G2 - Keit Team members: ●Siyang Piao ●Peter Huang ●Bojun Jin ●Ivy Wang ●Jing Wang.

Slides:

Advertisements

Similar presentations

Chapter 18 Building the user interface. This chapter discusses n Javas graphical user interface. n Swing: an enhancement of a library called the Abstract.

Advertisements

Cracking the Code of Mobile Application OWASP APPSEC USA 2012

Introduction.  Professor  Adam Porter 

Android architecture overview 1 CS 150. Android  A software stack for mobile devices developed and managed by Open Handset Alliance  Free software under.

Northwestern University, IL, US,

RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.

Build your Android App with Gradle Android new build system.

Phone: +33 (0) ou Web: Slide 1 12/5/2007 Localize with SIAT Another way of translating.

 Juxtapp: A Scalable System for Detecting Code Reuse Among Android Applications  Steve Hanna, Ling Huang, Edward Wu1, Saung Li, Charles Chen, and Dawn.

.NET IL Obfuscation Presented by: Sarath Chandra Dorbala.

SEAgle: Effortless Software Evolution Analysis T. Chaikalis, E. Ligu, G. Melas and A. Chatzigeorgiou Department of Applied Informatics University of Macedonia,

DECOMPILING ANDROID Godfrey Nolan 1DevDay 11/5/11.

Wangjun Hong, Zhengyang Qu, Northwestern University, IL, US,

MOBILE PACKET MONITOR Josue Martins (front end) Chisha Malama (back end) Supervised by Dr WD Tucker & Mr Michael Norman.

ANDROID PROGRAMMING MODULE 1 – GETTING STARTED

Version Control. What is Version Control? Manages file sharing for Concurrent Development Keeps track of changes with Version Control SubVersion (SVN)

Of Bytes, Cycles and Battery Life. Who am [2] [1]

Android Programming Day best Android Apps Lzo&feature=fvwrel.

Reverse Engineering Obfuscated Android Applications

Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.

Application Security Tom Chothia Computer Security, Lecture 14.

APKInspector -Static Analysis of Android Applications Student: Yuan Tian Mentor: Cong Zheng Backup Mentor: Anthony Kara Jianwei 08/22/2012.

PARSING FACEBOOK DATA FOR ANDROID 1. Step by Step  Import Android SDK  Get the hash key  Create a new app  Create a new project in Eclipse 

Copyright© Jeffrey Jongko, Ateneo de Manila University Android.

Basic Android Tutorial USF’s Association for Computing Machinery.

Rajab Davudov. Agenda Eclipse, ADT and Android SDK APK file Fundamentals – Activity – Service – Content Provider – Broadcast Receiver – Intent Hello World.

ECE 495: VIP SMARTPHONE STEGANOGRAPHY ANDROID APP Alex Buschkoetter, Greg Brener.

Android fundamentals yuan jin mar. 14, android lifecycle.

Injection Mark Shtern. Example Code from old IRIX login screen: char buf[1024]; snprintf(buf, "system lpr -P %s", user_input, sizeof(buf)- 1); system(buf);

The Terminator to Android Hardening Services

EECS 354 Network Security Reverse Engineering. Introduction Preventing Reverse Engineering Reversing High Level Languages Reversing an ELF Executable.

Computer Science and Engineering The Ohio State University  Widely used, especially in the opensource community, to track all changes to a project and.

Android Security Auditing Slides and projects at samsclass.info.

Christopher Kruegel University of California Engin Kirda Institute Eurecom Clemens Kolbitsch Thorsten Holz Secure Systems Lab Vienna University of Technology.

Creating an Example Android App in Android Studio Activity lifecycle & UI Resources.

RIVERSIDE RESEARCH INSTITUTE Deobfuscator: An Automated Approach to the Identification and Removal of Code Obfuscation Eric Laspe, Reverse Engineer Jason.

© All rights reserved. U.S International Tech Support

1 Java applications reverse engineering Antoni Bertel AUGUST 4, 2015.

Slides and projects at samsclass.info. Adding Trojans to Apps Slides and projects at samsclass.info.

