Go to ICPADS 2017 homepageAppIS: Protect Android Apps Against Runtime Repackaging Attacks
Abstract: Apps repackaged through reverse engineering pose a significant security threat to the Android smart phone ecosystem. Previous solutions have mostly focused on the detection and identification of repackaged apps. Nevertheless, current app anti-repackaging services can only protect applications at a coarse level and get a significant performance overhead. These approaches can neither meet the performance requirements of Android nor achieve fine-grained protection against cumulative attack 1 at the same time. Specifically, these solutions rely on a fix-structure detecting engine and then will execute the same path at different times, which lead to the entire protection performs poorly when faced with dynamic cumulative attack, which is typical in real-world attack. This paper introduces AppIS, a reinforced anti-repackaging immune system, that is robust to app-repackaging attack scenarios. Unlike prior work, which mostly focuses on simple protection only from just one respect, our design exploits an interlocking guarding net with time diversity for the tamper-proofing of Android applications. The intuition underlying our design is that a dynamic and static combining method can provide a multi-level protection for the codes, core algorithm and sensitive data. We analyze and classify the existing threats on Android platform and furthermore abstract then model the repackaging attack scenarios. We then adopt a random controller used by the dispatcher to randomly construct guarding net with different structure every time. We have built a prototype of our design using Java Native Interface cross-layer calling mechanism for performance requirement. Results from a deployment of AppIS on several kinds of popular apps demonstrate that the new design can prevent our apps from cumulative attack without extra performance cost.
0 Replies
Loading