Download presentation
Presentation is loading. Please wait.
Published byAlbert May Modified over 6 years ago
1
Application of Obfuscation Techniques on Android Applications
By Ammar Bagasrawala, Hanzhi Wang, Jordan Wong, Jun Hao Xu, and Kevin Yu
2
Background Mobile devices are widely used in everyday life
Applications for these devices can be distributed through their respective app store. Apps which aren’t properly protected and secured, can be a target of reverse engineering Reverse engineering refers to obtaining the source code Obfuscation is a technique which helps overcome this problem
3
Our Application The Android application we developed is a Bus Tracker
Used the Auckland Transport API Several functions Search for a specific bus stop Favourite a bus stop Search for nearby stops Permissions ACCESS_FINE_LOCATION ACCESS_COARSE_LOCATION
4
Obfuscation Terms Control Flow Obfuscation Data Obfuscation
Changing the control flow of the system so that it performs the required functionality but in an illogical manner. E.g. opaque predicates Data Obfuscation Obscuring the data in the program through techniques such as encryption and variable splitting Layout Obfuscation Modifying layout of the program, making code less intuitive. E.g. renaming variables and classes Design Obfuscation Obscuring the design of the system. E.g. splitting classes
5
Our Obfuscation Created an automated obfuscator Used Data Obfuscation
Used Control Flow Obfuscation Used Layout Obfuscation
6
Data Obfuscation Masked each literal (String, int, double, long) by XORing with key Key generated from random number generator with seed Examples: string = "hello world"; string = lmao(new int[] { 193, 204, 197, 197, 198, 137, 222, 198, 219, 197, 205 }, z); int k = 5*9; int k = (172 ^ z) * (160 ^ z); double l = 7.56d; double l = (Double.longBitsToDouble(Double.doubleToRawLongBits( E- 306) ^ Double.doubleToRawLongBits((double) z)));
7
Control Flow Obfuscation
Method bodies replaced with call to ‘execute’ method, containing a large switch statement Each statement is translated to an ‘instruction’ character Execute method takes a string of instruction characters Instructions are pushed on to a stack, then popped off one by one and given to switch statement to run the corresponding statements For if-else, try-catch, while, and for constructs, elements on the instruction stack are manipulated according to the condition
8
Evaluation Strength of our obfuscation Performance Overhead Storage
Increased complexity of CFG Performance Overhead Method unobfuscated times: ms Method obfuscated times ms 98x slower Storage Unobfuscated 1014Kb Obfuscated 1025Kb 1.08% increase in size
9
Deobfuscation Tools DeGuard FernFlower Infers variable names
Doesn’t decompile all files FernFlower Decompiles all files No deobfuscation performed
10
Data Deobfuscation Application includes a ‘decode’ method
Identify the string or resource to decode, and the decode method, e.g. this.a.a is the decode method Attach debugger to running process Set breakpoint at method entry point When breakpoint is hit, use immediate window to evaluate the result of the decode method call Didn’t need to fully analyse data obfuscation logic
11
Control Flow Deobfuscation
Rebuild project Used breakpoints Static manual analysis Noticed a lot of redundant methods Pseudo rebuilding Copy only the obfuscated parts into an IDE Fix the code to make it compilable and run it to see the order of execution for the statements
12
Resource Values Made script to invert mapping
Mappings are stored in public.xml
13
Limitations Duplicate variable names Static variables Recursion Switch
Exceptions Anonymous Inner Classes XORing is not very effective
14
Extensions Fix limitations Improve data obfuscation
Improve performance
15
Debugging & Updating Application
Obfuscated application is quite difficult to step through and debug We propose a new obfuscator which creates a commented version of the app These comments indicate the original line number of each statement Updating the Application Currently the obfuscator needs to be manually run Use of Gradle can streamline the process Allows for the obfuscator to be automatically run
16
Obfuscation Techniques per Team
Group Control Flow Data Layout Design G1 G2 G3 G4 G5 G6 G7 G8 G9 G11 G12 G13
17
Questions?
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.