DexHunter: Toward Extracting Hidden Code from Packed Android Applications
作者: Yueqian Zhang , Xiapu Luo , Haoyang Yin
DOI: 10.1007/978-3-319-24177-7_15
关键词: Virtual machine 、 Machine code 、 Hacker 、 Operating system 、 Computer science 、 Data mining 、 Android (operating system) 、 Launch Time 、 Executable
摘要: The rapid growth of mobile application (or simply app) economy provides lucrative and profitable targets for hackers. Among OWASP’s top ten risks 2014, the lack binary protections makes it easy to reverse, modify, repackage Android apps. Recently, a number packing services have been proposed protect apps by hiding original executable file (i.e., dex file). However, little is known about their effectiveness efficiency. In this paper, we perform first systematic investigation on such answering two questions: (1) what are major techniques used these effects apps? (2) can in packed app be recovered? If yes, how? We not only reveal evaluate effects, but also propose develop novel system, named DexHunter, extract files protected services. It worth noting that DexHunter supports both Dalvik virtual machine (DVM) new Runtime (ART). experimental results show from effectively efficiently.
springer.com
core.ac.uk
sci-hub.st 参考文章(24)
Jonathan Crussell, Clint Gibler, Hao Chen, AnDarwin: Scalable Detection of Semantically Similar Android Applications european symposium on research in computer security. pp. 182- 199 ,(2013) , 10.1007/978-3-642-40203-6_11
Monirul Sharif, Vinod Yegneswaran, Hassen Saidi, Phillip Porras, Wenke Lee, Eureka: A Framework for Enabling Static Malware Analysis european symposium on research in computer security. pp. 481- 500 ,(2008) , 10.1007/978-3-540-88313-5_31
Jonathan Crussell, Clint Gibler, Hao Chen, Attack of the Clones: Detecting Cloned Applications on Android Markets Computer Security – ESORICS 2012. pp. 37- 54 ,(2012) , 10.1007/978-3-642-33167-1_3
Fanglu Guo, Peter Ferrie, Tzi-cker Chiueh, A Study of the Packer Problem and Its Solutions recent advances in intrusion detection. pp. 98- 115 ,(2008) , 10.1007/978-3-540-87403-4_6
Christian Collberg, Jasvir Nagra, Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection ,(2009)
Min Zheng, Patrick P. C. Lee, John C. S. Lui, ADAM: an automatic and extensible platform to stress test android anti-virus systems international conference on detection of intrusions and malware and vulnerability assessment. pp. 82- 101 ,(2012) , 10.1007/978-3-642-37300-8_5
Stuart Dabbs Halloway, Component Development for the Java¿ Platform ,(2001)
Wu Zhou, Yajin Zhou, Xuxian Jiang, Peng Ning, Detecting repackaged smartphone applications in third-party android marketplaces Proceedings of the second ACM conference on Data and Application Security and Privacy - CODASKY '12. pp. 317- 326 ,(2012) , 10.1145/2133601.2133640
Kevin A Roundy, Barton P Miller, None, Binary-code obfuscations in prevalent packer tools ACM Computing Surveys. ,vol. 46, pp. 1- 32 ,(2013) , 10.1145/2522968.2522972
Claudio Carpineto, Giovanni Romano, A Survey of Automatic Query Expansion in Information Retrieval ACM Computing Surveys. ,vol. 44, pp. 1- 50 ,(2012) , 10.1145/2071389.2071390