CN104573419A - Mobile application software protection effectiveness evaluation method and device - Google Patents
Mobile application software protection effectiveness evaluation method and device Download PDFInfo
- Publication number
- CN104573419A CN104573419A CN201410662704.5A CN201410662704A CN104573419A CN 104573419 A CN104573419 A CN 104573419A CN 201410662704 A CN201410662704 A CN 201410662704A CN 104573419 A CN104573419 A CN 104573419A
- Authority
- CN
- China
- Prior art keywords
- performance index
- quantized value
- parameter
- software
- mobile solution
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000011156 evaluation Methods 0.000 title claims abstract description 17
- 238000000034 method Methods 0.000 claims abstract description 46
- 238000005336 cracking Methods 0.000 claims abstract description 19
- 238000004364 calculation method Methods 0.000 claims abstract description 14
- 230000004044 response Effects 0.000 claims description 15
- 238000004445 quantitative analysis Methods 0.000 description 14
- 238000004458 analytical method Methods 0.000 description 12
- 230000008569 process Effects 0.000 description 9
- 238000005516 engineering process Methods 0.000 description 7
- 238000012360 testing method Methods 0.000 description 6
- 230000000694 effects Effects 0.000 description 4
- 238000011002 quantification Methods 0.000 description 4
- 230000003068 static effect Effects 0.000 description 4
- 238000013461 design Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000000007 visual effect Effects 0.000 description 3
- 238000009825 accumulation Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 230000002633 protecting effect Effects 0.000 description 2
- 230000003014 reinforcing effect Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 241001155643 Acalles Species 0.000 description 1
- 230000003542 behavioural effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000000052 comparative effect Effects 0.000 description 1
- 238000007596 consolidation process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000003607 modifier Substances 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012113 quantitative test Methods 0.000 description 1
- 238000013139 quantization Methods 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
Abstract
The embodiment of the invention discloses a mobile application software protection effectiveness evaluation method and a mobile application software protection effectiveness evaluation device. The method comprises the following steps of establishing a software attach tool library comprising N cracking tools, wherein N is a natural number; trying to crack protected mobile application software to be evaluated sequentially by using the cracking tools in the software attack tool library, and establishing an N-dimensional vector on the basis of cracking results, wherein the corresponding vector position is marked to be 1 in case of success cracking, and is marked to be 0 in case of failed cracking; calculating a hamming weight of the N-dimensional vector which is taken as a first parameter; calculating a quantized performance index difference value of the mobile application software before and after protection, and calculating a second parameter on the basis of a calculation result of the quantized performance index difference value, wherein the second parameter is smaller if the quantized performance index difference value is smaller; calculating the product of the first and second parameters, and determining the protection effectiveness of the mobile application software on the basis of the product.
Description
Technical field
Embodiment of the present invention belongs to Mobile solution technical field, particularly a kind of appraisal procedure of Mobile solution software protection validity and device.
Background technology
In today of information-based develop rapidly, Mobile solution software plays key player in all trades and professions, has become instrument indispensable in people's daily life, working and learning.But, because Mobile solution software is often exposed in face of user completely, be easily illegally duplicated, conversed analysis and malice distort.In the face of day by day serious security threat; many Method and Technology for the purpose of protection software inherently safe have become current study hotspot; comprise the Software Watermark for the purpose of protection software copyright; Code Obfuscation Security Technology for the purpose of protection software code, and resist the tamper-resistance techniques etc. of illegally distorting.But, meanwhile, considerable damage or walk around these protection attack methods be also constantly suggested.Under the research boom of this mutual opposition, how reasonable assessment is carried out to the validity of Software Protection Technique and proof seems particularly important and urgent.
At present; common software protection intensity appraisal procedure usually have assess based on the software protection intensity of software attacks, the efficiency assessment of the efficiency assessment of Code obfuscation algorithm, the efficiency assessment method of Software Watermarking Algorithm and anti-tamper mechanism; but these appraisal procedures often just analyze the factor affecting software attacks process, fail to provide clear and definite evaluation index.And usually instead protect attack technology for some, specific aim is not easy to more by force promote.Based on the assessment of software attacks mainly from software attacks measurement of angle and verifying software guard method validity.Some appraisal procedures based on software attacks analyze the factor affecting software attacks process at present, but do not propose clear and definite evaluation index.Also have the anti-protection attack technology of some robotizations, but its specific aim is stronger simultaneously, is not easy to promote.
