Exploiting Binary-Level Code Virtualization to Protect Android Applications Against App Repackaging

He, Zhi‐Guo; Ye, Guixin; Yuan, Lu; Tang, Zhanyong; Ren, Jie; Yang, Jianfeng; Fang, Dingyi; Wang, Zheng

doi:10.1109/access.2019.2921417

Cited by 8 publications

(6 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A virtual machine (VM) executes inside the app and interprets the virtual instructions. Two different approaches are proposed in [25,26]; the first one works at DEX level, while the latter focuses on native libraries. Similarly to obfuscation, this approach aims at complicating the reverse engineering process of an app, but it does not introduce any anti-tampering check.…”

Section: Anti-repackagingmentioning

confidence: 99%

You Shall not Repackage! Demystifying Anti-Repackaging on Android

Merlo

Ruggia

Sciolla

et al. 2021

Computers & Security

View full text Add to dashboard Cite

Section: Anti-repackagingmentioning

confidence: 99%

You Shall not Repackage! Demystifying Anti-Repackaging on Android

Merlo

Ruggia

Sciolla

et al. 2021

Computers & Security

View full text Add to dashboard Cite

“…The compression encryption [3] is different from obfuscated code [4] essentially. The obfuscated code blocks the normal understanding by disturbing instructions' logic [5], however, we still can get the encrypted source code whether by static analysis or dynamic analysis. But when facing the compression encryption such as UPX [6], the static analysis loses effect immediately, and the dynamic analysis can be stopped by anti debug techniques such as timeout detection [7] or attached detection [8].…”

Section: ) How To Collect the Source Instructions When Facing The Compression Encryption?mentioning

confidence: 99%

A Gray Box for Visualizing Instruction Sequence Based on Improved Suffix Tree

Wang

Fang

2020

IEEE Access

View full text Add to dashboard Cite

Gray box is a kind of device in which the working process of a program or system is locally recognized. Gray box testing, also known as gray box analysis, is a software debugging method based on the limited cognition of the internal details of the program. Testers may know how system components interact with each other, but they lack a detailed understanding of internal program functions and operation. So the construction of gray box is particularly important. The most original gray boxes are static debugger and dynamic debugger. And then reflexion model, which reduces the manual work greatly, is developed and applied. The latest gray boxes are focus on regarding instructions as a natural language using the mature mathematical model to mine their internal value. Adhering to the idea of latest researches, our paper improves the original suffix tree and use the improved suffix tree as a mathematical models to analyse and visualize the internal logic of instructions. Our gray box aims at solving three problems in practical application. In addition, we explain the complexity of instruction sequence and put forward a prediction formula for the building part. By experiment, we prove the time complexity of each part and the correctness of the prediction formula, and show the effect of visualizing part.INDEX TERMS Gray box, reverse engineering, suffix tree, visualize, instruction preprocess.

show abstract

“…In application development, there are always hackers who try to exploit/attack applications developed in the form of reverse engineering, including Application Repackaging, which is a common and severe threat in the world of Android Signature Verification Based on Dex CRC and Blake2 Algorithm to Prevent Reverse Engineering Attack in Android Application application development. Hackers can use reverse engineering tools to disassemble an app and change, insert, modify the source code or make fake purchases [2].…”

Section: Introductionmentioning

confidence: 99%

Signature Verification Based on Dex CRC and Blake2 Algorithm to Prevent Reverse Engineering Attack in Android Application

Ilham,

Muhammad Niswar,

Ady Wahyudi Paundu

2023

Int. J. Interact. Mob. Technol.

View full text Add to dashboard Cite

The rapid growth of Android applications has led to more cybercrime cases, specifically Reverse Engineering attacks, on Android apps. One of the most common cases of reverse engineering is application repackaging, where the application is downloaded via the Play Store or the official website and then repackaged with various additions or changes. One of the ways to avoid Application Repackaging attacks is to check the signature of an application. However, hackers can manipulate the application by adding a hook, i.e., replacing the original function for getting signatures with a new modified function in the application. In this research, the development of a verification method for Android applications is carried out by utilizing Dex CRC and the Blake2 algorithm, which will be written in C using the Java Native Interface (JNI). The results of this study indicate that the verification method using Dex CRC and the Blake2 algorithm can effectively protect Android applications from Application Repackaging attacks without burdening application performance.

show abstract

Exploiting Binary-Level Code Virtualization to Protect Android Applications Against App Repackaging

Cited by 8 publications

References 31 publications

You Shall not Repackage! Demystifying Anti-Repackaging on Android

You Shall not Repackage! Demystifying Anti-Repackaging on Android

A Gray Box for Visualizing Instruction Sequence Based on Improved Suffix Tree

Signature Verification Based on Dex CRC and Blake2 Algorithm to Prevent Reverse Engineering Attack in Android Application

Contact Info

Product

Resources

About