| The sustainable development of mobile networks has stimulated the widely u sage of smartphones.Because of openness and mobility characteristics,Android s ystem has quickly become the most popular mobile terminal system since its arri val.At the same time,the Android platform is also facing more and more secur ity problems,and it brings many obstacles to developers and consumers.Android applications are facing problems like repackaging,infringing intellectual property rights,and reverse engineering.In order to enhance the software security,domestic and foreign research scholars have put forward a number of software protection schemes including software watermark,software tamper-proofing and code confusion where code obfuscation technology changes the structure of source code through various confusion strategies.However,the semantic meaning of them remains the same.This technology increases the difficulty of code analysis,further reducing the code readability,and thus to some extents,enhance software safety.Code obfuscation technology has become the most adopted software protection scheme because of its low cost and low utility.The technology has currently been used on the PC platform,but code confusion on the bytecode level on Android platform is still in its infancy.The commonly used technologies in Android are still focused on variable name renaming and other simple transformations.In order to further improve code obfuscation techniques utility on the Android platform to play its full function,this thesis proposes a control flow obfuscation algorithm on the Dalvik bytecode level of the Android platform based on the study of obfuscation algorithms for other platforms and languages,meanwhile combined with the characteristics of the Android platform itself.The main work of this thesis includes:First of all,This thesis proposes a confusing scheme on the basis of comparative analysis of the classical control flow obfuscation algorithm.We achieve the control flow confusion on the Dalvik bytecode level for the first time,and resolve the problem where bytecode cannot run correctly due to the checking mechanism on Android platform.Through the optimization of the traditional scheme of control flow obfuscation,the confusion degree has been improved,and the balance between the code execution cost and the confusion intensity is realized.Then,the control flow graph based on the Dalvik bytecode is accomplished.The traditional nodes of the control flow graph are based on the basic block.The expanded hierarchy of control flow graphic nodes is dynamically determined in this thesis.Since the various implicit control flow transitions have been transferred to the explicit jumps,the position of the block output can be determined randomly which can disrupt the logical relevance of structural blocks so as to increase the confusion intensity.Finally,we conduct the confusion test after the accomplishment of design and implementation of the confusing tool.At the same time,we have some comparison with mainstream confusion tools like Proguard from the code number,executive overhead,and semantic complexity based on the evaluation criteria of code confusion.The experimental results indicate that the proposed scheme has great feasibility and effectiveness. |
PDF Full Text Request