State of Obfuscation: A Longitudinal Study of Code Obfuscation Practices in Google Play Store

State of Obfuscation: A Longitudinal Study of Code Obfuscation Practices in Google Play Store

연구 분야: Analysis

학회: SAC '25: Proceedings of the 40th ACM/SIGAPP Symposium on Applied Computing

The Android ecosystem faces threats such as app repackaging, counterfeiting, and piracy, prompting developers to adopt code obfuscation. While it protects legitimate apps, obfuscation can hinder security analysis and be misused for malicious purposes. This study analyzes over 500,000 Android APKs from Google Play, spanning eight years, to investigate the evolution and prevalence of obfuscation techniques. Using custom classifiers, we detect obfuscated code, tools, and techniques, revealing a 13% increase in obfuscation from 2016 to 2023. ProGuard and Allatori are the most commonly used tools, with obfuscation being particularly common in gaming apps, such as Casino games. This first large-scale study provides critical insights for developers and security analysts.