The target of software protection improves software security, strengthens the attack difficulty of protected software, therefore proves that the complexity of attacking is the effective means of evaluation software protection from angle-of-attack.The current research based on the appraisal procedure of software attacks is faced with and lacks problem that is clear and definite, unified metric index, is also in developing stage.
Summary of the invention
Embodiment of the present invention proposes a kind of appraisal procedure of Mobile solution software protection validity, thus accurate evaluation Mobile solution software protection validity.
Embodiment of the present invention proposes a kind of apparatus for evaluating of Mobile solution software protection validity, thus accurate evaluation Mobile solution software protection validity.
The technical scheme of embodiment of the present invention is as follows:
An appraisal procedure for Mobile solution software protection validity, the method comprises:
Set up the software attacks tool storage room comprising N number of crack tool, wherein N is natural number;
Successively use the crack tool in software attacks tool storage room to attempt cracking protected Mobile solution software to be assessed, and set up N dimensional vector based on cracking result, if wherein crack successfully, then corresponding vector position is labeled as 1; If crack failure, then corresponding vector position is labeled as 0;
Calculate the Hamming weight of described N dimensional vector, using described Hamming weight as the first parameter;
Calculate the performance index difference quantized value of described Mobile solution software before protection and after protection, and determine the second parameter based on the result of calculation of described performance index difference quantized value, wherein performance index difference quantized value is less, and described second parameter is less;
Calculate the product of the first parameter and the second parameter, and based on the protection validity of described product determination Mobile solution software, wherein product is less, and the protection validity of Mobile solution software is higher.
Crack tool in described software attacks tool storage room comprise following at least one:
OllyDbg, WinDbg, IDA Pro, Numega SoftICE, APK IDE, ILDasm, Smali decompiling, BakSmali beat again bag, Androidguard, internal memory Dump.
Described performance index difference quantized value comprise following at least one:
Response time difference quantized value;
Throughput differences quantized value;
Concurrent user number difference quantized value;
Resource utilization difference quantized value.
The described result of calculation based on described performance index difference quantized value determines that the second parameter comprises:
Calculate the performance index difference quantized value of each performance index, if described performance index difference quantized value is in the interval of 0 ~ 25%, then this performance index assignment is 0; If described performance index difference quantized value is in the interval of 25 ~ 50%, then this performance index assignment is 1; If described performance index difference quantized value is in the interval of more than 50%, then this performance index assignment is 2;
Calculate the weighted sum of the assignment of each performance index, described weighted sum is described second parameter.
An apparatus for evaluating for Mobile solution software protection validity, comprising:
Module set up by tool storage room, and for setting up the software attacks tool storage room comprising N number of crack tool, wherein N is natural number;
First parameter determination module, attempt for successively using the crack tool in software attacks tool storage room cracking protected Mobile solution software to be assessed, and set up N dimensional vector based on cracking result, if wherein crack successfully, then corresponding vector position is labeled as 1; If crack failure, then corresponding vector position is labeled as 0; Calculate the Hamming weight of described N dimensional vector, using described Hamming weight as the first parameter;
Second parameter determination module, for calculating the performance index difference quantized value of described Mobile solution software before protection and after protection, and determine the second parameter based on the result of calculation of described performance index difference quantized value, wherein performance index difference quantized value is less, and described second parameter is less;
Evaluation module, for calculating the product of the first parameter and the second parameter, and based on the protection validity of described product determination Mobile solution software, wherein product is less, and the protection validity of Mobile solution software is higher.
Crack tool in described software attacks tool storage room comprise following at least one:
OllyDbg, WinDbg, IDA Pro, Numega SoftICE, APK IDE, ILDasm, Smali decompiling, BakSmali beat again bag, Androidguard, internal memory Dump.
Described performance index difference quantized value comprise following at least one:
Response time difference quantized value;
Throughput differences quantized value;
Concurrent user number difference quantized value;
Resource utilization difference quantized value.
