DexX: A Double Layer Unpacking Framework for Android
作者: Caijun Sun , Hua Zhang , Sujuan Qin , Nengqiang He , Jiawei Qin
DOI: 10.1109/ACCESS.2018.2875694
关键词: Android (operating system) 、 Computer science 、 Java 、 Operating system 、 Unpacking 、 Exploit 、 Executable 、 General Engineering 、 General Materials Science 、 General Computer Science
摘要: In recent years, many packing services emerge and have been used to protect Android applications by concealing the executable files. However, it also brings some severe problems. For example, malwares use packers escape detection from anti-virus engine, which makes harder filter out malicious applications. At present, existing unpacking exploits are designed complicated not adaptive for new packers, unpackers always failed keep up with techniques. this paper, we propose a universal framework named DexX extract dex files protected these services. We apply packed applications, experiment results show that our can recover original (dex files) most well-known commercial effectively accurately.
sci-hub.se 参考文章(17)
Sheng Liang, Java Native Interface: Programmer's Guide and Specification ,(1999)
Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos, Pablo G Bringas, None, SoK: Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers 2015 IEEE Symposium on Security and Privacy. pp. 659- 673 ,(2015) , 10.1109/SP.2015.46
Yuru Shao, Xiapu Luo, Chenxiong Qian, Pengfei Zhu, Lei Zhang, Towards a scalable resource-driven approach for detecting repackaged Android applications annual computer security applications conference. pp. 56- 65 ,(2014) , 10.1145/2664243.2664275
Li Gong, Secure Java class loading IEEE Internet Computing. ,vol. 2, pp. 56- 61 ,(1998) , 10.1109/4236.735987
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna, Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications. network and distributed system security symposium. ,(2014) , 10.14722/NDSS.2014.23328
Min Zheng, Mingshen Sun, John C.S. Lui, DroidTrace: A ptrace based Android dynamic analysis system with forward execution capability international conference on wireless communications and mobile computing. pp. 128- 133 ,(2014) , 10.1109/IWCMC.2014.6906344
Mu Zhang, Yue Duan, Heng Yin, Zhiruo Zhao, Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs computer and communications security. pp. 1105- 1116 ,(2014) , 10.1145/2660267.2660359
Paulo Barros, Rene Just, Suzanne Millstein, Paul Vines, Werner Dietl, Marcelo d'Amorim, Michael D. Ernst, Static Analysis of Implicit Control Flow: Resolving Java Reflection and Android Intents (T) automated software engineering. pp. 669- 679 ,(2015) , 10.1109/ASE.2015.69
Yueqian Zhang, Xiapu Luo, Haoyang Yin, DexHunter: Toward Extracting Hidden Code from Packed Android Applications Computer Security -- ESORICS 2015. pp. 293- 311 ,(2015) , 10.1007/978-3-319-24177-7_15
Wenbo Yang, Yuanyuan Zhang, Juanru Li, Junliang Shu, Bodong Li, Wenjun Hu, Dawu Gu, AppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware recent advances in intrusion detection. pp. 359- 381 ,(2015) , 10.1007/978-3-319-26362-5_17