Code Protection Using Obfuscation Techniques for Android Package Kit

Abstract

In this era, innovations and transformations in android applications are introduced daily not just to fulfill the latest trends and demands but also to overcome the number of intrusion attacks being imposed on the security of these applications. Thus, the vulnerability of these applications remains at large. To put it in a nutshell, most of the attacks on android applications are performed by reverse-engineering the application’s ‘APK’ file. Throughout devising the security techniques, the concept of obfuscation has been used to somehow secure these applications. Generally, the action of forging something to make it unclear or vague is termed as obfuscation. Therefore, several obfuscation techniques have been developed to obtain optimal security. However, the accuracy of these techniques still lacks in various aspects. By integrating the concept of some of the most prominent obfuscation methods such as string encryption, identifier renaming, and Java reflection, an enhanced obfuscation tool has been developed ensuring that the process of reverse-engineering attacks becomes futile and ineffective. A user-friendly Graphical User Interface (GUI) has been designed that assists in understanding the mechanism of the tool. Moreover, to ensure the accuracy of the devised tool, the API of a renowned malware detection tool ‘Virus-Total’ has been integrated into the system that generates a report stating the optimal results. The benefit of implementing this API is that a report is generated that lists the types of obfuscation methods and techniques being used to secure the application. Also, it tells whether the APK consists of malware or not.