Advertisement

A Java Code Protection Scheme via Dynamic Recovering Runtime Instructions

  • Sun Jiajia
  • Gao Jinbao
  • Tan Yu-an
  • Zhang Yu
  • Yu Xiao
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11337)

Abstract

As Android operating system and applications on the device play important roles, the security requirements of Android applications increased as well. With the upgrade of Android system, Android runtime mode (ART mode) has gradually become the mainstream architecture of the Android operating system. ART introduces several improvements in Android, but it also introduces new ways to enhance malicious activities. This paper proposed a confidential finer granularity protection scheme for application programs under ART mode of ROOT Android devices. Taking Java method as the protection granularity, the protection scheme increased the accuracy of protecting targets. In addition, the protection scheme provided a more thorough protection for applications by combining dynamic loading technology and encryption technology in ART mode, and improved the security of Android applications. Experiments showed that the proposed protection scheme is effective.

Keywords

Android application protection Android runtime mode (ARTDynamic loading AES encryption 

Notes

Acknowledgement

This work was partly supported by The Fundamental Research Funds for Beijing Universities of Civil Engineering and Architecture (Response by ZhangYu), and also Excellent Teachers Development Foundation of BUCEA (Response by ZhangYu), and also National Key R&D Program of China (No. 2016YFC060090).

References

  1. 1.
    Operating System Market Share [EB/OL]. https://netmarketshare.com/operating-system-market-share.aspx. Accessed 01 Mar 2018/08 Apr 2018
  2. 2.
    Portokalidis, G., et al.: Paranoid Android: versatile protection for smartphones. In: Proceedings of the 26th Annual Computer Security Applications Conference. ACM (2010)Google Scholar
  3. 3.
    Enck, W., Ongtang, M., McDaniel, P.: Understanding android security. IEEE Secur. Priv. 7(1), 50–57 (2009)CrossRefGoogle Scholar
  4. 4.
    Zhang, X., Tan, Y.A., Zhang, C., Xue, Y., Li, Y., Zheng, J.: A code protection scheme by process memory relocation for android devices. Multimed. Tools Appl. (2017). http://dx.doi.org/10.1007/s11042-017-5363-9
  5. 5.
    Shabtai, A., et al.: Google android: a state-of-the-art review of security mechanisms. arXiv preprint arXiv:0912.5101 (2009)
  6. 6.
    Aycock, J., Jacobson, M.: Anti-disassembly using cryptographic hash functions. J. Comput. Virol. 2(1), 79–85 (2006)CrossRefGoogle Scholar
  7. 7.
    Lee, J., Kang, B., Im, E.G.: Evading anti-debugging techniques with binary substitution. Int. J. Secur. Appl. 8, 183–192 (2014)Google Scholar
  8. 8.
    Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: Proceedings of the 10th ACM Conference on Computer and Communications Security. ACM (2003)Google Scholar
  9. 9.
    Chen, Q., Jia, L.F., Zhang, W.: Research of software protection methods based on the interaction between code and shell. Comput. Eng. Sci. 12, 011 (2006)Google Scholar
  10. 10.
    Costamagna, V., Zheng, C.: ARTDroid: a virtual-method hooking framework on android ART runtime. In: IMPS@ ESSoS, pp. 20–28 (2016)Google Scholar
  11. 11.
    Xue, Y., Tan, Y.-A., Liang, C., Li, Y., Zheng, J., Zhang, Q.: RootAgency: a digital signature-based root privilege management agency for cloud terminal devices. Inf. Sci. 444, 36–50 (2018)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Enck, W., et al.: A study of android application security. In: USENIX Security Symposium, vol. 2 (2011)Google Scholar
  13. 13.
    Yang, Z., et al.: Appintent: analyzing sensitive data transmission in android for privacy leakage detection. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. ACM (2013)Google Scholar
  14. 14.
    Backes, M., et al.: ARTist: the android runtime instrumentation and security toolkit. In: 2017 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE (2017)Google Scholar
  15. 15.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES-The Advanced Encryption Standard. Springer, Heidelberg (2013)zbMATHGoogle Scholar
  16. 16.
    Guan, Z., Li, J., Wu, L., Zhang, Y., Wu, J., Du, X.: Achieving efficient and secure data acquisition for cloud-supported internet of things in smart grid. IEEE Internet Things J. 4(6), 1934–1944 (2017)CrossRefGoogle Scholar
  17. 17.
    Xiao, Y., Changyou, Z., Yuan, X., Hongfei, Z., Yuanzhang, L., Yu-an, T.: An extra-parity energy saving data layout for video surveillance. Multimed. Tools Appl. 77, 4563–4583 (2018)CrossRefGoogle Scholar
  18. 18.
    Sun, Z., Zhang, Q., Li, Y., Tan, Y.-A.: DPPDL: a dynamic partial-parallel data layout for green video surveillance storage. IEEE Trans. Circuits Syst. Video Technol. 28(1), 193–205 (2018)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Sun Jiajia
    • 1
  • Gao Jinbao
    • 1
  • Tan Yu-an
    • 1
  • Zhang Yu
    • 2
    • 3
  • Yu Xiao
    • 4
  1. 1.School of Computer Science and TechnologyBeijing Institute of TechnologyBeijingChina
  2. 2.School of Electrical and Information Engineering, Beijing Key Laboratory of Intelligent Processing for Building Big DataBeijing University of Civil Engineering and ArchitectureBeijingChina
  3. 3.State Key Laboratory in China for GeoMechanics and Deep Underground Engineering (Beijing)China University of Mining and TechnologyBeijingChina
  4. 4.Department of Computer Science and TechnologyShandong University of TechnologyZiboChina

Personalised recommendations