基于完整性校验的Android应用反调试方案研究
首发时间:2020-03-13
摘要:钩子技术是被攻击者频繁利用对Android应用进行恶意动态调试分析的动态插桩技术,因此,如何能够较好地检测出目标程序代码是否被钩子技术劫持,以保护目标Android应用的安全,已经成为了移动安全研究员们的一个研究课题。为了解决Android应用本地代码被攻击者恶意调试的问题,本文采用了基于完整性校验的检测方案,该方案通过在不同层次对校验点进行完整性校验,以更好地保护目标程序代码执行期间的安全。实验表明,本文提出的方案能够对通用的Android本地代码钩子技术进行精确检测,进而保护Android应用的安全。
关键词: 信息安全 Android应用安全 反调试 完整性校验 钩子检测
For information in English, please click here
Research on Anti-debugging Scheme of Android Application Based on Integrity Verification
Abstract:Hooking is a dynamic instrumentation technology that is frequently used by attackers to conduct malicious dynamic debugginganalysis of android applications.Therefore,how to detect whether the target code is hijacked by hooking technology toprotect the security of the android applications has become a research topic for mobile security researchers.In order to solve the problem of malicious debugging analysis of android applications\' native code by attackers,this paper adopts a detection scheme based on integrity verification,which can better protect the security of target code during execution by verifying the integrity of checkpoints at different levels.Experiments show that,the scheme proposed in this thesis can accurately detect the general android native code hooking technology and further protect the security of android applications.
Keywords: Information Security Android Application Security Anti debugging Integrity Verification Hooking Detection
基金:
引用
No.****
同行评议
勘误表
基于完整性校验的Android应用反调试方案研究
评论
全部评论0/1000