【摘要】：隨著安卓的迅速發(fā)展,安卓安全的問(wèn)題越來(lái)越受到大家的重視。安卓系統(tǒng)為使用者提供了諸多安全機(jī)制以保證用戶的財(cái)產(chǎn)安全,但卻忽略了保護(hù)安卓應(yīng)用開(kāi)發(fā)者的知識(shí)產(chǎn)權(quán)不受侵害。諸多僅使用安卓開(kāi)發(fā)工具進(jìn)行開(kāi)發(fā)的安卓應(yīng)用不能抵抗攻擊者的靜態(tài)分析、動(dòng)態(tài)調(diào)試等攻擊,容易被攻擊者獲取到實(shí)現(xiàn)代碼進(jìn)行攻擊,因此需要應(yīng)用加固系統(tǒng)對(duì)安卓應(yīng)用進(jìn)行處理,達(dá)到抵抗此類攻擊的效果。另外,為了提高安卓應(yīng)用的啟動(dòng)及執(zhí)行效率,安卓采取了一種新的應(yīng)用運(yùn)行模式ART模式,該模式與原有應(yīng)用運(yùn)行模式Dalvik模式兼容,但應(yīng)用的安裝、執(zhí)行過(guò)程,兩者均有所不同,使得采用原有安全加固技術(shù)加固后的應(yīng)用無(wú)法在ART模式下運(yùn)行,因此迫切需要對(duì)可支持兩種模式下的安全加固關(guān)鍵技術(shù)進(jìn)行研究。本文主要研究了 android應(yīng)用在Dalvik模式及ART模式下的具體運(yùn)行過(guò)程及其區(qū)別,分析了安卓應(yīng)用運(yùn)行時(shí)使用的字節(jié)碼及機(jī)器碼的文件格式,設(shè)計(jì)并實(shí)現(xiàn)了同時(shí)支持這兩種模式的安卓應(yīng)用加固系統(tǒng),滿足經(jīng)過(guò)應(yīng)用加固系統(tǒng)處理后的應(yīng)用可以在不同運(yùn)行模式下的安卓終端上成功運(yùn)行的需求。本文主要工作及成果如下:1、安卓應(yīng)用運(yùn)行模式分析。主要分析Dalvik及ART模式下應(yīng)用安裝、啟動(dòng)、執(zhí)行等步驟及其區(qū)別,對(duì)兩種模式下使用到的字節(jié)碼及機(jī)器碼文件格式進(jìn)行分析。2、安卓應(yīng)用加固方案設(shè)計(jì)。針對(duì)新的應(yīng)用運(yùn)行模式ART模式以及Dalvik模式,設(shè)計(jì)應(yīng)用加固方案,并將兩者進(jìn)行整合,使應(yīng)用加固方案達(dá)到較好的兼容性,兩種模式下均可正確運(yùn)行。同時(shí)加固方案將滿足抵抗靜態(tài)分析、動(dòng)態(tài)調(diào)試等攻擊。3、安卓應(yīng)用加固方案具體實(shí)現(xiàn)。具體設(shè)計(jì)并實(shí)現(xiàn)基于代理Application框架的殼模板,實(shí)現(xiàn)對(duì)字節(jié)碼文件的隱藏及加固邏輯的執(zhí)行。設(shè)計(jì)并實(shí)現(xiàn)兩種應(yīng)用運(yùn)行模式下應(yīng)用加固系統(tǒng)優(yōu)化文件的生成及動(dòng)態(tài)加載優(yōu)化文件,實(shí)現(xiàn)原應(yīng)用邏輯的調(diào)用和處理。經(jīng)測(cè)試所實(shí)現(xiàn)方案達(dá)到兩種應(yīng)用模式下成功運(yùn)行并較小影響原應(yīng)用性能的效果,同時(shí)保證了加固后應(yīng)用能抵抗靜態(tài)調(diào)試及動(dòng)態(tài)攻擊等攻擊。
[Abstract]:With the rapid development of Android, the issue of Android security has been paid more and more attention. Android provides users with many security mechanisms to ensure the security of users' property, but neglects to protect the intellectual property of Android application developers from infringement. Many Android applications developed only using Android development tools cannot resist attacks such as static analysis, dynamic debugging and other attacks by attackers, and can be easily acquired by attackers to attack the implementation code. Therefore, Android applications need to be treated with a reinforcement system to resist such attacks. In addition, in order to improve the startup and execution efficiency of Android applications, Android adopts a new application running mode ART mode, which is compatible with the original application running mode Dalvik mode, but the installation and execution process of the application are different. The application of the original safety reinforcement technology can not operate in ART mode, so it is urgent to study the key technology which can support the two modes of safety reinforcement. This paper mainly studies the running process and difference of android application in Dalvik mode and ART mode, and analyzes the file format of bytecode and machine code used in Android application. The Android application reinforcement system which supports these two modes is designed and implemented to meet the requirement that the application processed by the application reinforcement system can run successfully on Android terminals in different operating modes. The main work and achievements of this paper are as follows: 1. Android application running mode analysis. This paper mainly analyzes the steps and differences of application installation, startup and execution in Dalvik and ART modes, and analyzes the bytecode and machine code file format used in the two modes. 2. Android application reinforcement scheme design. Aiming at the new application operation mode ART mode and Dalvik mode, the application reinforcement scheme is designed and integrated, so that the application reinforcement scheme can achieve better compatibility, and both modes can run correctly. At the same time, the reinforcement scheme will be able to resist static analysis, dynamic debugging and other attacks. 3, Android application reinforcement scheme will be realized. The shell template based on proxy Application framework is designed and implemented to realize the hiding and reinforcement logic of bytecode file. This paper designs and implements the generation of optimization file and dynamic loading optimization file of application reinforcement system under two modes of application operation, and realizes the calling and processing of the original application logic. The tested scheme achieves the effect of successful operation under the two application modes and has little effect on the original application performance, and ensures that the strengthened application can resist static debugging and dynamic attacks.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2016
【分類號(hào)】：TP316;TP309

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 袁萌;;Android計(jì)劃為什么要懸賞1000萬(wàn)[J];信息系統(tǒng)工程;2007年12期

2 林耕宇;;觀摩50名Google Android程序開(kāi)發(fā)競(jìng)賽作品[J];電子與電腦;2008年08期

3 樹(shù)子;;Android中文版不完全體驗(yàn)[J];互聯(lián)網(wǎng)天地;2009年04期

4 Jason Whitmire;;產(chǎn)業(yè)軟件專家如何協(xié)助解決Android的分裂困境[J];電子與電腦;2010年02期

5 蔣彬;;10款A(yù)ndroid手機(jī)必備應(yīng)用——Android操作系下的軟件評(píng)測(cè)[J];微電腦世界;2010年04期

6 ;PCWorld Windows Phone 7挑戰(zhàn)Android 毅然崛起的AndroidⅠ洗心革面的Windows Phone 7[J];微電腦世界;2010年08期

7 韓青;;Android平臺(tái)發(fā)展的動(dòng)力與挑戰(zhàn)[J];中國(guó)電子商情(基礎(chǔ)電子);2010年09期

8 方智勇;;Android手機(jī)這樣用[J];電腦迷;2010年15期

9 缺少浪漫;;Android的另一面[J];電腦迷;2010年13期

10 ;ZTE and Three Release Android ，

本文編號(hào)：2473758