Android App Protection through Anti-tampering and Anti-debugging Techniques
Loading...
Authors
Wan, Jia
Date
Type
thesis
Language
eng
Keyword
Android , ART , Anti-tampering , Anti-debugging , Android Application
Alternative Title
Abstract
Android devices remain an attractive mobile malware target in recent years. Android applications (or simply apps) in the device are vulnerable to different attacks which can tamper with the execution of an app to change app behavior so that it performs harm to users or can debug an app to steal private data (source code, user data and behavior). Android app protection is necessary to defend app behavior integrity and protect app privacy.
The app cache, where the app actually runs, is vulnerable to being tampered with. Cache tampering allows for the same behavioral changes as piggybacking. Piggybacking an app is to repackage an legitimate app with extra code that can perform malicious acts after installation, such as stealing user sensitive data or displaying unsolicited advertisements. The cache loading process of Android Runtime (ART) can be exploited by cache tampering attacks without rebooting the device.
Security-Enhanced Linux (SELinux) full enforcement has been deployed in the Android platform since Android 5, which enhances the security of Android platform and decreases the security concerns apps should take care of at the same time. Therefore, apps are vulnerable to being debugged in an insecure Android environment such as an emulator or a device with a rooted Android ROM.
We present a comprehensive app protection approach using anti-tampering and anti-debugging techniques. We implement separate solutions in terms of two protections against tampering and debugging. We maintain the integrity of app cache
and implement a lightweight cache protection solution for anti-tampering. We collect debugging points of ART and protect them at runtime from being tampered with. Our solution can be deployed easily across different Android ART-based platforms with little effort. App developers are able to use our techniques to protect their apps.
Description
Citation
Publisher
License
Queen's University's Thesis/Dissertation Non-Exclusive License for Deposit to QSpace and Library and Archives Canada
ProQuest PhD and Master's Theses International Dissemination Agreement
Intellectual Property Guidelines at Queen's University
Copying and Preserving Your Thesis
This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.
ProQuest PhD and Master's Theses International Dissemination Agreement
Intellectual Property Guidelines at Queen's University
Copying and Preserving Your Thesis
This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.