Android Application Protection against
Static Reverse Engineering based on Multidexing
1Dankook
University, Yongin, Gyeonggi
16890 Korea {iuasdofil,
32131715, sjcho}@dankook.ac.kr 2Konkuk
University, Chungju, Chungbuk
27478 Korea {minkyup, schan}@kku.ac.kr Abstract DEX files are executable files of Android
applications. Since DEX files are in the format of Java bytecodes, their Java
source codes can be easily obtained using static reverse engineering tools.
This results in numerous Android application thefts. There are some tools
(e.g. bangcle, ijiami, liapp) that protect Android applications against static
reverse engineering utilizing dynamic code loading. These tools usually
encrypt classes.dex in an APK file. When the
application is launched, the encrypted classes.dex
file is decrypted and dynamically loaded. However, these tools fail to
protect multidex APKs, which include more than one
DEX files (classes2.dex, classes3.dex, ...) to
accommodate large-sized execution codes. In this paper, we propose a
technique that protects multidex Android
applications against static reverse engineering. The technique can
encrypt/decrypt multiple DEX files in APK files and dynamically load them.
The experimental results show that the proposed technique can effiectively protect multidex
APKs. Keywords: Android,
Reverse engineering, Multidex, Dynamic code
loading, Packing. +: Corresponding author: Minkyu Park
Journal
of Internet Services and Information Security (JISIS), 6(4): 54-64, November 2016 [pdf] |
|