JOURNAL BROWSE
Search
Advanced SearchSearch Tips
A Code Concealment Method using Java Reflection and Dynamic Loading in Android
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
A Code Concealment Method using Java Reflection and Dynamic Loading in Android
Kim, Jiyun; Go, Namhyeon; Park, Yongsu;
  PDF(new window)
 Abstract
Unlike existing widely used bytecode-centric Android application code obfuscation methodology, our scheme in this paper makes encrypted file i.e. DEX file self-extracted arbitrary Android application. And then suggests a method regarding making the loader app to execute encrypted file`s code after saving the file in arbitrary folder. Encrypted DEX file in the loader app includes original code and some of Manifest information to conceal event treatment information. Loader app`s Manifest has original app`s Manifest information except included information at encrypted DEX. Using our scheme, an attacker can make malicious code including obfuscated code to avoid anti-virus software at first. Secondly, Software developer can make an application with hidden main algorithm to protect copyright using suggestion technology. We implement prototype in Android 4.4.2(Kitkat) and check obfuscation capacity of malicious code at VirusTotal to show effectiveness.
 Keywords
Java reflection;Malware;Malicious code;DES;Data encryption standard;Bytecode;Copyright protection;Obfuscation;Intent;Intent filter;Class encryption;Dynamic keys;AndroidManifest;
 Language
Korean
 Cited by
1.
자바 자동 식별자 리네이밍 기법 및 보호 방법,김지윤;홍수화;고남현;이우승;박용수;

한국통신학회논문지, 2015. vol.40. 4, pp.709-719 crossref(new window)
2.
안드로이드 어플리케이션 역공학 보호기법,하동수;이강효;오희국;

정보보호학회지, 2015. vol.25. 3, pp.19-28
1.
Java Automatic Identifier Renaming Technique and Protection Method, The Journal of Korean Institute of Communications and Information Sciences, 2015, 40, 4, 709  crossref(new windwow)
 References
1.
STRATEGY ANALYTICS, http://www.strategyanalytics.com/

2.
Joonhyouck Jang, Seunghwan Han, Yookun Cho, U jin Choe and Jiman Hong, "Survey of Security Threats and Countermeasures on Android Environment," Journal of Security Engineering, Vol.11, No.1, pp. 01-12, Feb. 2014. crossref(new window)

3.
Alexandrina KOVACHEVA, "Efficient Code Obfuscation for Android," Advances in information Technology's Communications in Computer and Information Science, Vol. 409, pp.104-119, Aug. 2013.

4.
Patrick Schulz, "Code Protection in Android," Institute of Computer Science 4 Communication and Distributed Systems in Bonn University, June 2012.

5.
Hao Hao, Vicky Singh, and Wenliang Du, "On the effectiveness of API-level access control using bytecode rewriting in Android," ASIA CCS '13 Proceedings of the 8th ACM SIGSAC symposium on Information of computer and communications security, pp. 25-36, 2013.

6.
W. Zhou, Y. Zhon, X. Jiang and P. Ning, "Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces," Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy, pp. 317-326, Feb. 2012.

7.
Yuxue Piao and Jin-hyuk Jung and Jeong Hyun Yi, "Structural and Functional Analyses of ProGuard Obfuscation Tool," Networks and Services, Vol. 38B, No. 08, pp. 654-661, Aug. 2013.

8.
DexFile, http://developer.android.com/reference/dalvik/system/DexFile.html

9.
William M. Daley and Raymond G. Kammer, "DATA ENCRYPTION STANDARD (DES)," FIPS PUB 46-3, Oct. 1999.

10.
William C. Barker and Elaine Barker, "Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher," NIST Special Publication 800-67, Jan. 2012.

11.
Doo-Sik Choi, Doo-Hwan Oh, Jeong-Soo Park and Jae-Cheol Ha, "An Improved Round Reduction Attack on Triple DES Using Fault Injection in Loop Statement," Journal of The Korea Institute of Information Security & Cryptology, Vol. 22, No. 4, pp. 709-717, Aug. 2012.

12.
Androguard, https://code.google.com/p/androguard/

13.
Virus Total, http://virustotal.com

14.
Building and Running, http://developer.android.com/tools/building/index.html

15.
Alessandro Armando, Alessio Merlo. Mauro Migliardi and Luca Verderame, "Breaking and Fixing the Android Launching Flow," Computers & Security, Vol. 39, pp. 104-115, Nov. 2013. crossref(new window)

16.
dex2jar, https://code.google.com/p/dex2jar/

17.
JD-GUI, http://jd.benow.ca/

18.
android-apktool, https://code.google.com/p/android-apktool/

19.
Trail: The Reflection API (The JavaTM Tutorials), http://docs.oracle.com/javase/tutorial/reflect/

20.
V. Benjarmin Livshits and Monica S. Lam, "Finding Security Vulnerabilities in Java Applications with Static Analysis," Proceedings of the 14th USENIX Security, Aug. 2005.

21.
MARIUS POPA, "Analysis of Zero-Day Vulnerabilities in Java," Journal of Mobile, Embedded and Distributed Systems, Vol. 5, No. 3, pp. 108-117, Sep. 2013.

22.
Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner, "Analyzing Inter-Application Communication in Android," MobiSys '11 Proceedings, Vol. 9, pp. 239-252, 2011.

23.
Intents and Intent Filters, http://developer.android.com/guide/components/intents-filters.html#iobjs

24.
CONTEXT_IGNORE_SECURITY, http://developer.android.com/reference/android/content/Context.html

25.
Toast, http://developer.android.com/reference/android/widget/Toast.html

26.
Support Library, http://developer.android.com/tools/support-library/index.html