Netinfo Security ›› 2014, Vol. 14 ›› Issue (10): 11-17.doi: 10.3969/j.issn.1671-1122.2014.10.003

Previous Articles     Next Articles

Research on Code Protection Method for Android Applications

XU Jian1,2, WU Shuang3, SUN Qi1, ZHOU Fu-cai1   

  1. 1. Software College, Northeastern University, Shenyang Liaoning 110819,China
    2.State Key Laboratory of Information Security , Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093,China
    3.Guangzhou Command School of The Public Security Border Forces, Guangzhou Guangdong 510663,China
  • Received:2014-09-03 Online:2014-10-01 Published:2015-08-17

Abstract:

Android is gaining its popularity in recent years and it has become one of the most common operating systems for mobile devices. However, security problems of Android system appear to be increasingly severe. Due to the fact that security mechanism of Android is not perfect and the protection methods of Android application codes are insufficient, a vast majority of Android applications are confronted with reverse engineering, software pirating and malware implantation threats. This paper analyzes the security problems of Android applications and also points out the reasons of these security problems. The code protection method for Android applications is also given in this paper. The method includes module on pc, module on Android and code development specification of Android applications. In order to make the method more maneuverability, this paper also gives the implementations of some key technologies in the method, which include the encryption protection based on AES algorithm, pseudo encryption, packer, code confusion and special coding rules etc. Integrating with some tradition code protection methods, the proposed method of Android application code protection makes uses of file encryption, code obfuscation, anti-debugging techniques, integrity checkout and packer techniques in order to enhance the abilities of counteracting the static attacks and dynamic debugging. Therefore, this method not only has a certain theoretical significance, but also has certain actual application value.

Key words: Android application, code protection, reverse engineering

CLC Number: