• Title/Summary/Keyword: DEX File

Search Result 12, Processing Time 0.018 seconds

An APK Overwrite Scheme for Preventing Modification of Android Applications (안드로이드 앱 변조 방지를 위한 APK 덮어쓰기 기법)

  • Choi, Byungha;Shim, HyungJoon;Lee, ChanHee;Cho, Sangwook;Cho, Seong-Je
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39B no.5
    • /
    • pp.309-316
    • /
    • 2014

  • It is easy to reverse engineer an Android app package file(APK) and get its decompiled source code. Therefore, attackers obtains economic benefits by illegally using the decompiled source code, or modifies an app by inserting malware. To address these problems in Android, we propose an APK overwrite scheme that protects apps against illegal modification of themselves by using a new anti-reverse engineering technique. In this paper, the targets are the apps which have been written by any programmer. For a target app (original app), server system (1) makes a copy of a target app, (2) encrypts the target app, (3) creates a stub app by replacing the DEX (Dalvik Executable) of the copied version with our stub DEX, and then (4) distributes the stub app as well as the encrypted target app to users of smartphones. The users downloads both the encrypted target app and the corresponding stub app. Whenever the stub app is executed on smartphones, the stub app and our launcher app decrypt the encrypted target app, overwrite the stub app with the decrypted target one, and executes the decrypted one. Every time the target app ends its execution, the decrypted app is deleted. To verify the feasibility of the proposed scheme, experimentation with several popular apps are carried out. The results of the experiment demonstrate that our scheme is effective for preventing reverse engineering and tampering of Android apps.

  • https://doi.org/10.7840/kics.2014.39B.5.309 인용 PDF KSCI

A Method Verifying Execution Environment Integrity for Secure Execution of Packed Android Application (패킹된 안드로이드 어플리케이션의 안전한 실행을 위한 실행 환경 무결성 검증 기법)

  • Ha, Dongsoo;Oh, Heekuck
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1553-1561
    • /
    • 2018

  • The source code for Android is open and easy to modify depending on the purpose. Recently, this charateristic has been exploited to bypass the runtime protection technique and extract the original executable code. Unfortunately, Android devices are so fragmented that it is difficult to verify the integrity of the system. To solve this problem, this paper proposes a technique to verify the integrity of the execution environment indirectly using the features of the application permission. Before executing the original executable code, it loads and executes the dummy DEX file to monitor for abnormal events and determine whether the system is intact. The proposed technique shows a performance overhead of about 2 seconds and shows that it can detect the bypassing technique that is currently disclosed.

  • https://doi.org/10.13089/JKIISC.2018.28.6.1553 인용 PDF KSCI HTML