Android杀毒实现原理及实例
2011-10-30 19:12
405 查看
一个杀毒软甲最核心的部分一个是病毒库一个是杀毒引擎,病毒库从服务器中获得,杀毒引擎实际上是判断程序中的包名和签名是否匹配病毒库中的包名和签名,如果匹配则为病毒,界面使用帧动画来显示。
思路:
1.从服务器端把病毒的版本库信息下载下来将解析的数据存放到List集合中
2.获取到手机中所有应用程序的包名以及程序的签名
3.将病毒库匹配手机应用程序包名及签名
4.用ScrollView标签进行自动滚动显示
关键代码如下:
特洛伊木马病毒库的信息:
view
plain
<?xml version="1.0" encoding="utf-8"?>
<list>
<virus>
<name>tory.virus</name>
<packname>
cn.itcast.virus
</packname>
<description>
恶意软件,读取用户日志</description>
<signature>
3082020730820170a00302010202044ea7598f300d06092a864886f70d010105050030483
10a30080603550406130131310a30080603550408130131310a3008060355040713013131
0a3008060355040a130131310a3008060355040b130131310a30080603550403130131301
e170d3131313032363030353132375a170d3231313032333030353132375a3048310a3008
0603550406130131310a30080603550408130131310a30080603550407130131310a30080
60355040a130131310a3008060355040b130131310a3008060355040313013130819f300d
06092a864886f70d010101050003818d0030818902818100d915d7a98cde8bcd69b87ec52
11012ace847de42129a71bf679a059c2c55e893bc0ea886874432ab8b9097724211df6769
eacd3381ccac779ab7422d8101320b1e0b14e06ac8ee095b20e52cbe6163e10a87dc410b8
a91fb73d53c5bdb4a22d1295c61e04b8f8b68c475e69c1754a1dc35745e7c6ae0275c2620
b863b0d9ea8f0203010001300d06092a864886f70d01010505000381810038e1119fbb710
4180fddba4bc8b2c275df63f0df418b7480d8eba2891da20d34d3d083cfed7bb3eb546863
c76bc67cc93f2fa0e9377c470881c9a763c99cc035093184bb50f76e74155592eca3566a3
10af55e5fec19d6fdc1a74f226aef485f84389126e8e3f4b59fe2797cbfcac660b9f2cc81
e6f3dcaa7cb2001ecc496a7b
</signature>
</virus>
</list>
杀毒引擎:
view
plain
/*
* 杀毒引擎(下载病毒库、获取程序的包名及签名并进行匹配)
* (non-Javadoc)
* @see android.app.Activity#onTouchEvent(android.view.MotionEvent)
*/
@Override
public boolean onTouchEvent(MotionEvent event) {
packagenames = new ArrayList<String>();
virusResult = new ArrayList<String>();
infos = new ArrayList<ApplicationInfo>();
animationDrawable.start();//播放扫描病毒的动画
new Thread(){
@Override
public void run() {
try {
URL url = new URL("http://192.168.1.168:8080/virus.xml");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
InputStream is = conn.getInputStream();
//从服务器解析病毒库并获取到病毒库的集合
virusbeans = VirusInfo.getVirusInfos(is);
TaskInfo taskInfo = new TaskInfo(KillVirusActivity.this); //实例化包资源管理器
//获取到当前手机里面所有的包名
infos = pm.getInstalledApplications(0);
for(ApplicationInfo info : infos ){
packagenames.add(info.packageName);
}
int count=0;
// 杀毒引擎 根据病毒库 比对当前系统里面的程序包名 签名进行 杀毒
StringBuilder sb = new StringBuilder();
for(String packname : packagenames){
sb.append("正在扫描 "+ packname);
sb.append("\n");
Message msg = new Message();
msg.what = SCANNING;
msg.obj = sb;
handler.sendMessage(msg);
//检查当前的packname 和对应签名 是不是跟病毒库里面的信息一样
for(VirusBean virusbean : virusbeans){
if(packname.equals(virusbean.getPackname())&&
taskInfo.getAppSignature(packname).equals(virusbean.getSignature()))
{
virusResult.add(packname);//添加一个病毒
}
}
count ++;//记录病毒的总数
}
Message msg = new Message();
msg.what = SCANNING_FINISH;
msg.obj = count;
handler.sendMessage(msg);
} catch (Exception e) {
e.printStackTrace();
