A Comparative Study on Optimization, Obfuscation, and Deobfuscation tools in Android

Code optimization is a program transformation process to make the program work more efficiently or consume fewer resources. Code obfuscation transforms a program and makes its code more diffi-cult for a human to understand, which protects the code from reversing engineering. Deobfuscation is reverse-engineering the obfuscation. Optimization and obfuscation are widely used in Android apps. R8, the Android build process’s default tool, does all of the code shrinking, obfuscation, and optimization. This paper compares and analyzes the functionalities of optimization, obfuscation, and deobfuscation tools in the Android platform. Besides R8, the other tools covered in this paper are ReDex, Obfuscapk, and DeGuard, which are optimization, obfuscation, and deobfuscation tools for Android apps, respectively. We investigate the characteristics of the four tools and compare their performance by performing experiments.

[1]  Seong-je Cho,et al.  Reversing Obfuscated Control Flow Structures in Android Apps using ReDex Optimizer , 2020, SMA.

[2]  Luca Verderame,et al.  Obfuscapk: An open-source black-box obfuscation tool for Android apps , 2020, SoftwareX.

[3]  Patrick Traynor,et al.  A Large Scale Investigation of Obfuscation Use in Google Play , 2018, ACSAC.

[4]  Jian Liu,et al.  Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild , 2018, SecureComm.

[5]  Tilo Müller,et al.  Anti-ProGuard: Towards Automated Deobfuscation of Android Apps , 2017, SHCIS '17.

[6]  Yu Jiang,et al.  Stochastic Optimization of Program Obfuscation , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE).

[7]  Petar Tsankov,et al.  Statistical Deobfuscation of Android Applications , 2016, CCS.

[8]  Babak Yadegari,et al.  Automatic Deobfuscation and Reverse Engineering of Obfuscated Code , 2016 .

[9]  Young Ik Eom,et al.  Static Dalvik Bytecode Optimization for Android Applications , 2015 .

[10]  Saumya Debray,et al.  A Generic Approach to Automatic Deobfuscation of Executable Code , 2015, 2015 IEEE Symposium on Security and Privacy.

[11]  Seong-je Cho,et al.  Effects of Code Obfuscation on Android App Similarity Analysis , 2015, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[12]  Saumya K. Debray,et al.  Deobfuscation: reverse engineering obfuscated code , 2005, 12th Working Conference on Reverse Engineering (WCRE'05).

[13]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..