Control flow obfuscation for Android applications

Abstract Android apps are vulnerable to reverse engineering, which makes app tampering and repackaging relatively easy. While obfuscation is widely known to make reverse engineering harder, complex and effective control flow obfuscations by rearranging Android bytecode instructions have not been implemented in various Android obfuscation tools. This paper presents our control-flow obfuscation techniques for Android apps at the Dalvik bytecode level. Our three proposed schemes go beyond simple control-flow transformations employed by existing Android obfuscators, and make it difficult for static analysis to determine the actual app control flows. To realize this, we also address a previously-unsolved register-type conflict problem that can be raised by the verifier module of the Android runtime system by means of a type separation technique. Our analysis and experimentation show that the schemes can offer effective obfuscation with reasonable performance and size overheads. Combined with the existing data and layout obfuscation techniques, our schemes can offer attractive measures to hinder reverse engineering and code analysis on Android apps, and help safeguard Android app developers' heavy investment in their apps.

[1]  Tilo Müller,et al.  Protecting Android Apps Against Reverse Engineering by the Use of the Native Code , 2015, TrustBus.

[2]  John C. S. Lui,et al.  ADAM: An Automatic and Extensible Platform to Stress Test Android Anti-virus Systems , 2012, DIMVA.

[3]  Laurie J. Hendren,et al.  Obfuscating Java: The Most Pain for the Least Gain , 2007, CC.

[4]  Sabu Emmanuel,et al.  Potent and Stealthy Control Flow Obfuscation by Stack Based Self-Modifying Code , 2013, IEEE Transactions on Information Forensics and Security.

[5]  Aleksandrina Kovacheva,et al.  Efficient Code Obfuscation for Android , 2013, IAIT.

[6]  Jack W. Davidson,et al.  Software Tamper Resistance: Obstructing Static Analysis of Programs , 2000 .

[7]  Xuxian Jiang,et al.  Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks , 2014, IEEE Transactions on Information Forensics and Security.

[8]  Yuan Xiang Gu,et al.  An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs , 2001, ISC.

[9]  Wuu Yang,et al.  Advanced obfuscation techniques for Java bytecode , 2004, J. Syst. Softw..

[10]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[11]  Johannes Kinder Towards Static Analysis of Virtualization-Obfuscated Binaries , 2012, 2012 19th Working Conference on Reverse Engineering.

[12]  Swarat Chaudhuri,et al.  A Study of Android Application Security , 2011, USENIX Security Symposium.

[13]  Tilo Müller,et al.  Dynamic Self-Protection and Tamperproofing for Android Apps Using Native Code , 2015, 2015 10th International Conference on Availability, Reliability and Security.

[14]  Tilo Müller,et al.  PANDORA applies non-deterministic obfuscation randomly to Android , 2013, 2013 8th International Conference on Malicious and Unwanted Software: "The Americas" (MALWARE).

[15]  Yajin Zhou,et al.  Detecting repackaged smartphone applications in third-party android marketplaces , 2012, CODASPY '12.

[16]  Christian S. Collberg,et al.  Sandmark--A Tool for Software Protection Research , 2003, IEEE Secur. Priv..

[17]  Gregory R. Andrews,et al.  Binary Obfuscation Using Signals , 2007, USENIX Security Symposium.

[18]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[19]  Priyanka M. Kale,et al.  Protecting Java Code Via Code Obfuscation , 2012 .

[20]  Godfrey Nolan Decompiling Android , 2012, Apress.

[21]  T. Laszlo,et al.  OBFUSCATING C++ PROGRAMS VIA CONTROL FLOW FLATTENING , 2009 .

[22]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[23]  Kevin Coogan,et al.  Deobfuscation of virtualization-obfuscated software: a semantics-based approach , 2011, CCS '11.

[24]  Vrizlynn L. L. Thing,et al.  Securing Android , 2015, ACM Comput. Surv..

[25]  Clark Thomborson,et al.  Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.

[26]  Jun Ge,et al.  Control flow based obfuscation , 2005, DRM '05.

[27]  Rolf Rolles,et al.  Unpacking Virtualization Obfuscators , 2009, WOOT.

[28]  Stelvio Cimato,et al.  Overcoming the obfuscation of Java programs by identifier renaming , 2005, J. Syst. Softw..