Signature Verification Based on Dex CRC and Blake2 Algorithm to Prevent Reverse Engineering Attack in Android Application

被引：0

作者：

Ilham ^{[1
]}

Niswar M. ^{[1
]}

Paundu A.W. ^{[1
]}

机构：

[1] Department of Informatics, Faculty of Engineering, Universitas Hasanuddin, Gowa, South Sulawesi

来源：

International Journal of Interactive Mobile Technologies | 2023年 / 17卷 / 19期

关键词：

Android protection; application repackaging; blake2; reverse engineering;

D O I：

10.3991/ijim.v17i19.42575

中图分类号：

学科分类号：

摘要：

The rapid growth of Android applications has led to more cybercrime cases, specifically Reverse Engineering attacks, on Android apps. One of the most common cases of reverse engineering is application repackaging, where the application is downloaded via the Play Store or the official website and then repackaged with various additions or changes. One of the ways to avoid Application Repackaging attacks is to check the signature of an application. However, hackers can manipulate the application by adding a hook, i.e., replacing the original function for getting signatures with a new modified function in the application. In this research, the development of a verification method for Android applications is carried out by utilizing Dex CRC and the Blake2 algorithm, which will be written in C using the Java Native Interface (JNI). The results of this study indicate that the verification method using Dex CRC and the Blake2 algorithm can effectively protect Android applications from Application Repackaging attacks without burdening application performance. © 2023 by the authors of this article. Published under CC-BY.

引用

页码：112 / 122

页数：10

共 25 条

[1] Faruki P., Ganmoor V., Gaur M., Bharmal A., DroidLytics: Robust feature signature for repackaged android apps on official and third party android markets, 2013 2nd International Conference on Advanced Computing, Networking and Security, (2013)
[2] He Z., Ye G., Yuan L., Tang Z., Wang X., Ren J., Wang X., Exploiting binary-level code virtualization to protect android application against app repackaging, IEEE Access, pp. 115062-115074, (2019)
[3] Jeon G., Choi M., Lee S., Yi J. H., Cho H., Automated multi-layered bytecode genera tion for preventing sensitive information leaks from android application, IEEE Access, pp. 119578-119590, (2021)
[4] Zhou Y., Jiang X., Dissecting android malware: Characterization and evolution, 2012 IEEE Symposium on Security and Privacy, (2012)
[5] Ghosh S., Tandan S. R., Lahre K., Shielding android application against reverse engineering, International Journal of Engineering Research & Technology, 2, 6, (2013)
[6] Kovacheva A., Efficient code obfuscation for android, Proceedings of Advances in Information Technology: 6th International Conference, (2013)
[7] Peng Y., Su G., Tian B., Sun M., Li Q., Control flow obfuscation based protection method for android applications, China Communications, 14, 11, pp. 247-259, (2017)
[8] Lim Kyeonghwan, An “Anti-reverse engineering technique using native code and obfuscator-LLVM for android applications, Proceedings of the International Conference on Research in Adaptive and Convergent Systems—RACS, (2017)
[9] Yuan C., Wei S., Zhou C., Guo J., Scalable and obfuscation-resilient android app repackaging detection based on behavior birthmark, 2017 24th Asia-Pacific Software Engineering Conference, (2017)
[10] Yue S., Feng W., Ma J., Jiang Y., Tao X., Xu C., Lu J., RepDroid: An automated tool for android application repackaging detection, IEEE International Conference on Program Comprehension, (2017)

← 1 2 3 →