Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.3.493

ICFGO : UI Concealing and Dummy Flow Insertion Method for Inter-Procedural Control Flow Graph Obfuscation  

Shim, Hyunseok (Soongsil University)
Jung, Souhwan (Soongsil University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.3, 2020 , pp. 493-501 More about this Journal
Abstract
For the obfuscation of Flow Analysis on the Android operating system, the size of the Flow Graph can be large enough to make analysis difficult. To this end, a library in the form of aar was implemented so that it could be inserted into the application in the form of an external library. The library is designed to have up to five child nodes from the entry point in the dummy code, and for each depth has 2n+1 numbers of methods from 100 to 900 for each node, so it consists of a total of 2,500 entry points. In addition, entry points consist of a total of 150 views in XML, each of which is connected via asynchronous interface. Thus, the process of creating a Inter-procedural Control Flow Graph has a maximum of 14,175E+11 additional cases. As a result of applying this to application, the Inter Procedure Control Flow Analysis too generates an average of 10,931 edges and 3,015 nodes with an average graph size increase of 36.64%. In addition, in the APK analyzing process showed that up to average 76.33MB of overhead, but only 0.88MB of execution overhead in the user's ART environment.
Keywords
Android application; Flow analysis; Obfuscation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 N. Peiravian and X. Zhu, "Machine Learning for Android Malware Detection Using Permission and API Calls", 2013 IEEE 25th International Conference on Tools with Artificial Intelligence, pp. 300-305, Nov. 2013.
2 Suleiman Y. Yerima, Sakir Sezer, Gavin McWilliams, Igor Muttik. "A New Android Malware Detection Approach Using Bayesian Classification", 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), pp. 121-128, Mar. 2013.
3 Noriyuki, S., Tetsuo, K., Katsuhisa, M., "Detecting Invalid Layer Combinations Using Control-Flow Analysis for Android," in Proc. COP'16 Proceedings of the 8th International Workshop on Context-Oriented Programming, Rome, pp. 27-32, Jul. 2016.
4 A. Steven, et al. "Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps.", Acm Sigplan Notices, vol.49, no.6 pp. 259-269, Jun. 2014.   DOI
5 GuardSquare, "Dexguard", https://www.guardsquare.com/en/products/dexguard, Last Accessed 08 Jan. 2020.
6 Android Developers, "Proguard", https://developer.android.com/studio/build/shrink-code?hl=ko, Last Accessed 08 Jan. 2020
7 Allatori Android Obfuscator, "Android Obfuscation - Java Obfuscator", http://www.allatori.com/features/android-obfuscation.html, Last Accessed 08 Jan. 2020.
8 L. Li, et al, "IccTA: Detecting Inter-Component Privacy Leaks in Android Apps", 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering, pp. 280-291, May. 2015.
9 Vivek Blanchandran, Sufatrio, Darell J.J. Tan, Vrizlynn L.L. Thing, "Control flow obfuscation for Android Applications," Computer & Security Elsevier, vol.61, pp. 72-93, May. 2016   DOI
10 Yong Peng, Jie Liang, Qi Li, "A control flow obfuscation method for Android applications," 2016 4th International Conference on Cloud Computing and Intelligence Systems (CCIS), pp. 94-98, Aug. 2016.
11 A. Kamil, J. Su and K. Yelick, "Making Sequential Consistency Practical in Titanium," Proceedings of the 2005 ACM/IEEE Conference on Supercomputing, pp. 15-15, Nov. 2005
12 F. Wei, et al, "Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps", ACM Transactions on Privacy and Security, vol.21, no.3, pp. 1-32, Apr. 2018.
13 Raja Vallée-Rai, Phong Co, Etienne Gagnon, Laurie Hendren et al. "Soot: A java bytecode optimization framework.", In CASCON First Decade High Impact Papers, pp. 214-224, Nov. 2010.
14 Areej Alzaidi, Suhair Alshehri, Seyed M. Buhari, "DroidRista: a highly precise static data flow analysis framework for android applications," International Journal of Information Security (2019), pp. 1-14, Oct. 2019.
15 Zhang, M., and Duan, Y., "Semantics-aware android malware classification using weighted contextual api dependency graphs,", CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1105-1116, Nov. 2014.