基于smali代码混淆的Android应用保护方法
|
摘要
提出了一种基于smali代码混淆的Android应用保护方法,其基本思想是利用Dalvik VM基于寄存器这一特点,对寄存器中值的存取进行数据流混淆,并结合不透明谓词技术对其控制流进行混淆,最终目的是让攻击者在反编译时出现异常。对该混淆方法从强度、弹性和开销3个指标进行了技术评价。实验结果表明,该混淆方法能够抵抗现在广泛使用的逆向工具jeb、dex2jar、dexdump和IDA pro的逆向分析。
An Android application protection method that is based on code obfuscation of smali code is proposed.The basic idea is that confuses the data flow for the access procedure of register data,and combines opaque predicates technology to confuse the control flow,thus when the attacker reversely analyze the application,the decompiling results will be w rong.The obfuscation method is evaluated from strength,resilience and overhead.The experiment results show that ourcan resist the reverse analysis of current popular reverse tools,such as jeb,dex2jar,dexdump and IDA pro.
An Android application protection method that is based on code obfuscation of smali code is proposed.The basic idea is that confuses the data flow for the access procedure of register data,and combines opaque predicates technology to confuse the control flow,thus when the attacker reversely analyze the application,the decompiling results will be w rong.The obfuscation method is evaluated from strength,resilience and overhead.The experiment results show that ourcan resist the reverse analysis of current popular reverse tools,such as jeb,dex2jar,dexdump and IDA pro.
引文
[1]飞向网.2016年Q1中国Android市场份额[EB/OL].[2016].http://www.ebrun.com/20160419/172891.shtml.
[2]中国新闻网.Fake payment APP[EB/OL].[2015].http://www.thethirdmedia.com/Article/201511/show363-034c77p1.html.
[3]JESUSFREKEJ.smali/backsmali:An assembler/disassembler for Android's dex format[EB/OL].[2011].http://code.google.com/p/samli.
[4]XU J,LI S,ZHANG T.Security Analysis and Protection Based on Smali Injection for Android Applications[M]//Algorithms and Architectures for Parallel Processing.Berlin:Springer International Publishing,2014:577-586.
[5]BARAK B,GOLDREICH O,IMOAGLIAZZO R,et al.On the(im)possibility of obfuscating programs[C]//Advances in cryptology—CRYPTO 2001.Springer Berlin Heidelberg,2001:1-18.
[6]郑琪,徐爱国.面向Android移动应用的控制流混淆[EB/OL].中国科技论文在线.2014.http://www.paper.edu.cn/releasepaper/content/201412-783.ZHENG Qi,XU Aiguo.The control flow of confusion for Android mobile application[EB/OL].China's scientific and technical papers online.2014.http://www.paper.edu.cn/releasepaper/content/201412-783.
[7]刘金梁.Android平台软件安全防护技术的研究与实现[D].北京:北京邮电大学,2015.LIU Jinliang.The research of the softw are security protection technology and implementation for Android platform[D].Beijing:Beijing University of Posts and Telecommunications,2015.
[8]郑琪.面向Android智能手机终端应用程序的代码混淆算法研究与实现[D].北京:北京邮电大学,2015.ZHENG Qi.Research and implementation of code obfuscation algorithms for applications of android smartphone terminal[D].Beijing:Beijing University of Posts and Telecommunications,2015.
[9]Eric P.F.Pro Guard[EB/OL].[2002].http://proguard.sourceforge.net/.
[10]SHU J,LI J,ZHANG Y,et al.Android app protection via interpretation obfuscation[C]//Dependable,Autonomic and Secure Computing(DASC),2014 IEEE 12th International Conference on.IEEE,2014:63-68.
[11]汪德嘉,宋超,刘家郡.一种Android系统应用的深度代码混淆方法[P].中国专利:103544414.A,2014.WANG Dejia,SONG Chao,LIU Jiajun.A method of the depth of the Android application code confusion[P].CN:103544414.A,2014.
