Presentation is loading. Please wait.

Presentation is loading. Please wait.

G2 - Keit Team members: ●Siyang Piao ●Peter Huang ●Bojun Jin ●Ivy Wang ●Jing Wang.

Published bySydney Newman Modified over 7 years ago

Similar presentations

Presentation on theme: "G2 - Keit Team members: ●Siyang Piao ●Peter Huang ●Bojun Jin ●Ivy Wang ●Jing Wang."— Presentation transcript:

1 G2 - Keit Team members: ●Siyang Piao ●Peter Huang ●Bojun Jin ●Ivy Wang ●Jing Wang

2 App - WhoTouchedMyPhone How it works 1. Open the app, Wait for 30 seconds.(In case you have something left to do before you leave). 2. Turn off the screen and leave. 3. If someone used your phone. When you open the app again, the text will be changed. We used Android Sensor for Motion Detection. The service keeps tracking the Accelerometer on X and Y axes.

3 Demo

4 Overview of Keit - Identifier Mangling

5 Overview of Keit - Method Extraction

6 Base on the idea and demo code from an blog[1] Put our APK file into a shell application Use the shell application to run our APK file Our Apk Shell Apk Overview of Keit - Add a Shell

7 Shell APK Lib META-INFO res Classes.dex …….. Our APK Binary data Encrypt Encrypt our APK file Put the encrypt data into Dex file of the shell APK Dex shell tool: Automate this process Process

8 ........... Checksum Signature File_size ………… Unshell Dex Original APK Size of original APK Modify checksum, signature and file_size in the header of Dex file Put the size of our Apk file at the end of Dex file Modified Dex file

9 Run the application Start the shell application Get data from Dex file Decrypt the binary data Write data into a temporary APK file Dynamically load the application Run our application

10 Keit: Automated tool

11 Automate the process

12 Evaluation of Keit ✖ Protect actual codes from decompilers BeforeAfter

13 Evaluation Cont. PerformanceBefore vs After FunctionsSame. InitializingSlower by approx 1s. InstallationNo significant difference. ➔ Size increased by 1 MB.

14 Limitation ✖ API Version Restriction. ✖ Application Class must exist. ✖ Source codes required.

15 Improvement ✖ Extract source code automatically ✖ Include white noise ✖ Encrypt AndroidManifest.xml

16 Comparison Obfuscation ToolSource CodeDalvik BytecodeAPK Binary Code ProGuard DexGuard Allatori Dalvik-Obfuscator APKfuscator Keit

17 Comparison Cont. -String encryption, junk byte insertion, self- modifying native code, … -Merge method, encapsulate field, … - Dalvik bytecode encryption with an interpreter

18 Reverse Engineering

19 Questions? ✖ Thanks for your attention =)

20

Download ppt "G2 - Keit Team members: ●Siyang Piao ●Peter Huang ●Bojun Jin ●Ivy Wang ●Jing Wang."

Similar presentations

Chapter 18 Building the user interface. This chapter discusses n Javas graphical user interface. n Swing: an enhancement of a library called the Abstract.

Chapter 18 Building the user interface. This chapter discusses n Javas graphical user interface. n Swing: an enhancement of a library called the Abstract.
Cracking the Code of Mobile Application OWASP APPSEC USA 2012

Cracking the Code of Mobile Application OWASP APPSEC USA 2012
Introduction.  Professor  Adam Porter 

Introduction.  Professor  Adam Porter 
Android architecture overview 1 CS 150. Android  A software stack for mobile devices developed and managed by Open Handset Alliance  Free software under.

Android architecture overview 1 CS 150. Android  A software stack for mobile devices developed and managed by Open Handset Alliance  Free software under.
Northwestern University, IL, US,

Northwestern University, IL, US,
RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.

RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.
Build your Android App with Gradle Android new build system.

Build your Android App with Gradle Android new build system.
Phone: +33 (0)4 93 65 94 96 ou +1 514 448-2198 Web: Slide 1 12/5/2007 Localize with SIAT Another way of translating.

Phone: +33 (0) ou Web: Slide 1 12/5/2007 Localize with SIAT Another way of translating.
 Juxtapp: A Scalable System for Detecting Code Reuse Among Android Applications  Steve Hanna, Ling Huang, Edward Wu1, Saung Li, Charles Chen, and Dawn.

 Juxtapp: A Scalable System for Detecting Code Reuse Among Android Applications  Steve Hanna, Ling Huang, Edward Wu1, Saung Li, Charles Chen, and Dawn.
.NET IL Obfuscation Presented by: Sarath Chandra Dorbala.

.NET IL Obfuscation Presented by: Sarath Chandra Dorbala.
SEAgle: Effortless Software Evolution Analysis T. Chaikalis, E. Ligu, G. Melas and A. Chatzigeorgiou Department of Applied Informatics University of Macedonia,

SEAgle: Effortless Software Evolution Analysis T. Chaikalis, E. Ligu, G. Melas and A. Chatzigeorgiou Department of Applied Informatics University of Macedonia,
DECOMPILING ANDROID Godfrey Nolan 1DevDay 11/5/11.

DECOMPILING ANDROID Godfrey Nolan 1DevDay 11/5/11.
Wangjun Hong, Zhengyang Qu, Northwestern University, IL, US,

Wangjun Hong, Zhengyang Qu, Northwestern University, IL, US,
MOBILE PACKET MONITOR Josue Martins (front end) Chisha Malama (back end) Supervised by Dr WD Tucker & Mr Michael Norman.

MOBILE PACKET MONITOR Josue Martins (front end) Chisha Malama (back end) Supervised by Dr WD Tucker & Mr Michael Norman.
ANDROID PROGRAMMING MODULE 1 – GETTING STARTED

ANDROID PROGRAMMING MODULE 1 – GETTING STARTED
Version Control. What is Version Control? Manages file sharing for Concurrent Development Keeps track of changes with Version Control SubVersion (SVN)

Version Control. What is Version Control? Manages file sharing for Concurrent Development Keeps track of changes with Version Control SubVersion (SVN)
Of Bytes, Cycles and Battery Life. Who am [2] [1]

Of Bytes, Cycles and Battery Life. Who am [2] [1]
Android Programming Day 1. 25 best Android Apps Lzo&feature=fvwrel.

Android Programming Day best Android Apps Lzo&feature=fvwrel.
Reverse Engineering Obfuscated Android Applications

Reverse Engineering Obfuscated Android Applications
Introduction to Android Swapnil Pathak www.SecurityXploded.com Advanced Malware Analysis Training Series.

Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.

Similar presentations

Ads by Google