Building the De-obfuscation Platform Based on LLVM

Conference paper
First Online:
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 474)

Abstract

Following the steady growth of the android mobile market, android application developers apply the obfuscation techniques to hide confidential information to be revealed and to prevent from abnormal approaches. Keeping up this trend, however, the obfuscation technique is also widely used in android malicious codes. Android malicious code developers apply the obfuscation techniques to hide their malignant act and evade anti-virus program, eventually making malicious code reversing engineers spend a lot of time and efforts and adding a huge amount of social cost for the analysis. Due to this reason, the de-obfuscation techniques is getting more and more required to solve this problem. In this paper, we research existing obfuscation and de-obfuscation techniques which currently are applied to the android applications, then suggest the de-obfuscation platform based on LLVM (Low-Level Virtual Machine) to perform de-obfuscation process more efficiently.

Keywords

Code de-obfuscation Reverse engineering Android security 
This is a preview of subscription content, log in to check access.

References

  1. 1.
  2. 2.
  3. 3.
  4. 4.
    Piao, Y., Jung, J.H., Yi, J.H.: Server based code obfuscation scheme for APK tamper detection. Secur. Commun. Netw. (2014)Google Scholar
  5. 5.
    Schulz, H., Titze, D., Schutte, J., Kittel, T., Eckert, C.: Automated de-obfuscation of Android bytecode. Department of Computer Science, The University of Munchen, Germany, JulyGoogle Scholar
  6. 6.
    Bremer, J.: Automated Analysis and Deobfuscation of Android Apps & Malware, Freelance Security Researcher (2013)Google Scholar
  7. 7.
  8. 8.
  9. 9.
  10. 10.
    Lee, S.Y., Park, J.H., Chan Park, M., Suk, J.H., Lee, D.H.: A study on deobfuscation method of Android and implementation of automatic analysis tool. J. Korea Inst. Inf. Secur. Cryptol. 25(5), 1201–1215 (2015)CrossRefGoogle Scholar
  11. 11.
  12. 12.
    Wegman, M.N., Zadeck, F.K.: Constant propagation with conditional branches. ACM Trans. Program. Lang. Syst. 13(2), 181–210 (1991)CrossRefGoogle Scholar
  13. 13.
    Click, C., Cooper, K.: Combining analyses, combining optimizations. ACM Trans. Programm. Lang. Syst. 17(2), 181–196 (1995)CrossRefGoogle Scholar
  14. 14.
    Kennedy, K.: Use-definition chains with applications. Comput. Lang. Arch. 3(3), 163–179 (1978)CrossRefMATHGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  1. 1.Department of Computer EngineeringYeungnam UniversityGyeongsanSouth Korea
  2. 2.School of Computer and Information EngineeringSangji UniversitySeoulRepublic of Korea

Personalised recommendations