Home > Research > Publications & Outputs > DexPro

Electronic data

  • DexPro

    Rights statement: The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-69471-9_27

    Accepted author manuscript, 1 MB, PDF document

    Available under license: CC BY: Creative Commons Attribution 4.0 International License

View graph of relations

DexPro: A Bytecode Level Code Protection System for Android Applications

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published
  • Beibei Zhao
  • Zhanyong Tang
  • Zhen Li
  • Lina Song
  • Xiaoqing Gong
  • Dingyi Fang
  • Fangyuan Liu
  • Zheng Wang
Close
NullPointerException

Abstract

Unauthorized code modification through reverse engineering is a major concern for Android application developers. Code reverse engineering is often used by adversaries to remove the copyright protection or advertisements from the app, or to inject malicious code into the program. By making the program difficult to analyze, code obfuscation is a potential solution to the problem. However, there is currently little work on applying code obfuscation to compiled Android bytecode. This paper presents DexPro, a novel bytecode level code obfuscation system for Android applications. Unlike prior approaches, our method performs on the Android Dex bytecode and does not require access to high-level program source or modification of the compiler or the VM. Our approach leverages the fact all except floating operands in Dex are stored in a 32-bit register to pack two 32-bit operands into a 64-bit operand. In this way, any attempt to decompile the bytecode will result in incorrect information. Meanwhile, our approach obfuscates the program control flow by inserting opaque predicates before the return instruction of a function call, which makes it harder for the attacker to trace calls to protected functions. Experimental results show that our approach can deter sophisticate reverse engineering and code analysis tools, and the overhead of runtime and memory footprint is comparable to existing code obfuscation methods.

Bibliographic note

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-69471-9_27