He, Z, Ye, G, Yuan, L et al. (7 more authors) (2019) Exploiting Binary-Level Code Virtualization to Protect Android Applications Against App Repackaging. IEEE Access, 7. pp. 115062-115074. ISSN 2169-3536
Abstract
Application repackaging is a severe problem for Android systems. Many Android malware programs pass the mobile platform fundamental security barriers through repackaging other legitimate apps. Most of the existing anti-repackaging schemes only work at the Android DEX bytecode level, but not for the shared object files consisting of native ARM-based machine instructions. Lacking the protection at the native machine code level opens a door for attackers to launch repackaging attacks on the shared libraries that are commonly used on Android apps. This paper presents CodeCloak, a novel anti-repackaging system to protect Android apps at the native code level. CodeCloak employs binary-level code virtualization techniques to protect the target application. At the native machine code level, it uses a newly designed stack-based virtualization structure to obfuscate and protect critical algorithm implementations that have been compiled into native instructions. It leverages multiple dynamic code protection schemes to increase the diversity of the program behavior at runtime, aiming to increase the difficulties for performing code reverse engineering. We evaluate CodeCloak under typical app repackaging scenarios. Experimental results show that CodeCloak can effectively protect apps against repackaging attacks at the cost of minimum overhead.
Metadata
Item Type: | Article |
---|---|
Authors/Creators: |
|
Copyright, Publisher and Additional Information: | This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ |
Keywords: | Android code protection; code obfuscation; app repackaging; code virtulization; Virtualization; Reverse Engineering; Tools; Security; Libraries; Runtime; Semantics |
Dates: |
|
Institution: | The University of Leeds |
Academic Units: | The University of Leeds > Faculty of Engineering & Physical Sciences (Leeds) > School of Computing (Leeds) |
Depositing User: | Symplectic Publications |
Date Deposited: | 04 Oct 2019 11:03 |
Last Modified: | 04 Oct 2019 11:03 |
Status: | Published |
Publisher: | IEEE |
Identification Number: | 10.1109/ACCESS.2019.2921417 |
Related URLs: | |
Open Archives Initiative ID (OAI ID): | oai:eprints.whiterose.ac.uk:151509 |