Mobile Device And Method Of Operating Mobile Device

    公开(公告)号:US20170147798A1

    公开(公告)日:2017-05-25

    申请号:US15105302

    申请日:2015-03-06

    IPC分类号: G06F21/14

    CPC分类号: G06F21/14 G06F21/72

    摘要: A mobile device and a method of operating a mobile device are disclosed. The mobile device includes a main processor executing a normal code of a mobile application program, a co-processor executing a core code of the mobile application program, and a co-processor driver enabling the main processor and the co-processor to communicate with each other. The normal code includes commands executable by the main processor, and the core code includes commands executable by the co-processor. Since the core code is separated from the mobile application program on a level lower than an operating system level when the mobile application program is installed on the mobile device and the core code is stored in a core code storage to which the main processor is not allowed to access directly, the core code is not exposed to an attacker, such that resistance to a reverse engineering attack is increased.

    INTEGRITY VERIFICATION SYSTEM USING REMOTE CODE EXECUTION AND METHOD THEREOF
    3.
    发明申请
    INTEGRITY VERIFICATION SYSTEM USING REMOTE CODE EXECUTION AND METHOD THEREOF 审中-公开
    使用远程代码执行的完整性验证系统及其方法

    公开(公告)号:US20170054693A1

    公开(公告)日:2017-02-23

    申请号:US15205342

    申请日:2016-07-08

    IPC分类号: H04L29/06 G06F21/60

    摘要: The integrity verification system includes a client and an RCE server. The client requests an RCE service to the RCE server using a pointer of a return function as a parameter of a service call function and transmits a memory code of the return function to the RCE server when Reverse-RCE for obtaining the memory code of the return function is requested from the RCE server. The RCE server generates a first hash key of the transmitted memory code, compares the first hash key to a stored second hash key of the memory code of an original return function, generates a return value according to a compared result between the first hash key and the second hash key and transmits the generated return value to the client using the generated return value as a parameter of the service call function. The client executes the return function using the return value as a parameter of the return function.

    摘要翻译: 完整性验证系统包括客户端和RCE服务器。 客户机使用返回函数的指针作为服务调用函数的参数向RCE服务器请求RCE服务,并且当用于获取返回的存储器代码的Reverse-RCE时,将返回函数的存储器代码发送到RCE服务器 功能请求从RCE服务器。 RCE服务器产生所发送的存储器代码的第一散列密钥,将第一散列密钥与原始返回函数的存储器代码的存储的第二散列密钥进行比较,根据第一散列密钥和 第二散列密钥,并使用生成的返回值作为服务调用函数的参数将生成的返回值发送给客户端。 客户端使用返回值作为返回函数的参数执行返回函数。

    Code Obfuscation Device Using Indistinguishable Identifier Conversion And Method Thereof
    6.
    发明申请
    Code Obfuscation Device Using Indistinguishable Identifier Conversion And Method Thereof 审中-公开
    使用不可区分的标识符转换的代码混淆设备及其方法

    公开(公告)号:US20160371473A1

    公开(公告)日:2016-12-22

    申请号:US15104310

    申请日:2015-03-06

    IPC分类号: G06F21/12 G06F21/14

    摘要: A code obfuscation device and a method of obfuscating a code of an application program file are disclosed. The code obfuscation device includes an extraction circuit uncompressing an application program file to extract a Dalvik executable file, a code analysis circuit analyzing a bytecode of the Dalvik executable file, a control circuit determining an obfuscation character and a number and a location of the obfuscation character to be inserted in the bytecode, and an identifier conversion circuit inserting the obfuscation character in the bytecode to convert an identifier of the bytecode. Since the identifier of the bytecode is converted using an obfuscation character, which corresponds to a character that is invisible on a screen or has a different Unicode from another character displayed on the screen as a same shape as the character, the application program file has an increased resistance to a reverse engineering attack.

    摘要翻译: 公开了一种代码混淆装置和一种混淆应用程序文件的代码的方法。 代码混淆装置包括解压缩应用程序文件以提取Dalvik可执行文件的提取电路,分析Dalvik可执行文件的字节码的代码分析电路,确定混淆字符的混合字符和数字和位置的控制电路 被插入到字节码中,以及标识符转换电路,在字节码中插入混淆字符来转换字节码的标识符。 由于使用模糊字符转换字符代码的标识符,该混淆字符对应于在屏幕上不可见或具有与屏幕上显示的另一个字符不同的Unicode的字符与字符相同的形状,所以应用程序文件具有 增加对逆向工程攻击的抵抗力。