如何防止资产文件在 APK 中进行逆向工程 [英] How to prevent Assets files from reverse engineering in APK

问题描述

我有一个与 Android 开发中的数据安全相关的问题.现在我正在一个应用程序中工作，我需要在资产文件夹中保留现有数据库，以便应用程序可以将其复制到内部可写位置，以避免在首次安装时从服务器下载大型数据库.但不幸的是，使用 APK 反编译工具可以查看包含此数据库文件的资产文件夹中的文件.有没有办法防止我的资产文件被反编译，以便在我的应用程序中确保数据安全.任何帮助将不胜感激.谢谢.

I've a question related to Data security in Android development. Right now i am working in an application where i need to keep an existing database in assets folder so App can copy it in to the internal writable location to avoid the large database download from server during first time installation. But unfortunately using APK decompiling tool one can view the files in assets folder included this database file. Is there a way to prevent my assets-files from being decompiled so Data security can be assured in my application. Any help would be highly appreciated. Thanks.

推荐答案

简单的答案是否定的.总会有一些方法让潜在的黑客可以做到这一点，尽管您可以通过使用一些加密"方案来增加难度，这意味着您可以使用一些特殊的密钥来加密您的数据，然后使用 key 您可以 encode 和 decode 你的数据所以更好的地方让事情更安全是 nactive libs 意味着你使用 native(c,c++) 代码应该包含您的敏感数据并生成 libs，通过这样做，您将添加另一层加密，因为本机库的反向工程本机形式非常难以阅读.

Simple answer is no . there will always be some way where a potential hacker can do it's tricks though you can make it harder by using some 'encryption' schemes mean you can encrypt your data with some special key,then with the key you can encode and decode your data so better place to keep things more secure is nactive libs means you using native(c,c++) code which should contain your sensitive data and generate libs, by doing this you are adding an another layer of encryption because reverse engineered native form of native libs are quite hard to read.

这篇关于如何防止资产文件在 APK 中进行逆向工程的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！