摘要
基于Android操作系统智能手机应用程序的重打包由于其低成本、高收益等特性而成为了攻击者的首选。从软件分析的角度构造出特定的重打包行为作为数据样本,对目前流行的基于相似度和代码特性等开发的重打包检测系统进行分析与性能测试,并基于测试结果结合自解密代码和软件水印等技术设计一个改进的重打包防御框架。该框架不需要额外的数据集或原应用作比对,兼顾了针对重打包行为的自动防御以及软件开发者的版权所有权声明,增加了重打包攻击的难度,从而减少潜在重打包行为的发生。
The repackaging of smart phone applications based on Android operating system has become the first choice for attackers because of its low cost and high profit.This paper constructed specific repackaging behaviors as data samples from the perspective of software analysis,analyzed and tested the performance of the current popular repackaging detection system based on similarity and code characteristics.An improved repackaging defense framework was designed and implemented based on test results combined with the technology of self-decrypting code and software watermarking.The framework did not require additional data sets or original applications to compare,and both the automatic defense against repackaging behavior and the copyright ownership statement of software developers were taken into account,and increased the difficulty of repackaging attack,thus reducing the occurrence of potential repackaging behavior.
作者
刘天一
周延森
崔见泉
Liu Tianyi;Zhou Yansen;Cui Jianquan(School of Information Science and Technology,University of International Relations,Beijing 100091,China)
出处
《计算机应用与软件》
北大核心
2023年第7期7-12,17,共7页
Computer Applications and Software
基金
国际关系学院国家安全高精尖学科建设科研专项(2019GA38)。
