CN107256349B - Method and device for preventing dynamic library from being stolen, electronic equipment and readable storage medium - Google Patents
Method and device for preventing dynamic library from being stolen, electronic equipment and readable storage medium Download PDFInfo
- Publication number
- CN107256349B CN107256349B CN201710442081.4A CN201710442081A CN107256349B CN 107256349 B CN107256349 B CN 107256349B CN 201710442081 A CN201710442081 A CN 201710442081A CN 107256349 B CN107256349 B CN 107256349B
- Authority
- CN
- China
- Prior art keywords
- dynamic library
- application program
- calling
- information
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 230000002265 prevention Effects 0.000 claims description 9
- 238000005516 engineering process Methods 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 7
- 230000008569 process Effects 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 238000009434 installation Methods 0.000 description 3
- 230000002093 peripheral effect Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/128—Restricting unauthorised execution of programs involving web programs, i.e. using technology especially used in internet, generally interacting with a web browser, e.g. hypertext markup language [HTML], applets, java
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/547—Remote procedure calls [RPC]; Web services
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method and a device for preventing dynamic library burglary, electronic equipment and a readable storage medium, and relates to the technical field of internet. The method comprises the following steps: receiving calling information which is sent by an application program and used for calling a dynamic library, wherein the calling information is information for loading files in the dynamic library; judging whether the application program calling the dynamic library is legal or not; and if so, returning the call approval information to the application program. The identity of the application program calling the dynamic library is judged, the dynamic library is protected from being utilized by the third-party application program, and the safety of the dynamic library is improved.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a method and a device for preventing dynamic library burglary, electronic equipment and a readable storage medium.
Background
With the development of the internet and electronic devices, such as smart phones, many applications are designed with many dynamic link libraries that are released along with the application installation package. These dynamically linked libraries contain core logic functions. After being loaded into the memory by the application program, the data are called and executed by the application program.
In actual use, however, the dynamic link library in the application installation package can be called by a third-party application program, which is not beneficial to protecting the product.
Disclosure of Invention
In view of the above, embodiments of the present invention provide a method, an apparatus, an electronic device and a readable storage medium for dynamic library theft protection, so as to solve the above problems.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
in a first aspect, an embodiment of the present invention provides a method for preventing theft of a dynamic library, where the method includes: receiving calling information which is sent by an application program and used for calling a dynamic library, wherein the calling information is information for loading files in the dynamic library; judging whether the application program calling the dynamic library is legal or not; and if so, returning the call approval information to the application program.
In a second aspect, an embodiment of the present invention provides an apparatus for preventing theft of a dynamic library, where the apparatus includes: and the receiving unit is used for receiving calling information which is sent by the application program and used for calling the dynamic library, wherein the calling information is information for loading files in the dynamic library. And the first judging unit is used for judging whether the application program calling the dynamic library is legal or not. And the returning unit is used for returning calling approval information to the application program when the judgment result is yes.
In a third aspect, an electronic device provided in an embodiment of the present invention includes a processor and a memory, where the memory is connected to the processor through a bus, and is used for storing a program; the processor is used for calling the program stored in the memory through the bus and executing: receiving calling information which is sent by an application program and used for calling a dynamic library, wherein the calling information is information for loading files in the dynamic library; judging whether the application program calling the dynamic library is legal or not; and if so, returning the call approval information to the application program.
In a fourth aspect, an embodiment of the present invention provides a readable storage medium, where the readable storage medium stores non-volatile program code executable by a processor, and the program code causes the processor to execute the following steps: receiving calling information which is sent by an application program and used for calling a dynamic library, wherein the calling information is information for loading files in the dynamic library; judging whether the application program calling the dynamic library is legal or not; and if so, returning the call approval information to the application program.
According to the method, the device, the electronic equipment and the readable storage medium for preventing the dynamic library from being stolen, provided by the embodiment of the invention, the file in the dynamic link library can be successfully called only under the condition that the application program is legal by using a mode that the legality of the application program calling the file of the dynamic library is judged after the dynamic library receives the calling information sent by the application program, so that the dynamic library is protected from being utilized by a third-party application program, and the safety of the dynamic library is improved.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
FIG. 1 is a block diagram of an electronic device provided by an embodiment of the invention;
FIG. 2 is a flow chart illustrating the steps of a method for dynamic library theft prevention according to a first embodiment of the present invention;
FIG. 3 is a flow chart illustrating the steps of a method for dynamic library theft prevention according to a second embodiment of the present invention;
fig. 4 is a functional block diagram of a dynamic library security apparatus according to a third embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present invention, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
Referring to fig. 1, fig. 1 is a block diagram illustrating an electronic device 100 that can be applied to the method and apparatus for dynamic library theft prevention according to an embodiment of the present invention. As an embodiment, the electronic device may be a terminal such as a Personal Computer (PC), a tablet PC, a smart phone, a Personal Digital Assistant (PDA), and a wearable device.
