Fenghao Xu scite author profile

Fenghao Xu

5Publications

72Citation Statements Received

39Citation Statements Given

How they've been cited

131

How they cite others

Affiliations

Chinese University of Hong Kong

Publications

Order By: Most citations

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

Dong

Diao

et al. 2018

View full text Add to dashboard Cite

Program code is a precious asset to its owner. Due to the easyto-reverse nature of Java, code protection for Android apps is of particular importance. To this end, code obfuscation is widely utilized by both legitimate app developers and malware authors, which complicates the representation of source code or machine code in order to hinder the manual investigation and code analysis. Despite many previous studies focusing on the obfuscation techniques, however, our knowledge on how obfuscation is applied by realworld developers is still limited.In this paper, we seek to better understand Android obfuscation and depict a holistic view of the usage of obfuscation through a large-scale investigation in the wild. In particular, we focus on four popular obfuscation approaches: identifier renaming, string encryption, Java reflection, and packing. To obtain the meaningful statistical results, we designed efficient and lightweight detection models for each obfuscation technique and applied them to our massive APK datasets (collected from Google Play, multiple thirdparty markets, and malware databases). We have learned several interesting facts from the result. For example, malware authors use string encryption more frequently, and more apps on third-party markets than Google Play are packed. We are also interested in the explanation of each finding. Therefore we carry out in-depth code analysis on some Android apps after sampling. We believe our study will help developers select the most suitable obfuscation approach, and in the meantime help researchers improve code analysis systems in the right direction.

show abstract

BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals

Diao

Zhou

et al. 2019

View full text Add to dashboard Cite

Bluetooth is a widely used communication technology, especially under the scenarios of mobile computing and Internet of Things. Once paired with a host device, a Bluetooth device then can exchange commands and data, such as voice, keyboard/mouse inputs, network, blood pressure data, and so on, with the host. Due to the sensitivity of such data and commands, some security measures have already been built into the Bluetooth protocol, like authentication, encryption, authorization, etc. The newly discovered vulnerabilities can lead to severe attacks on user's privacy. To demonstrate the potential security implications of these vulnerabilities, we devise several concrete

show abstract

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

Dong

Diao³

et al. 2018

Preprint

View full text Add to dashboard Cite

Android on PC: On the Security of End-user Android Emulators

Shen

Diao

et al. 2021

View full text Add to dashboard Cite

Identifying the BLE Misconfigurations of IoT Devices through Companion Mobile Apps

Zhang

et al. 2022

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Fenghao Xu

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

Android on PC: On the Security of End-user Android Emulators

Identifying the BLE Misconfigurations of IoT Devices through Companion Mobile Apps

Contact Info

Product

Resources

About