本篇文章來源於 Linux公社網站(www.linuxidc.com) 原文連結:http://www.linuxidc.com/Linux/2011-10/46257.htm
純屬起個拋磚引玉的作用,還望有過這方面研究的同學拍磚!
一個殺毒軟甲最核心的部分一個是病毒庫一個是殺毒引擎,病毒庫從伺服器中獲得,殺毒引擎實際上是判斷程式中的包名和簽名是否匹配病毒庫中的包名和簽名,如果匹配則為病毒,介面使用幀動畫來顯示。
思路:
1.從伺服器端把病毒的版本庫資訊下載下來將解析的資料存放到List集合中
2.擷取到手機中所有應用程式的包名以及程式的簽名
3.將病毒庫匹配手機應用程式套件組合名及簽名
4.用ScrollView標籤進行自動滾動顯示
關鍵代碼如下:
特洛伊木馬病毒庫的資訊:
<?xml version="1.0" encoding="utf-8"?>
<list>
<virus>
<name>tory.virus</name>
<packname>
cn.itcast.virus
</packname>
<description>
惡意軟體,讀取使用者日誌</description>
<signature>
3082020730820170a00302010202044ea7598f300d06092a864886f70d010105050030483
10a30080603550406130131310a30080603550408130131310a3008060355040713013131
0a3008060355040a130131310a3008060355040b130131310a30080603550403130131301
e170d3131313032363030353132375a170d3231313032333030353132375a3048310a3008
0603550406130131310a30080603550408130131310a30080603550407130131310a30080
60355040a130131310a3008060355040b130131310a3008060355040313013130819f300d
06092a864886f70d010101050003818d0030818902818100d915d7a98cde8bcd69b87ec52
11012ace847de42129a71bf679a059c2c55e893bc0ea886874432ab8b9097724211df6769
eacd3381ccac779ab7422d8101320b1e0b14e06ac8ee095b20e52cbe6163e10a87dc410b8
a91fb73d53c5bdb4a22d1295c61e04b8f8b68c475e69c1754a1dc35745e7c6ae0275c2620
b863b0d9ea8f0203010001300d06092a864886f70d01010505000381810038e1119fbb710
4180fddba4bc8b2c275df63f0df418b7480d8eba2891da20d34d3d083cfed7bb3eb546863
c76bc67cc93f2fa0e9377c470881c9a763c99cc035093184bb50f76e74155592eca3566a3
10af55e5fec19d6fdc1a74f226aef485f84389126e8e3f4b59fe2797cbfcac660b9f2cc81
e6f3dcaa7cb2001ecc496a7b
</signature>
</virus>
</list>
殺毒引擎:
/*
* 殺毒引擎(下載病毒庫、擷取程式的包名及簽名並進行匹配)
* (non-Javadoc)
* @see Android.app.Activity#onTouchEvent(android.view.MotionEvent)
*/
@Override
public boolean onTouchEvent(MotionEvent event) {
packagenames = new ArrayList<String>();
virusResult = new ArrayList<String>();
infos = new ArrayList<ApplicationInfo>();
animationDrawable.start();//播放掃描病毒的動畫
new Thread(){
@Override
public void run() {
try {
URL url = new URL("http://192.168.1.168:8080/virus.xml");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
InputStream is = conn.getInputStream();
//從伺服器解析病毒庫並擷取到病毒庫的集合
virusbeans = VirusInfo.getVirusInfos(is);
TaskInfo taskInfo = new TaskInfo(KillVirusActivity.this); //執行個體化包資源管理員
//擷取到當前手機裡面所有的包名
infos = pm.getInstalledApplications(0);
for(ApplicationInfo info : infos ){
packagenames.add(info.packageName);
}
int count=0;
// 殺毒引擎 根據病毒庫 比對當前系統裡面的程式包名 簽名進行 殺毒
StringBuilder sb = new StringBuilder();
for(String packname : packagenames){
sb.append("正在掃描 "+ packname);
sb.append("\n");
Message msg = new Message();
msg.what = SCANNING;
msg.obj = sb;
handler.sendMessage(msg);
//檢查當前的packname 和對應簽名 http://www.linuxidc.com是不是跟病毒庫裡面的資訊一樣
for(VirusBean virusbean : virusbeans){
if(packname.equals(virusbean.getPackname())&&
taskInfo.getAppSignature(packname).equals(virusbean.getSignature()))
{
virusResult.add(packname);//添加一個病毒
}
}
count ++;//記錄病毒的總數
}
Message msg = new Message();
msg.what = SCANNING_FINISH;
msg.obj = count;
handler.sendMessage(msg);
} catch (Exception e) {
e.printStackTrace();
}
}
}.start();
return super.onTouchEvent(event);
}
顯示病毒掃描資訊:
Handler handler = new Handler(){
@Override
public void handleMessage(Message msg) {
super.handleMessage(msg);
switch (msg.what) {
case SCANNING:
StringBuilder sb = (StringBuilder) msg.obj;
tv_killvirus_info.setText(sb.toString());
sv.scrollBy(0, 25);//每次增加都會自動向下移動畫面
break;
case SCANNING_FINISH:
int i = (Integer) msg.obj;
StringBuilder sb1 = new StringBuilder();
sb1.append("掃描完畢 共掃描 "+ i+ " 個程式");
if(virusResult.size()>0){
sb1.append("發現病毒 \n");
for(String packname : virusResult){
sb1.append("病毒名"+ packname);
sb1.append("\n");
}
}
tv_killvirus_info.setText(sb1.toString());
animationDrawable.stop();
break;
}
}
};
擷取到程式的簽名:
/*
* 擷取程式的簽名
*/
public String getAppSignature(String packname){
try {
PackageInfo packinfo =pm.getPackageInfo(packname, PackageManager.GET_SIGNATURES);
//擷取到所有的許可權
return packinfo.signatures[0].toCharsString();
} catch (NameNotFoundException e) {
e.printStackTrace();
return null;
}
}
顯示掃描的檔案頁面並自動滾動:
<ScrollView
Android:layout_width="wrap_content"
Android:layout_height="wrap_content"
Android:layout_below="@id/iv_killvirus_am"
Android:id="@+id/sv_killvirus"
>
<TextView
Android:layout_width="wrap_content"
Android:layout_height="wrap_content"
Android:id="@+id/tv_killvirus_info"
></TextView>
</ScrollView>
PS:再次嘮叨下,本文只是起拋磚引玉只用,還望有這方面經驗的朋友不吝賜教,共同進步,大家發財!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