As shown in fig. 1, the electronic device 100 includes a memory 101, a memory controller 102, one or more (only one shown) processors 103, a peripheral interface 104, a radio frequency module 105, a display unit 106, and the like. These components communicate with each other via one or more communication buses/signal lines 107.
The memory 101 may be used to store software programs and modules, such as program instructions/modules corresponding to the method and apparatus for dynamic library theft prevention in the embodiment of the present invention, and the processor 103 executes various functional applications and data processing, such as the method for dynamic library theft prevention provided by the embodiment of the present invention, by running the software programs and modules stored in the memory 101.
The peripheral interface 104 couples various input/output devices to the processor 103 as well as to the memory 101. In some embodiments, the peripheral interface 104, the processor 103, and the memory controller 102 may be implemented in a single chip. In other examples, they may be implemented separately from the individual chips.
The rf module 105 is used for receiving and transmitting electromagnetic waves, and implementing interconversion between the electromagnetic waves and electrical signals, so as to communicate with a communication network or other devices.
The display module 106 provides a display interface between the server 100 and the user. In particular, display module 106 displays image output to a user, the content of which may include text, graphics, video, and any combination thereof.
It will be appreciated that the configuration shown in FIG. 1 is merely illustrative and that electronic device 100 may include more or fewer components than shown in FIG. 1 or have a different configuration than shown in FIG. 1. The components shown in fig. 1 may be implemented in hardware, software, or a combination thereof.
Typically, the state link library configured by the application program in the electronic device includes core logic functions. And after the dynamic link library is loaded into the memory by the application program, the dynamic link library is called and executed by the application program. Such as the so file of an application in the Android system. However, the existing dynamic link library can be called not only by the application program in which the dynamic link library is located, but also by the application program of a third party, and therefore, certain influence is caused on the security aspect of the dynamic link library. In order to solve the problem, embodiments of the present invention provide a method and an apparatus for dynamic library theft prevention, an electronic device, and a readable storage medium.
First embodiment
Referring to fig. 2, a flowchart of steps of a method for preventing theft of a dynamic library according to a first embodiment of the present invention is shown. The method for dynamic library theft prevention provided in the present embodiment will be described in detail below with reference to fig. 2.
Step S210, receiving calling information for calling the dynamic library sent by the application program, where the calling information is information for loading a file in the dynamic library.
Because many applications are considered based on performance, cross-platform and other factors, the installation package of the applications contains a dynamic library, and the dynamic library is used for storing and executing the logic functions of the cores of the applications. Where the application belongs to an upper level component and the dynamic library belongs to a lower level component of the application.
When the application program needs to load the file in the dynamic library, the application program sends calling information to the dynamic library, and the dynamic library returns a result notice to inform the application program that the application program is loading and calling the file in the dynamic library.
In another embodiment, when the application needs to load the file in the dynamic library, the application may also send call information to a management program independent of the dynamic library, and the management program returns a result notification to the application.
Step S220, determining whether the dynamic library has a file required by the application program.
When the dynamic library is connected with or independent from the management program of the dynamic library, the management program searches whether the dynamic library has files required by the application program when receiving the calling information sent by the application program. If yes, executing the next process; if not, the flow ends.
Step S230, determining whether the application program calling the dynamic library is legal.
The dynamic library in the Android application program can be called not only by the upper application, namely the application program where the dynamic library is located, but also by a third-party application program, and the calling of the third-party application program to the dynamic library can cause harm to the dynamic library. Therefore, the method for preventing the dynamic library from being stolen provided by the embodiment of the invention needs to perform identity authentication on the application program calling the dynamic library so as to check whether the identity of the application program is legal or not. Only if the identity of the application is legal can the application successfully invoke the dynamic library.
In step S240, if the determination result is yes, call approval information is returned to the application program.
And when the dynamic library or the management program independent of the dynamic library judges that the application program calling the dynamic library is legal, returning the calling approval information to the application program. As an implementation mode, the dynamic library returns '0' to the application program, which indicates that the application program is successfully called and the dynamic library file can be successfully loaded.
