KJC Korea
Journal Central

Journal of Software Assessment and Valuation 2021 KCI Impact Factor : 0.27

Korean | English

pISSN : 2092-8114 / eISSN : 2733-4384

http://journal.kci.go.kr/ksavs

BACK
TOP

Home > Explore Content > All Issues > Article View

3 of 5

A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification

Journal of Software Assessment and Valuation
Abbr : JSAV
2014, 10(1), pp.19-26

Publisher : Korea Software Assessment and Valuation Society
Research Area : Computer Science

Received : June 20, 2014
Accepted : June 28, 2014
Published : June 30, 2014

HyungJoon Shim ¹, Sangwook Cho ¹, Younsik Jeong ¹, Chanhee Lee ¹, Sangchul Han ², SEONG JE CHO ¹

¹단국대학교
²단국대

ABSTRACT
열림/닫힘 버튼

In this paper, we propose a method for protecting Android applications against reverse engineering attacks. In this method, the server encrypts the original executable code (DEX) included in an APK file, inserts into the APK file a stub code that decrypts the encrypted DEX later at run-time, and distributes the modified APK file. The stub code includes an integrity validation code to detect attacks on itself. When a user installs and executes the APK file, the stub code verifies the integrity of itself, decrypts the encrypted DEX, and loads it dynamically to execute. Since the original DEX is distributed as an encrypted one, we can effectively protect the intellectual property. Further, by verifying the integrity of the stub code, we can prevent malicious users from bypassing our method. We applied the method to 15 Android apps, and evaluated its effectiveness. We confirmed that 13 out of them operates normally.
KEYWORDS
열림/닫힘 버튼

Android application, Executable code, Dynamic class loading, Encryption

Statistics

169 Viewed

13 Downloaded

Tools

Print this page

Export Citation

Sharing

Issue List

Citation status

KCI Citation Counts (0)
REFERENCES (8)
열림/닫힘 버튼
* 2021년 이후 발행 논문의 참고문헌은 현재 구축 중입니다.

[web] 이민형 / 앱 비즈니스의 확대... 앱 위변조방지에 초점 / 디지털데일리 / http://www.ddaily.co.kr/news/article.html?no=113236

[web] / ProGuard Introduction / http://stuff.mit.edu/afs/sipb/project/android/sdk/android-sdk-linux/tools/proguard/docs/index.html#manual/introduction.html

[web] 김태형 / 난독화·리소스 암호화보다 높은 방어기술로 바이너리 암호화 부각 / 보안뉴스 / http://www.boannews.com/media/view.asp?idx=38059

[web] / Saikoa DexGurad / http://www.saikoa.com/dexguard

[web] / What kind of optimization does ProGuard support / http://proguard.sourceforge.net/#FAQ.html

[web] / 2013 / A look inside DexGuard / http://www.android-decompiler.com/blog/2013/04/02/a-look-inside-dexGuard/

[journal] 김성렬 / 2012 / Copy Protection System for Android App using Public Key Infrastructure / 보안공학연구논문지 / 보안공학연구지원센터 9(1) : 121~134

[thesis] Estourgie / 2013 / Analysis of Android Authenticators / Radboud Universiteit Nijmegen