Server‐based code obfuscation scheme for APK tamper detection

Piao, Yuxue; Jung, Jin-Hyuk; Yi, Jeong Hyun

doi:10.1002/sec.936

Cited by 25 publications

(14 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…4) It is recommended that the cloud server SP calculate the control parameters and send it to the recommendation requesting user k together with the output data and time stamp t in the algorithm (Hudson et al, 2016). The recommendation request user k receives the relevant data returned by the recommendation cloud server SP on the client, and decrypts the encrypted values obtained in the algorithm, namely X and Y, using their own homomorphic encryption private keys, and the decryption results are recorded as P and Q (Li & Sugimoto, 2018;Piao et al, 2016). For each application i to be recommended in the decryption set, the client calculates the recommendation value for the application i for the recommendation request user k obtained within the time window t according to formula ( 7):…”

Section: Interactive Recommendation Generationmentioning

confidence: 99%

Privacy Rating of Mobile Applications Based on Crowdsourcing and Machine Learning

Pan

Guo

You

et al. 2021

Journal of Global Information Management

View full text Add to dashboard Cite

With the advent of the 5G network era, the convenience of mobile smartphones has become increasingly prominent, the use of mobile applications has become wider and wider, and the number of mobile applications. However, the privacy of mobile applications and the security of users' privacy information are worrying. This article aims to study the ratings of data and machine learning on the privacy security of mobile applications, and uses the experiments in this article to conduct data collection, data analysis, and summary research. This paper experimentally establishes a machine learning model to realize the prediction of privacy scores of Android applications. The establishment of this model is based on the intent of using sensitive permissions in the application and related metadata. It is to create a regression function that can implement the mapping of applications to score . Experimental data shows that the feature vector prediction model can uniquely be used to represent the actual usage and scheme of a system's specific permissions for the application.

show abstract

Section: Interactive Recommendation Generationmentioning

confidence: 99%

Privacy Rating of Mobile Applications Based on Crowdsourcing and Machine Learning

Pan

Guo

You

et al. 2021

Journal of Global Information Management

View full text Add to dashboard Cite

show abstract

“…However, in the Android application source code, to ensure the correct execution of the code, there are some code segments that can not be confused such as Android system components, native method, the method which needs to use Android serialization, enum, API, the content that resources file reference, the place where the reflection method is used, and the reference to a third-party library. In addition, code obfuscation does not cause large changes to the application code structure [27], so the statistical characteristics of the application code will not be greatly affected.…”

Section: Code Obfuscationmentioning

confidence: 99%

An Android Malicious Code Detection Method Based on Improved DCA Algorithm

Wang

Gong

et al. 2017

Entropy

View full text Add to dashboard Cite

Abstract:Recently, Android malicious code has increased dramatically and the technology of reinforcement is increasingly powerful. Due to the development of code obfuscation and polymorphic deformation technology, the current Android malicious code static detection method whose feature selected is the semantic of application source code can not completely extract malware's code features. The Android malware static detection methods whose features used are only obtained from the AndroidManifest.xml file are easily affected by useless permissions. Therefore, there are some limitations in current Android malware static detection methods. The current Android malware dynamic detection algorithm is mostly required to customize the system or needs system root permissions. Based on the Dendritic Cell Algorithm (DCA), this paper proposes an Android malware algorithm that has a higher detection rate, does not need to modify the system, and reduces the impact of code obfuscation to a certain degree. This algorithm is applied to an Android malware detection method based on oriented Dalvik disassembly sequence and application interface (API) calling sequence. Through the designed experiments, the effectiveness of this method is verified for the detection of Android malware.

show abstract

“…Code obfuscation [14] is a kind of program transformation that makes it difficult for attackers to read the program logic, thereby increasing the resistance to reverse engineering. There has been a lot of research on native code obfuscation in recent decades with the aim of protecting PE (Portable Executable) or ELF (Executable and Linkable Format) files.…”

Section: Code Obfuscationmentioning

confidence: 99%

Personal Information Leaks with Automatic Login in Mobile Social Network Services

Choi

Cho

2015

Entropy

View full text Add to dashboard Cite

Abstract:To log in to a mobile social network service (SNS) server, users must enter their ID and password to get through the authentication process. At that time, if the user sets up the automatic login option on the app, a sort of security token is created on the server based on the user's ID and password. This security token is called a credential. Because such credentials are convenient for users, they are utilized by most mobile SNS apps. However, the current state of credential management for the majority of Android SNS apps is very weak. This paper demonstrates the possibility of a credential cloning attack. Such attacks occur when an attacker extracts the credential from the victim's smart device and inserts it into their own smart device. Then, without knowing the victim's ID and password, the attacker can access the victim's account. This type of attack gives access to various pieces of personal information without authorization. Thus, in this paper, we analyze the vulnerabilities of the main Android-based SNS apps to credential cloning attacks, and examine the potential leakage of personal information that may result. We then introduce effective countermeasures to resolve these problems.

show abstract

Server‐based code obfuscation scheme for APK tamper detection

Cited by 25 publications

References 8 publications

Privacy Rating of Mobile Applications Based on Crowdsourcing and Machine Learning

Privacy Rating of Mobile Applications Based on Crowdsourcing and Machine Learning

An Android Malicious Code Detection Method Based on Improved DCA Algorithm

Personal Information Leaks with Automatic Login in Mobile Social Network Services

Contact Info

Product

Resources

About