Research And Implementation Of Android Application Reinforcement Based On DEX Reconstruction And Virtual Protection

Since its inception in November 2007,Android has become one of the hottest mobile development platforms,and the number of applications based on this platform has grown rapidly.However,with the rapid development of the mobile market,all kinds of application security issues are endless,including Android application of the second package,reverse crack and other issues is particularly prominent,it is a serious threat to the legitimate rights and interests of developers and users of information security.Therefore,the study of Android application reinforcement is very necessary.DEX is APK(Android Package,Android application installation package)in the executable file,it is easy to be decompiled into a highly readable Java code.For this,developers in order to prevent the application by others reverse crack,usually based on dynamic loading mechanism and function hook technology to protect the shell DEX,although this technology can give the original application with a layer of protective shell,but there are ways to its shelling crack.Based on the above problems,this paper studies the application of Android reinforcement technology.Firstly,DEX reconstruction technique is used to analyze and verify the shortcomings of DEX shell,and then a set of DEX virtual protection scheme is designed and implemented to reinforce the application.The main work of this thesis is as follows:Firstly,the operation mechanism and the threats of Android application are analyzed from the Android system architecture.The threats include:secondary packaging,reverse cracking,injection attack,and analysis of DEX file structure and Android application At the time of operation,the Dalvik virtual machine parses the DEX way.Then,the DEX reconstruction technique and the class active loading mechanism are used to unshell.On the basis of this,aiming at the shortcomings of dynamic loading and loading technology,a reinforcement scheme for virtual protection of key instruction is designed and implemented.The program uses the form of a custom virtual machine to replace the string assignment instruction,the data operation instruction and the method call instruction,and encrypts the instructions using the encryption algorithm,and the virtual machine in the SO file decrypts and parses instruction.Based on the above research,this paper not only validates the problems existing in the general shelling technology,but also completes the research and implementation of the virtual protection of DEX.