论文信息 - Vision: alleviating Android developer burden on obfuscation

Vision: alleviating Android developer burden on obfuscation

Mobile applications (apps) have gained an increasing importance in the field of software engineering as they are becoming one of the most widely used type of software. In the Android ecosystem, obfuscation tools are available to optimize, reduce the size and protect the intellectual properties of apps. However, despite the clear advantages provided by obfuscation most apps do not use it, often because of the difficulties induced by the usage of obfuscation which requires writing rules to keep a usable app. In this paper, we identify the concrete challenges encountered by app developers who wish to use obfuscation in their apps. In addition, we propose an approach using crowdsourcing to automatically generate rules, when static analysis is not sufficient. With the knowledge gained from hundreds of projects, we hope to lighten the burden on developers when writing rules.

Alexandre Bergel | Geoffrey Hecht | Cyprien Neverov

[1] Erik Derr,et al. Reliable Third-Party Library Detection in Android and its Security Applications , 2016, CCS.

[2] Patrick Traynor,et al. A Large Scale Investigation of Obfuscation Use in Google Play , 2018, ACSAC.

[3] Jian Liu,et al. Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild , 2018, SecureComm.

[4] Vrizlynn L. L. Thing,et al. Control flow obfuscation for Android applications , 2016, Comput. Secur..

[5] Felix C. Freiling,et al. An Empirical Evaluation of Software Obfuscation Techniques Applied to Android APKs , 2014, SecureComm.

[6] Peng Liu,et al. Achieving accuracy and scalability simultaneously in detecting application clones on Android markets , 2014, ICSE.

[7] Yan Wang,et al. Who Changed You? Obfuscator Identification for Android , 2017, 2017 IEEE/ACM 4th International Conference on Mobile Software Engineering and Systems (MOBILESoft).

[8] Aleksandrina Kovacheva,et al. Efficient Code Obfuscation for Android , 2013, IAIT.

[9] Jiang Ming,et al. Generalized Dynamic Opaque Predicates: A New Control Flow Obfuscation Method , 2016, ISC.