Skip to main content
SpringerLink
Log in

Efficient Code Obfuscation for Android

  • Conference paper
Advances in Information Technology (IAIT 2013)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 409))

Included in the following conference series:

Abstract

Recent years have witnessed a steady shift in technology from desktop computers to mobile devices. In the global picture of available mobile platforms, Android stands out as a dominant participant on the market and its popularity continues rising. While beneficial for its users, this growth simultaneously creates a prolific environment for exploitation by vile developers which write malware or reuse software illegally obtained by reverse engineering. A class of programming techniques known as code obfuscation targets prevention of intellectual property theft by parsing an input application through a set of algorithms aiming to make its source code computationally harder and time consuming to recover. This work focuses on the development and application of such algorithms on the bytecode of Android, Dalvik. The main contributions are: (1) a study on samples obtained from the official Android market which shows how feasible it is to reverse a targeted application; (2) a proposed obfuscator implementation whose transformations defeat current popular static analysis tools while maintaining a low level of added time and memory overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Gartner News (February 2013, press release), http://www.gartner.com/newsroom/id/2335616

  2. Kaspersky Lab: 99% of all mobile threats target Android devices, http://www.kaspersky.com/about/news/virus/2013/99_of_all_mobile_threats_target_Android_devices

  3. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  4. Collberg, C., Thomborson, C., Low, D.: A Taxonomy of Obfuscating Transformations, Technical Report 148, Department of Computer Science, University of Auckland, New Zealand (1997)

    Google Scholar 

  5. Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (Im)possibility of Obfuscating Programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Androguard project home page, https://code.google.com/p/androguard/

  7. Smali/Baksmali project home page, https://code.google.com/p/smali/

  8. Dedexer project home page, http://dedexer.sourceforge.net/

  9. Dex2jar project home Page, https://code.google.com/p/dex2jar/

  10. Dexdump, Android SDK Tools, http://developer.android.com/tools/help/index.html

  11. Bremer, J.: Automated Deobfuscation of Android Applications, http://jbremer.org/automated-deobfuscation-of-android-applications/

  12. Dexter project home page, http://dexter.dexlabs.org/

  13. Radare2 project Home Page, http://radare.org/y/?p=download

  14. Collberg, C., Thomborson, C., Low, D.: Manufacturing Cheap, Resilient, and Stealthy Opaque Constructs (1998)

    Google Scholar 

  15. Schulz, P.: Dalvik-obfuscator project GitHub page, https://github.com/thuxnder/dalvik-obfuscator

  16. Strazzere, T.: APKfuscator project GitHub page, https://github.com/strazzere/APKfuscator

  17. DexGuard main page, http://www.saikoa.com/dexguard

  18. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android Permissions Demystified. University of California, Berkeley (2011)

    Google Scholar 

  19. Gommerstadt, H., Long, D.: Android Application Security: A Thorough Model and Two Case Studies: K9 and Talking Cat. Harvard University (2012)

    Google Scholar 

  20. Hornyack, P., Han, S., Jung, J., Schechter, S., Wetherall, D.: These aren’t the droids you’re looking for: retrofitting android to protect data from imperious applications. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (2011)

    Google Scholar 

  21. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A Study of Android Application Security. In: Proceedings of the 20th USENIX Security Symposium (2011)

    Google Scholar 

  22. Strazzere, T.: Dex Education: Practicing Safe Dex, Blackhat, USA (2012)

    Google Scholar 

  23. Collberg, C., Nagra, J.: Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection (2009) ISBN-13: 978-0321549259

    Google Scholar 

  24. Cypherpunks (mailing list archives), RC4 Source Code, http://cypherpunks.venona.com/archive/1994/09/msg00304.html

  25. Batchelder, M.R.: Java Bytecode Obfuscation, Master Thesis, McGill University School of Computer Science, Montréal (2007)

    Google Scholar 

  26. Schulz, P.: Dalvik Bytecode Obfuscation on Android (2012), http://www.dexlabs.org/blog/bytecode-obfuscation

  27. Reiss, D.: Under the Hood: Dalvik patch for Facebook for Android (2013), http://www.facebook.com/notes/facebook-engineering/under-the-hood-dalvik-patch-for-facebook-for-android/10151345597798920

  28. Android Developers Website, http://developer.android.com/index.html

  29. Bornstein, D.: Dalvik VM Internals (2008), https://sites.google.com/site/io/dalvik-vm-internals

Download references

Author information

Authors and Affiliations

  1. University of Luxembourg, Luxembourg

    Aleksandrina Kovacheva

Authors
  1. Aleksandrina Kovacheva
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Technology, King Mongkut’s University of Technology Thonburi, 126 Pracha-U-Thit Rd., 10140, Bangkok, Thailand

    Borworn Papasratorn

  2. School of Information Technology, King Mongkut’s University of Technology Thonburi, 126 Pracha-U-This Td., Bangmod, Thungkru, 10140, Bangkok, Thailand

    Nipon Charoenkitkarn

  3. School of Information Technology, King Mongkut’s University of Technology, Thonburi, 126 Pracha-U-Thit Rd., Bangmod, Thungkru, 10140, Bangkok, Thailand

    Vajirasak Vanijja

  4. School of Information Technology, King Mongkut’s University of Technology Thonburi, 126 Pracha-U-Thit Rd., Bangmod, Thungkru, 10140, Bangkok, Thailand

    Vithida Chongsuphajaisiddhi

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kovacheva, A. (2013). Efficient Code Obfuscation for Android. In: Papasratorn, B., Charoenkitkarn, N., Vanijja, V., Chongsuphajaisiddhi, V. (eds) Advances in Information Technology. IAIT 2013. Communications in Computer and Information Science, vol 409. Springer, Cham. https://doi.org/10.1007/978-3-319-03783-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-03783-7_10

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-03782-0

  • Online ISBN: 978-3-319-03783-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation