TY - JOUR
T1 - Leveraging Information Asymmetry to Transform Android Apps into Self-Defending Code Against Repackaging Attacks
AU - Chen, Kai
AU - Zhang, Yingjun
AU - Liu, Peng
N1 - Funding Information:
The authors would like to thank the editors and anonymous reviewers for their valuable comments. Kai Chen was supported by the National Key R&D Program of China (No. 2016QY04W0805), NSFC U1536106, 61728209, the National Top-notch Youth Talents Program of China, the Youth Innovation Promotion Association CAS, and the Beijing Nova Program. Yingjun Zhang was supported by the National High Technology R&D Program of China (863 Program) (No. 2015AA016006) and a research grant from Ant Financial. Peng Liu was supported by ARO W911NF-13-1-0421 (MURI), NSF CNS-1422594, NSF CNS-1505664, and NSF CCF-1320605.
Publisher Copyright:
© 2002-2012 IEEE.
PY - 2018/8/1
Y1 - 2018/8/1
N2 - By simply adding malicious code or advertisements in legitimate smartphone apps, attackers could benefit a lot from repackaging. The existing license protection mechanisms can be easily subverted by repackaged apps. A major defense is to detect. However, detection requires finding at least two 'similar' apps simultaneously. We propose a self-defending approach: let a repackaged app automatically expose itself. However, it is very challenging to achieve this goal. If developers and smartphones/users do not share any secret, attackers' app repackaging studio would be able to do whatever legitimate smartphones/users are able to do. We find that there exists a unique information asymmetry between developers and attackers. Leveraging this asymmetry, our new self-defending code (SDC) approach encrypts parts of the app code at compile time and dynamically decrypts the ciphertext code at run-time. Different from previous work, the key is derived from both the information asymmetry and the app's checksum. Once the app is repackaged, the changed checksum will let the app run abnormally, further exposing the repackaging. The information asymmetry protects the key from being attacked. We build a smartphone anti-repackaging system prototype. To the best of our knowledge, this is the first work that lets repackaged apps automatically malfunction while having none effect on a benign app's function.
AB - By simply adding malicious code or advertisements in legitimate smartphone apps, attackers could benefit a lot from repackaging. The existing license protection mechanisms can be easily subverted by repackaged apps. A major defense is to detect. However, detection requires finding at least two 'similar' apps simultaneously. We propose a self-defending approach: let a repackaged app automatically expose itself. However, it is very challenging to achieve this goal. If developers and smartphones/users do not share any secret, attackers' app repackaging studio would be able to do whatever legitimate smartphones/users are able to do. We find that there exists a unique information asymmetry between developers and attackers. Leveraging this asymmetry, our new self-defending code (SDC) approach encrypts parts of the app code at compile time and dynamically decrypts the ciphertext code at run-time. Different from previous work, the key is derived from both the information asymmetry and the app's checksum. Once the app is repackaged, the changed checksum will let the app run abnormally, further exposing the repackaging. The information asymmetry protects the key from being attacked. We build a smartphone anti-repackaging system prototype. To the best of our knowledge, this is the first work that lets repackaged apps automatically malfunction while having none effect on a benign app's function.
UR - http://www.scopus.com/inward/record.url?scp=85038384435&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85038384435&partnerID=8YFLogxK
U2 - 10.1109/TMC.2017.2782249
DO - 10.1109/TMC.2017.2782249
M3 - Article
AN - SCOPUS:85038384435
SN - 1536-1233
VL - 17
SP - 1879
EP - 1893
JO - IEEE Transactions on Mobile Computing
JF - IEEE Transactions on Mobile Computing
IS - 8
ER -