Abstract
The Android application package file, APK file, can be easily decompiled using Android reverse engineering tools. Thus, general apps can be easily transformed into malicious application through reverse engineering and analysis. These repacked apps could be uploaded in general android app market called Google Play Store and redistributed. To prevent theses malicious behaviors such as malicious code injection or code falsifications, many techniques and tools were developed. However, these techniques also can be analyzed using debuggers. Also, analyzed apps can be tampered easily. For example, when applying anti-analysis techniques to android apps using Dexprotector which is commercial tool for protecting android app, it can be seen that these techniques can also be analyzed using debugger. In this paper, to protect the android app from the attack using debugger, we propose anti-debugging techniques for native code debugging and managed code debugging of android apps.
Similar content being viewed by others
References
Android debug bridge. http://developer.android.com/tools/help/adb.html
Android reverse engineering and defenses. https://bluebox.com/technical/bluebox-berlinsides-presentationbluebox-berlinsides-presentation/
Bornstein D (2008) Dalvik vm internals. In: Google I/O developer conference, vol 23, pp 17–30
Cesare S (1999) Linux anti-debugging techniques (fooling the debugger). Security focus
Dex file. https://source.android.com/devices/tech/dalvik/dex-format.html
Dexprotector by licel. http://dexprotector.com/
Enck W, Octeau D, McDaniel P, Chaudhuri S (2011) A study of android application security. In: USENIX security symposium, vol 2, p 2
Fengsheng Y (2011) Android internals: system
Gagnon MN, Taylor S, Ghosh AK (2007) Software protection through anti-debugging. IEEE Secur Priv 5(3):82–84
Huang J (2012) Understanding the dalvik virtual machine. Google Technology User Groups, Taipei
Ida pro disassembler and debugger. https://www.hex-rays.com/products/ida/. Accessed 26 Mar 2015
Java debug wire protocol. http://docs.oracle.com/javase/7/docs/technotes/guides/jpda/jdwp-spec.html. Accessed 25 Mar 2015
Java platform debugger architecture. http://docs.oracle.com/javase/7/docs/technotes/ guides/jpda. Accessed 25 Mar 2015
Jung JH, Kim JY, Lee HC, Yi JH (2013) Repackaging attack on android banking applications and its countermeasures. Wirel Pers Commun 73(4):1421–1437
Khan S, Khan S, Banuri H, Nauman M, Alam M (2009) Analysis of dalvik virtual machine and class path library. Tech. rep. Security Engineering Research Group, Institute of Management Sciences, Peshawar
Lee C, Jeong YS, Cho SJ (2013) A method to protect android applications against reverse engineering. J Secur Eng 10(1):41–50
Schallner M (2006) Beginners guide to basic linux anti anti debugging techniques. Code-Break Mag, Secur Anti-Secur Attack Def 1(2):3–10
Schulz P (2012) Code protection in android. Rheinische Friedrich-Wilhelms-Universitgt Bonn, Institute of Computer Science, Bonn
Selvakumar G (2012) Constructing an environment and providing a performance assessment of androids dalvik virtual machine on x86 and arm. Ph.D. thesis, University of Kansas
Acknowledgments
This research was supported by Global Research Laboratory (GRL) program through the National Research Foundation of Korea (NRF-2014K1A1A2043029).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Cho, H., Lim, J., Kim, H. et al. Anti-debugging scheme for protecting mobile apps on android platform. J Supercomput 72, 232–246 (2016). https://doi.org/10.1007/s11227-015-1559-9
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-015-1559-9