Browse > Article
http://dx.doi.org/10.13089/JKIISC.2017.27.6.1457

An Application Obfuscation Method Using Security Token for Encryption in Android  

Shin, JinSeop (The Attached Institute of ETRI)
Ahn, Jaehwan (The Attached Institute of ETRI)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.27, no.6, 2017 , pp. 1457-1465 More about this Journal
Abstract
With the growing of smart devices market, malicious behavior has gradually expanded its scope. Accordingly, many studies have been conducted to analyze malicious apps and automated analysis tools have been released. However these tools cause the side effects that the application protection tools such as ProGuard, DexGuard become vulnerable to analyzers or attackers. This paper suggests the protection mechanism to apply to the Android apps using security token, rather than general-purpose protection solutions that can be applied in malicious apps. The main features of this technique are that Android app is not properly loaded in the memory when the security token is abnormal or is not inserted and protected parts using the technique are not exposed.
Keywords
Android; Encryption; Security Token;
Citations & Related Records
Times Cited By KSCI : 4  (Citation Analysis)
연도 인용수 순위
1 Maria Garnaeva, Fedor Sinitsyn, Yury Namestnikov, Denis Makrushin and Alexander Liskin, "Kaspersky Security Bulletin:OVERALL STATISTIVS FOR 2016," Kaspersky Lab, Dec. 2016
2 Kimberly Tam, Ali Feizollah, Nor Badrul Anuar, Rosli Salleh and Lorenzo Cavallaro, "The Evolution of Android Malware and Android Analysis Techniques," ACM Computing Surveys (CSUR), vol. 49, no. 4, pp. 1-41, Feb. 2017
3 Se Young Lee, Jin Hyung Park, Moon Chan Park, Jae Hyuk Suk, Dong Hoon Lee, "A Study on Deobfuscation Method of Android and Implementation of Automatic Analysis Tool," Jonornal of The Korea Institute of information Security & Cryptology, 25(5), pp. 1201-1215, Oct. 2015   DOI
4 Yeongung Park, "We Can Still Crack You! General Unpacking Method for Android Packer (no root)," DEFCON, Mar. 2015
5 "Android KitKat unveiled in Google surprise move," BBC, 3 Sep, 2013
6 Anwar Ghuloum, Brian Carlstrom and Ian Rogers, "ART: ANdroid's Runtime Evolved," Google I/O 2014, Jun. 2014
7 J.Kim and E. Lee, "A strategy of effectively applying a control flow obfuscation to programes," J. Korea Soc. Comput. Inf., vol 16, no. 6, pp. 41-50 Jun. 2011   DOI
8 Y. Piao, J. Jung, and J.H. Yi, "structural and Functional Analyses of ProGuard Obfuscation Tool," J. KICS, vol. 38, no. 8, pp. 654-662, Aug. 2013
9 AppSuit, http://premium.appsu.it
10 Kim. Hee Moon, "Protection Framework for Android Application by Encrypting DEX files," The Graduate School of Hanyang University, Feb. 2011
11 https://play.google.com/intl/ko_ALL/about/index.html
12 JungHyun Kim, Kang Seung Lee, "Robust Anti Reverse Engineering Technique for Protecting Android Applications using the AES Algorithm," Journal of KIISE, Vol.42, No. 9, pp. 1100-1108, Sep. 2015   DOI
13 Privacy Statement, http://inside.olle h.com/html/infoView.asp
14 https://developer.android.com/reference/dalvik/system/DexClassLoader.html
15 https://gadgetstouse.com/gadget-tech/sd-card-explained/32377