Design and Implementation of the Scheme of Obfuscation Based on the Recombination of the Android Executable File

doi:10.3969/j.issn.1671-1122.2016.05.011

Abstract

Abstract:

With the rapid development of mobile intelligent terminals, Android operating system has become one of the most widely used mobile intelligent operating systems in the world. Java is famous for its features of good cross-platform, high efficiency and a large amount of developers, therefore the designers of Android choose Java as the system development language. The characteristics of the Java language make Java program easy be decompiled by decompilation tools and be analyzed, which makes Android applications face great risks. This paper focuses on the study of code obfuscation technology for the purpose of protecting Android applications, improving the difficulty of the attacker's reverse analysis and adding no extra time cost for the execution of the program. Based on Android executable file reorganization, this paper designs and implements a kind of Android obfuscation tool and carries out test and performances analysis. This Android obfuscation tool enhances the security of Android applications, protects Android applications developers' intellectual property rights, and avoids reverse analysis, piracy and malicious tampering to Android applications to a certain extent.

Key words: Android, executable file, recombination, code obfuscation

CLC Number:

TP309

Weiping WEN, Han ZHANG, Xianglei CAO. Design and Implementation of the Scheme of Obfuscation Based on the Recombination of the Android Executable File[J]. Netinfo Security, 2016, 16(5): 71-77.

Figures/Tables 10

References 25

[1]	中国互联网络信息中心. 第37次中国互联网络发展状况统计报告[EB/OL]. .
[2]	王敏惠. 基于SIP的Android终端VoIP系统研究与开发[D].南京:南京邮电大学,2014.
[3]	杨勇义. 基于Android平台的软件保护技术研究[D].北京:北京邮电大学,2012.
[4]	吴家顺,高静. Android App Anti-repackage方法研究综述[J].科技展望,2015, 25(25): 13.
[5]	COLLBERG C,THOMBORSON C,LOW D.A Taxonomy of Obfuscating Transformations[EB/OL].https://www.researchgate.net/publication/37987523_A_Taxonomy_of_Obfuscating_Transformations,2016-03-15.
[6]	COLLBERG C.Watermarking,Tamper-proofing and Obfuscation Tools for Software Protection[J].IEEE Transactions on Software Engineering, 2002,28(8):735-746.
[7]	WANG Chenxi.A Security Architecture for Survivability Mechanisms[D].Charlottesville: University of Virginia,2000.
[8]	史扬,曹立明,王小平.混淆算法研究综述[J].同济大学学报(自然科学版),2005,33(6): 813-819.
[9]	赵玉洁. 面向逆向工程的代码混淆有效性研究与实践[D].西安:西北大学,2011.
[10]	赵玉洁,汤站勇,王妮,等.代码算法有效性评估[J].软件学报,2012, 23(3): 700-710.
[11]	钱海龙. 移动终端应用安全加固关键技术研究[D].北京:北京邮电大学,2014.
[12]	巫志文,李炜.基于Android平台的软件加固方案的设计与实现[J].电信工程技术与标准化,2015, 28(1): 36-37.
[13]	徐剑,武爽,孙琦,等.面向Android应用程序的代码保护方法研究[J].信息网络安全,2014 (10): 11-17.
[14]	王琳. 基于Android平台软件保护方法研究[D].西安:西北大学,2014.
[15]	丰生强. Android软件安全与逆向分析[M].北京:人民邮电出版,2013.
[16]	王华斌. 基于Android平台的智能终端安全研究[D].北京:北京交通大学,2013.
[17]	邹宏,谢余强.混淆技术研究初探[J].信息技术大学学报,2015,9(1): 97-99.
[18]	张宝国. 基于Java的代码混淆研究[D].成都:电子科技大学,2008.
[19]	雷植洲. 代码混淆技术及其在软件安全保护中的应用研究 [D].武汉:华中科技大学,2007.
[20]	焦义奎. 基于虚拟机的软件保护系统研究与设计[D].武汉:华中科技大学,2007.
[21]	刘晓英,沈金龙.软件开发中的一个重要环节——混淆[J].南京邮电学院学报(自然科学版),2004,24(1):59-63.
[22]	杨旭辉,周庆国,韩根亮,等.一种基于源代码的Java代码混淆器的设计与实现[J].甘肃科学学报,2015, 27(2): 28-31.
[23]	COLLBERG C.CS620 Security through Obscurity[EB/OL]..
[24]	刘衍斐,封莎.移动应用软件防篡改技术研究[J].现代电信科技,2015(1): 66-74.
[25]	张玉清,王凯,杨欢,等.Android安全综述[J].计算机研究与发展,2014, 51(7): 1385-1395.