[12]PREDA M D,GIACOBAZZI R.Semantic-Based Code Obfuscation by Abstract Interpretation[J].Lecture Notes in Computer Science,2005,17(17):1325-1336.
[13]YANG Y,FAN W,HUANG W,et al.The research of multi-point function opaque predicates obfuscation algorithm[J].Applied M athematics&Information Sciences,2014,8(6):3063-3070.
[14]Romin Irani.Android Application Class[EB/OL].[2010].http://www.xoriant.com/blog/mobile-application-development/android-application-class.html
[15]WIKIPEDIA.Java Native Interface[EB/OL].[2016].https://en.w ikipedia.org/w iki/Java_Native_Interface.
[16]COLLERG C,THOMBORSON C,LOW D.A taxonomy of obfuscating transformations[D].New Zealand,Auckland:The University of Auckland,1997.
[2]中国新闻网.Fake payment APP[EB/OL].[2015].http://www.thethirdmedia.com/Article/201511/show363-034c77p1.html.
[3]JESUSFREKEJ.smali/backsmali:An assembler/disassembler for Android's dex format[EB/OL].[2011].http://code.google.com/p/samli.
[4]XU J,LI S,ZHANG T.Security Analysis and Protection Based on Smali Injection for Android Applications[M]//Algorithms and Architectures for Parallel Processing.Berlin:Springer International Publishing,2014:577-586.
[5]BARAK B,GOLDREICH O,IMOAGLIAZZO R,et al.On the(im)possibility of obfuscating programs[C]//Advances in cryptology—CRYPTO 2001.Springer Berlin Heidelberg,2001:1-18.
[6]郑琪,徐爱国.面向Android移动应用的控制流混淆[EB/OL].中国科技论文在线.2014.http://www.paper.edu.cn/releasepaper/content/201412-783.ZHENG Qi,XU Aiguo.The control flow of confusion for Android mobile application[EB/OL].China's scientific and technical papers online.2014.http://www.paper.edu.cn/releasepaper/content/201412-783.
[7]刘金梁.Android平台软件安全防护技术的研究与实现[D].北京:北京邮电大学,2015.LIU Jinliang.The research of the softw are security protection technology and implementation for Android platform[D].Beijing:Beijing University of Posts and Telecommunications,2015.
[8]郑琪.面向Android智能手机终端应用程序的代码混淆算法研究与实现[D].北京:北京邮电大学,2015.ZHENG Qi.Research and implementation of code obfuscation algorithms for applications of android smartphone terminal[D].Beijing:Beijing University of Posts and Telecommunications,2015.
[9]Eric P.F.Pro Guard[EB/OL].[2002].http://proguard.sourceforge.net/.
[10]SHU J,LI J,ZHANG Y,et al.Android app protection via interpretation obfuscation[C]//Dependable,Autonomic and Secure Computing(DASC),2014 IEEE 12th International Conference on.IEEE,2014:63-68.
[11]汪德嘉,宋超,刘家郡.一种Android系统应用的深度代码混淆方法[P].中国专利:103544414.A,2014.WANG Dejia,SONG Chao,LIU Jiajun.A method of the depth of the Android application code confusion[P].CN:103544414.A,2014.
[12]PREDA M D,GIACOBAZZI R.Semantic-Based Code Obfuscation by Abstract Interpretation[J].Lecture Notes in Computer Science,2005,17(17):1325-1336.
[13]YANG Y,FAN W,HUANG W,et al.The research of multi-point function opaque predicates obfuscation algorithm[J].Applied M athematics&Information Sciences,2014,8(6):3063-3070.
[14]Romin Irani.Android Application Class[EB/OL].[2010].http://www.xoriant.com/blog/mobile-application-development/android-application-class.html
[15]WIKIPEDIA.Java Native Interface[EB/OL].[2016].https://en.w ikipedia.org/w iki/Java_Native_Interface.
[16]COLLERG C,THOMBORSON C,LOW D.A taxonomy of obfuscating transformations[D].New Zealand,Auckland:The University of Auckland,1997.