Skip to main content
SpringerLink
Log in

Protecting Android Apps Against Reverse Engineering by the Use of the Native Code

  • Conference paper
  • First Online:
Trust, Privacy and Security in Digital Business (TrustBus 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9264))

Included in the following conference series:

Abstract

Having about 80 % of the market share, Android is currently the clearly dominating platform for mobile devices. Application theft and repackaging remains a major threat and a cause of significant losses, affecting as much as 97 % of popular paid apps. The ease of decompilation and reverse engineering of high-level bytecode, in contrast to native binary code, is considered one of the main reasons for the high piracy rate. In this paper, we address this problem by proposing four static obfuscation techniques: native opaque predicates, native control flow flattening, native function indirection, and native field access indirection. These techniques provide a simple and yet effective way of reducing the task of bytecode reverse engineering to the much harder task of reverse engineering native code. For this purpose, native function calls are injected into an app’s bytecode, introducing artificial dependencies between the two execution domains. The adversary is forced to analyze the native code in order to be able to comprehend the overall app’s functionality and to successfully launch static and dynamic analyses. Our evaluation results of the proposed protection methods witness an acceptable cost in terms of execution time and application size, while significantly complicating the reverse-engineering process.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Gartner: Smartphone Sales report (2015). http://www.gartner.com/newsroom/id/2996817. Accessed on 12 March 2015

  2. Arxan Technologies: State of Mobile App Security: Apps Under Attack. https://www.arxan.com/assets/1/7/State_of_Mobile_App_Security_2014_final.pdf. Accessed on 17 February 2015

  3. Business, B.: Piracy cuts into paid app sales (2012). http://www.bloomberg.com/bw/articles/2012-11-01/piracy-cuts-into-paid-app-sales. Accessed on 18 March 2015

  4. Shao, Y., Luo, X., Qian, C., Zhu, P., Zhang, L.: Towards a scalable resource-driven approach for detecting repackaged android applications. In: Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, pp. 56–65. ACM, New York (2014)

    Google Scholar 

  5. Crussell, J., Gibler, C., Chen, H.: AnDarwin: scalable detection of semantically similar android applications. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 182–199. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  6. Crussell, J., Gibler, C., Chen, H.: Attack of the clones: detecting cloned applications on android markets. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 37–54. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  7. Octeau, D., Jha, S., McDaniel, P.: Retargeting android applications to java bytecode. In: Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering, FSE 2012, pp. 6:1–6:11. ACM, New York (2012)

    Google Scholar 

  8. Schulz, P.: Code Protection in Android. Insititute of Computer Science, Rheinische Friedrich-Wilhelms-Universitgt Bonn, Germany (2012)

    Google Scholar 

  9. Desnos, A., Gueguen, G.: Android: from reversing to decompilation. In: Proceedings of the Black Hat Conference. ESIEA: Operational Cryptology and Virology Laboratory, Abu Dhabi, July 2011

    Google Scholar 

  10. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, p. 21. USENIX Association Berkeley (2011)

    Google Scholar 

  11. Hex-Rays: IDA (2015). https://www.hex-rays.com/products/ida/. Accessed on 18 March 2015

  12. Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32(2), 5:1–5:29 (2014)

    Article  Google Scholar 

  13. Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Le Traon, Y., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2014, pp. 259–269. ACM, New York (2014)

    Google Scholar 

  14. Madou, M., Anckaert, B., Moseley, P., Debray, S., De Sutter, B., De Bosschere, K.: Software protection through dynamic code mutation. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 194–206. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  15. Cappaert, J., Preneel, B., Anckaert, B., Madou, M., De Bosschere, K.: Towards tamper resistant code encryption: practice and experience. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 86–100. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  16. Collberg, C., Nagra, J.: Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection, 1st edn. Addison-Wesley Professional, Boston (2009)

    Google Scholar 

  17. Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical report 148, Department of Computer Science, University of Auckland, July 1997

    Google Scholar 

  18. Bartel, A., Klein, J., Le Traon, Y., Monperrus, M.: Dexpler: converting android dalvik bytecode to jimple for static analysis with soot. In: Proceedings of the ACM SIGPLAN International Workshop on State of the Art in Java Program Analysis, SOAP 2012, pp. 27–38. ACM, New York (2012)

    Google Scholar 

  19. László, T., Kiss, Á.: Obfuscating C++ programs via control flow flattening. In: Proceedings of the 10th Symposium on Programming Languages and Software Tools, SPLST 2007, pp. 15–29, Dobogókő, Hungary (2007)

    Google Scholar 

  20. Collberg, C., Thomborson, C., Low, D.: Manufacturing cheap, resilient, and stealthy opaque constructs. In: Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 1998, pp. 184–196. ACM, New York (1998)

    Google Scholar 

  21. Vallée-Rai, R. Co, P., Gagnon, E., Hendren, L., Lam, P., Sundaresan, V.: Soot - a java bytecode optimization framework. In: Proceedings of the Conference of the Centre for Advanced Studies on Collaborative Research, CASCON 1999. IBM Press (1999)

    Google Scholar 

  22. McCabe, T.J.: A complexity measure. IEEE Trans. Softw. Eng. SE 2(4), 308–320 (1976)

    Article  MATH  MathSciNet  Google Scholar 

  23. Chidamber, S.R., Kemerer, C.F.: A metrics suite for object oriented design. IEEE Trans. Softw. Eng. 20(6), 476–493 (1994)

    Article  Google Scholar 

  24. 0xlab: 0xbench (2011). https://code.google.com/p/0xbench/. Accessed on 10 March 2015

Download references

Acknowledgments

The research leading to these results was supported by the “Bavarian State Ministry of Education, Science and the Arts” as part of the FORSEC research association.

Author information

Authors and Affiliations

  1. Department of Computer Science, Friedrich-Alexander-Universität Erlangen-Nürnberg, Erlangen, Germany

    Mykola Protsenko & Tilo Müller

Authors
  1. Mykola Protsenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tilo Müller
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mykola Protsenko .

Editor information

Editors and Affiliations

  1. Karlstad University, Karlstad, Sweden

    Simone Fischer-Hübner

  2. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  3. University of Malaga, Málaga, Spain

    Javier López

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Protsenko, M., Müller, T. (2015). Protecting Android Apps Against Reverse Engineering by the Use of the Native Code. In: Fischer-Hübner, S., Lambrinoudakis, C., López, J. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2015. Lecture Notes in Computer Science(), vol 9264. Springer, Cham. https://doi.org/10.1007/978-3-319-22906-5_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-22906-5_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-22905-8

  • Online ISBN: 978-3-319-22906-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation