Author(s): Fumihiro Kanei, Yuta Takata, Mitsuaki Akiyama, Takeshi Yagi, Takeshi Yada

Download: Poster (PDF)

Date: 11 May 2017

Document Type: Presentations

Additional Documents: Paper

Associated Event: NDSS Symposium 2017


Android malware and pirated apps created by repackaging have become a serious problem. To prevent attackers from repackaging, it is important to harden apps by using self-protection methods before distributing them. However, these countermeasures are taken by individual application developers.  Thus, it depends on the developer’s security awareness and implementation skills. In fact, most apps are not protected, or attackers can easily defeat an app’s protection scheme. Therefore, we proposes a self-protection method that is robust against evasion attacks. The proposed method automatically builds the capability of repackaging detection into apps. It randomly splits detection code into several blocks, which are directly inserted into the bytecode of apps. Evaluation results indicate that the robustness score, which is calculated based on false positives from viewpoints of attackers, is 3.5 times higher than that with the existing method. The proposed method can also easily protect apps because it only requires their bytecode.