You Shall not Repackage! Demystifying Anti-Repackaging on Android. Issue 103 (April 2021)
- Record Type:
- Journal Article
- Title:
- You Shall not Repackage! Demystifying Anti-Repackaging on Android. Issue 103 (April 2021)
- Main Title:
- You Shall not Repackage! Demystifying Anti-Repackaging on Android
- Authors:
- Merlo, Alessio
Ruggia, Antonio
Sciolla, Luigi
Verderame, Luca - Abstract:
- Highlights: We assess the state-of-the-art of anti-repackaging schemes on Android. We describe the main attacking methodologies to anti-repackaging on Android. We provide some attacking techniques to circumvent current anti-repackaging schemas. We present a fully-fledged attack to NRP, the most recent anti-repackaging scheme. We discuss guidelines for improving next-generation anti-repackaging on Android. Abstract: App repackaging refers to the practice of customizing an existing mobile app and redistributing it in the wild. In this way, the attacker aims to force some mobile users to install the repackaged (likely malicious) app instead of the original one. This phenomenon strongly affects Android, where apps are available on public stores, and the only requirement for an app to execute properly is to be digitally signed. Anti-repackaging techniques try counteracting this attack by adding logical controls in the app at compile-time. Such controls activate in case of repackaging and lead the repackaged app to fail at runtime. On the other side, the attacker must detect and bypass the controls to repackage safely. The high-availability of working repackaged apps in the Android ecosystem suggests that the attacker's side is winning. In this respect, this paper aims to bring out the main issues of the current anti-repackaging approaches. The contribution of the paper is three-fold: 1) analyze the weaknesses of the current state-of-the-art anti-repackaging schemes (i.e.,Highlights: We assess the state-of-the-art of anti-repackaging schemes on Android. We describe the main attacking methodologies to anti-repackaging on Android. We provide some attacking techniques to circumvent current anti-repackaging schemas. We present a fully-fledged attack to NRP, the most recent anti-repackaging scheme. We discuss guidelines for improving next-generation anti-repackaging on Android. Abstract: App repackaging refers to the practice of customizing an existing mobile app and redistributing it in the wild. In this way, the attacker aims to force some mobile users to install the repackaged (likely malicious) app instead of the original one. This phenomenon strongly affects Android, where apps are available on public stores, and the only requirement for an app to execute properly is to be digitally signed. Anti-repackaging techniques try counteracting this attack by adding logical controls in the app at compile-time. Such controls activate in case of repackaging and lead the repackaged app to fail at runtime. On the other side, the attacker must detect and bypass the controls to repackage safely. The high-availability of working repackaged apps in the Android ecosystem suggests that the attacker's side is winning. In this respect, this paper aims to bring out the main issues of the current anti-repackaging approaches. The contribution of the paper is three-fold: 1) analyze the weaknesses of the current state-of-the-art anti-repackaging schemes (i.e., Self-Protection through Dex Encryption, AppIS, SSN, SDC, BombDroid, and NRP), 2) summarize the main attack vectors to anti-repackaging techniques composing those schemes, and 3) show how such attack vectors allow circumventing the current proposals. The paper will also show a full-fledged attack to NRP, the only publicly-available anti-repackaging tool to date. … (more)
- Is Part Of:
- Computers & security. Issue 103(2021)
- Journal:
- Computers & security
- Issue:
- Issue 103(2021)
- Issue Display:
- Volume 103, Issue 103 (2021)
- Year:
- 2021
- Volume:
- 103
- Issue:
- 103
- Issue Sort Value:
- 2021-0103-0103-0000
- Page Start:
- Page End:
- Publication Date:
- 2021-04
- Subjects:
- Android security -- App security -- Anti-repackaging techniques -- Attacks to anti-repackaging -- Anti-tampering
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2021.102181 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 15804.xml