| With the rapid development of economy, the number and scale of the App stores maintained rapid development and sustained expansion, the mobile applications increased explosive at the same time. But it faces many challenges, including the protection of intellectual property as one aspect. With the development of the network, the scope of spread for mobile applications become more open, the speed of propagation of mobile applications become more convenient, which promoting the exchange of mobile applications while providing a hotbed for stealing intellectual property of mobile applications. Compared to other platforms, the decompiled code of Android applications resulting a high quality because of the compilation way of Java language, it can almost get the information of the application completely, making a Java application has no secret at all and its protection of intellectual property is facing significant security risks.Among all of the software protection techniques, code obfuscation is a relatively effective protection technology. The basic idea is to increase the difficult of obfuscated code’s analysis by transforming the code of software using obfuscation techniques, so as to achieve the purpose of preventing the software under attack. Code obfuscation techniques make it difficult to decompile the obfuscated code through the program re-organization and processing under the precondition of ensuring the obfuscated code can realize the same functions, and it is difficult to get the real semantics even if decompiled successfully. Compared to other protection technologies, code obfuscation protects the entire program’s code, it does not change the functions of program, all of the users can’t get important information from them even if they are legitimate. This paper focuses on the control flow obfuscation of Android smart terminal applications, designs and implements a scheme of control flow obfuscation. This paper flattens part of the control structures based on the opaque predicate technology in combination with the insertion branch code, to further undermine the original control flow of the program structure. Increases the difficulty of reconstruction application control flow graph and strengthen the protection of applications in the case of unduly increase the cost. The main work in the paper are:First, studies the characteristics of Android smart terminal applications, as well as the current code obfuscation techniques and opaque predicate technologies, and introduces the common obfuscation techniques in detail. Proposed control flow protection scheme for the protection and usage scenarios requirements of the application.Secondly, completes the architecture design of obfuscation tool and development of obfuscation tool based on the theoretical models of obfuscation tool and obfuscation scheme herein, and achieves control flow obfuscation scheme. Optimizes obfuscation scheme and tools gradually to improve the flexibility and performance of obfuscation.Finally, analyses the experimental results from the dimensions of the code length, the performance overhead, the complexity of semantics according to the characteristics and requirements of the scene of Android applications combined with the evaluation criteria of obfuscation, and compared with the results of Proguard. |
PDF Full Text Request