Structural and Functional Analyses of ProGuard Obfuscation Tool

Piao, Yuxue; Jung, Jin-Hyuk; Yi, Jeong Hyun

doi:10.7840/kics.2013.38b.8.654

Cited by 10 publications

(3 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…It makes an analyzer need much time to understand the logic. There are various techniques for code obfuscation in Java layer such as class and method renaming, control flow manipulation, string encryption, class encryption, and API hiding [6]. Of course, similar techniques are used in native layer.…”

Section: Code Obfuscationmentioning

confidence: 99%

See 1 more Smart Citation

DWroidDump: Executable Code Extraction from Android Applications for Malware Analysis

Kim

Kwak

Ryou

2015

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

We suggest an idea to dump executable code from memory for malicious application analysis on Android platform. Malicious applications are getting enhanced in terms of antianalysis techniques. Recently, sophisticated malicious applications have been found, which are not decompiled and debugged by existing analysis tools. It becomes serious threat to services related to embedded devices based on Android. Thus, we have implemented the idea to obtain main code from the memory by modifying a part of Dalvik Virtual Machine of Android. As a result, we have confirmed that the executable code is completely obtainable. In this paper, we introduce the existing analysis techniques for Android application, and antianalysis techniques. We then describe the proposed method with a sample malicious application which has strong antianalysis techniques.

show abstract

Section: Code Obfuscationmentioning

confidence: 99%

“…However, some malicious applications take long time for analysis because of their antianalysis techniques such as antidebugging, antidecompiling, and antitamper which have been originally developed for protecting property of applications [6,7]. Particularly sophisticated malicious applications have been recently found.…”

Section: Introductionmentioning

confidence: 99%

DWroidDump: Executable Code Extraction from Android Applications for Malware Analysis

Kim

Kwak

Ryou

2015

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

show abstract

“…[10,12] . 에 널리 이용되고 있는 난독화 도구인 프로가드 [14] 와 JODE [15] , RetroGuard [16] , jarg [17] , yGuard [18] 는 메소 드, 클래스 식별자 변환 기법을 지원하고, 도구에 따 라 필드 등 추가적인 식별자 변환 기법을 지원하기도 한다.…”

unclassified

Java Automatic Identifier Renaming Technique and Protection Method

김지윤¹,

홍수화²,

고남현³

et al. 2015

The Journal of Korean Institute of Communications and Informati

View full text Add to dashboard Cite

This paper introduces a proper renaming service using variable action and security services against the analysis techniques in Java code. The renaming service that is introduced is separated into API pattern and loop condition. We present our scheme algorithm with known Java obfuscation techniques and tools in order to help readers understanding, and implement prototype to prove practicality in this paper. Test result using prototype shows 73% successful variable renaming rate. Using our scheme, cooperators can intuitionally understand all of code. Also, It helps malware analysts to predict malware action by variable name. But application source code that is developed by Java is exposed to hackers easily using our scheme. So we introduce Java application code protection methods, too.

show abstract