@article{ART002707566},
author={HyungJoon Shim and Sangwook Cho and Younsik Jeong and Chanhee Lee and Sangchul Han and SEONG JE CHO},
title={A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification},
journal={Journal of Software Assessment and Valuation},
issn={2092-8114},
year={2014},
volume={10},
number={1},
pages={19-26}
TY - JOUR
AU - HyungJoon Shim
AU - Sangwook Cho
AU - Younsik Jeong
AU - Chanhee Lee
AU - Sangchul Han
AU - SEONG JE CHO
TI - A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification
JO - Journal of Software Assessment and Valuation
PY - 2014
VL - 10
IS - 1
PB - Korea Software Assessment and Valuation Society
SP - 19
EP - 26
SN - 2092-8114
AB - In this paper, we propose a method for protecting Android applications against reverse engineering attacks.
In this method, the server encrypts the original executable code (DEX) included in an APK file, inserts into the APK file a stub code that decrypts the encrypted DEX later at run-time, and distributes the modified APK file. The stub code includes an integrity validation code to detect attacks on itself. When a user installs and executes the APK file, the stub code verifies the integrity of itself, decrypts the encrypted DEX, and loads it dynamically to execute. Since the original DEX is distributed as an encrypted one, we can effectively protect the intellectual property. Further, by verifying the integrity of the stub code, we can prevent malicious users from bypassing our method. We applied the method to 15 Android apps, and evaluated its effectiveness. We confirmed that 13 out of them operates normally.
KW - Android application;Executable code;Dynamic class loading;Encryption
DO -
UR -
ER -
HyungJoon Shim, Sangwook Cho, Younsik Jeong, Chanhee Lee, Sangchul Han and SEONG JE CHO. (2014). A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification. Journal of Software Assessment and Valuation, 10(1), 19-26.
HyungJoon Shim, Sangwook Cho, Younsik Jeong, Chanhee Lee, Sangchul Han and SEONG JE CHO. 2014, "A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification", Journal of Software Assessment and Valuation, vol.10, no.1 pp.19-26.
HyungJoon Shim, Sangwook Cho, Younsik Jeong, Chanhee Lee, Sangchul Han, SEONG JE CHO "A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification" Journal of Software Assessment and Valuation 10.1 pp.19-26 (2014) : 19.
HyungJoon Shim, Sangwook Cho, Younsik Jeong, Chanhee Lee, Sangchul Han, SEONG JE CHO. A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification. 2014; 10(1), 19-26.
HyungJoon Shim, Sangwook Cho, Younsik Jeong, Chanhee Lee, Sangchul Han and SEONG JE CHO. "A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification" Journal of Software Assessment and Valuation 10, no.1 (2014) : 19-26.
HyungJoon Shim; Sangwook Cho; Younsik Jeong; Chanhee Lee; Sangchul Han; SEONG JE CHO. A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification. Journal of Software Assessment and Valuation, 10(1), 19-26.
HyungJoon Shim; Sangwook Cho; Younsik Jeong; Chanhee Lee; Sangchul Han; SEONG JE CHO. A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification. Journal of Software Assessment and Valuation. 2014; 10(1) 19-26.
HyungJoon Shim, Sangwook Cho, Younsik Jeong, Chanhee Lee, Sangchul Han, SEONG JE CHO. A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification. 2014; 10(1), 19-26.
HyungJoon Shim, Sangwook Cho, Younsik Jeong, Chanhee Lee, Sangchul Han and SEONG JE CHO. "A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification" Journal of Software Assessment and Valuation 10, no.1 (2014) : 19-26.
