Progressive Control Flow Obfuscation for Android Applications

Page view(s)
9
Checked on Nov 14, 2022
Progressive Control Flow Obfuscation for Android Applications
Title:
Progressive Control Flow Obfuscation for Android Applications
Other Titles:
TENCON 2018 - 2018 IEEE Region 10 Conference
Publication Date:
28 October 2018
Citation:
L. Zhang, H. Meng and V. L. L. Thing, "Progressive Control Flow Obfuscation for Android Applications," TENCON 2018 - 2018 IEEE Region 10 Conference, Jeju, Korea (South), 2018, pp. 1075-1079. doi: 10.1109/TENCON.2018.8650141
Abstract:
Android bytecode is easy to reverse engineer. It has been a common practice for Android application developers to protect their applications with obfuscation techniques. Control flow obfuscation aims to make it more difficult to determine the actual application control flows and thereby impede the understanding of the application logic by the attacker. Despite of the strong potency (i.e., high complexity increment), control flow obfuscation usually incurs a large overhead due to the call and return instructions inserted, which makes the application developer reluctant to use it in practice. In this paper, we present a pragmatic control-flow obfuscation approach where the application developer has more freedom to customize the tradeoff between the achieved complexity and overhead. A new subset of application methods will be obfuscated by using a combination of packed-switch and try-catch constructs in different rounds, and larger methods are obfuscated by creating more code fragments in earlier rounds. After each round, the complexity increment will be automatically calculated using our implemented cyclomatic complexity based metric and checked against the target complexity increment. In other words, the obfuscation is conducted in a progressive manner until the target complexity increment is reached. The experimental results show that our method incurs averaged area overhead of 4.07% while achieving almost double complexity increment than the existing method when the same number of application methods are obfuscated.
License type:
PublisherCopyrights
Funding Info:
This material is based on research work supported by the Singapore National Research Foundation under NCR Award No. NRF2014NCR-NCR001-034.
Description:
(c) 2018 IEEE.
ISSN:
2159-3450
2159-3442
Files uploaded:
File Size Format Action
There are no attached files.