Control Flow Obfuscation Based Protection Method for Android Applications

With the popularization and rapid development of mobile intelligent terminals（MITs）, the number of mobile applications, or apps, has increased exponentially. It is increasingly common for malicious code to be inserted into counterfeit apps, which can cause significant economic damage and threaten th...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	China communications 2017-11, Vol.14 (11), p.247-259
Hauptverfasser:	Peng, Yong, Su, Guanyu, Tian, Bin, Sun, Maohua, Li, Qi
Format:	Artikel
Sprache:	eng
Schlagworte:	Access control Androids control flow obfuscation control flow obfuscation Humanoid robots Mobile communication Smart phones Software software security
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	259
container_issue	11
container_start_page	247
container_title	China communications
container_volume	14
creator	Peng, Yong Su, Guanyu Tian, Bin Sun, Maohua Li, Qi
description	With the popularization and rapid development of mobile intelligent terminals（MITs）, the number of mobile applications, or apps, has increased exponentially. It is increasingly common for malicious code to be inserted into counterfeit apps, which can cause significant economic damage and threaten the security of users. Code obfuscation techniques are a highly efficient group of methods for code security protection. In this paper, we propose a novel control flow obfuscation based method for Android code protection. First, algorithms to insert irrelevant code and flatten the control flow are employed that minimize the cost of obfuscation while ensuring its strength. Second, we improve the traditional methods of control flow flattening to further reduce the costs of obfuscation. Lastly, the use of opaque predicates is strengthened by establishing an access control strategy, which converts the identification of opaque predicates in the entire program into a graph traversal problem, and thereby increases the strength of the code protection. We did some experiments to evaluate our method, and the results show that the proposed method can work well.
doi_str_mv	10.1109/CC.2017.8233664
format	Article
fullrecord	<record><control><sourceid>wanfang_jour_RIE</sourceid><recordid>TN_cdi_chongqing_primary_674006303</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><cqvip_id>674006303</cqvip_id><ieee_id>8233664</ieee_id><wanfj_id>zgtx201711019</wanfj_id><sourcerecordid>zgtx201711019</sourcerecordid><originalsourceid>FETCH-LOGICAL-c318t-628a78a41e04e460d54565f75cf56550af083ba89e77289660f94f8f28b2df543</originalsourceid><addsrcrecordid>eNpFkL1PwzAQxT2ARFU6M7BYSIxp7fgzY7EoVCoqA8yWm9htqmAXO1WBv56UFLjlpLvfe6d7AFxhNMYYFROlxjnCYixzQjinZ2CAuSAZo1RcgFFKW9SV5JzwfADmKvg2hgbOmnCAy5Xbp9K0dfDwziRbwecYWlv-DJ5suwkVdCHCqa9iqCs43e2auufTJTh3pkl2dOpD8Dq7f1GP2WL5MFfTRVYSLNuM59IIaSi2iFrKUcUo48wJVrquM2QckmRlZGGFyGXBOXIFddLlcpVXjlEyBLe978F4Z_xab8M--u6i_lq3H8fPuxRw0XGTnitjSClap3exfjPxU2Okj0FppfQR16egOsV1r6ittX_0__bm5LcJfv1ed5d_ES4oQpwgQr4BAHBvsg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Control Flow Obfuscation Based Protection Method for Android Applications</title><source>IEEE Electronic Library (IEL)</source><creator>Peng, Yong ; Su, Guanyu ; Tian, Bin ; Sun, Maohua ; Li, Qi</creator><creatorcontrib>Peng, Yong ; Su, Guanyu ; Tian, Bin ; Sun, Maohua ; Li, Qi</creatorcontrib><description>With the popularization and rapid development of mobile intelligent terminals（MITs）, the number of mobile applications, or apps, has increased exponentially. It is increasingly common for malicious code to be inserted into counterfeit apps, which can cause significant economic damage and threaten the security of users. Code obfuscation techniques are a highly efficient group of methods for code security protection. In this paper, we propose a novel control flow obfuscation based method for Android code protection. First, algorithms to insert irrelevant code and flatten the control flow are employed that minimize the cost of obfuscation while ensuring its strength. Second, we improve the traditional methods of control flow flattening to further reduce the costs of obfuscation. Lastly, the use of opaque predicates is strengthened by establishing an access control strategy, which converts the identification of opaque predicates in the entire program into a graph traversal problem, and thereby increases the strength of the code protection. We did some experiments to evaluate our method, and the results show that the proposed method can work well.