As an implementation mode, the application program can call a call interface of the dynamic library to realize the call of the dynamic library file. Specifically, the application program calls a preset interface corresponding to the dynamic library through a calling interface, so that information in the dynamic library is loaded into the memory, and calling of the dynamic library is realized.
And when the dynamic library or the management program independent of the dynamic library judges that the application program calling the dynamic library is illegal. As an implementation, the dynamic library returns a "-1" to the application, indicating that the application call failed and the dynamic library file could not be loaded successfully.
The method for preventing the dynamic library file from being stolen provided by the embodiment of the invention sends the calling information to the dynamic library or the management program independent of the dynamic library when the application program needs to call the dynamic library file, and the dynamic library verifies whether the identity of the application program calling the dynamic library is legal or not when receiving the calling information. When the application program calling the dynamic library is legal, the dynamic library returns the calling agreement information to the application program. When the application program calls the dynamic library, whether the application program is legal or not is judged, the dynamic library is protected from being utilized by a third party, and the safety of the dynamic library is improved.
Second embodiment
Referring to fig. 3, a flowchart of steps of a method for preventing theft of a dynamic library according to a second embodiment of the present invention is shown. The method for preventing the theft of the dynamic library provided by the second embodiment comprises the following steps:
step S310, receiving calling information for calling the dynamic library sent by the application program, wherein the calling information is information for loading files in the dynamic library.
Step S320, determining whether the dynamic library has a file required by the application program.
And if the dynamic library has the files required by the application program, executing the next step.
Step S331, obtain the signature of the application program.
As an embodiment, since the application belongs to the upper component, the dynamic library belongs to the lower component, and the lower component cannot directly acquire the object of the upper component. Therefore, the dynamic library cannot directly acquire the signature of the application program, and further, the identity of the application program is verified.
As one implementation mode, when receiving the calling information sent by the application program, the dynamic library acquires the Context object of the application program which sends the calling information. Information is obtained from the Context object of the application to verify the identity of the application calling the dynamic library. When the Context object of the application program is obtained, the Context object of the application program is obtained through a reflection technology.
Since the Context object of the application includes the signature of the application, the dynamic library acquires the signature of the application from the Context object after acquiring the Context object of the application.
Of course, the signature may exist in various forms in the dynamic library, and as one embodiment, the signature of the application program exists in the form of a character string inside the dynamic library. Thus, the dynamic library obtains the signature string of the application.
Step S332, matching the signature of the application program with the signature of a valid application program pre-stored in the dynamic library, and determining whether the application program is valid.
If the matching is successful, judging that the matching is legal;
and if the matching fails, judging that the matching is illegal.
After the signature in the Context object of the application program is acquired, whether the identity of the application program is legal or not is judged through the signature.
The step of determining whether the application program containing the signature is legal specifically includes:
and matching the acquired signature of the application program with the signature of a legal application program prestored in the dynamic library.
Since the signature of the application program where the dynamic library is located, which is a valid application program, is stored in the dynamic library in advance, after the dynamic library acquires the signature of the application program calling the dynamic library, the acquired signature of the application program is compared with the signature of the valid application program stored in advance.
In one embodiment, the signature of the application may exist in the form of a character string, the signature of the application acquired by the dynamic library is a signature character string of the application, and the signature of the legitimate application stored in advance in the dynamic library is a signature character string of the legitimate application. And when the dynamic library is matched, matching the pre-stored signature character string of the legal application program with the acquired signature character string of the application program. Of course, the case of the signature string may be ignored when matching.
When the matching is successful, the application program containing the signature is characterized to be legal, and the application program is judged to be legal; and when the matching is unsuccessful, characterizing that the application program containing the signature is illegal, and judging that the application program is illegal.
In step S340, if the determination result is yes, call approval information is returned to the application program.
And when the obtained signature character string of the application program is successfully matched with the prestored legal application program, representing that the application program calling the dynamic library is legal. The dynamic library returns an agreement to call to the application. As an implementation mode, the dynamic library returns '0' to the application program, which indicates that the application program is successfully called and the dynamic library file can be successfully loaded.
And when the obtained signature character string of the application program fails to be matched with the prestored legal application program, the application program for calling the dynamic library is represented to be illegal. As an implementation, the dynamic library returns a "-1" to the application, indicating that the application call failed and the dynamic library file could not be loaded successfully.
