1. Field of the Invention
The present invention relates to a method and an apparatus for detecting a tampered application. More particularly, the present invention relates to a method for detecting a tampered application after installation of an application, and an apparatus thereof.
2. Description of the Related Art
In recent years, as a smart phone is supplied, use of various types of applications have actively increased in the smart phone. The application may be installed by a user or a device provider in a terminal such as a smart phone. The installed application may be executed according to an execution command of a user or other environments after this.
FIG. 1 is a diagram illustrating a procedure of installing and executing an application by a terminal using an Android operating system according to the related art.
Referring to FIG. 1, a MediaHub.apk 105 package is installed in step 140. A signature verification module 110 of the Android operating system verifies a signature of the MediaHub.apk 105 package. After the signature is verified, the terminal stores an optimized execution code 115 extracted from a corresponding application package in step 150. In this case, the optimized executed code may be configured by an odex format.
After configuring the optimized executed code by the odex format, a user 120 inputs an execution command with respect to a Media Hub application 125 in step 160. The execution command with respect to a Media Hub application 125 is transferred to a dalvik virtual machine 130 of Android in step 170. The dalvik virtual machine 130 of the Android loads an execution code 115 of an odex format to execute the Media Hub application 125 in step 180. In the foregoing way, the user may install an application and then execute the application.
Applications of the smart phone provide a convenient function to a user. However, a maliciously tampered application may download unwanted information to the smart phone and damage the phone or applications installed on it. An application providing contents such as music, images, or e-book uses Digital Rights Management (DRM) for protecting copyright. The maliciously tampered application may incapacitate a copyright protection function such as DRM.
To prevent execution of a tampered application in the smart phone, when installing the application, an Android operating system performs a signature verification procedure. However, after the application is installed, when the execution code 115 is tampered, there is a problem that detection of the tampered execution code or execution of the tampered execution code cannot be interrupted.