</description><identifier>ISSN: 1673-5447</identifier><identifier>DOI: 10.1109/CC.2017.8233664</identifier><identifier>CODEN: CCHOBE</identifier><language>eng</language><publisher>China Institute of Communications</publisher><subject>Access control ; Androids ; control flow obfuscation control flow obfuscation ; Humanoid robots ; Mobile communication ; Smart phones ; Software ; software security</subject><ispartof>China communications, 2017-11, Vol.14 (11), p.247-259</ispartof><rights>Copyright © Wanfang Data Co. Ltd. All Rights Reserved.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c318t-628a78a41e04e460d54565f75cf56550af083ba89e77289660f94f8f28b2df543</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Uhttp://image.cqvip.com/vip1000/qk/89450X/89450X.jpg</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8233664$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27923,27924,54757</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/8233664$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Peng, Yong</creatorcontrib><creatorcontrib>Su, Guanyu</creatorcontrib><creatorcontrib>Tian, Bin</creatorcontrib><creatorcontrib>Sun, Maohua</creatorcontrib><creatorcontrib>Li, Qi</creatorcontrib><title>Control Flow Obfuscation Based Protection Method for Android Applications</title><title>China communications</title><addtitle>ChinaComm</addtitle><addtitle>China Communications</addtitle><description>With the popularization and rapid development of mobile intelligent terminals（MITs）, the number of mobile applications, or apps, has increased exponentially. It is increasingly common for malicious code to be inserted into counterfeit apps, which can cause significant economic damage and threaten the security of users. Code obfuscation techniques are a highly efficient group of methods for code security protection. In this paper, we propose a novel control flow obfuscation based method for Android code protection. First, algorithms to insert irrelevant code and flatten the control flow are employed that minimize the cost of obfuscation while ensuring its strength. Second, we improve the traditional methods of control flow flattening to further reduce the costs of obfuscation. Lastly, the use of opaque predicates is strengthened by establishing an access control strategy, which converts the identification of opaque predicates in the entire program into a graph traversal problem, and thereby increases the strength of the code protection. We did some experiments to evaluate our method, and the results show that the proposed method can work well.</description><subject>Access control</subject><subject>Androids</subject><subject>control flow obfuscation control flow obfuscation</subject><subject>Humanoid robots</subject><subject>Mobile communication</subject><subject>Smart phones</subject><subject>Software</subject><subject>software security</subject><issn>1673-5447</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2017</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpFkL1PwzAQxT2ARFU6M7BYSIxp7fgzY7EoVCoqA8yWm9htqmAXO1WBv56UFLjlpLvfe6d7AFxhNMYYFROlxjnCYixzQjinZ2CAuSAZo1RcgFFKW9SV5JzwfADmKvg2hgbOmnCAy5Xbp9K0dfDwziRbwecYWlv-DJ5suwkVdCHCqa9iqCs43e2auufTJTh3pkl2dOpD8Dq7f1GP2WL5MFfTRVYSLNuM59IIaSi2iFrKUcUo48wJVrquM2QckmRlZGGFyGXBOXIFddLlcpVXjlEyBLe978F4Z_xab8M--u6i_lq3H8fPuxRw0XGTnitjSClap3exfjPxU2Okj0FppfQR16egOsV1r6ittX_0__bm5LcJfv1ed5d_ES4oQpwgQr4BAHBvsg</recordid><startdate>20171101</startdate><enddate>20171101</enddate><creator>Peng, Yong</creator><creator>Su, Guanyu</creator><creator>Tian, Bin</creator><creator>Sun, Maohua</creator><creator>Li, Qi</creator><general>China Institute of Communications</general><general>Beijing University of Posts and Telecommunications, No 10, Xitucheng Road, Haidian District, Beijing, 100876, China</general><general>Beijing KeyLaboratory of Space-ground Interconnection and Convergence, No 10, Xitucheng Road, Haidian District, Beijing, 100876, China%China Information Technology Security Evaluation Center, No 1 Building, No 8 Shangdixi Road, Haidian District, Beijing, 100085, China%Information School, Capital University of Economics and Business, No 121 Zhangjia Road, Fengtai District, Beijing, 100070, China</general><general>Beijing KeyLaboratory of Space-ground Interconnection and Convergence, No 10, Xitucheng Road, Haidian District, Beijing, 100876, China</general><general>China Information Technology Security Evaluation Center, No 1 Building, No 8 Shangdixi Road, Haidian District, Beijing, 100085, China%Beijing University of Posts and Telecommunications, No 10, Xitucheng Road, Haidian District, Beijing, 100876, China</general><scope>2RA</scope><scope>92L</scope><scope>CQIGP</scope><scope>W92</scope><scope>~WA</scope><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>2B.