Control flow obfuscation for Android applications. Issue 61 (August 2016)
- Record Type:
- Journal Article
- Title:
- Control flow obfuscation for Android applications. Issue 61 (August 2016)
- Main Title:
- Control flow obfuscation for Android applications
- Authors:
- Balachandran, Vivek
Sufatrio,
Tan, Darell J.J.
Thing, Vrizlynn L.L. - Abstract:
- Abstract: Android apps are vulnerable to reverse engineering, which makes app tampering and repackaging relatively easy. While obfuscation is widely known to make reverse engineering harder, complex and effective control flow obfuscations by rearranging Android bytecode instructions have not been implemented in various Android obfuscation tools. This paper presents our control-flow obfuscation techniques for Android apps at the Dalvik bytecode level. Our three proposed schemes go beyond simple control-flow transformations employed by existing Android obfuscators, and make it difficult for static analysis to determine the actual app control flows. To realize this, we also address a previously-unsolved register-type conflict problem that can be raised by the verifier module of the Android runtime system by means of a type separation technique. Our analysis and experimentation show that the schemes can offer effective obfuscation with reasonable performance and size overheads. Combined with the existing data and layout obfuscation techniques, our schemes can offer attractive measures to hinder reverse engineering and code analysis on Android apps, and help safeguard Android app developers' heavy investment in their apps.
- Is Part Of:
- Computers & security. Issue 61(2016)
- Journal:
- Computers & security
- Issue:
- Issue 61(2016)
- Issue Display:
- Volume 61, Issue 61 (2016)
- Year:
- 2016
- Volume:
- 61
- Issue:
- 61
- Issue Sort Value:
- 2016-0061-0061-0000
- Page Start:
- 72
- Page End:
- 93
- Publication Date:
- 2016-08
- Subjects:
- Android -- Software obfuscation -- Mobile security -- Reverse engineering -- Application security
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2016.05.003 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 1.xml