In the second embodiment, steps S310, S320 and S340 are the same as steps S210, S220 and S240 of the first embodiment. For a detailed implementation, please refer to embodiment one, which is not described herein again.
Third embodiment
Referring to fig. 4, a block diagram of a dynamic library security device 300 according to a third embodiment of the present invention is shown. The device 300 for preventing theft of a dynamic library includes:
the receiving unit 310 is configured to receive calling information used for calling the dynamic library, where the calling information is information for loading a file in the dynamic library, and the information is sent by an application program.
A second determining unit 320, configured to determine whether there is a file required by the application in the dynamic library.
The first determining unit 330 is configured to determine whether the application calling the dynamic library is legal or not when the determination result of the second determining unit is yes.
The first determining unit 330 includes:
a first obtaining unit 331, configured to obtain a signature of the application program.
As an embodiment, the first obtaining unit 331 includes:
a second obtaining unit 3311, configured to obtain a Context object of the application program that calls the dynamic library.
The second acquiring unit further comprises a second acquiring subunit, and the second acquiring subunit is used for acquiring a Context object of the application program calling the dynamic library by using a reflection technology.
A third obtaining unit 3312, configured to obtain a signature of the application from the obtained Context object of the application.
A matching unit 332, configured to match the obtained signature of the application with a signature of a valid application pre-stored in the dynamic library. And if the matching is successful, the application program containing the signature is characterized to be legal. If the matching fails, the application program containing the signature is not qualified.
And the returning unit 340 is used for returning the call approval information to the application program when the judgment result of the first judging unit is yes.
The device for preventing theft of a dynamic library according to the embodiment of the present invention sends the call information to the dynamic library file or the management program independent from the dynamic library when the application program needs to call the dynamic library file, and the dynamic library acquires the signature character string of the application program when receiving the call information, and matches the signature character string of the valid application program prestored in the dynamic library with the acquired signature character string of the application program to verify whether the identity of the application program calling the dynamic library is valid. And when the matching is successful, the application program calling the dynamic library is legal, and the dynamic library returns the calling agreement information to the application program. When the application program calls the dynamic library, whether the application program is legal or not is judged, the dynamic library is protected from being utilized by a third party, and the safety of the dynamic library is improved. The specific implementation process of the device for preventing theft of a dynamic library provided by the embodiment of the present invention may refer to the above method embodiments, and details are not described herein.
In this embodiment, the modules may be implemented by software codes, and in this case, the modules may be stored in the memory 101 of the user terminal 100. The above modules may also be implemented by hardware, such as an integrated circuit chip.
In summary, according to the method, the apparatus, the electronic device, and the readable storage medium for preventing theft of a dynamic library provided in the embodiments of the present invention, when an application needs to call a dynamic library file, a call message is sent to the dynamic library file, and when the dynamic library file receives the call message, a signature string of the application is obtained, and the signature string of a valid application pre-stored in the dynamic library is matched with the obtained signature string of the application, so as to verify whether the identity of the application calling the dynamic library is valid. And when the matching is successful, the application program calling the dynamic library is legal, and the dynamic library returns the calling agreement information to the application program. When the application program calls the dynamic library, whether the application program is legal or not is judged, the dynamic library is protected from being utilized by a third party, and the safety of the dynamic library is improved.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, the functional modules in the embodiments of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes. It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (12)
1. A method for dynamic library theft prevention, the method comprising:
receiving calling information which is sent by an application program and used for calling a dynamic library, wherein the calling information is information for loading files in the dynamic library; the file is any file in the dynamic library;
judging whether the application program calling the dynamic library is legal or not;
if the judgment result is yes, returning calling approval information to the application program;
and if the judgment result is negative, controlling the application program not to load the file in the dynamic library.
2. The method of claim 1, wherein said step of determining whether said application invoking said dynamic library is legitimate comprises:
acquiring a signature of the application program;
matching the signature of the application program with the signature of a legal application program stored in the dynamic library in advance;
if the matching is successful, judging that the matching is legal;
and if the matching fails, judging that the matching is illegal.
3. The method of claim 2, wherein the step of obtaining the signature of the application comprises:
acquiring a Context object of the application program calling the dynamic library;
and acquiring the signature of the application program from the acquired Context object of the application program.
4. The method according to claim 3, wherein the step of obtaining a Context object of the application program calling the dynamic library comprises:
and acquiring a Context object of the application program calling the dynamic library by a reflection technology.
