Zhao, Beibei and Tang, Zhanyong and Li, Zhen and Song, Lina and Gong, Xiaoqing and Fang, Dingyi and Liu, Fangyuan and Wang, Zheng (2017) DexPro : A Bytecode Level Code Protection System for Android Applications. In: Cyberspace Safety and Security :. Lecture Notes in Computer Science . Springer, Cham, pp. 367-382. ISBN 9783319694702
DexPro.pdf - Accepted Version
Available under License Creative Commons Attribution.
Download (1MB)
Abstract
Unauthorized code modification through reverse engineering is a major concern for Android application developers. Code reverse engineering is often used by adversaries to remove the copyright protection or advertisements from the app, or to inject malicious code into the program. By making the program difficult to analyze, code obfuscation is a potential solution to the problem. However, there is currently little work on applying code obfuscation to compiled Android bytecode. This paper presents DexPro, a novel bytecode level code obfuscation system for Android applications. Unlike prior approaches, our method performs on the Android Dex bytecode and does not require access to high-level program source or modification of the compiler or the VM. Our approach leverages the fact all except floating operands in Dex are stored in a 32-bit register to pack two 32-bit operands into a 64-bit operand. In this way, any attempt to decompile the bytecode will result in incorrect information. Meanwhile, our approach obfuscates the program control flow by inserting opaque predicates before the return instruction of a function call, which makes it harder for the attacker to trace calls to protected functions. Experimental results show that our approach can deter sophisticate reverse engineering and code analysis tools, and the overhead of runtime and memory footprint is comparable to existing code obfuscation methods.