發(fā)布時(shí)間：2018-03-09 06:22

  本文選題：Android安全　切入點(diǎn)：白盒AES　出處：《北京郵電大學(xué)》2015年碩士論文　論文類型：學(xué)位論文

【摘要】：自從Android系統(tǒng)發(fā)布以來,由于其基于Linux和開源性等特點(diǎn)受到了全世界廣泛的關(guān)注,目前已經(jīng)成為世界上最流行的手機(jī)操作系統(tǒng)之一。而隨著Android系統(tǒng)的應(yīng)用越來越廣泛,其安全問題日益突出,目前Android的安全在很大程度上是其應(yīng)用程序的安全,很多軟件可以很容易地被破解,并插入廣告或者惡意代碼,嚴(yán)重?fù)p害了廣大開發(fā)者和用戶的權(quán)益。 本文首先分析了目前Android應(yīng)用程序面臨的威脅,針對(duì)這些威脅提出了對(duì)應(yīng)的安全保護(hù)技術(shù),基于這些安全保護(hù)技術(shù)設(shè)計(jì)并實(shí)現(xiàn)了一個(gè)對(duì)Android應(yīng)用程序進(jìn)行加密保護(hù)的系統(tǒng)。 論文所做的主要工作成果如下： 1.本文提出了兩種適合運(yùn)行在移動(dòng)智能終端的白盒加密算法：白盒AES和白盒CLEFIA,算法利用了拆分密鑰并添加隨機(jī)數(shù)的方法縮小了白盒查找表的體積,提高了算法的執(zhí)行效率,為本文接下來介紹的軟件加密方法提供安全高效率的算法解決方案。 2.本文針對(duì)目前Android應(yīng)用程序面臨的威脅,分別研究了對(duì)Android應(yīng)用程序中的可執(zhí)行文件dex和so進(jìn)行保護(hù)的方法,通過分析系統(tǒng)源碼,開發(fā)出了一套對(duì)應(yīng)用程序的自定義加載器,在應(yīng)用程序運(yùn)行時(shí)釋放并在內(nèi)存中加載受保護(hù)數(shù)據(jù),避免了攻擊者輕易獲得受保護(hù)數(shù)據(jù)。 3.最后,基于以上提出的技術(shù),本文設(shè)計(jì)并實(shí)現(xiàn)了一種基于白盒加密算法的軟件保護(hù)框架,并對(duì)保護(hù)前后的APK進(jìn)行了效率和安全性測(cè)試,可以得出,經(jīng)過保護(hù)后的軟件在一定程度上抵御了逆向攻擊。
[Abstract]:Since the release of Android system, because of its characteristics of Linux and open source, it has become one of the most popular mobile phone operating systems in the world, and with the application of Android system is more and more widespread. The security problem of Android is becoming more and more serious. At present, the security of Android is to a large extent the security of its application program. Many software can be easily cracked and inserted into advertisement or malicious code, which seriously damages the rights and interests of developers and users. In this paper, the threats to Android applications are analyzed, and the corresponding security protection technologies are proposed. Based on these security technologies, a system for encrypting and protecting Android applications is designed and implemented. The main achievements of the thesis are as follows:. 1. This paper presents two white box encryption algorithms for mobile intelligent terminals: White box AES and white box CLEFIA. The algorithm reduces the size of the white box lookup table and improves the efficiency of the algorithm by splitting the key and adding the random number. This paper introduces the software encryption method to provide a secure and efficient algorithm solution. 2. Aiming at the threat of Android application at present, this paper studies the methods of protecting the executable file dex and so in Android application. By analyzing the source code of the system, a set of custom loader for the application is developed. Frees and loads protected data in memory at application run time, avoiding easy access to protected data. 3. Finally, based on the above technology, this paper designs and implements a software protection framework based on white box encryption algorithm, and tests the efficiency and security of APK before and after protection. The protected software resists the reverse attack to some extent.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2015
【分類號(hào)】：TP316;TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前1條

1 李麗;劉小丹;;一種主特征量自適應(yīng)選擇的多彩色空間圖像分割方法研究[J];計(jì)算機(jī)科學(xué);2004年11期

，

本文編號(hào)：1587366