Abstract
Cracking and repackaging is a severe threat to Android applications. Obfuscation increases the difficulty of reverse analysis without changing the semantics of the original code. However, current Android obfuscation techniques primarily concentrate on Dalvik bytecode obfuscation, as Dalvik bytecode contains much semantic information, obfuscation does not hinder the attacker much. We propose a new technique named DexFus for protecting Android code based on Dalvik bytecode translation. DexFus applies obfuscation on translated C code instead of the original Dalvik code, which provides a higher level protection for applications. A prototype deployment on the Android platform demonstrates that DexFus is able to protect target applications with reasonable storage and memory overhead and high stability.
This paper is supported by the National Natural Science Foundation of China under grant No. 61572513.
This is a preview of subscription content, log in via an institution to check access.
References
Mobile operating system market share worldwide. https://gs.statcounter.com/os-market-share/mobile/worldwide. Accessed 15 Mar 2020
Cimato, S., De Santis, A., Petrillo, U.F.: Overcoming the obfuscation of Java programs by identifier renaming. J. Syst. Softw. 78(1), 60–72 (2005)
Number of available applications in the Google Play Store. https://www.statista.com/statistics/266210/number-of-available-applications-in-the-google-play-store/. Accessed 15 Mar 2020
The top mobile apps, games, and publishers of 2019. https://sensortower.com/blog/top-apps-games-publishers-2019. Accessed 15 Mar 2020
Shrink, obfuscate, and optimize your app. https://developer.android.com/studio/build/shrink-code. Accessed 15 Mar 2020
Baumann, R., Protsenko, M., Müller, T.: Anti-proguard: towards automated deobfuscation of Android apps. In: Proceedings of the 4th Workshop on Security in Highly Connected IT Systems, pp. 7–12 (2017)
Dextra. http://newandroidbook.com/tools/dextra.html. Accessed 15 Mar 2020
Yang, W., et al.: AppSpear: bytecode decrypting and DEX reassembling for packed Android malware. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 359–381. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26362-5_17
Kim, N.Y., Shim, J., Cho, S.-J., Park, M., Han, S.: Android application protection against static reverse engineering based on multidexing. J. Internet Serv. Inf. Secur. 6(4), 54–64 (2016)
APKtool: a tool for reverse engineering Android APK files. https://ibotpeaches.github.io/Apktool/. Accessed 15 Mar 2020
Dcc. https://github.com/amimo/dcc. Accessed 15 Mar 2020
JNI design overview. https://docs.oracle.com/javase/6/docs/technotes/guides/jni/spec/design.html. Accessed 15 Mar 2020
Wang, C., Hill, J., Knight, J., Davidson, J.: Software tamper resistance: obstructing static analysis of programs. Technical Report CS-2000-12, University of Virginia, 12 2000, Technical report (2000)
Balachandran, V., Tan, D.J., Thing, V.L., et al.: Control flow obfuscation for Android applications. Comput. Secur. 61, 72–93 (2016)
UI/Application exerciser monkey. https://developer.android.com/studio/test/monkey. Accessed 15 Mar 2020
oLLVM-8.0. https://github.com/heroims/obfuscator/tree/llvm-8.0. Accessed 15 Mar 2020
Desnos, A., et al.: Androguard (2011)
Apkpure.com: Download APK free online downloader. https://www.apkpure.com. Accessed 15 Mar 2020
Zhao, Y., et al.: Compile-time code virtualization for Android applications. Comput. Secur. 101821 (2020)
iJiami: Sharing IoE and guarding the smart world. https://www.ijiami.cn/. Accessed 15 Mar 2020
https://jiagu.360.cn/. Accessed 15 Mar 2020
https://cloud.tencent.com/product/ms. Accessed 15 Mar 2020
Zhang, Y., Luo, X., Yin, H.: DexHunter: toward extracting hidden code from packed Android applications. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9327, pp. 293–311. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24177-7_15
Sun, C., Zhang, H., Qin, S., He, N., Qin, J., Pan, H.: DexX: a double layer unpacking framework for Android. IEEE Access 6, 61 267–61 276 (2018)
JEB decompiler by PNF software. https://www.pnfsoftware.com/. Accessed 15 Mar 2020
Jadx - Dex to Java decompiler. https://github.com/skylot/jadx. Accessed 15 Mar 2020
Eagle, C.: The IDA Pro Book. No Starch Press (2011)
Junod, P., Rinaldini, J., Wehrli, J., Michielin, J.: Obfuscator-LLVM-software protection for the masses. In: 2015 IEEE/ACM 1st International Workshop on Software Protection, pp. 3–9. IEEE (2015)
Nolan, G., Truxall, D., Cinar, O., Sood, R.: Android Best Practices. Apress (2013)
Youpk. https://github.com/Youlor/Youpk. Accessed 28 July 2020
Fdex2. https://bbs.pediy.com/thread-224105.htm. Accessed 28 July 2020
Fart. https://github.com/hanbinglengyue/FART. Accessed 28 July 2020
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Hu, N., Ma, X., Lin, F., Liu, B., Lu, T. (2020). DexFus: An Android Obfuscation Technique Based on Dalvik Bytecode Translation. In: Xu, G., Liang, K., Su, C. (eds) Frontiers in Cyber Security. FCS 2020. Communications in Computer and Information Science, vol 1286. Springer, Singapore. https://doi.org/10.1007/978-981-15-9739-8_32
Download citation
DOI: https://doi.org/10.1007/978-981-15-9739-8_32
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-9738-1
Online ISBN: 978-981-15-9739-8
eBook Packages: Computer ScienceComputer Science (R0)