Server-based code obfuscation scheme for APK tamper detection
- Authors
- 박유설; 이정현; 정진혁
- Issue Date
- Apr-2014
- Publisher
- John Wiley & Sons
- Keywords
- APK tamper detection; repackaging attack; code obfuscation; reverse engineering
- Citation
- Security and Communication Networks
- Journal Title
- Security and Communication Networks
- URI
- http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/10167
- DOI
- 10.1002/sec.936
- ISSN
- 1939-0114
- Abstract
- It is easy to decompile Android applications (or apps) owing to the structural characteristics of the app building process, but this ease makes them quite vulnerable to forgery or modification attacks. In particular, users may suffer direct financial loss if this vulnerability is exploited in security-critical private and business applications, such as online banking. One of the solutions to these problems is a code obfuscation technique. In this regard, DexGuard, which is based on ProGuard, which is integrated into the Android software development kit build system, has recently been introduced. Although DexGuard protects Android applications more effectively, an attacker is still able to analyze the hex code of a Dalvix Executable file. To resolve this weakness, we begin by analyzing the DexGuard tool from both a static and dynamic point of view. Our analysis reveals that DexGuard has some weaknesses. In this paper, we propose an obfuscation technique based on a client/server model with one-time secret key delivery using short message service or network protocol. The main concept is to store the core execute class file through obfuscation on the server, so when a program needs to execute core routines, it must request these routines from the server. In this way, we can protect Android apps from reverse engineering. Copyright (c) 2014 John Wiley & Sons, Ltd.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - College of Information Technology > School of Software > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/10167)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.