 |
Conference papers
Abusing Android Runtime for Application Obfuscation
Abstract : Studying Android obfuscation techniques is an essential task for understanding and analyzing malicious applications. Obfuscation techniques have already been extensively studied for market applications but never for pre-compiled applications used in smartphone firmwares. In this paper, we describe two new obfuscation techniques that take advantage of the duality between assembly and Dalvik bytecode and, as far as we know, have never been described before. We also propose detection methods for these obfuscation techniques. We apply them to vendor firmwares and market applications in order to evaluate their usage in the wild. We found that even if they do not seem to be already used in the wild, they are fully practical.
Cited literature [18 references]
https://hal-centralesupelec.archives-ouvertes.fr/hal-02877815
Contributor : Jean-François Lalande Connect in order to contact the contributor
Submitted on : Monday, June 22, 2020 - 4:55:19 PM
Last modification on : Wednesday, February 3, 2021 - 3:35:22 AM
Contributor : Jean-François Lalande Connect in order to contact the contributor
Submitted on : Monday, June 22, 2020 - 4:55:19 PM
Last modification on : Wednesday, February 3, 2021 - 3:35:22 AM
File
bfo-camera.pdf
Files produced by the author(s)