5. The method of claim 1, wherein prior to the step of determining whether the application program invoking the dynamic library is legitimate, the method further comprises:
judging whether the dynamic library has a file required by the application program;
if the judgment result is yes, executing the step of judging whether the application program calling the dynamic library is legal or not.
6. A device for dynamic library theft prevention, the device comprising:
the system comprises a receiving unit, a processing unit and a processing unit, wherein the receiving unit is used for receiving calling information which is sent by an application program and used for calling a dynamic library, and the calling information is information for loading files in the dynamic library; the file is any file in the dynamic library;
the first judging unit is used for judging whether the application program calling the dynamic library is legal or not;
the return unit is used for returning calling approval information to the application program when the judgment result is yes;
and the control unit is used for controlling the application program not to load the file in the dynamic library when the judgment result is negative.
7. The apparatus according to claim 6, wherein the first judging unit includes:
a first acquisition unit configured to acquire a signature of the application program;
the matching unit is used for matching the acquired signature of the application program with the signature of a legal application program stored in the dynamic library in advance;
if the matching is successful, judging that the matching is legal;
and if the matching fails, judging that the matching is illegal.
8. The apparatus of claim 7, wherein the first obtaining unit comprises:
a second obtaining unit, configured to obtain a Context object of the application program that calls the dynamic library;
and a third obtaining unit, configured to obtain a signature of the application from the obtained Context object of the application.
9. The apparatus of claim 8, wherein the second obtaining unit comprises:
and the second acquiring subunit is used for acquiring the Context object of the application program calling the dynamic library by a reflection technology.
10. The apparatus of claim 6, further comprising:
and the second judging unit is used for judging whether the dynamic library has the files required by the application program.
11. An electronic device, comprising a processor and a memory, the memory being connected to the processor via a bus, the memory being configured to store a program; the processor is used for calling the program stored in the memory through the bus and executing the following steps:
receiving calling information which is sent by an application program and used for calling a dynamic library, wherein the calling information is information for loading files in the dynamic library; the file is any file in the dynamic library;
judging whether the application program calling the dynamic library is legal or not;
if the judgment result is yes, returning calling approval information to the application program;
and if the judgment result is negative, controlling the application program not to load the file in the dynamic library.
12. A readable storage medium having stored thereon non-volatile program code executable by a processor, the program code causing the processor to perform the steps of:
receiving calling information which is sent by an application program and used for calling a dynamic library, wherein the calling information is information for loading files in the dynamic library; the file is any file in the dynamic library;
judging whether the application program calling the dynamic library is legal or not;
if the judgment result is yes, returning calling approval information to the application program;
and if the judgment result is negative, controlling the application program not to load the file in the dynamic library.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710442081.4A CN107256349B (en) | 2017-06-13 | 2017-06-13 | Method and device for preventing dynamic library from being stolen, electronic equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710442081.4A CN107256349B (en) | 2017-06-13 | 2017-06-13 | Method and device for preventing dynamic library from being stolen, electronic equipment and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107256349A CN107256349A (en) | 2017-10-17 |
| CN107256349B true CN107256349B (en) | 2020-02-28 |
Family
ID=60023984
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710442081.4A Expired - Fee Related CN107256349B (en) | 2017-06-13 | 2017-06-13 | Method and device for preventing dynamic library from being stolen, electronic equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107256349B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109995534B (en) * | 2017-12-29 | 2022-04-26 | 北京京东尚科信息技术有限公司 | Method and device for carrying out security authentication on application program |
| WO2019210471A1 (en) * | 2018-05-02 | 2019-11-07 | 无锡盈达聚力科技有限公司 | Data invoking method and data invoking apparatus |
| CN109597662B (en) * | 2018-11-08 | 2021-07-27 | 百度在线网络技术(北京)有限公司 | Method and device for calling non-public library in mobile terminal and electronic equipment |