}
}
}.start();
return super.onTouchEvent(event);
}
显示病毒扫描信息:
view
plain
Handler handler = new Handler(){
@Override
public void handleMessage(Message msg) {
super.handleMessage(msg);
switch (msg.what) {
case SCANNING:
StringBuilder sb = (StringBuilder) msg.obj;
tv_killvirus_info.setText(sb.toString());
sv.scrollBy(0, 25);//每次增加都会自动向下移动画面
break;
case SCANNING_FINISH:
int i = (Integer) msg.obj;
StringBuilder sb1 = new StringBuilder();
sb1.append("扫描完毕 共扫描 "+ i+ " 个程序");
if(virusResult.size()>0){
sb1.append("发现病毒 \n");
for(String packname : virusResult){
sb1.append("病毒名"+ packname);
sb1.append("\n");
}
}
tv_killvirus_info.setText(sb1.toString());
animationDrawable.stop();
break;
}
}
};
获取到程序的签名:
view
plain
/*
* 获取程序的签名
*/
public String getAppSignature(String packname){
try {
PackageInfo packinfo =pm.getPackageInfo(packname, PackageManager.GET_SIGNATURES);
//获取到所有的权限
return packinfo.signatures[0].toCharsString();
} catch (NameNotFoundException e) {
e.printStackTrace();
return null;
}
}
显示扫描的文件页面并自动滚动:
view
plain
<ScrollView
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_below="@id/iv_killvirus_am"
android:id="@+id/sv_killvirus"
>
<TextView
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:id="@+id/tv_killvirus_info"
></TextView>
</ScrollView>
思路:
1.从服务器端把病毒的版本库信息下载下来将解析的数据存放到List集合中
2.获取到手机中所有应用程序的包名以及程序的签名
3.将病毒库匹配手机应用程序包名及签名
4.用ScrollView标签进行自动滚动显示
关键代码如下:
特洛伊木马病毒库的信息:
view
plain
<?xml version="1.0" encoding="utf-8"?>
<list>
<virus>
<name>tory.virus</name>
<packname>
cn.itcast.virus
</packname>
<description>
恶意软件,读取用户日志</description>
<signature>
3082020730820170a00302010202044ea7598f300d06092a864886f70d010105050030483
10a30080603550406130131310a30080603550408130131310a3008060355040713013131
0a3008060355040a130131310a3008060355040b130131310a30080603550403130131301
e170d3131313032363030353132375a170d3231313032333030353132375a3048310a3008
0603550406130131310a30080603550408130131310a30080603550407130131310a30080
60355040a130131310a3008060355040b130131310a3008060355040313013130819f300d
06092a864886f70d010101050003818d0030818902818100d915d7a98cde8bcd69b87ec52
11012ace847de42129a71bf679a059c2c55e893bc0ea886874432ab8b9097724211df6769
eacd3381ccac779ab7422d8101320b1e0b14e06ac8ee095b20e52cbe6163e10a87dc410b8
a91fb73d53c5bdb4a22d1295c61e04b8f8b68c475e69c1754a1dc35745e7c6ae0275c2620
b863b0d9ea8f0203010001300d06092a864886f70d01010505000381810038e1119fbb710
4180fddba4bc8b2c275df63f0df418b7480d8eba2891da20d34d3d083cfed7bb3eb546863
c76bc67cc93f2fa0e9377c470881c9a763c99cc035093184bb50f76e74155592eca3566a3
10af55e5fec19d6fdc1a74f226aef485f84389126e8e3f4b59fe2797cbfcac660b9f2cc81
e6f3dcaa7cb2001ecc496a7b
</signature>
</virus>
</list>
杀毒引擎:
view
plain
/*
* 杀毒引擎(下载病毒库、获取程序的包名及签名并进行匹配)
* (non-Javadoc)
* @see android.app.Activity#onTouchEvent(android.view.MotionEvent)
*/
@Override
public boolean onTouchEvent(MotionEvent event) {
packagenames = new ArrayList<String>();
virusResult = new ArrayList<String>();
infos = new ArrayList<ApplicationInfo>();
