×

Method and device for identifying virus APK

  • US 10,152,594 B2
  • Filed: 02/23/2017
  • Issued: 12/11/2018
  • Est. Priority Date: 03/21/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method for identifying virus Android application package file (APK), comprising:

  • presetting a virus database comprising virus characteristic codes, wherein the presetting the virus database further including;

    scanning an executable file in a source APK,extracting specific data from the executable file in the source APK,determining whether the specific data contain virus information, wherein the specific data include header information of the executable file, constants in a constant pool of the executable file, or operation instructions in the executable file,in response to a determination that the specific data in the executable file contain virus information, generating the virus characteristic codes, wherein the generating the virus characteristic codes further comprises;

    generating the virus characteristic codes using an instruction set in a classes.dex file and a JAR file in the source APK,generating the virus characteristic codes using a specific opcode in the classes.dex file and the JAR file in the source APK and a character string or wildcard of its operand, orgenerating the virus characteristic codes using the instruction set in the classes.dex file in the source APK, the specific opcode in the classes.dex file in the source APK and the character string or wildcard of its operand, andstoring the generated virus characteristic codes to the virus database;

    detecting that a designated file in a target APK contains at least one of the generated virus characteristic codes; and

    determining that the target APK is a virus APK.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×