Second parameter determination module, for calculating the performance index difference quantized value of each performance index, if described performance index difference quantized value is in the interval of 0 ~ 25%, then this performance index assignment is 0; If described performance index difference quantized value is in the interval of 25 ~ 50%, then this performance index assignment is 1; If described performance index difference quantized value is in the interval of more than 50%, then this performance index assignment is 2;
Calculate the weighted sum of the assignment of each performance index, described weighted sum is described second parameter.
As can be seen here, after application embodiment of the present invention, set up the software attacks tool storage room comprising N number of crack tool, wherein N is natural number; Successively use the crack tool in software attacks tool storage room to attempt cracking protected Mobile solution software to be assessed, and set up N dimensional vector based on cracking result, if wherein crack successfully, then corresponding vector position is labeled as 1; If crack failure, then corresponding vector position is labeled as 0; Calculate the Hamming weight of described N dimensional vector, using described Hamming weight as the first parameter; Calculate the performance index difference quantized value of described Mobile solution software before protection and after protection, and determine the second parameter based on the result of calculation of described performance index difference quantized value, wherein performance index difference quantized value is less, and described second parameter is less; Calculate the product of the first parameter and the second parameter, and based on the protection validity of described product determination Mobile solution software, wherein product is less, and the protection validity of Mobile solution software is higher.
Visible, one of quantitative analysis method of Mobile solution software protection efficiency assessment of the present invention is based on attack database, the reliability of testing software protection scheme one by one, result is with Hamming distance form quantification, and two of the quantitative analysis method of Mobile solution software protection efficiency assessment is based on performance index, response time before and after Software hardening design is proposed, handling capacity, the computing method of the performance index such as concurrent user number and resource utilization, result is with weighted type quantification, the comprehensive above two kinds of quantitative account form evaluation Mobile solution software protection validity of the present invention, thus ensure that assessment accuracy.
Accompanying drawing explanation
Fig. 1 is the appraisal procedure process flow diagram of Mobile solution software protection validity of the present invention;
Fig. 2 is the apparatus for evaluating structural drawing of Mobile solution software protection validity of the present invention.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly, below in conjunction with accompanying drawing, the present invention is described in further detail.
Theoretical analysis method at present for software protection validity emerges in an endless stream; the present invention proposes a kind of quantitative analysis method of Mobile solution software protection validity; the security of software is considered on the one hand from the angle of assailant; integrated dynamic and static state tool storage room carrys out the validity of testing software protection scheme with this; on the other hand the key factor that impact and restriction assailant are implemented to attack is analyzed; proposition can the computing method of performance index of measures of quantization, and the accumulation results of two aspects is quantitative test conclusion.
Visible, the present invention consider emphatically how to formulate one quantifiable, have practical significance, attack the measurable evaluation index of difficulty, finally provide the attack resistance level of method of software Protection to be assessed.
Fig. 1 is the appraisal procedure process flow diagram of Mobile solution software protection validity of the present invention.
As shown in Figure 1, the method comprises:
Step 101: set up the software attacks tool storage room comprising N number of crack tool, wherein N is natural number.
The object of software protection is defensive attack, and so relative to non-protection software, whether the software after protection is difficult to be attacked is the key proving guard method validity.Software attacks is assailant according to the approximate location of the function of target software, behavioural characteristic analysis and locator key code, and analyzes correlative code.Only when grasp key code logic flow or critical data memory location, assailant just can to code carry out reverse, distort or replace.
Can protect Mobile solution software for multiple technologies, such as Code obfuscation, anti-tamper, encryption etc.The technology commonly used in software attacks comprises dynamic and static state analysis, the now instrument of existing comparative maturity, the common debugger of performance analysis has OllyDbg, IDA Pro, WinDbg, Numega SoftlCE, wherein the first two belongs to user class debugger, latter two belongs to system-level debugger, and WinDbg is then that user class debugger also can be used as system-level debugger.
Instrument conventional in static analysis process is disassembler and decompiler.The major function of disassembler binary machine code is decoded as readable assembly language text.The process of dis-assembling is actually the process of scanning-value-identification-translation.Common disassembler has IDAPRO, ILDasm etc., and wherein IDAPRO is a powerful disassembler, supports various processor framework, as IA-32, IA-64, AMD64 etc.
