Abstract
The Android operating system is vulnerable to various security threats owing to structural problems in Android applications. String obfuscation is one of the required protection schemes developed to protect Android application code. However, string obfuscation is being thwarted by malware makers and malware analysis is becoming more difficult and time-consuming. This paper proposes an automatic string deobfuscation and application programming interface (API) hiding neutralisation scheme that requires no encryption algorithm analysis or encryption key information. The proposed scheme has its own independent obfuscation tool. Further, it extracts and analyses code from the Android platform while the application is being executed and inserts only a return string value from the extracted code into the DEX file. The results of experiments conducted, in which commercial obfuscation tools Allatori, DexGuard, and DexProtector were applied to sample applications, verify the efficacy of the proposed method.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Ad Hoc and Ubiquitous Computing
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
