• Journal of Internet Computing and Services
• /
• v.16 no.2
• /
• pp.67-75
• /
• 2015

According to the changes of the mobile environments, the usage and interest of the Android apps have been increased. But the usage of illegally-copied apps has been also increased. And the transparency and dependability of the app markets has been decreased. Therefore there are many cases for the copyright infringement of app developers. Although several methods for preventing illegally-copied apps have been studied, there may exist possible ways to bypass the methods. Since it is difficult to find out the first distributors of the illegally-copied apps, it is not easy to punish them legally. This paper proposes the method of detecting illegally-copied apps. The proposed detector can detect the illegally-copied apps using odex file, which is created when the app is installed. The detector can also find out the information of the first distributors based on forensic watermark technique. Since the illegally-copied app detector is running as a service on the system server, it is granted that the detector hides from the users. As an experiment result, the illegally-copied app detector takes on average within 0.2 seconds to detect and delete an illegally-copied app.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.5
• /
• pp.309-316
• /
• 2014

It is easy to reverse engineer an Android app package file(APK) and get its decompiled source code. Therefore, attackers obtains economic benefits by illegally using the decompiled source code, or modifies an app by inserting malware. To address these problems in Android, we propose an APK overwrite scheme that protects apps against illegal modification of themselves by using a new anti-reverse engineering technique. In this paper, the targets are the apps which have been written by any programmer. For a target app (original app), server system (1) makes a copy of a target app, (2) encrypts the target app, (3) creates a stub app by replacing the DEX (Dalvik Executable) of the copied version with our stub DEX, and then (4) distributes the stub app as well as the encrypted target app to users of smartphones. The users downloads both the encrypted target app and the corresponding stub app. Whenever the stub app is executed on smartphones, the stub app and our launcher app decrypt the encrypted target app, overwrite the stub app with the decrypted target one, and executes the decrypted one. Every time the target app ends its execution, the decrypted app is deleted. To verify the feasibility of the proposed scheme, experimentation with several popular apps are carried out. The results of the experiment demonstrate that our scheme is effective for preventing reverse engineering and tampering of Android apps.