Leveraging Information Asymmetry to Transform Android Apps into Self-Defending Code Against Repackaging Attacks

Kai Chen, Yingjun Zhang, Peng Liu

Research output: Contribution to journalArticlepeer-review

18 Scopus citations


By simply adding malicious code or advertisements in legitimate smartphone apps, attackers could benefit a lot from repackaging. The existing license protection mechanisms can be easily subverted by repackaged apps. A major defense is to detect. However, detection requires finding at least two 'similar' apps simultaneously. We propose a self-defending approach: let a repackaged app automatically expose itself. However, it is very challenging to achieve this goal. If developers and smartphones/users do not share any secret, attackers' app repackaging studio would be able to do whatever legitimate smartphones/users are able to do. We find that there exists a unique information asymmetry between developers and attackers. Leveraging this asymmetry, our new self-defending code (SDC) approach encrypts parts of the app code at compile time and dynamically decrypts the ciphertext code at run-time. Different from previous work, the key is derived from both the information asymmetry and the app's checksum. Once the app is repackaged, the changed checksum will let the app run abnormally, further exposing the repackaging. The information asymmetry protects the key from being attacked. We build a smartphone anti-repackaging system prototype. To the best of our knowledge, this is the first work that lets repackaged apps automatically malfunction while having none effect on a benign app's function.

Original languageEnglish (US)
Pages (from-to)1879-1893
Number of pages15
JournalIEEE Transactions on Mobile Computing
Issue number8
StatePublished - Aug 1 2018

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications
  • Electrical and Electronic Engineering


Dive into the research topics of 'Leveraging Information Asymmetry to Transform Android Apps into Self-Defending Code Against Repackaging Attacks'. Together they form a unique fingerprint.

Cite this