Practical Android Software Protection in the Wild

Practical Android Software Protection in the Wild

연구 분야: Cryptography

학회: ACM Computing Surveys, Volume 58, Issue 2

Software protection refers to a range of methods used to protect applications against reverse engineering. Although this term is commonly used, distinctions arise in the specific tools and techniques utilized, such as packers, protectors, and obfuscators, as each category employs different strategies to defend applications against analysis. Given the growing importance of protecting intellectual property and sensitive user information stored in mobile applications, these protective measures have become indispensable. This article presents a taxonomy categorizing and describing the main techniques used to secure Android applications. Additionally, we analyze the available software tools designed to aid developers in protecting their applications, as well as their prevalence in the wild using a longitudinal dataset comprising nearly 2.5 million apps, including malicious software, pre-installed applications, and regular market application. Our key findings show that, although the use of software protection techniques has been steadily increasing over the last decade, they are still used only by a small fraction of applications in the Android ecosystem. Games and financial applications are by far the ones that most commonly use some form of protection, and we also observe noticeable differences between marketplaces.