An Anti-Reverse Engineering Technique using Native code and Obfuscator-LLVM for Android Applications

Android applications are exposed to reverse engineering attacks. In particular, the applications written in Java are more prone to reverse engineering in comparison to the applications written in native-code languages such as C or C++ on the Android platform. This is because Java applications are distributed as byte codes, while applications written in native-code languages are distributed as low-level binary codes. In this paper, we propose a new technique to protect Android applications against reverse engineering. Three key characteristics of the proposed approach are as follows. First, we write the main parts of the application in native-code using Android NDK. This not only makes reverse engineering more difficult, but it is also more effective in terms of code reuse. Second, we introduce obfuscation, which hides the intent of the native codes and obscures theirs structure, at the intermediate representation (IR) level. Finally, we integrate an integrity verification scheme which detects whether the critical module of the application has been modified prior to execution of the application. Based on the results of experimentation on five known Android applications, we show that the proposed techniques can be applied without a significant effect on performance.