Technologies

Discover, Connect & Collaborate at TECHINNOVATION 2021

Android Application Obfuscator

Technology Overview

We have developed a new source-code-level obfuscating tool which performs sophisticated and novel code obfuscation for Android applications. We not only rely on existing techniques such as control flow flattening, but also adopt a newly discovered continuous passing technique in control flow obfuscation.

Technology Features, Specifications and Advantages

Java is one of the popular programming languages with a long history of success. But Java programs, bytecodes; the output of the compilation process, can be easily reverse engineered using free tools readily available on the Internet. In the mobile application context, users can gain full access to the application bytecodes, allowing malicious users to gain access to the reverse-engineered source codes and to obtain unauthorized information, or bypass security checks to gain access to secure resources.

Some effort has been put in to address this issue. For example, Proguard, a standard Android bytecodes obfuscator and optimizer, only performs variable and function renaming. But such simple obfuscation process is unable to conceal information from experienced hackers who are equipped with advanced technologies and tools such as static and dynamic code analysers.

Our solution works with and enhanced Proguard to obfuscate Android applications at the source code level, rather than at the byte-code level.

Potential Applications

Most reverse engineering tool de-compiles byte code or machine code back into source codes. Static analysis tools make assumptions about the flow of the program to reverse engineer the flow of the program that our obfuscated code currently avoids. This allows app developers to better obfuscate important parts of their application from prying-eyes.

Customer Benefit

Developers of e-Commerce, streaming, and other apps that protect resources through a paywall or implement any security features could apply source-code level obfuscation to prevent reverse engineering. This provides an additional layer of security from prying eyes.

OVERVIEW
Contact Person

Diana Sutanto

Organisation

Nanyang Polytechnic

Technology Category

  • Infocomm
  • Security & Privacy

Technology Readiness Level

Keywords

Obfuscator, Android, Source-code, anti reverse-engineering, Java