献

参考文献3

二级参考文献20

  • 1张新宇,卿斯汉,马恒太,张楠,孙淑华,蒋建春.特洛伊木马隐藏技术研究[J].通信学报,2004,25(7):153-159. 被引量:43
  • 2罗洁,张国臣.谨防电子物证提取和检验中的“污染”[J].刑事技术,2007,32(2):43-43. 被引量:12
  • 3Katysovas T. A first look at Google Android[M].Free University ofBolzano,2008.12-26.
  • 4网秦安全公司.2012上半年全球手机安全报告[R]北京,2012.
  • 5Enck,William,Ongtang,Machigar McDaniel Patrick. Understanding Android Security[J].IEEE security &privacy,2009,(01):50-57.
  • 6Burns J. Developing Secure Mobile Applications for Android[R].Isec,2008.
  • 7Shin,Wook1,Kiyomoto,Shinsaku1 Fukushima Kazuhide1 Tanaka Toshiaki. A formal model to analyze the permission authorization and enforcement in the Android framework[M].IEEE Computer Society,2010.
  • 8C.Mulliner,G.Vigna,D.Dagon,W.Lee. Using labeling to prevent cross-service attacks against srnartphones[A].
  • 9D.P.Bovet;陈莉君.深入理解Linux内核(第三版)[M]北京:中国电力出版社,2007.
  • 10Butler J,Jeffrey L,John Pinkson. Hidden Processes:The Implication for Intrusion Detection[A].West Point,NY,2003.

共引文献16

同被引文献13

引证文献4

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部