Kyeonghwan Lim, Jaemin Jeong, Seong-je Cho, Jongmoo Choi, Minkyu Park, Sangchul Han, S. Jhang
{"title":"Android应用程序中使用本机代码和混淆- llvm的反逆向工程技术","authors":"Kyeonghwan Lim, Jaemin Jeong, Seong-je Cho, Jongmoo Choi, Minkyu Park, Sangchul Han, S. Jhang","doi":"10.1145/3129676.3129708","DOIUrl":null,"url":null,"abstract":"Android applications are exposed to reverse engineering attacks. In particular, the applications written in Java are more prone to reverse engineering in comparison to the applications written in native-code languages such as C or C++ on the Android platform. This is because Java applications are distributed as byte codes, while applications written in native-code languages are distributed as low-level binary codes. In this paper, we propose a new technique to protect Android applications against reverse engineering. Three key characteristics of the proposed approach are as follows. First, we write the main parts of the application in native-code using Android NDK. This not only makes reverse engineering more difficult, but it is also more effective in terms of code reuse. Second, we introduce obfuscation, which hides the intent of the native codes and obscures theirs structure, at the intermediate representation (IR) level. Finally, we integrate an integrity verification scheme which detects whether the critical module of the application has been modified prior to execution of the application. Based on the results of experimentation on five known Android applications, we show that the proposed techniques can be applied without a significant effect on performance.","PeriodicalId":326100,"journal":{"name":"Proceedings of the International Conference on Research in Adaptive and Convergent Systems","volume":"101 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"An Anti-Reverse Engineering Technique using Native code and Obfuscator-LLVM for Android Applications\",\"authors\":\"Kyeonghwan Lim, Jaemin Jeong, Seong-je Cho, Jongmoo Choi, Minkyu Park, Sangchul Han, S. Jhang\",\"doi\":\"10.1145/3129676.3129708\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Android applications are exposed to reverse engineering attacks. In particular, the applications written in Java are more prone to reverse engineering in comparison to the applications written in native-code languages such as C or C++ on the Android platform. This is because Java applications are distributed as byte codes, while applications written in native-code languages are distributed as low-level binary codes. In this paper, we propose a new technique to protect Android applications against reverse engineering. Three key characteristics of the proposed approach are as follows. First, we write the main parts of the application in native-code using Android NDK. This not only makes reverse engineering more difficult, but it is also more effective in terms of code reuse. Second, we introduce obfuscation, which hides the intent of the native codes and obscures theirs structure, at the intermediate representation (IR) level. Finally, we integrate an integrity verification scheme which detects whether the critical module of the application has been modified prior to execution of the application. Based on the results of experimentation on five known Android applications, we show that the proposed techniques can be applied without a significant effect on performance.\",\"PeriodicalId\":326100,\"journal\":{\"name\":\"Proceedings of the International Conference on Research in Adaptive and Convergent Systems\",\"volume\":\"101 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-09-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the International Conference on Research in Adaptive and Convergent Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3129676.3129708\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the International Conference on Research in Adaptive and Convergent Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3129676.3129708","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Anti-Reverse Engineering Technique using Native code and Obfuscator-LLVM for Android Applications
Android applications are exposed to reverse engineering attacks. In particular, the applications written in Java are more prone to reverse engineering in comparison to the applications written in native-code languages such as C or C++ on the Android platform. This is because Java applications are distributed as byte codes, while applications written in native-code languages are distributed as low-level binary codes. In this paper, we propose a new technique to protect Android applications against reverse engineering. Three key characteristics of the proposed approach are as follows. First, we write the main parts of the application in native-code using Android NDK. This not only makes reverse engineering more difficult, but it is also more effective in terms of code reuse. Second, we introduce obfuscation, which hides the intent of the native codes and obscures theirs structure, at the intermediate representation (IR) level. Finally, we integrate an integrity verification scheme which detects whether the critical module of the application has been modified prior to execution of the application. Based on the results of experimentation on five known Android applications, we show that the proposed techniques can be applied without a significant effect on performance.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
