Research And Implementation Of Bytecode Level Protection For Android Applications

Posted on:2018-04-17

Degree:Master

Type:Thesis

Country:China

Candidate:F Y Liu

Full Text:PDF

GTID:2348330515458594

Subject:Software engineering

Abstract/Summary:

PDF Full Text Request

With the development of smart devices,the annual downloads of Android applications in the whole world is more than 300 billion.However,with the boom of the applications,there exist more and more illegal attacks,such as repackage,code injection.It is evitable to find a protection method that works,as we all know,code obfuscation is one of the most effective methods.Prior researchers have paid their attention on obfuscation for Java source code and Android bytecode.However,the fronter cannot protect the intellectual property of developers while the latter doesn't provide the obfuscation technology that can combine complex data flow and control flow.This paper presents DexPro,a bytecode obfuscation-based protection method for Android applications.Different from prior works,the system doesn't need the support of Application source code,doesn't need to modify the interpreter of virtual machine,however,the system makes it more difficult to do reverse analysis.Main research work includes four aspects:1)In order to solve the problem that the attacker can illegally obtain the Application key codes with the support of plenty of reverse tools,this paper propose a data flow obfuscation method that based on the storage mode of the variables of obfuscation code and the access of return value of function call.As a result,the protected application is not easy to analyze reversely.2)In order to add the difficulties of reverse analysis,this paper combines the control flow flatting and branch path obscuring to add the control flow difficulty for the applications.3)Through the detailed analysis of dynamic detection principle of Android system before the bytecode runs,this paper solve the register conflict problem according to the detection mechanism of vulnerability.4)This paper presents a prototype of DexPro system.The common algorithms are chosen as the test cases of obfuscation testing,and the paper compares the size of the code and the cost before and after protection.Results show that the proposed method is effective and useful for the Android application protection.

Keywords/Search Tags:

Android software security, Code confusion, Reverse engineering, Register conflicts

PDF Full Text Request

Related items

1	Research On Android Application Protection Technology Based On Multi-dimensional Reverse Confrontation
2	The Implementation And Prevention Of Android Malicious Code Based On Reverse Engineering
3	Research On Automatic Reverse Auxiliary Analysis Framework Based On Android Unpacking And Deobfuscation
4	Research On Anti Reverse Engineering Technology Based On Instruction Confusion
5	Research On The Code Protection Technology Of Android System
6	Research On The Techniques Of Software Reverse Engineering
7	Research And Implementation Of Software Protection Based On Android Platform
8	Research On Android Application’s Critical Security Methods
9	Research On Key Techniques For Firm-Code Reverse Analysis
10	Research On Audit Analysis Method For Skype On Android Platform Based On Reverse Engineering