Table 1 lists the crack tool exemplary embodiment for Mobile solution of current main flow.
Table 1
More than describe the exemplary embodiment of crack tool in detail, it will be appreciated by those of skill in the art that this description is only exemplary, and be not used in the protection domain of embodiment of the present invention is limited.
Step 102: successively use the crack tool in software attacks tool storage room to attempt cracking protected Mobile solution software to be assessed, and set up N dimensional vector based on cracking result, if wherein crack successfully, then corresponding vector position is labeled as 1; If crack failure, then corresponding vector position is labeled as 0;
The present invention propose based on attack quantitative analysis method refer to for protected Mobile solution software to be assessed use one by one the crack tool in software attacks tool storage room attempt crack; software is cracked, and is designated as 1; be not cracked, be designated as 0; finally can obtain the multi-C vector result of software, calculate its Hamming distance and be quantitative analysis results.
Such as, software attacks tool storage room is comprised: OllyDbg, WinDbg, IDA Pro, Numega SoftICE, APK IDE, ILDasm, Smali decompiling, BakSmali beat again the situation of bag, Androidguard, internal memory Dump, when namely comprising 10 crack tools, if tool storage room can crack, then to the vector position of tool storage room being labeled as 1; If crack failure, then to the vector position of tool storage room being labeled as 0.Therefore, 10 dimensional vector Attack=(a can be set up based on the result that cracks of each crack tool
1, a
2, a
3, a
4, a
5, a
6, a
7, a
8, a
9, a
10), wherein, a
i=0,1, i=1,2 ..., 10.
Step 103: the Hamming weight calculating described N dimensional vector, using described Hamming weight as the first parameter.
Here, can calculate the Hamming weight of described N dimensional vector based on numerous embodiments, wherein Hamming weight is the Hamming distance of character string relative to the null string of same length, using described Hamming weight as the first parameter r
1.
Step 104: calculate the performance index difference quantized value of described Mobile solution software before protection and after protection; and determine the second parameter based on the result of calculation of described performance index difference quantized value; wherein performance index difference quantized value is less, and described second parameter is less.
Here; through testing and assessing to the property indices of the movable application software of protection; draw the difference quantized value of the performance index of Mobile solution software before protection and after protection; and determine the second parameter based on the result of calculation of the difference quantized value of performance index; wherein performance index difference quantized value is less, and described second parameter is less
Such as, performance index difference quantized value can comprise response time before and after Mobile solution software protection, handling capacity, the performance index such as concurrent user number and resource utilization.In order to measure the difference of property indices, the following formula of exemplary use calculates the every software performance index before and after protection, draws the quantized value of property indices difference:
Then, next according to the quantized value of the property indices difference of measuring out, software protection execution performance is assessed and analyzed.After computation measure goes out the quantized value of property indices difference, next software protection execution performance is assessed and analyzed.
Can adopt in following table 2 and propose Measure Indexes, according to calculating and measurement results, each estimation items is divided into high, normal, basic 3 grades, evaluation is made to each grade.
Table 2 is software protection execution performance evaluation index table.
Table 2
If difference grade is low, then this performance index assignment is 0; If during difference grade is, then this performance index assignment is 1; If difference grade is high, then this performance index assignment grade is 2.Such as, when performance index comprise: the response time, handling capacity, concurrent user number and resource utilization time, the assignment difference=(d of each these performance index
1, d
2, d
3, d
4), wherein d
i=0,1,2, i=1,2,3,4.Quantitative analysis results is asked for performance index weightings such as the response time before and after above index software protection, handling capacity, concurrent user number and resource utilizations, is the second parameter r
2, r
2=w
1* d
1+ w
2* d
2+ w
3* d
3+ w
4* d
4, w
1for d
1weights, w
2for d
2weights, w
3for d
3weights, w
4for d
4weights; As for the concrete setting of each weights, can with reference to Consumer's Experience.For mobile intelligent terminal user, when click button, link or send an instruction and start, to system shows the form of result user awareness, the time that this process consumes is the visual impression of user to this software performance, the namely said response time, when the corresponding time is less, Consumer's Experience is good, the response time of certain Consumer's Experience comprises factor and individual subjective factor and objective response time, when design software, we just need to consider the experience reaching user's the best how better in conjunction with these two parts.So, in the present invention, w1=w2=30%, w3=w4=20%.
Wherein, for the assignment of critical point place in each interval, the interval assignment before can being set to, the interval assignment after also can being set to.Such as, when difference quantized value is 25%, can be 0 or 1 by this performance index assignment; When difference quantized value is 50%, can be 1 or 2 by this performance index assignment.
Step 105: the product calculating the first parameter and the second parameter, and based on the protection validity of described product determination Mobile solution software, wherein product is less, and the protection validity of Mobile solution software is higher.
Quantitative analysis results r=is the first parameter r
1with the second parameter r
2product, i.e. r=r
1* r
2.Obviously, r value less explanation Mobile solution software protection effect is better, otherwise poor.
Above whole description implementation process of the present invention, illustrates below again.
The concrete implementation step of the present invention comprises:
First set up static and dynamic analysis tool storage room, attempt attacking software one by one, crack successfully if analyze, then corresponding position is labeled as 1, otherwise is labeled as 0.This example chooses ten kinds of software crack tools of current main flow altogether, and OllyDbg, WinDbg, IDA Pro, Numega SoftICE, APK IDE, ILDasm, Smali decompiling, BakSmali beat again bag, Androidguard, internal memory Dump.
Now for APK IDE declarative procedure.The reason (Apk IDE) that APK changes is a visual instrument for revising Android Apk program file, be integrated with the Apk modifierss such as ApkTool, Dex2jar, JD-GUI, collection Apk decompiling, Apk packing, Apk signature, support the code editor that grammer is highlighted, the key word (supporting single file code or lines of code section) based on file content is searched for, is replaced engine function in the visual APK modifiers of one.Such as; application FruitNinja (ver:1.8.9) after using APK IDE to reinforce watchman's wooden clapper watchman's wooden clapper analyzes; although find output slab display decompiling success; but launch resource browser can find smali com bangcle only comprise ACall.smali, MyClassLoader.smali and Util.smali under protect catalogue; the core code of former software very briefly do not divulged by code; software protection is respond well, so the analysis result of Fruit Ninja corresponding A PK IDE is labeled as 0.
According to above step, solve Attack=(a successively
1, a
2, a
3, a
4, a
5, a
6, a
7, a
8, a
9, a
10), and the Hamming weight of compute vector Attack, be designated as quantitative analysis results r
1.
The present invention adopts the response time before and after software protection, handling capacity, concurrent user number and resource utilization to assess protection for the impact of application program capacity; for the response time, three sections of test terminals in following table are adopted to carry out the consolidation effect testing white box AES encryption method.
Table 1 is mobile application security protect-ing frame structure execution efficiency comparison sheet.
Can find out, in the rear application program of protection, the volume of self-defined loader is all at about 10KB, therefore does not mention separately in table, and meanwhile, because in fact APK uses Zip form, after may there is decompress(ion), Dex volume is greater than the situation of whole application package.Before and after reinforcing as can be seen from the table, application program volume change is less, and the part that volume increases is the binary executable that white box AES deciphers storehouse and self-defined loader; In the affecting of start-up time, can see that the start-up time of application program changes greatly with the difference of processor ability, the stronger Nexus4 of processing power is when loading the application program before and after reinforcing, its performance impact can control about 35%, and lower type N1 and the G14 of performance load reinforce after application program time, its performance impact has all exceeded 40%; Although the processor frequencies of G14, check figure and memory size are all lower than N1, its loading velocity comparatively N1 is a lot of rapidly, and the optimization describing processor from other method is very large for the execution speed relation of terminal.Many test results of the comprehensive three kinds of different test terminals of this project, comprehensive evaluation is reinforced the rear impact of application program on starting efficiency and is about 42.03%.
Indicator difference quantized value falls into 25%-50%, so during difference grade is, and d
1=1.In like manner can calculate other three indexs, finally draw difference=(d
1, d
2, d
3, d
4), weighting obtains quantitative analysis results r
2.
