In an Android system, to avoid rampant pirated software, Google has developed an Android signature mechanism. The Android signature mechanism indicates an issuer of an Android client application. It is judged, by comparing the signature of a client application, whether a client application is “officially” issued or is “pirated software” which is tampered, re-signed and packaged by a cracker.
The Android system requires that each application installed into the system is signed by a digital certificate, and the private key of the digital certificate is stored by a program developer. In the Android system, the digital certificate is used for identifying an author of an application and establishing a trust relationship between applications, and not used for determining which applications may be installed by an end user. This digital certificate is not required to be certified by an authoritative digital certificate signature mechanism, and is merely used for allowing an application package to realize self-certification.
A client application package signed by an Android signature tool additionally contains a folder of META-INF containing encryption information, and other files would not be changed. Thus, the original signature information may be easily removed, the application package is cracked, and the code is tampered to generate malicious software which is re-signed. As a result, the interest of a developer is damaged, and even the security of both a mobile phone and a network is threatened.
To further safeguard the copyright interest of developers, prevent rampant pirated software and protect the security of applications in an Android system, developers have made some improvements to increase the difficulty of decompiling of an application package of an Android client. At present, a solution intended to solve pirated applications in an Android system has been proposed. The solution is as follows: a service provider provides a local service unit (e.g., a local service program), and the local service program, serving as a native service, is simultaneously launched together with the Android system and then run always in the background; the local service program provides functions such as memory encryption, file encryption, and remote call of a function on a cloud server side; and the Android client application calls an interface provided by the local service program to perform encryption transformation to a key value (e.g., a gold coin value in an application like a game), a key file, a key code and the like via the local service program. When a client application is running, according to the calling requirements of the client application, the encrypted object is decrypted in real time by the local service program. In this way, it is difficult to perform decompiling and static analysis to the client application, and the effective protection to an application in the Android system is thus realized.
During this process, the key value and key code of the client application are stored in a cloud server side via the local service program. When the client application stores or acquires a key value or the like to or from the cloud server side, it is required to call a remote (cloud server side) calling interface of the local service program, and then perform communication to the cloud server side by the local service program. The local service program serves as a transfer station between the client application and the cloud server side and plays a role of a bridge connecting the two sides.
However, if some malicious client applications use an existing local service program to continuously perform malicious operations to the cloud server side (for example, continuously store gold coins to the cloud server side or acquire some key values) to gain benefits, the local service program is unable to distinguish whether those client applications are client applications downloaded through a formal channel or malicious client applications compiled by a user himself. Therefore, there is such a demand of providing a method which can judge whether an Android client application is replaced, in order to stop the execution of a malicious client application in time, and to prevent the application codes of the client application from being maliciously tampered.