A Java Code Protection Scheme via Dynamic Recovering Runtime Instructions
As Android operating system and applications on the device play important roles, the security requirements of Android applications increased as well. With the upgrade of Android system, Android runtime mode (ART mode) has gradually become the mainstream architecture of the Android operating system. ART introduces several improvements in Android, but it also introduces new ways to enhance malicious activities. This paper proposed a confidential finer granularity protection scheme for application programs under ART mode of ROOT Android devices. Taking Java method as the protection granularity, the protection scheme increased the accuracy of protecting targets. In addition, the protection scheme provided a more thorough protection for applications by combining dynamic loading technology and encryption technology in ART mode, and improved the security of Android applications. Experiments showed that the proposed protection scheme is effective.
KeywordsAndroid application protection Android runtime mode (ART) Dynamic loading AES encryption
This work was partly supported by The Fundamental Research Funds for Beijing Universities of Civil Engineering and Architecture (Response by ZhangYu), and also Excellent Teachers Development Foundation of BUCEA (Response by ZhangYu), and also National Key R&D Program of China (No. 2016YFC060090).
- 1.Operating System Market Share [EB/OL]. https://netmarketshare.com/operating-system-market-share.aspx. Accessed 01 Mar 2018/08 Apr 2018
- 2.Portokalidis, G., et al.: Paranoid Android: versatile protection for smartphones. In: Proceedings of the 26th Annual Computer Security Applications Conference. ACM (2010)Google Scholar
- 4.Zhang, X., Tan, Y.A., Zhang, C., Xue, Y., Li, Y., Zheng, J.: A code protection scheme by process memory relocation for android devices. Multimed. Tools Appl. (2017). http://dx.doi.org/10.1007/s11042-017-5363-9
- 5.Shabtai, A., et al.: Google android: a state-of-the-art review of security mechanisms. arXiv preprint arXiv:0912.5101 (2009)
- 7.Lee, J., Kang, B., Im, E.G.: Evading anti-debugging techniques with binary substitution. Int. J. Secur. Appl. 8, 183–192 (2014)Google Scholar
- 8.Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: Proceedings of the 10th ACM Conference on Computer and Communications Security. ACM (2003)Google Scholar
- 9.Chen, Q., Jia, L.F., Zhang, W.: Research of software protection methods based on the interaction between code and shell. Comput. Eng. Sci. 12, 011 (2006)Google Scholar
- 10.Costamagna, V., Zheng, C.: ARTDroid: a virtual-method hooking framework on android ART runtime. In: IMPS@ ESSoS, pp. 20–28 (2016)Google Scholar
- 12.Enck, W., et al.: A study of android application security. In: USENIX Security Symposium, vol. 2 (2011)Google Scholar
- 13.Yang, Z., et al.: Appintent: analyzing sensitive data transmission in android for privacy leakage detection. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. ACM (2013)Google Scholar
- 14.Backes, M., et al.: ARTist: the android runtime instrumentation and security toolkit. In: 2017 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE (2017)Google Scholar
- 18.Sun, Z., Zhang, Q., Li, Y., Tan, Y.-A.: DPPDL: a dynamic partial-parallel data layout for green video surveillance storage. IEEE Trans. Circuits Syst. Video Technol. 28(1), 193–205 (2018)Google Scholar