Calculate r=r
1* r
2, quantitative analysis results is r
1and r
2accumulation expression formula.The basic goal of software protection is the difficulty increasing assailant's conversed analysis, improves and attacks cost.But there is not linear relationship in the encryption of high strength and the attack tolerant of Obfuscating Algorithms, when based on software complexity metric appraisal procedure cannot accurate evaluation software protection intensity and software protecting rank.The present invention proposes quantitative analysis method; both utilize in reverse-engineering the mode of attacking evaluation and test to carry out analysis and inspection and obscured intensity, again from the performance index aspect assessment software protection effect before and after Software hardening design, finally can obtain quantitative analysis results r; clearly r value is less, and software protection effect is better.
Based on above-mentioned analysis, the invention allows for a kind of apparatus for evaluating of Mobile solution software protection validity.
Fig. 2 is the apparatus for evaluating structural drawing of Mobile solution software protection validity of the present invention.As shown in Figure 2, this device 200 comprises:
Module 201 set up by tool storage room, and for setting up the software attacks tool storage room comprising N number of crack tool, wherein N is natural number;
First parameter determination module 202, attempt for successively using the crack tool in software attacks tool storage room cracking protected Mobile solution software to be assessed, and set up N dimensional vector based on cracking result, if wherein crack successfully, then corresponding vector position is labeled as 1; If crack failure, then corresponding vector position is labeled as 0; Calculate the Hamming weight of described N dimensional vector, using described Hamming weight as the first parameter;
Second parameter determination module 203, for calculating the performance index difference quantized value of described Mobile solution software before protection and after protection, and determine the second parameter based on the result of calculation of described performance index difference quantized value, wherein performance index difference quantized value is less, and described second parameter is less;
Evaluation module 204, for calculating the product of the first parameter and the second parameter, and based on the protection validity of described product determination Mobile solution software, wherein product is less, and the protection validity of Mobile solution software is higher.
In one embodiment, the crack tool in software attacks tool storage room comprise following at least one:
OllyDbg, WinDbg, IDA Pro, Numega SoftICE, APK IDE, ILDasm, Smali decompiling, BakSmali beat again bag, Androidguard, internal memory Dump, etc.
In one embodiment, performance index difference quantized value comprise following at least one: response time difference quantized value; Throughput differences quantized value; Concurrent user number difference quantized value; Resource utilization difference quantized value.
In one embodiment, the second parameter determination module 203, for calculating the performance index difference quantized value of each performance index, if described performance index difference quantized value is in the interval of 0 ~ 25%, then this performance index assignment is 0; If described performance index difference quantized value is in the interval of 25 ~ 50%, then this performance index assignment is 1; If described performance index difference quantized value is in the interval of more than 50%, then this performance index assignment is 2; Calculate the weighted sum of the assignment of each performance index, described weighted sum is described second parameter.
In embodiments of the present invention, one of quantitative analysis method of Mobile solution software protection efficiency assessment is based on attack database, one by one the reliability of testing software protection scheme, and result is with Hamming distance form quantification; Two of the quantitative analysis method of Mobile solution software protection efficiency assessment is based on performance index; the computing method of the performance index such as the response time before and after Software hardening design, handling capacity, concurrent user number and resource utilization are proposed; result is with weighted type quantification; and the present invention's also comprehensive above two kinds of qualitative analyses and quantitative account form evaluation Mobile solution software protection validity, thus ensure that assessment accuracy.
The above, be only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (8)
1. an appraisal procedure for Mobile solution software protection validity, is characterized in that, the method comprises:
Set up the software attacks tool storage room comprising N number of crack tool, wherein N is natural number;
Successively use the crack tool in software attacks tool storage room to attempt cracking protected Mobile solution software to be assessed, and set up N dimensional vector based on cracking result, if wherein crack successfully, then corresponding vector position is labeled as 1; If crack failure, then corresponding vector position is labeled as 0;
Calculate the Hamming weight of described N dimensional vector, using described Hamming weight as the first parameter;
Calculate the performance index difference quantized value of described Mobile solution software before protection and after protection, and determine the second parameter based on the result of calculation of described performance index difference quantized value, wherein performance index difference quantized value is less, and described second parameter is less;
Calculate the product of the first parameter and the second parameter, and based on the protection validity of described product determination Mobile solution software, wherein product is less, and the protection validity of Mobile solution software is higher.
