JOURNAL BROWSE
Search
Advanced SearchSearch Tips
Structural and Functional Analyses of ProGuard Obfuscation Tool
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Structural and Functional Analyses of ProGuard Obfuscation Tool
Piao, Yuxue; Jung, Jin-Hyuk; Yi, Jeong Hyun;
  PDF(new window)
 Abstract
Android applications can be easily decompiled owing to their structural characteristics, in which applications are developed using Java and are self-signed so that applications modified in this way can be repackaged. It will be crucial that this inherent vulnerability may be used to an increasing number of Android-based financial service applications, including banking applications. Thus, code obfuscation techniques are used as one of solutions to protect applications against their forgery. Currently, many of applications distributed on Android market are using ProGuard as an obfuscation tool. However, ProGuard takes care of only the renaming obfuscation, and using this method, the original opcodes remain unchanged. In this paper, we thoroughly analyze obfuscation mechanisms applied in ProGuard, investigate its limitations, and give some direction about its improvement.
 Keywords
Obfuscation;ProGuard;Android Security;
 Language
Korean
 Cited by
1.
축약된 인스트럭션 시퀀스를 이용한 안드로이드 게임 리패키징 탐지 기법,이기성;김휘강;

한국게임학회 논문지, 2013. vol.13. 6, pp.85-94 crossref(new window)
2.
안드로이드 앱 변조 방지를 위한 APK 덮어쓰기 기법,최병하;심형준;이찬희;조상욱;조성제;

한국통신학회논문지, 2014. vol.39B. 5, pp.309-316 crossref(new window)
3.
소셜 네트워크 게임(SNG) 서비스의 개인정보 유출 및 보안위협 대응방안에 관한 연구,이상원;김휘강;김은진;

한국게임학회 논문지, 2015. vol.15. 1, pp.77-88 crossref(new window)
4.
안드로이드 환경에서 자바 리플렉션과 동적 로딩을 이용한 코드 은닉법,김지윤;고남현;박용수;

정보보호학회논문지, 2015. vol.25. 1, pp.17-30 crossref(new window)
5.
자바 자동 식별자 리네이밍 기법 및 보호 방법,김지윤;홍수화;고남현;이우승;박용수;

한국통신학회논문지, 2015. vol.40. 4, pp.709-719 crossref(new window)
6.
난독화에 강인한 안드로이드 앱 버스마킹 기법,김동진;조성제;정영기;우진운;고정욱;양수미;

한국통신학회논문지, 2015. vol.40. 4, pp.700-708 crossref(new window)
7.
Design and Implementation of the Authentication System for In-app Billing in Mobile Environments,;;

한국컴퓨터정보학회논문지, 2016. vol.21. 2, pp.61-69 crossref(new window)
8.
윈도우 환경에서 사용자 프로그램 실행 권한 제어 기능 설계,장승주;

한국정보통신학회논문지, 2016. vol.20. 8, pp.1553-1560 crossref(new window)
 References
1.
J. H. Jung, J. Y. Kim, H. C. Lee, and J. H. Yi, "Repackaging attack on android banking applications and its countermeasures," J. Wireless Personal Communications(WPC)., [Online], Available: http://link.springer.com/content/pdf/10.1007%2 Fs11277-013-1258-x.pdf, June. 2013.

2.
G. I. Ma, H. C. Lee, and J. H. Yi, "A secure short-range wireless connectivity scheme for mobile wallet services," J. KIISE : Inform. Networking, vol. 38, no. 5, pp. 394-404, Oct. 2011.

3.
C. Collberg, C. Thomborson, and D. Low, "A taxonomy of obfuscating transformations," Technical Report No. 148, Univ. Auckland, New Zealand, 1997.

4.
Eric Lafortune, ProGuard, Retrieved May., 2013, from http://proguard.sourceforge.net/.

5.
T. Lindholm, F. Yellin, G. Bracha, and A. Buckley, "The Java virtual machine specification: Java SE 7 Edition," Oracle America, Feb. 2013.

6.
PreEmptive Solutions, DashOPro, Retrieved May., 2013, from http://www.preemptive.com.

7.
Allatori, Java obfuscator, Retrieved May., 2013, from http://www.allatori.com.

8.
Saikoa, DexGuard, Retrieved May., 2013, from http://www.saikoa.com/.

9.
Wikipedia, Visitor Pattern, Retrieved May., 2013, from http://en.wikipedia.org/wiki/Visitor_pattern.

10.
Java Decompiler, Retrieved May., 2013, from http://java.decompiler.free.fr/.