ElVis Improvements Summer 2008 Eric Zatz PPPL Summer Intern Mentor – Eliot Feibush August 11, 2008.

Canh Le My  Motivation  Android app packing  How android execute your application  Available tools  Demonstration 2.

VMM Based Rootkit Detection on Android

 Used to be applicable to literary corpus/ academia only  Source code similarity/plagiarism detection is very important  “Moss” is the most widely.

A method for using cloud computing for Android By: Collin Molnar.

 Group 6 Project Presentation. Application Overview  The idea of the Android application is to use the Gale–Shapley algorithm that will match Medical.

Rogue Wireless Router By Alex Crowell and James Kasten.

Authors: William Enck & Patrick McDaniel In collaboration with: Duke University and Intel Labs Presentation: Ed Novak 1.

Mobile Hacking - Fundamentals

INFO 448: Android Development

Application of Obfuscation Techniques on Android Applications

Android Development.

Testing with Selenium IDE

Cash Me Presented By Group 8 Kartik Patel, Aaron Zhong, Wen-Kai Chen,

Android Runtime – Dalvik VM

Steganography Example

Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques Presented by Vikraman Mohan.

TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime Sadiq Basha.

Presented by Xiaohui (Amy) Lin

Siegfried Rasthofer, Steven Arzt, Marc Miltenberger, Eric Bodden

Un</br>able’s MySecretSecrets

MonoGame and Windows 8.

“just-in-time” compilation (JIT) technique prepared by - Harshada Hole

Title of Presentation Presenters Name Presenters Title, Institution.

CHAPTER 1 Introduction Chapter objectives: Understand what Android is

Android Platform, Android App Basic Components

Use Cases Simple Machine Translation (using Rainbow)

Gesto: Mapping UI Events to Gestures and Voice Commands

Presentation transcript:

G2 - Keit Team members: ●Siyang Piao ●Peter Huang ●Bojun Jin ●Ivy Wang ●Jing Wang

App - WhoTouchedMyPhone How it works 1. Open the app, Wait for 30 seconds.(In case you have something left to do before you leave). 2. Turn off the screen and leave. 3. If someone used your phone. When you open the app again, the text will be changed. We used Android Sensor for Motion Detection. The service keeps tracking the Accelerometer on X and Y axes.

Demo

Overview of Keit - Identifier Mangling

Overview of Keit - Method Extraction

Base on the idea and demo code from an blog[1] Put our APK file into a shell application Use the shell application to run our APK file Our Apk Shell Apk Overview of Keit - Add a Shell

Shell APK Lib META-INFO res Classes.dex …….. Our APK Binary data Encrypt Encrypt our APK file Put the encrypt data into Dex file of the shell APK Dex shell tool: Automate this process Process

Checksum Signature File_size ………… Unshell Dex Original APK Size of original APK Modify checksum, signature and file_size in the header of Dex file Put the size of our Apk file at the end of Dex file Modified Dex file

Run the application Start the shell application Get data from Dex file Decrypt the binary data Write data into a temporary APK file Dynamically load the application Run our application

Keit: Automated tool

Automate the process

Evaluation of Keit ✖ Protect actual codes from decompilers BeforeAfter

Evaluation Cont. PerformanceBefore vs After FunctionsSame. InitializingSlower by approx 1s. InstallationNo significant difference. ➔ Size increased by 1 MB.

Limitation ✖ API Version Restriction. ✖ Application Class must exist. ✖ Source codes required.

Improvement ✖ Extract source code automatically ✖ Include white noise ✖ Encrypt AndroidManifest.xml

Comparison Obfuscation ToolSource CodeDalvik BytecodeAPK Binary Code ProGuard DexGuard Allatori Dalvik-Obfuscator APKfuscator Keit

Comparison Cont. -String encryption, junk byte insertion, self- modifying native code, … -Merge method, encapsulate field, … - Dalvik bytecode encryption with an interpreter

Reverse Engineering

Questions? ✖ Thanks for your attention =)