2. the appraisal procedure of Mobile solution software protection validity according to claim 1, is characterized in that, the crack tool in described software attacks tool storage room comprise following at least one:
OllyDbg, WinDbg, IDA Pro, Numega SoftICE, APK IDE, ILDasm, Smali decompiling, BakSmali beat again bag, Androidguard, internal memory Dump.
3. the appraisal procedure of Mobile solution software protection validity according to claim 1, is characterized in that, described performance index difference quantized value comprise following at least one:
Response time difference quantized value;
Throughput differences quantized value;
Concurrent user number difference quantized value;
Resource utilization difference quantized value.
4. the appraisal procedure of Mobile solution software protection validity according to claim 3, is characterized in that, the described result of calculation based on described performance index difference quantized value determines that the second parameter comprises:
Calculate the performance index difference quantized value of each performance index, if described performance index difference quantized value is in the interval of 0 ~ 25%, then this performance index assignment is 0; If described performance index difference quantized value is in the interval of 25 ~ 50%, then this performance index assignment is 1; If described performance index difference quantized value is in the interval of more than 50%, then this performance index assignment is 2;
Calculate the weighted sum of the assignment of each performance index, described weighted sum is described second parameter.
5. an apparatus for evaluating for Mobile solution software protection validity, is characterized in that, comprising:
Module set up by tool storage room, and for setting up the software attacks tool storage room comprising N number of crack tool, wherein N is natural number;
First parameter determination module, attempt for successively using the crack tool in software attacks tool storage room cracking protected Mobile solution software to be assessed, and set up N dimensional vector based on cracking result, if wherein crack successfully, then corresponding vector position is labeled as 1; If crack failure, then corresponding vector position is labeled as 0; Calculate the Hamming weight of described N dimensional vector, using described Hamming weight as the first parameter;
Second parameter determination module, for calculating the performance index difference quantized value of described Mobile solution software before protection and after protection, and determine the second parameter based on the result of calculation of described performance index difference quantized value, wherein performance index difference quantized value is less, and described second parameter is less;
Evaluation module, for calculating the product of the first parameter and the second parameter, and based on the protection validity of described product determination Mobile solution software, wherein product is less, and the protection validity of Mobile solution software is higher.
6. the apparatus for evaluating of Mobile solution software protection validity according to claim 5, is characterized in that, the crack tool in described software attacks tool storage room comprise following at least one:
OllyDbg, WinDbg, IDA Pro, Numega SoftICE, APK IDE, ILDasm, Smali decompiling, BakSmali beat again bag, Androidguard, internal memory Dump.
7. the apparatus for evaluating of Mobile solution software protection validity according to claim 5, is characterized in that, described performance index difference quantized value comprise following at least one:
Response time difference quantized value;
Throughput differences quantized value;
Concurrent user number difference quantized value;
Resource utilization difference quantized value.
8. the apparatus for evaluating of Mobile solution software protection validity according to claim 5, is characterized in that,
Second parameter determination module, for calculating the performance index difference quantized value of each performance index, if described performance index difference quantized value is in the interval of 0 ~ 25%, then this performance index assignment is 0; If described performance index difference quantized value is in the interval of 25 ~ 50%, then this performance index assignment is 1; If described performance index difference quantized value is in the interval of more than 50%, then this performance index assignment is 2;
Calculate the weighted sum of the assignment of each performance index, described weighted sum is described second parameter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410662704.5A CN104573419B (en) | 2014-11-19 | 2014-11-19 | The appraisal procedure and device of a kind of Mobile solution software protection validity |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410662704.5A CN104573419B (en) | 2014-11-19 | 2014-11-19 | The appraisal procedure and device of a kind of Mobile solution software protection validity |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104573419A true CN104573419A (en) | 2015-04-29 |
