Bangcle en-game
Transcript of Bangcle en-game
Dedicate to Mobile APP Dedicate to Mobile APP Security Security By Jayson Li 2014-11-25By Jayson Li 2014-11-25
Sales Contact: [email protected] or [email protected]
About BANGCLE
By Oct. 2014:
240,000 Android Apps30,000 Mobile Developers300,000,000 Smartphones
2010-5 series A round from IDG
2014-5 series C round from SIG
Certified Mobile Firewall Product Vendor in
China IEEE ICSG member
Member of ANVA Certified Android App Security Vendor in China
2012–2014 Business
Growth 100%2012–2014 Business
Growth 100%
2013-4 series B round from IDG 、 Redpoint
2013-4 series B round from IDG 、 Redpoint
Before releasing security evaluation and shielding
APP Distribution Management
APP Distribution Management
Programming Security
Programming Security
Source Code
Protection
Source Code
Protection
Fishing App MonitoringFishing App Monitoring
App Management•Data collection •Environment monitor •Security Early Warning •Message Pushing
App Management•Data collection •Environment monitor •Security Early Warning •Message Pushing
Penetration Report
Penetration Report
Code Auditing Report
Code Auditing Report
App Distribution
Report
App Distribution
Report
Competitor Report
Competitor Report
Piracy Monitoring
Piracy Monitoring
App Monitor/Early warning
Assist to upload to download
sites
Assist to upload to download
sites
Pirated/fishing App Removing Pirated/fishing App Removing
Data Security
Data Security
Environment Security
Environment Security
Business Security Business Security
Storage Protection
Storage Protection
Data Protection
Data Protection
Protocol Protection Protocol
Protection Environment Monitoring
Environment Monitoring
Source Code Audit (White-box)
App Penetration Service
(Black-Box)
Symmetric Encryption
White-box cryptography + AES technology
USA federal government standard
IBM, Arxan, InterTrust etc
Hack TechnologyCurrent Solution on
Android PlatformBangcle Defend Best Practices on Android
Reverse Engineering Code obfuscation Code Encryption Anti Reverse Engineering App Integrity Check Anti tampering
Debugging N/A Anti-Debugging Low level trap detection Memory monitoring and detection Self Protection Reactivate when App is compromised
Illegal Data Copy Encrypt key can be easy found by disassemble Apk
Transparent Strong Encryption Combined with code encryption Encrypt key secured by white-box
technology Bind IMEI with Encrypt key Prevent data file being copied out
Mobile App Game Developers
Mobile Banking App Developers
Black-Box
Cloud USA5 – 10 Minutes
No code change neededUpload AppCloud Shielding (5-10 minutes)Download AppSign Apps -> Test -> Release
Competitors
V0.5 Code Obfuscation
VS.JAVA Class
Loader
VS.JAVA VIM
VS.CPU VIM
SO Protection
Local Data ProtectionUnity Script Protection
VS.
BANGCLE
Crawlers
Data Analysis
Data Storage
App Similarity Analysis EngineApp Similarity
Analysis Engine
Report Generator
APK
310 Download site
Information
App Distribution Monitor Report
Web
Question 1 : What are AppShield impact to App performance and compatibility?
Answer: Result from over 30,000 App and 150 different smartphones in China, USA, EU, Japan,
Korea, HK, TW
Apk size increased 800k - 2000k depend on App and security levels CPU usage increase 2% ~ 8% Memory usage increase 4% ~ 10% APP start up time increase 0.1s ~ 0.9s No compatibility issue for majority brand cellphones Support ARM, x86
Question 2 : How long it will take us to shield an App?
Answer: Within 15 minutes. However, normal processing time is less than 10
minutes include virus scan service Question 3 : Can you secure Apk SO, log, audio and other resource files ?
Answer: Yes. We can manually encrypt them
Question 4: How can we try it?
Answer:Yes. You can try a non commercial version Appshield in www.secneo.com or send your
request to [email protected] for a banking grade security product and service.
①. Perfectly Mudded Apps
In 2012, it’s hard to find such perfect hacked App with all original App’s features. Today, you can find them everywhere
②. Free Gold Coin Mudded Games It’s the games killer. “Flappy Bird”’s challenge attracted millions players but a game without challenge wouldn’t last long
③. Standard Mobile Game Cheats Tools
There are 25 different Cheats tools in the market include: Freedom, GameGardian, HaXplorer, etc. Many of them combine memory modification and speeding control feature.
④. Game Specific Mobile Game Cheats Tools
This is the game killing machine. It can be found anywhere includes Youtube or sold in eBay, Taobao and others market.
⑤. Mobile Game Grade Upgrading-Service and trading
It’s very popular and big business in Japan, China, Korea and Taiwan. Cheaters use cheats tools to upgrading player’s grade without paying a dime. Players pay by the each game level
⑥. Cracked Mobile Game Servers
If you’ve seen over 2000 “Cracked Minecraft Servers”, you wouldn’t be surprised seeing fast growing cracked mobile game servers in 2014. Typical example is “Heroes Fantasy”’: www.hxyxsf.com/down.html
⑨. Mobile Source Code Market
What you don’t know is that under the table people trading reversed game source code.
⑩. Mobile Game Re-packers
Mobile game re-packers are making more money than some original game developers. The cost for re-packers almost nothing: hack, repack then uploading to 200+ download sites.
⑧. Mobile Game Parts Market
Never heard of it? You may find those cost your million’s dollars created UI, pictures, sounds documents sold in market of 5 dollars. Mobile game junk yard business is growing faster market
⑦. PC Virtual Machine Cheats
This is the popular way of using PC software for skilled players to cheat
Name Log Version Types Notes
Freedom 1.0.6 Hack Google Play iAP Tool
DaX Atk 2.0.5 App Memory Modification Tool
GameBooster 2.0.4 Game Speed Control Tool Modify System Speed
GameCIH 3.0.0 App Memory Modification and Speed Control Tool Modify Frequency Speed
Game Guardian 6.0.5 App Memory Modification
HaXplorer 3.3.1 App Memory Modification
GameCIH2 2.2.3 App Memory Modification
Name Logo Version Type Notes
八门神器 2.61 App Memory Modification Tool
烧饼修改器 3.1 App Memory Modification and Speed Control ToolModify Frequency Speed
变形金刚修改器 2.6.3 App Memory Modification Tool
烧饼免 root 修改器 4.0 App Memory Modification and Speed Control ToolModify Frequency Speed
安卓游戏加速器 1.2.8 Speed Control ToolModify Frequency Speed
安卓游戏助手 1.3 Speed Control ToolModify Frequency Speed
葫芦侠
2.6.5 App Memory Modification and Speed Control ToolModify Frequency Speed
Name Logo Version Type Notes
游戏助手 2.1.1 App Memory Modification Tool
泡椒修改器 5.5.1 App Memory Modification Tool
手机游侠 1.8.9 App Memory Modification and Speed Control Tool Modify Frequency Speed
天天游戏加速器 2.2.0 Speed Control Tool Modify System Speed
游戏加速器 2.2.0 Speed Control Tool Modify System Speed
游戏加速精灵 1.0.5 Speed Control Tool Modify Frequency Speed
游戏加速器 1.3 Speed Control Tool Modify System Speed
You spend millions on App security but still got hacked
Your App has many users but few paying
You spend more money on security issue than paying third party professionals
Your developers spend more time on security than writing codes
Your QA spending over 15% testing time on App security
You have to give up a million-dollars game design because of game security control problem
When you choose game engines, security is the top concern
Your developers think they can defeat Hackers
www.secneo.com
THANK YOUTHANK YOUSales Contact: [email protected] or [email protected]