DOI QR코드

DOI QR Code

안드로이드 플랫폼에서 odex 파일을 이용한 불법 복제 앱 탐지 방법

An Illegally-copied App Detecting Method by Using Odex File in Android Platform

  • Cho, Dueckyoun (School of Computer Science and Engineering, Soongsil University) ;
  • Choi, Jaeyoung (School of Computer Science and Engineering, Soongsil University) ;
  • Kim, Eunhoe (Department of Internet Information, Seoil University) ;
  • Gang, Gi-Du (School of Business Administration, Soongsil University)
  • 투고 : 2014.12.24
  • 심사 : 2015.03.02
  • 발행 : 2015.04.30

초록

모바일 환경의 변화에 따라 안드로이드 앱의 사용이 증가하면서 앱에 대한 관심도 증가하였다. 하지만 불법으로 복제된 앱의 사용도 증가하여 앱 마켓의 투명성과 신뢰성이 저하되고 앱 개발자의 저작권을 침해하는 피해 사례가 발생하고 있다. 불법으로 복제된 앱의 사용을 방지하는 다양한 기술이 연구되었지만, 이를 우회하는 방법이 있기도 하고 또한 최초 유포자에 대한 정보를 알아낼 수 없어서 법적으로 제재하기도 어렵다. 본 논문에서는 안드로이드 플랫폼에서 불법 복제 앱을 탐지하는 방법을 제안한다. 불법 복제 앱 탐지기는 앱 설치 과정에서 생성되는 odex 파일을 사용함으로 불법 복제 앱을 탐지하고, 포렌식 워터마크 기술을 사용함으로써 최초 유포자의 정보를 알아낼 수 있다. 제안하는 불법 복제 앱 탐지기는 시스템 서버에서 서비스 형태로 실행되어 사용자에게 노출되지 않는다. 실험 결과, 불법 복제 앱 탐지기는 평균 0.2초 이내로 불법 복제 앱을 탐지하고 삭제하는 것이 가능하다.

According to the changes of the mobile environments, the usage and interest of the Android apps have been increased. But the usage of illegally-copied apps has been also increased. And the transparency and dependability of the app markets has been decreased. Therefore there are many cases for the copyright infringement of app developers. Although several methods for preventing illegally-copied apps have been studied, there may exist possible ways to bypass the methods. Since it is difficult to find out the first distributors of the illegally-copied apps, it is not easy to punish them legally. This paper proposes the method of detecting illegally-copied apps. The proposed detector can detect the illegally-copied apps using odex file, which is created when the app is installed. The detector can also find out the information of the first distributors based on forensic watermark technique. Since the illegally-copied app detector is running as a service on the system server, it is granted that the detector hides from the users. As an experiment result, the illegally-copied app detector takes on average within 0.2 seconds to detect and delete an illegally-copied app.

키워드

참고문헌

  1. Mincheol Kim, Jihyung Shin, Yunhwa Kim, Taelim Ha, Sun Shin, "2013 Korea Media Panel Research", Korea Information society development institute, 2013. http://www.kisdi.re.kr/kisdi/fp/kr/board/selectSingleBoar d.do?cmd=select SingleBoard&curPage=1&boardId=GPK_RND_DATA&seq=29270&reStep=8999&ctx=_
  2. Mashable, Available at : http://www.mashable.com
  3. Android LVL, Available at: http://developer.android.com/google/play/licensing/addin g-licensing.html
  4. Hanbyul Baek, Eungyu Lee, Kanghee Kim, "A Mobile Application Anti-Piracy Technique Using Mandatory Access Control Based on User Preferences", Journal of Security Engineering, Vol.10, No.2, pp.151-162, 2013. http://www.sersc.org/journals/JSE/vol10_no2_2013/4.pdf
  5. Sung-Ryul Kim, "Copy Protection System for Android App using Public Key Infrastructure", Journal of Security Engineering, Vol.9, No.1, pp.121-134, 2012. http://www.sersc.org/journals/JSE/vol9_no1_2012/11.pdf
  6. H. Kim, "The Technology Trend of Forensic mark", Korea Copyright Commission, Sept. 2010. http://www.copyright.or.kr
  7. Cheol Jeon, Yookun Cho, "A Robust Steganography-Based Software Watermarking", RACS 2012, San Antonio, TX, USA, 2012. http://dl.acm.org/citation.cfm?id=2401675
  8. The Android Open Source Project. Dalvik optimization and verification with dexopt. Available at: http://www.netmite.com/android/mydroid/dalvik/docs/dexopt.html.
  9. Security Enginering Research Group, "Analysis of Dalvik Virtual Machine and Class Path Library", 2010. "http://www.academia.edu/4768292/Analysis_of_Dalvik_Virtual_Machine_and_Class_Path_Library_Constrained_Intents_Extending_Android_Security_for_Intent_Policies_EASIP_"
  10. Taeyoun Kim, Jihoon Park, Sangyup Kim, WangJae Yi, "Android Anatomy System Service", Developers Happy World, 2011.