On the effectiveness of code-reuse-based Android application obfuscation
Attackers use reverse engineering techniques to gain detailed understanding of executable for malicious purposes, such as re-packaging an Android app to inject malicious code or advertising components. To make reverse engineering more difficult, researchers have proposed various code obfuscation tec...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2017
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/3426 https://ink.library.smu.edu.sg/context/sis_research/article/4427/viewcontent/Ontheeffectivenessofcode_reuse_based.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-4427 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-44272018-03-14T06:12:52Z On the effectiveness of code-reuse-based Android application obfuscation TANG, Xiaoxiao LIANG, Yu MA, Xinjie LIN, Yan GAO, Debin Attackers use reverse engineering techniques to gain detailed understanding of executable for malicious purposes, such as re-packaging an Android app to inject malicious code or advertising components. To make reverse engineering more difficult, researchers have proposed various code obfuscation techniques to conceal purposes or logic of code segments. One interesting idea of code obfuscation is to apply codereuse techniques (e.g., Return-Oriented Programming) to (re-)distribute essential code segments before they are reconstructed at runtime. Such techniques are well understood on x86 platform, but relatively less explored on Android. In this paper, we present an evaluation on the extent to which code-reuse-based techniques can be applied to obfuscate Android apps. Moreover, we extend code-reuse-based obfuscation to the Android platform by proposing an obfuscation mechanism for both Java and native code. Results show that 835 gadgets are found in the C standard library (libc.so) which cover the entire Turing complete set. Furthermore, we implement a semi-automatic tool named AndroidCubo and show that it protects both Java and native code with comparable security to those obfuscated with Java reflection at a small runtime overhead. 2017-01-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3426 info:doi/10.1007/978-3-319-53177-9_18 https://ink.library.smu.edu.sg/context/sis_research/article/4427/viewcontent/Ontheeffectivenessofcode_reuse_based.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Obfuscation Android application Code reuse Java Native Interface Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Obfuscation Android application Code reuse Java Native Interface Information Security |
| spellingShingle |
Obfuscation Android application Code reuse Java Native Interface Information Security TANG, Xiaoxiao LIANG, Yu MA, Xinjie LIN, Yan GAO, Debin On the effectiveness of code-reuse-based Android application obfuscation |
| description |
Attackers use reverse engineering techniques to gain detailed understanding of executable for malicious purposes, such as re-packaging an Android app to inject malicious code or advertising components. To make reverse engineering more difficult, researchers have proposed various code obfuscation techniques to conceal purposes or logic of code segments. One interesting idea of code obfuscation is to apply codereuse techniques (e.g., Return-Oriented Programming) to (re-)distribute essential code segments before they are reconstructed at runtime. Such techniques are well understood on x86 platform, but relatively less explored on Android. In this paper, we present an evaluation on the extent to which code-reuse-based techniques can be applied to obfuscate Android apps. Moreover, we extend code-reuse-based obfuscation to the Android platform by proposing an obfuscation mechanism for both Java and native code. Results show that 835 gadgets are found in the C standard library (libc.so) which cover the entire Turing complete set. Furthermore, we implement a semi-automatic tool named AndroidCubo and show that it protects both Java and native code with comparable security to those obfuscated with Java reflection at a small runtime overhead. |
| format |
text |
| author |
TANG, Xiaoxiao LIANG, Yu MA, Xinjie LIN, Yan GAO, Debin |
| author_facet |
TANG, Xiaoxiao LIANG, Yu MA, Xinjie LIN, Yan GAO, Debin |
| author_sort |
TANG, Xiaoxiao |
| title |
On the effectiveness of code-reuse-based Android application obfuscation |
| title_short |
On the effectiveness of code-reuse-based Android application obfuscation |
| title_full |
On the effectiveness of code-reuse-based Android application obfuscation |
| title_fullStr |
On the effectiveness of code-reuse-based Android application obfuscation |
| title_full_unstemmed |
On the effectiveness of code-reuse-based Android application obfuscation |
| title_sort |
on the effectiveness of code-reuse-based android application obfuscation |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2017 |
| url |
https://ink.library.smu.edu.sg/sis_research/3426 https://ink.library.smu.edu.sg/context/sis_research/article/4427/viewcontent/Ontheeffectivenessofcode_reuse_based.pdf |
| _version_ |
1770573165215350784 |