JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE) ›› 2017, Vol. 52 ›› Issue (3): 44-50.doi: 10.6040/j.issn.1671-9352.2.2016.120

Previous Articles     Next Articles

Android application protection based on smali code obfuscation

LIU Fang-yuan, MENG Xian-jia*, TANG Zhan-yong, FANG Ding-yi, GONG Xiao-qing   

  1. Department of Computer Science and Technology, Northwest University, Xian 710127, Shaanxi, China
  • Received:2016-08-18 Online:2017-03-20 Published:2017-03-20

PDF (PC)

961

Abstract: An Android application protection method that is based on code obfuscation of smali code is proposed. The basic idea is that confuses the data flow for the access procedure of register data, and combines opaque predicates technology to confuse the control flow, thus when the attacker reversely analyze the application, the decompiling results will be wrong. The obfuscation method is evaluated from strength, resilience and overhead. The experiment results show that ourcan resist the reverse analysis of current popular reverse tools, such as jeb, dex2jar, dexdump and IDA pro.

Key words: smali code obfuscation, decompiling, reverse engineering

CLC Number: 

  • TP391
[1] 飞向网. 2016年Q1中国Android市场份额[EB/OL].[2016]. http://www.ebrun.com/20160419/172891.shtml.
[2] 中国新闻网. Fake payment APP[EB/OL].[2015]. http://www.thethirdmedia.com/Article/201511/show363-034c77p1. html.
[3] JESUSFREKEJ. smali/backsmali: An assembler/ disassembler for Android's dex format[EB/OL]. [2011]. http://code.google. com /p/samli.
[4] XU J, LI S, ZHANG T. Security Analysis and Protection Based on Smali Injection for Android Applications[M] //Algorithms and Architectures for Parallel Processing. Berlin: Springer International Publishing, 2014:577-586.
[5] BARAK B, GOLDREICH O, IMOAGLIAZZO R, et al. On the(im)possibility of obfuscating programs[C] //Advances in cryptology—CRYPTO 2001. Springer Berlin Heidelberg, 2001:1-18.
[6] 郑琪,徐爱国. 面向Android移动应用的控制流混淆[EB/OL].中国科技论文在线. 2014. http://www.paper.edu.cn/releasepaper/content/201412-783. ZHENG Qi, XU Aiguo. The control flow of confusion for Android mobile application[EB/OL]. Chinas scientific and technical papers online. 2014. http://www.paper.edu.cn/releasepaper/content/201412-783.
[7] 刘金梁. Android平台软件安全防护技术的研究与实现[D]. 北京:北京邮电大学, 2015. LIU Jinliang. The research of the software security protection technology and implementation for Android platform[D]. Beijing:Beijing University of Posts and Telecommunications, 2015.
[8] 郑琪. 面向Android智能手机终端应用程序的代码混淆算法研究与实现[D]. 北京:北京邮电大学,2015. ZHENG Qi. Research and implementation of code obfuscation algorithms for applications of android smartphone terminal[D]. Beijing:Beijing University of Posts and Telecommunications, 2015.
[9] Eric P.F. ProGuard[EB/OL].[2002].http://proguard.sourceforge.net/.
[10] SHU J, LI J, ZHANG Y, et al. Android app protection via interpretation obfuscation[C] // Dependable, Autonomic and Secure Computing(DASC), 2014 IEEE 12th International Conference on. IEEE, 2014:63-68.
[11] 汪德嘉, 宋超, 刘家郡. 一种Android系统应用的深度代码混淆方法[P].中国专利:103544414.A,2014. WANG Dejia, SONG Chao, LIU Jiajun. A method of the depth of the Android application code confusion[P]. CN: 103544414.A, 2014.
[12] PREDA M D, GIACOBAZZI R. Semantic-Based Code Obfuscation by Abstract Interpretation[J]. Lecture Notes in Computer Science, 2005, 17(17):1325-1336.
[13] YANG Y, FAN W, HUANG W, et al. The research of multi-point function opaque predicates obfuscation algorithm[J]. Applied Mathematics & Information Sciences, 2014, 8(6):3063-3070.
[14] Romin Irani. Android Application Class[EB/OL].[2010]. http://www.xoriant.com/blog/mobile-application-development/ android-application-class.html
[15] WIKIPEDIA. Java Native Interface[EB/OL].[2016]. https://en.wikipedia.org/wiki/Java_Native_Interface.
[16] COLLERG C, THOMBORSON C, LOW D. A taxonomy of obfuscating transformations[D]. New Zealand, Auckland: The University of Auckland, 1997.
[1] GONG Shuang-shuang, CHEN Yu-feng, XU Jin-an, ZHANG Yu-jie. Extraction of Chinese multiword expressions based on Web text [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(9): 40-48.
[2] YU Chuan-ming, ZUO Yu-heng, GUO Ya-jing, AN Lu. Dynamic discovery of authors research interest based on the combined topic evolutional model [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(9): 23-34.
[3] . Reader emotion classification with news and comments [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(9): 35-39.
[4] . Design and implementation of topic detection in Russian news based on ontology [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(9): 49-54.
[5] LIAO Xiang-wen, ZHANG Ling-ying, WEI Jing-jing, GUI Lin, CHENG Xue-qi, CHEN Guo-long. User influence analysis of social media with temporal characteristics [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(3): 1-12.
[6] YU Chuan-ming, FENG Bo-lin, TIAN Xin, AN Lu. Deep representative learning based sentiment analysis in the cross-lingual environment [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(3): 13-23.
[7] ZHANG Jun, LI Jing-fei, ZHANG Rui, RUAN Xing-mao, ZHANG Shuo. Community detection algorithm based on effective resistance of network [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(3): 24-29.
[8] PANG Bo, LIU Yuan-chao. Fusion of pointwise and deep learning methods for passage ranking [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(3): 30-35.
[9] CHEN Xin, XUE Yun, LU Xin, LI Wan-li, ZHAO Hong-ya, HU Xiao-hui. Text feature extraction method for sentiment analysis based on order-preserving submatrix and frequent sequential pattern mining [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(3): 36-45.
[10] WANG Tong, MA Yan-zhou, YI Mian-zhu. Speech recognition of Russian short instructions based on DTW [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(11): 29-36.
[11] ZHANG Xiao-dong, DONG Wei-guang, TANG Min-an, GUO Jun-feng, LIANG Jin-ping. gOMP reconstruction algorithm based on generalized Jaccard coefficient for compressed sensing [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(11): 23-28.
[12] SUN Jian-dong, GU Xiu-sen, LI Yan, XU Wei-ran. Chinese entity relation extraction algorithms based on COAE2016 datasets [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(9): 7-12.
[13] WANG Kai, HONG Yu, QIU Ying-ying, WANG Jian, YAO Jian-min, ZHOU Guo-dong. Study on boundary detection of users query intents [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(9): 13-18.
[14] ZHANG Fan, LUO Cheng, LIU Yi-qun, ZHANG Min, MA Shao-ping. User preference prediction in heterogeneous search environment [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(9): 26-34.
[15] YANG Yan, XU Bing, YANG Mu-yun, ZHAO Jing-jing. An emotional classification method based on joint deep learning model [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(9): 19-25.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
Copyright 2018 © Editorial office of JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE)
Supported by Beijing Magtech Co.Ltd