Reinforcement And Security Evaluation Of Native Code For Android Application

Openness and extensibility for the Android platform has seen explosive growth in various mobile applications,in which native development has become very common for core code in consideration of the effectiveness and efficiency.However,with the continuous development of reverse engineering and tools,malicious attacks on native code have become more frequent and code security is under serious threat.Despite the security mechanism provided by Android system,as well as the constant research on software protection,how to improve the safety of native code for software remains a significant challenge.In this paper,we tackle this problem and introduce a CFI-based native code reinforcement framework by analyzing the threats faced with native code and the limitations of traditional mitigation.We design and implement the reinforcement system for Android native code,which is based on the integrity of control flow to provide guarantee for code security.Besides,the security of native code protection schemes is analyzed and an evaluation system is established based on reverse engineering to provide developers with some suggestions.Our contributions are given as follows:1.We perform a theoretical analysis of existing attacks targeting on Android native code as well as protection mechanism.Having a better knowledge of static analysis and dynamic debugging will help us summarize how to protect against these attacks and put forward better schemes.In addition,we study the existing technical schemes and point out their shortcomings.2.We analyze the subroutine invocation process in native code.As we propose to apply the concept of control-flow integrity to native code protection,it is necessary to have a better understanding of the subroutine invocation process,thus extracting control-flow transfer features for following integrity check.3.We propose a CFI-based native code reinforcement framework for Android and enforce a CFI check during applications run-time at function level.By applying the principle of CFI to core code,we can present a more fine-grained code reinforcement scheme from the perspective of control-flow,and detect the deviation and alarm the attacks.4.We propose a security evaluation system for Android native code.We put forward a security evaluation of native code protection base on reverse engineering.Combining theoretical analysis with attack experiments,we establish an attack model for native code and rank the risk,thus the protection is quantified and recommendations are presented for developers.