Server-based code obfuscation scheme for APK tamper detection
DC Field | Value | Language |
---|---|---|
dc.contributor.author | 박유설 | - |
dc.contributor.author | 이정현 | - |
dc.contributor.author | 정진혁 | - |
dc.date.available | 2018-05-09T11:17:59Z | - |
dc.date.created | 2018-04-18 | - |
dc.date.issued | 2014-04 | - |
dc.identifier.issn | 1939-0114 | - |
dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/10167 | - |
dc.description.abstract | It is easy to decompile Android applications (or apps) owing to the structural characteristics of the app building process, but this ease makes them quite vulnerable to forgery or modification attacks. In particular, users may suffer direct financial loss if this vulnerability is exploited in security-critical private and business applications, such as online banking. One of the solutions to these problems is a code obfuscation technique. In this regard, DexGuard, which is based on ProGuard, which is integrated into the Android software development kit build system, has recently been introduced. Although DexGuard protects Android applications more effectively, an attacker is still able to analyze the hex code of a Dalvix Executable file. To resolve this weakness, we begin by analyzing the DexGuard tool from both a static and dynamic point of view. Our analysis reveals that DexGuard has some weaknesses. In this paper, we propose an obfuscation technique based on a client/server model with one-time secret key delivery using short message service or network protocol. The main concept is to store the core execute class file through obfuscation on the server, so when a program needs to execute core routines, it must request these routines from the server. In this way, we can protect Android apps from reverse engineering. Copyright (c) 2014 John Wiley & Sons, Ltd. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | John Wiley & Sons | - |
dc.relation.isPartOf | Security and Communication Networks | - |
dc.title | Server-based code obfuscation scheme for APK tamper detection | - |
dc.type | Article | - |
dc.identifier.doi | 10.1002/sec.936 | - |
dc.type.rims | ART | - |
dc.identifier.bibliographicCitation | Security and Communication Networks | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000372410800002 | - |
dc.identifier.scopusid | 2-s2.0-84959272528 | - |
dc.citation.title | Security and Communication Networks | - |
dc.contributor.affiliatedAuthor | 이정현 | - |
dc.type.docType | Article | - |
dc.description.isOpenAccess | N | - |
dc.subject.keywordAuthor | APK tamper detection | - |
dc.subject.keywordAuthor | repackaging attack | - |
dc.subject.keywordAuthor | code obfuscation | - |
dc.subject.keywordAuthor | reverse engineering | - |
dc.description.journalRegisteredClass | scie | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Soongsil University Library 369 Sangdo-Ro, Dongjak-Gu, Seoul, Korea (06978)02-820-0733
COPYRIGHT ⓒ SOONGSIL UNIVERSITY, ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.