Leveraging Information Asymmetry to Transform Android Apps into Self-Defending Code Against Repackaging Attacks

Kai Chen, Yingjun Zhang, Peng Liu

Research output: Contribution to journalArticle

2 Citations (Scopus)

Abstract

By simply adding malicious code or advertisements in legitimate smartphone apps, attackers could benefit a lot from repackaging. The existing license protection mechanisms can be easily subverted by repackaged apps. A major defense is to detect. However, detection requires finding at least two 'similar' apps simultaneously. We propose a self-defending approach: let a repackaged app automatically expose itself. However, it is very challenging to achieve this goal. If developers and smartphones/users do not share any secret, attackers' app repackaging studio would be able to do whatever legitimate smartphones/users are able to do. We find that there exists a unique information asymmetry between developers and attackers. Leveraging this asymmetry, our new self-defending code (SDC) approach encrypts parts of the app code at compile time and dynamically decrypts the ciphertext code at run-time. Different from previous work, the key is derived from both the information asymmetry and the app's checksum. Once the app is repackaged, the changed checksum will let the app run abnormally, further exposing the repackaging. The information asymmetry protects the key from being attacked. We build a smartphone anti-repackaging system prototype. To the best of our knowledge, this is the first work that lets repackaged apps automatically malfunction while having none effect on a benign app's function.

Original languageEnglish (US)
Pages (from-to)1879-1893
Number of pages15
JournalIEEE Transactions on Mobile Computing
Volume17
Issue number8
DOIs
StatePublished - Aug 1 2018

Fingerprint

Application programs
Mathematical transformations
Smartphones
Android (operating system)
Studios

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this

@article{e48e0889f45c4678922c0a0924665802,
title = "Leveraging Information Asymmetry to Transform Android Apps into Self-Defending Code Against Repackaging Attacks",
abstract = "By simply adding malicious code or advertisements in legitimate smartphone apps, attackers could benefit a lot from repackaging. The existing license protection mechanisms can be easily subverted by repackaged apps. A major defense is to detect. However, detection requires finding at least two 'similar' apps simultaneously. We propose a self-defending approach: let a repackaged app automatically expose itself. However, it is very challenging to achieve this goal. If developers and smartphones/users do not share any secret, attackers' app repackaging studio would be able to do whatever legitimate smartphones/users are able to do. We find that there exists a unique information asymmetry between developers and attackers. Leveraging this asymmetry, our new self-defending code (SDC) approach encrypts parts of the app code at compile time and dynamically decrypts the ciphertext code at run-time. Different from previous work, the key is derived from both the information asymmetry and the app's checksum. Once the app is repackaged, the changed checksum will let the app run abnormally, further exposing the repackaging. The information asymmetry protects the key from being attacked. We build a smartphone anti-repackaging system prototype. To the best of our knowledge, this is the first work that lets repackaged apps automatically malfunction while having none effect on a benign app's function.",
author = "Kai Chen and Yingjun Zhang and Peng Liu",
year = "2018",
month = "8",
day = "1",
doi = "10.1109/TMC.2017.2782249",
language = "English (US)",
volume = "17",
pages = "1879--1893",
journal = "IEEE Transactions on Mobile Computing",
issn = "1536-1233",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "8",

}

Leveraging Information Asymmetry to Transform Android Apps into Self-Defending Code Against Repackaging Attacks. / Chen, Kai; Zhang, Yingjun; Liu, Peng.

In: IEEE Transactions on Mobile Computing, Vol. 17, No. 8, 01.08.2018, p. 1879-1893.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Leveraging Information Asymmetry to Transform Android Apps into Self-Defending Code Against Repackaging Attacks

AU - Chen, Kai

AU - Zhang, Yingjun

AU - Liu, Peng

PY - 2018/8/1

Y1 - 2018/8/1

N2 - By simply adding malicious code or advertisements in legitimate smartphone apps, attackers could benefit a lot from repackaging. The existing license protection mechanisms can be easily subverted by repackaged apps. A major defense is to detect. However, detection requires finding at least two 'similar' apps simultaneously. We propose a self-defending approach: let a repackaged app automatically expose itself. However, it is very challenging to achieve this goal. If developers and smartphones/users do not share any secret, attackers' app repackaging studio would be able to do whatever legitimate smartphones/users are able to do. We find that there exists a unique information asymmetry between developers and attackers. Leveraging this asymmetry, our new self-defending code (SDC) approach encrypts parts of the app code at compile time and dynamically decrypts the ciphertext code at run-time. Different from previous work, the key is derived from both the information asymmetry and the app's checksum. Once the app is repackaged, the changed checksum will let the app run abnormally, further exposing the repackaging. The information asymmetry protects the key from being attacked. We build a smartphone anti-repackaging system prototype. To the best of our knowledge, this is the first work that lets repackaged apps automatically malfunction while having none effect on a benign app's function.

AB - By simply adding malicious code or advertisements in legitimate smartphone apps, attackers could benefit a lot from repackaging. The existing license protection mechanisms can be easily subverted by repackaged apps. A major defense is to detect. However, detection requires finding at least two 'similar' apps simultaneously. We propose a self-defending approach: let a repackaged app automatically expose itself. However, it is very challenging to achieve this goal. If developers and smartphones/users do not share any secret, attackers' app repackaging studio would be able to do whatever legitimate smartphones/users are able to do. We find that there exists a unique information asymmetry between developers and attackers. Leveraging this asymmetry, our new self-defending code (SDC) approach encrypts parts of the app code at compile time and dynamically decrypts the ciphertext code at run-time. Different from previous work, the key is derived from both the information asymmetry and the app's checksum. Once the app is repackaged, the changed checksum will let the app run abnormally, further exposing the repackaging. The information asymmetry protects the key from being attacked. We build a smartphone anti-repackaging system prototype. To the best of our knowledge, this is the first work that lets repackaged apps automatically malfunction while having none effect on a benign app's function.

UR - http://www.scopus.com/inward/record.url?scp=85038384435&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85038384435&partnerID=8YFLogxK

U2 - 10.1109/TMC.2017.2782249

DO - 10.1109/TMC.2017.2782249

M3 - Article

AN - SCOPUS:85038384435

VL - 17

SP - 1879

EP - 1893

JO - IEEE Transactions on Mobile Computing

JF - IEEE Transactions on Mobile Computing

SN - 1536-1233

IS - 8

ER -