NORMA eResearch @NCI Library

Protecting the integrity of Android applications by employing automated self-introspection methods

Jadhav, Swapnil (2020) Protecting the integrity of Android applications by employing automated self-introspection methods. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (458kB) | Preview
[thumbnail of Configuration manual]
Preview
PDF (Configuration manual)
Download (250kB) | Preview

Abstract

The Android ecosystem gained a huge popularity and market share owing to wider compatibility and its open-source nature. But it also suffers from circulation of counterfeit applications resulting from repackaging attacks. Such attacks are aided by easy reverse engineering and the application’s poor self-defence mechanisms. It results in an adversary being able to modify the application to introduce additional functionalities like embedding a spyware, malware, ransomwares and other malicious codes. To defend against the repackaging attacks the android applications are protected with various obfuscation, anti-debugging, anti reversing and anti-tampering schemes. However, the protection mechanism solely lies at the client side and are susceptible to the reverse engineering thereby rendering them ineffective. This paper proposes a new mechanism to detect the tampered apps and prevent it from communicating with the application server. The mechanism aims at separating the client-side tamper-detection logic from the main application and placing it in the android’s system partition. The other part of verification logic will reside at the application server and co-ordinate with the client-side’s logic via a cryptographic token. The proposed mechanism first detects the tampered application and later cuts off its communication with the application server thereby rendering it non-operational.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Dan English
Date Deposited: 26 Jan 2021 16:37
Last Modified: 26 Jan 2021 16:37
URI: https://norma.ncirl.ie/id/eprint/4496

Actions (login required)

View Item View Item