</scope><scope>4A8</scope><scope>92I</scope><scope>93N</scope><scope>PSX</scope><scope>TCJ</scope></search><sort><creationdate>20171101</creationdate><title>Control Flow Obfuscation Based Protection Method for Android Applications</title><author>Peng, Yong ; Su, Guanyu ; Tian, Bin ; Sun, Maohua ; Li, Qi</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c318t-628a78a41e04e460d54565f75cf56550af083ba89e77289660f94f8f28b2df543</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2017</creationdate><topic>Access control</topic><topic>Androids</topic><topic>control flow obfuscation control flow obfuscation</topic><topic>Humanoid robots</topic><topic>Mobile communication</topic><topic>Smart phones</topic><topic>Software</topic><topic>software security</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Peng, Yong</creatorcontrib><creatorcontrib>Su, Guanyu</creatorcontrib><creatorcontrib>Tian, Bin</creatorcontrib><creatorcontrib>Sun, Maohua</creatorcontrib><creatorcontrib>Li, Qi</creatorcontrib><collection>中文科技期刊数据库</collection><collection>中文科技期刊数据库-CALIS站点</collection><collection>中文科技期刊数据库-7.0平台</collection><collection>中文科技期刊数据库-工程技术</collection><collection>中文科技期刊数据库- 镜像站点</collection><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Wanfang Data Journals - Hong Kong</collection><collection>WANFANG Data Centre</collection><collection>Wanfang Data Journals</collection><collection>万方数据期刊 - 香港版</collection><collection>China Online Journals (COJ)</collection><collection>China Online Journals (COJ)</collection><jtitle>China communications</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Peng, Yong</au><au>Su, Guanyu</au><au>Tian, Bin</au><au>Sun, Maohua</au><au>Li, Qi</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Control Flow Obfuscation Based Protection Method for Android Applications</atitle><jtitle>China communications</jtitle><stitle>ChinaComm</stitle><addtitle>China Communications</addtitle><date>2017-11-01</date><risdate>2017</risdate><volume>14</volume><issue>11</issue><spage>247</spage><epage>259</epage><pages>247-259</pages><issn>1673-5447</issn><coden>CCHOBE</coden><abstract>With the popularization and rapid development of mobile intelligent terminals（MITs）, the number of mobile applications, or apps, has increased exponentially. It is increasingly common for malicious code to be inserted into counterfeit apps, which can cause significant economic damage and threaten the security of users. Code obfuscation techniques are a highly efficient group of methods for code security protection. In this paper, we propose a novel control flow obfuscation based method for Android code protection. First, algorithms to insert irrelevant code and flatten the control flow are employed that minimize the cost of obfuscation while ensuring its strength. Second, we improve the traditional methods of control flow flattening to further reduce the costs of obfuscation. Lastly, the use of opaque predicates is strengthened by establishing an access control strategy, which converts the identification of opaque predicates in the entire program into a graph traversal problem, and thereby increases the strength of the code protection. We did some experiments to evaluate our method, and the results show that the proposed method can work well.</abstract><pub>China Institute of Communications</pub><doi>10.1109/CC.2017.8233664</doi><tpages>13</tpages></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 1673-5447
ispartof	China communications, 2017-11, Vol.14 (11), p.247-259
issn	1673-5447
language	eng
recordid	cdi_chongqing_primary_674006303
source	IEEE Electronic Library (IEL)
subjects	Access control Androids control flow obfuscation control flow obfuscation Humanoid robots Mobile communication Smart phones Software software security
title	Control Flow Obfuscation Based Protection Method for Android Applications
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-13T07%3A49%3A11IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-wanfang_jour_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Control%20Flow%20Obfuscation%20Based%20Protection%20Method%20for%20Android%20Applications&rft.jtitle=China%20communications&rft.au=Peng,%20Yong&rft.date=2017-11-01&rft.volume=14&rft.issue=11&rft.spage=247&rft.epage=259&rft.pages=247-259&rft.issn=1673-5447&rft.coden=CCHOBE&rft_id=info:doi/10.1109/CC.2017.8233664&rft_dat=%3Cwanfang_jour_RIE%3Ezgtx201711019%3C/wanfang_jour_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_cqvip_id=674006303&rft_ieee_id=8233664&rft_wanfj_id=zgtx201711019&rfr_iscdi=true