Mobile application tamper detection scheme using dynamic code injection against repackaging attacks
DC Field | Value | Language |
---|---|---|
dc.contributor.author | CHO, HAEHYUN | - |
dc.contributor.author | Bang, Jiwoong | - |
dc.contributor.author | Ji, Myeongju | - |
dc.contributor.author | Yi, Jeong Hyun | - |
dc.date.available | 2018-05-09T02:25:38Z | - |
dc.date.created | 2018-04-17 | - |
dc.date.issued | 2016-09 | - |
dc.identifier.issn | 0920-8542 | - |
dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/7512 | - |
dc.description.abstract | The Android platform, with a large market share from its inclusive openness, faces a big problem with repackaging attacks, because reverse engineering is made easy due to the signature method that allows self-sign and also due to application structure. A repackaging attack is a method of attack, where an attacker with malicious intent alters an application distributed on the market to then redistribute it. The attacker injects into the original application illegal advertisement or malicious code that extracts personal information, and then redistributes the app. To protect against such repackaging attacks, obfuscation methods and tampering detection schemes to prevent application analysis are being developed and applied to Android applications. However, through dynamic analysis, protection methods at the managed code can be rendered ineffective, and there is a need for a protection method that will address this. In this paper, we show that, using Dalvik monitor, protection methods at the managed code level can be dynamically analyzed. In addition, to prevent a tampered application from running, we propose a tampering detection scheme that uses a dynamic attestation platform. It consist of two phases; (1) detection code injection: inject tamper detecting code into an application and (2) code attestation: attest the injected code on the platform. The proposed scheme first uses the tamper detection method at the platform level to inspect execution codes executed in real time and to fundamentally intercept repackaged applications. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | SPRINGER | - |
dc.relation.isPartOf | JOURNAL OF SUPERCOMPUTING | - |
dc.title | Mobile application tamper detection scheme using dynamic code injection against repackaging attacks | - |
dc.type | Article | - |
dc.identifier.doi | 10.1007/s11227-016-1763-2 | - |
dc.type.rims | ART | - |
dc.identifier.bibliographicCitation | JOURNAL OF SUPERCOMPUTING, v.72, no.9, pp.3629 - 3645 | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000382094500023 | - |
dc.identifier.scopusid | 2-s2.0-84983507478 | - |
dc.citation.endPage | 3645 | - |
dc.citation.number | 9 | - |
dc.citation.startPage | 3629 | - |
dc.citation.title | JOURNAL OF SUPERCOMPUTING | - |
dc.citation.volume | 72 | - |
dc.contributor.affiliatedAuthor | CHO, HAEHYUN | - |
dc.contributor.affiliatedAuthor | Yi, Jeong Hyun | - |
dc.type.docType | Article | - |
dc.description.isOpenAccess | N | - |
dc.subject.keywordAuthor | Android application protection | - |
dc.subject.keywordAuthor | Tamper detection | - |
dc.subject.keywordAuthor | Android platform | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Soongsil University Library 369 Sangdo-Ro, Dongjak-Gu, Seoul, Korea (06978)02-820-0733
COPYRIGHT ⓒ SOONGSIL UNIVERSITY, ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.