Android Application Protection against Static Reverse Engineering based on Multidexing – Journal of Internet Services and Information Security

Volume 6 - Issue 4

Android Application Protection against Static Reverse Engineering based on Multidexing

Nak Young Kim Dankook University, Yongin, Gyeonggi 16890 Korea
iuasdofil@dankook.ac.kr
Jaewoo Shim Dankook University, Yongin, Gyeonggi 16890 Korea
32131715@dankook.ac.kr
Seong-je Cho Dankook University, Yongin, Gyeonggi 16890 Korea
sjcho@dankook.ac.kr
Minkyu Park Konkuk University, Chungju, Chungbuk 27478 Korea
minkyup@kku.ac.kr
Sanghcul Han Konkuk University, Chungju, Chungbuk 27478 Korea
schan@kku.ac.kr

DOI: 10.22667/JISIS.2016.11.31.054

Keywords: Android, Reverse engineering, Multidex, Dynamic code loading, Packing

Abstract

DEX files are executable files of Android applications. Since DEX files are in the format of Java bytecodes, their Java source codes can be easily obtained using static reverse engineering tools. This results in numerous Android application thefts. There are some tools (e.g. bangcle, ijiami, liapp) that protect Android applications against static reverse engineering utilizing dynamic code loading. These tools usually encrypt classes.dex in an APK file. When the application is launched, the encrypted classes.dex file is decrypted and dynamically loaded. However, these tools fail to protect multidex APKs, which include more than one DEX files (classes2.dex, classes3.dex, ...) to accommodate large-sized execution codes. In this paper, we propose a technique that protects multidex Android applications against static reverse engineering. The technique can encrypt/decrypt multiple DEX files in APK files and dynamically load them. The experimental results show that the proposed technique can effiectively protect multidex APKs.

Date

November 2016

Page Number

54-64