animationDrawable.start();//播放扫描病毒的动画
new Thread(){
@Override
public void run() {
try {
URL url = new URL("http://192.168.1.168:8080/virus.xml");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
InputStream is = conn.getInputStream();
//从服务器解析病毒库并获取到病毒库的集合
virusbeans = VirusInfo.getVirusInfos(is);
TaskInfo taskInfo = new TaskInfo(KillVirusActivity.this); //实例化包资源管理器
//获取到当前手机里面所有的包名
infos = pm.getInstalledApplications(0);
for(ApplicationInfo info : infos ){
packagenames.add(info.packageName);
}
int count=0;
// 杀毒引擎 根据病毒库 比对当前系统里面的程序包名 签名进行 杀毒
StringBuilder sb = new StringBuilder();
for(String packname : packagenames){
sb.append("正在扫描 "+ packname);
sb.append("\n");
Message msg = new Message();
msg.what = SCANNING;
msg.obj = sb;
handler.sendMessage(msg);
//检查当前的packname 和对应签名 是不是跟病毒库里面的信息一样
for(VirusBean virusbean : virusbeans){
if(packname.equals(virusbean.getPackname())&&
taskInfo.getAppSignature(packname).equals(virusbean.getSignature()))
{
virusResult.add(packname);//添加一个病毒
}
}
count ++;//记录病毒的总数
}
Message msg = new Message();
msg.what = SCANNING_FINISH;
msg.obj = count;
handler.sendMessage(msg);
} catch (Exception e) {
e.printStackTrace();
}
}
}.start();
return super.onTouchEvent(event);
}
显示病毒扫描信息:
view
plain
Handler handler = new Handler(){
@Override
public void handleMessage(Message msg) {
super.handleMessage(msg);
switch (msg.what) {
case SCANNING:
StringBuilder sb = (StringBuilder) msg.obj;
tv_killvirus_info.setText(sb.toString());
sv.scrollBy(0, 25);//每次增加都会自动向下移动画面
break;
case SCANNING_FINISH:
int i = (Integer) msg.obj;
StringBuilder sb1 = new StringBuilder();
sb1.append("扫描完毕 共扫描 "+ i+ " 个程序");
if(virusResult.size()>0){
sb1.append("发现病毒 \n");
for(String packname : virusResult){
sb1.append("病毒名"+ packname);
sb1.append("\n");
}
}
tv_killvirus_info.setText(sb1.toString());
animationDrawable.stop();
break;
}
}
};
获取到程序的签名:
view
plain
/*
* 获取程序的签名
*/
public String getAppSignature(String packname){
try {
PackageInfo packinfo =pm.getPackageInfo(packname, PackageManager.GET_SIGNATURES);
//获取到所有的权限
return packinfo.signatures[0].toCharsString();
} catch (NameNotFoundException e) {
e.printStackTrace();
return null;
}
}
显示扫描的文件页面并自动滚动:
view
plain
<ScrollView
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_below="@id/iv_killvirus_am"
android:id="@+id/sv_killvirus"
>
<TextView
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:id="@+id/tv_killvirus_info"
></TextView>
</ScrollView>
相关文章推荐
- Android杀毒实现原理及实例
- Android杀毒实现原理及实例
- Android杀毒实现原理及实例
- Android杀毒实现原理及实例
- Android杀毒实现原理及实例
- Android杀毒实现原理及实例
- Android编程之杀毒的实现原理及具体实例
- Android中悬浮窗口的实现原理实例分析
- Android 总结:自定义键盘实现原理和三种实例详解
- Android 总结:自定义键盘实现原理和三种实例详解
- Android中Scroller实现弹性滑动的原理和实例应用
- 【Android开发】如何实现android和服务器长连接呢?推送消息的原理
- Android 学习笔记之WebService实现远程调用+内部原理分析...
- 【Android应用开发】-(19)Android 串口编程原理和实现方式
- Android中实现开机自动启动服务(service)实例
- (一)Java EE 5实现Web服务(Web Services)及多种客户端实例-原理
- Android 四大组件 Service实现原理以及AIDL语言的使用详解
- Android控件TextView的实现原理分析
- 实例讲解Android中如何实现图片的异步加载功能
- Android实现三级联动下拉框 下拉列表spinner的实例代码