| CN104573419B CN104573419B (en) | 2017-10-13 |
Family
ID=53089463
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410662704.5A Active CN104573419B (en) | 2014-11-19 | 2014-11-19 | The appraisal procedure and device of a kind of Mobile solution software protection validity |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104573419B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106713573A (en) * | 2016-12-29 | 2017-05-24 | 努比亚技术有限公司 | Performance testing device and method for terminal equipment |
| CN106845171A (en) * | 2017-01-20 | 2017-06-13 | 暨南大学 | A kind of Android application codes protection mechanism discrimination method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008151321A2 (en) * | 2007-06-08 | 2008-12-11 | The Trustees Of Columbia University In The City Of New York | Systems, methods, and media for enforcing a security policy in a network including a plurality of components |
| CN102073823A (en) * | 2011-02-25 | 2011-05-25 | 天津大学 | Defect analysis based software creditability evaluating method |
| US20120324568A1 (en) * | 2011-06-14 | 2012-12-20 | Lookout, Inc., A California Corporation | Mobile web protection |
| CN103823972A (en) * | 2014-02-18 | 2014-05-28 | 国网安徽省电力公司 | Method for evaluating and assessing state of relay protection equipment |
-
2014
- 2014-11-19 CN CN201410662704.5A patent/CN104573419B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008151321A2 (en) * | 2007-06-08 | 2008-12-11 | The Trustees Of Columbia University In The City Of New York | Systems, methods, and media for enforcing a security policy in a network including a plurality of components |
| CN102073823A (en) * | 2011-02-25 | 2011-05-25 | 天津大学 | Defect analysis based software creditability evaluating method |
| US20120324568A1 (en) * | 2011-06-14 | 2012-12-20 | Lookout, Inc., A California Corporation | Mobile web protection |
| CN103823972A (en) * | 2014-02-18 | 2014-05-28 | 国网安徽省电力公司 | Method for evaluating and assessing state of relay protection equipment |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106713573A (en) * | 2016-12-29 | 2017-05-24 | 努比亚技术有限公司 | Performance testing device and method for terminal equipment |
| CN106713573B (en) * | 2016-12-29 | 2019-08-16 | 努比亚技术有限公司 | A kind of performance testing device and method of terminal device |
| CN106845171A (en) * | 2017-01-20 | 2017-06-13 | 暨南大学 | A kind of Android application codes protection mechanism discrimination method |
| CN106845171B (en) * | 2017-01-20 | 2020-01-17 | 暨南大学 | Android application program code protection mechanism identification method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104573419B (en) | 2017-10-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bekrar et al. | Finding software vulnerabilities by smart fuzzing | |
| Carmony et al. | Extract Me If You Can: Abusing PDF Parsers in Malware Detectors. | |
| Jimenez et al. | Vulnerability prediction models: A case study on the linux kernel | |
| Wang et al. | Checksum-aware fuzzing combined with dynamic taint analysis and symbolic execution | |
| CN106022132A (en) | Real-time webpage Trojan detection method based on dynamic content analysis | |
| CN101719204B (en) | Heapspray detection method based on intermediate command dynamic instrumentation | |
| CN109933977A (en) | A kind of method and device detecting webshell data | |
| Lin et al. | A value set analysis refinement approach based on conditional merging and lazy constraint solving | |
| CN105468970A (en) | Tamper-proof method and system of Android application on the basis of defense network | |
| CN104573419A (en) | Mobile application software protection effectiveness evaluation method and device | |
| Chen et al. | Test generation for embedded executables via concolic execution in a real environment | |
| CN105046113B (en) | Android software based on randomness test reinforces detection method | |
| CN116932381A (en) | Automatic evaluation method for security risk of applet and related equipment | |
| Chen et al. | Black-box testing based on colorful taint analysis | |
| Tung et al. | A cost-effective approach to evaluating security vulnerability scanner | |
| Katsunuma et al. | Base address recognition with data flow tracking for injection attack detection | |
| Ding et al. | Function-level dynamic monitoring and analysis system for smart contract | |
| Antoniol | Keynote paper: Search based software testing for software security: Breaking code to make it safer | |
| Wang et al. | Vulnerability evaluation method for E-commerce transaction systems with unobservable transitions | |
| Xie et al. | Mixed obfuscation of overlapping instruction and self-modify code based on hyper-chaotic opaque predicates | |
| Zhang et al. | An automatic approach for scoring vulnerabilities in risk assessment | |
| Wang et al. | Hardware-assisted monitoring for code security in embedded system | |
| Yuan et al. | Exploitability analysis of public component library vulnerabilities based on taint analysis | |
| Cai et al. | A smart fuzzing approach for integer overflow detection | |
| Cheng et al. | Static detection of dangerous behaviors in android apps |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |