摘要
Android应用程序在未经任何加固处理的情况下极容易受到反编译攻击,存在较大的安全隐患。APP加固技术为应用程序提供了有效的防护措施,增加了反编译的难度,本文针对目前常用的反编译手段提出了一种APP加固方案,该方案首先针对需要保护的资源文件进行加密处理;然后针对DEX文件的反编译,采用混淆代码技术加固处理,针对二次打包,本文采用签名校验技术。实验表明,本文提出的加固方案能够有效地防患APK被反编译,加大了二次打包的难度。
Android applications without any reinforcement are extremely vulnerable to de-compilation attacks,with significant security risks.App reinforcement technology provides effective protection for applications and increases the difficulty of de-compilation.In this paper,an APP reinforcement scheme is proposed against the commonly used de-compilation methods.The scheme first encrypts the resource files to be protected;Then,for the DEX file recompilation,confusion code technology is used to reinforce the DEX file.For the secondary packaging,the signature verification technique is adopted in this paper.Experimental results show that the proposed reinforcement scheme can effectively prevent APK from being decompiled and thus increases the difficulty of secondary packaging.
作者
彭守镇
PENG Shouzhen(Guang Dong Polytechnic College,Zhaoqing 526100,China)
出处
《软件工程》
2019年第6期8-12,共5页
Software Engineering
基金
广东省教育厅大学生创新创业项目(项目编号:201713720011)
广东理工学院大学生创新创业项目(项目编号:CXCY2017045)
关键词
APP反编译
DEX加固
加壳保护
二次打包
App de-compilation
DEX reinforcement
shell protection
secondary packing