Abstract
Android app repacking allows malicious actors to modify apps, bundle them with malware or steal revenue. Current detection mechanisms of app distribution services are questionable in their effectiveness, and other proposed repackaging protection schemes do not have the necessary protection against circumvention. We propose a repackaging protection architecture that verifies the app’s integrity at runtime. We make use of encrypted sections of bytecode that can be decrypted with a key derived at runtime. The method partially relies on native code, and as such is difficult to circumvent. We show that our implementation provides a practical integration in the workflow of an app developer.
The authors of this paper are alphabetically ordered.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
The source code is provided at https://github.com/ilian/repackaging-protection.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
References
Bianchi, A., Fratantonio, Y., Kruegel, C., Vigna, G.: NJAS: sandboxing unmodified applications in non-rooted devices running stock Android. In: SPSM 2015, Denver, CO, USA, pp. 27–38 (2015)
Chang, H., Atallah, M.J.: Protecting software code by guards. In: ACM CCS-8 Workshop DRM 2001, Philadelphia, PA, USA, pp. 160–175 (2001)
Hanna, S., Huang, L., Wu, E., Li, S., Chen, C., Song, D.: Juxtapp: a scalable system for detecting code reuse among Android applications. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol. 7591, pp. 62–81. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37300-8_4
Hu, W., Tao, J., Ma, X., Zhou, W., Zhao, S., Han, T.: MIGDroid: detecting app-repackaging Android malware via method invocation graph. In: ICCCN 2014, Shanghai, China, pp. 1–7 (2014)
Junod, P., Rinaldini, J., Wehrli, J., Michielin, J.: Obfuscator-LLVM - software protection for the masses. In: SPRO 2015, Florence, Italy, pp. 3–9 (2015)
Luo, L., Fu, Y., Wu, D., Zhu, S., Liu, P.: Repackage-proofing Android apps. In: DSN 2016, Toulouse, France, pp. 550–561 (2016)
Mavrogiannopoulos, N., Kisserli, N., Preneel, B.: A taxonomy of self-modifying code for obfuscation. Comput. Secur. 30(8), 679–691 (2011)
Nevolin, I.: Advanced techniques for anti-debugging. Master’s dissertation, Ghent University (2017)
Ng, Y., Zhou, H., Ji, Z., Luo, H., Dong, Y.: Which Android app store can be trusted in China? In: COMPSAC 2014, Vasteras, Sweden, pp. 509–518 (2014)
Ren, C., Chen, K., Liu, P.: Droidmarking: resilient software watermarking for impeding Android application repackaging. In: ASE 2014, Vasteras, Sweden, pp. 635–646 (2014)
Sharif, M.I., Lanzi, A., Giffin, J.T., Lee, W.: Impeding malware analysis using conditional code obfuscation. In: NDSS 2008, San Diego, CA, USA (2008)
Soh, C., Tan, H.B.K., Arnatovich, Y.L., Wang, L.: Detecting clones in Android applications through analyzing user interfaces. In: ICPC 2015, Florence/Firenze, Italy, pp. 163–173 (2015)
Sun, M., Li, M., Lui, J.C.S.: Droideagle: seamless detection of visually similar android apps. In: Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, New York, NY, USA, pp. 9:1–9:12 (2015)
Vallee-Rai, R., Hendren, L.J.: Jimple: simplifying Java bytecode for analyses and transformations. Technical report (1998)
Wang, X., Jhi, Y., Zhu, S., Liu, P.: Detecting software theft via system call based birthmarks. In: ACSAC 2009, Honolulu, Hawaii, USA, pp. 149–158 (2009)
Yu, R.: Android packers: facing the challenges, building solutions. In: Proceedings of the 24th Virus Bulletin International Conference (2014)
Zeng, Q., Luo, L., Qian, Z., Du, X., Li, Z.: Resilient decentralized android application repackaging detection using logic bombs. In: CGO 2018, Vösendorf/Vienna, Austria, pp. 50–61 (2018)
Zhang, F., Huang, H., Zhu, S., Wu, D., Liu, P.: Viewdroid: towards obfuscation-resilient mobile application repackaging detection. In: WiSec 2014, Oxford, United Kingdom, pp. 25–36 (2014)
Zhou, W., Zhang, X., Jiang, X.: Appink: watermarking android apps for repackaging deterrence. In: ASIA CCS 2013, Hangzhou, China, pp. 1–12 (2013)
Zhou, W., Zhou, Y., Jiang, X., Ning, P.: Detecting repackaged smartphone applications in third-party android marketplaces. In: CODASPY 2012, San Antonio, TX, USA, pp. 317–326 (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Tanner, S., Vogels, I., Wattenhofer, R. (2020). Protecting Android Apps from Repackaging Using Native Code. In: Benzekri, A., Barbeau, M., Gong, G., Laborde, R., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2019. Lecture Notes in Computer Science(), vol 12056. Springer, Cham. https://doi.org/10.1007/978-3-030-45371-8_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-45371-8_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-45370-1
Online ISBN: 978-3-030-45371-8
eBook Packages: Computer ScienceComputer Science (R0)