The working flow of the active Android repacking detection approach is shown in Fig. 1, which includes three main modules: searching candidate branches, generating and embedding code watermarking, packaging application with encryption.
A.Searching Candidate Branches In the first, the approach records all the conditional branches of the Android application by scanning the source code. Where, conditional branches use “==” or “!=” operator, startswith(), endswith(), equals(), etc, and multiple simple conditional such as “&&” or “||”. Then, it makes some changes to the conditional branches and the main source code changes to S1. Next, the approach selects candidate branches according to the judgment of the processed conditional branch operand whether it contains a constant. At the same time, the constants are recorded in the candidate branch key table for the packaging application with encryption module, which is used to encrypt the code watermarking.
B.Generating and Embeding Code Watermarking The code watermarking is generated by compiling and encrypting the detection code and the original code. The detection approach determines whether the application is packaged according to Android application signature. The working flow is shown in Fig. 3, where Ko is the original public key provided by the developer, Kr is the public key extracted from the runtime Android application.
Android system. Android dynamic loading can add execution files other than the application to the main logic of the Android application. student placement system android app source code For example, Android dynamic loading allows an application to load a Dex file, a so library, or even an APK into memory at runtime. Therefore, we separate the code watermarking to form an independent encrypted file (EC), which is shown in Fig. 4. The if branch implements dynamic loading of EC through libSDC. The Android system provides dynamically loaded APIs so that we can use them to implement compatible Android systems. At the same time, the encryption and decryption of the code in the memory are also replaced by the encryption and decryption of the file, so that there is no need to deal with such issues as memory offset and memory alignment.
We separate the self-decrypted code blocks into separate encrypted files. The main code uses native code to decrypt and load encrypted files. Therefore, the watermark embedding process is described as follows: 1. Implementing the libSDC library in advance using native code. The library receives an encrypted Dex file (EC) path and a secret key (X) in the first. Then, the library uses the secret key to decrypt the encrypted Dex file and dynamically loads and runs the decrypted file. 2. Scanning application source code to search for candidate branches. Then, constructing self-decryption code blocks for candidate branches, and extracting code (C) under candidate branches to form a separate file. 3. Compiling a separate file extracted by C to form a Dex file, and then symmetrically encrypting the file using the key a to form an encrypted Dex file (EC). 4. When the execution flow enters the branch, where the variable X is equal to the key a, the key and EC file path are passed as parameters to libSDC. Then, the libSDC decrypts the EC file and dynamically loads and runs the decrypted file. C.Packaging Application with Encryption The core idea of the packaging application with encryption module is that compiling source code trunk S2 and code watermarking set into application trunk Dex and code watermarking Dex set, respectively. Then, the module encryption the code watermarking Dex set according to the candidate branch key table. Even though we have hidden the constants in the candidate branches, we record the keys in the candidate branch key table. Therefore, we can use different keys to encrypt different code watermark Dex by looking up the corresponding key in the key table. Code Shoppy At last, the module packages the libSDC, the encrypted code watermarking Dex set, and the application trunk Dex to generate the corresponding apk. The libSDC library is mainly used to decrypt the encrypted code watermarking Dex set and dynamically loading the decrypted watermarking Dex file.