| CN109992934A (en) * | 2019-04-10 | 2019-07-09 | 苏州浪潮智能科技有限公司 | A kind of response method, device, equipment and medium |
| CN111310131B (en) * | 2020-01-19 | 2022-11-04 | Oppo广东移动通信有限公司 | so library call processing method and device, electronic device and storage medium |
| CN111859415A (en) * | 2020-06-18 | 2020-10-30 | 上海艾麒信息科技有限公司 | Neural network model encryption system and method |
| CN113536242A (en) * | 2021-07-09 | 2021-10-22 | 深圳市元征未来汽车技术有限公司 | Dynamic library calling method and device, terminal equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104462956A (en) * | 2013-09-23 | 2015-03-25 | 安一恒通(北京)科技有限公司 | Method and device for acquiring control power of operating system |
| CN105653948A (en) * | 2014-11-14 | 2016-06-08 | 腾讯数码(深圳)有限公司 | Method and device for preventing malicious operation |
| CN106971098A (en) * | 2016-10-11 | 2017-07-21 | 阿里巴巴集团控股有限公司 | A kind of anti-method and its device for beating again bag |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6874139B2 (en) * | 2000-05-15 | 2005-03-29 | Interfuse Technology Corporation | Method and system for seamless integration of preprocessing and postprocessing functions with an existing application program |
| US7464270B2 (en) * | 2003-07-23 | 2008-12-09 | Microsoft Corporation | Application identification and license enforcement |
| US8850549B2 (en) * | 2009-05-01 | 2014-09-30 | Beyondtrust Software, Inc. | Methods and systems for controlling access to resources and privileges per process |
| CN103198244B (en) * | 2013-03-26 | 2016-06-29 | 北京深思数盾科技股份有限公司 | The method of protection dynamic link library |
| CN104268468B (en) * | 2014-09-25 | 2018-08-24 | 福建升腾资讯有限公司 | It is a kind of to the guard method of android system dynamic link library and system |
| CN106169046A (en) * | 2016-07-04 | 2016-11-30 | 北京金山安全软件有限公司 | Method and device for preventing message hook injection and terminal equipment |
-
2017
- 2017-06-13 CN CN201710442081.4A patent/CN107256349B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104462956A (en) * | 2013-09-23 | 2015-03-25 | 安一恒通(北京)科技有限公司 | Method and device for acquiring control power of operating system |
| CN105653948A (en) * | 2014-11-14 | 2016-06-08 | 腾讯数码(深圳)有限公司 | Method and device for preventing malicious operation |
| CN106971098A (en) * | 2016-10-11 | 2017-07-21 | 阿里巴巴集团控股有限公司 | A kind of anti-method and its device for beating again bag |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107256349A (en) | 2017-10-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107256349B (en) | Method and device for preventing dynamic library from being stolen, electronic equipment and readable storage medium | |
| US10104063B2 (en) | Android-based mobile equipment security protection method, and device | |
| CN109766479B (en) | Data processing method and device, electronic equipment and storage medium | |
| CN111149106B (en) | Apparatus and method for key authentication using multiple device certificates | |
| CN103631617A (en) | Method and device for unloading system application on terminal equipment | |
| CN105988805B (en) | Application management method and mobile terminal | |
| CN104640116B (en) | A kind of fraud text message means of defence and communication terminal | |
| CN107451488B (en) | Method and device for providing personal information and mobile terminal | |
| CN104580108A (en) | Information prompting method and system as well as server | |
| CN106548065B (en) | Application program installation detection method and device | |
| CN116662975A (en) | Password generation method and device, electronic equipment and storage medium | |
| CN103020528A (en) | Display method and display device for malicious acts of applications | |
| CN108228248A (en) | A kind of determining method and apparatus of dependence | |
| US9842018B2 (en) | Method of verifying integrity of program using hash | |
| CN112215593B (en) | Payment method, device, server and storage medium | |
| CN111062035B (en) | Lesu software detection method and device, electronic equipment and storage medium | |
| CN104125234A (en) | Method and system for dynamic image security verification | |
| CN106203087B (en) | Injection protection method, system, terminal and storage medium | |
| CN108965108B (en) | Message pushing method and related equipment | |
| CN106327187B (en) | Information processing method and device | |
| CN110413871B (en) | Application recommendation method and device and electronic equipment | |
| CN110175453B (en) | Method and device for judging cheating operation | |
| CN109271758B (en) | Method, equipment, device and server for preventing So file from being stolen | |
| CN110086637B (en) | Information personalized setting method, device, equipment and storage medium | |
| CN111383025B (en) | Method and device for forwarding wind control data and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200602 Address after: 310051 room 508, floor 5, building 4, No. 699, Wangshang Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: Alibaba (China) Co.,Ltd. Address before: 510627 Guangdong city of Guangzhou province Whampoa Tianhe District Road No. 163 Xiping Yun Lu Yun Ping radio square B tower 13 floor 03 unit self Patentee before: GUANGZHOU ALIBABA LITERATURE INFORMATION TECHNOLOGY Co.,Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20200228 Termination date: 20200613 |