Android App Birthmarking Technique Resilient to Code Obfuscation

A software birthmark is the set of characteristics of a program which can be used to identify the program. Many researchers have studied on detecting theft of java programs using some birthmarks. In case of Android apps, code obfuscation techniques are used to protect the apps against reverse-engineering and tampering. However, attackers can also use the obfuscation techniques in order to conceal a stolen program. A birthmark (feature) of an app can be alterable by code obfuscations. Therefore, it is necessary to detect Android app theft based on the birthmark which is resilient to code obfuscation. In this paper, we propose an effective Android app birthmark and app theft detection through the proposed birthmark. By analyzing some obfuscation tools, we have first selected parameter and the return types of methods as an adequate birthmark. Then, we have measured similarity of target apps using the birthmarks extracted from the apps, where some target apps are not obfuscated and the others obfuscated. The measurement results show that our proposed birthmark is effective for detecting Android app theft even though the apps are obfuscated. 논문 15-40-04-11 The Journal of Korean Institute of Communications and Information Sciences '15-04 Vol.40 No.04 http://dx.doi.org/10.7840/kics.2015.40.4.700 700 ※ 본 연구는 문화체육관광부 및 한국저작권위원회의 2014년도 저작권 기술개발사업과 미래창조과학부 및 정보통신기술진흥센터의 대학ICT연구센터육성 지원사업의 연구결과로 수행되었음 (IITP-2015-H8501-15-1012) First Author : Dankook University Department of Computer Science, kdjorang@dankook.ac.kr, 학생회원 ° Corresponding Author : Dankook University Department of Computer Science & Engineering, sjcho@dankook.ac.kr, 정회원 * Dankook University Department of Computer Science, youngki.chung99@gmail.com ** Dankook University Department of Computer Science & Engineering, jwwoo@dankook.ac.kr *** Hancom Inc., newlife8837@gmail.com **** University of Suwon Department of Information Secrecy, smyang@suwon.ac.kr, 정회원 논문번호:KIC2015-03-063, Received March 23, 2015; Revised April 13, 2015; Accepted April 13, 2015 논문 / 난독화에 강인한 안드로이드 앱 버스마킹 기법