3. • what is Android Platform
• what need to protect Code
• Reverse Engineering
• Code Obfuscation
Introduction
3
4. Android Architecture
• apps are written in java
• java code transfer into bytecode
• deployed as file called APK (zip compressed file)
• dex file containing code in form of Dalvik bytecode
4
6. Reverse Engineering
• process of gaining information about a program
• its implementation
• its meta data
• ideal result is to recover correct java source code
6
7. Disassembler
is a tool which gets bytecode as input and produce
equivalent mnemonics
most of the reverse engineering process are based on this
7
9. Obfuscation Goals
• protect apps against software piracy
• guard intellectual property
• guard implemented sensitive algorithm
• protect app from trojanized version publication
• protect malware apps from antivirus detection
9
10. ObfuscationTechniques
• well-known techniques under X86
• makes reverse engineering harder and more time consumer
• apps behavior must not be altered
• each technique target specific reverse engineering
• drawback: impact on execution speed
• popular techniques has mentioned in continue…
10
12. String Obfuscation
• using encryption algorithm such as AES
• the original content must be available
• feasible with function F which is invertible
• can be defeated by dynamic analysis
12
13. Dynamic Code Loading
• not only encrypting data but also code
• feasible with encryption stub and decryption stub
• better implementation in native code
13
14. Junkbytes
• used to confuse disassemblers
• inserting junkbytes within the bytecode
• junkbytes must never be executed
• can defeats many disassemblers tools
14
15. Conclusion
• code protection is an interesting field of research
• dalvik bytecode , main interest for this topic
• Still there are problems with transforming d_bytecode into
mnemonics correctly
• efficient obfuscation approaches are hardware dependent
and its such a ideal future work
15