Scribd Logo
Upload

Welcome to Scribd!

  • 32 views

    App Security: Client Side Protection

    Uploaded by

    Mohammed Moufti
    This document discusses various strategies for making an app difficult to reverse engineer, including: 1) Eliminating symbolic information to remove obvious textual clues from code. 2) Obfuscating an app's logic, layout, data and organization to make it less readable while maintaining functionality. 3) Encrypting parts of code using proprietary encryption/decryption algorithms. 4) Checking for device-specific installation details and comparing checksums of code and libraries to detect changes. 5) Inserting irrelevant code to confuse disassemblers and detecting debugging to complicate debugging an app.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    App Security: Client Side Protection

    Uploaded by

    Mohammed Moufti
    32 views16 pages
    This document discusses various strategies for making an app difficult to reverse engineer, including: 1) Eliminating symbolic information to remove obvious textual clues from code. 2) Obfuscating an app's logic, layout, data and organization to make it less readable while maintaining functionality. 3) Encrypting parts of code using proprietary encryption/decryption algorithms. 4) Checking for device-specific installation details and comparing checksums of code and libraries to detect changes. 5) Inserting irrelevant code to confuse disassemblers and detecting debugging to complicate debugging an app.

    Original Description:

    Original Title

    App Security

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses various strategies for making an app difficult to reverse engineer, including: 1) Eliminating symbolic information to remove obvious textual clues from code. 2) Obfuscating an app's logic, layout, data and organization to make it less readable while maintaining functionality. 3) Encrypting parts of code using proprietary encryption/decryption algorithms. 4) Checking for device-specific installation details and comparing checksums of code and libraries to detect changes. 5) Inserting irrelevant code to confuse disassemblers and detecting debugging to complicate debugging an app.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    32 views16 pages

    App Security: Client Side Protection

    Uploaded by

    Mohammed Moufti
    This document discusses various strategies for making an app difficult to reverse engineer, including: 1) Eliminating symbolic information to remove obvious textual clues from code. 2) Obfuscating an app's logic, layout, data and organization to make it less readable while maintaining functionality. 3) Encrypting parts of code using proprietary encryption/decryption algorithms. 4) Checking for device-specific installation details and comparing checksums of code and libraries to detect changes. 5) Inserting irrelevant code to confuse disassemblers and detecting debugging to complicate debugging an app.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 16

    App Security

    Client Side Protection


    App Ecosystem
    App
    License
    Verification
    Library
    Activity
    Market License
    Server
    App Stores
    Market
    App
    binder
    Download &
    install
    VALID / INVALID
    User Purchase
    nfo
    User & App
    nfo
    License nfo
    App with Native code
    !unnin" App#apk
    $ava Code
    Loaded
    Loaded
    App#apk
    classes#de%
    lib&ative#so
    'hird(party libs
    Device !AM )ile Syste*
    +%,-b.(/+d-0
    +%be-c(,12+0
    Strategy outline for Antireversing
    t is never possible to entirely prevent reversin"
    Make it hard and slow
    3ill re4uire a co*bination of techni4ues
    Strate"y
    D5)5&D
    D5'5C'
    !5AC'
    AL5!'
    Cost
    CPU usa"e 6increased *ips7power8
    Code si9e 6bi""er footprint8
    !eliability 6can the app be less reliable7robust:8
    Maintainability7Up"rade 6back door8
    DEFEND1 : Eliminating Symbolic Information DEFEND1 : Eliminating Symbolic Information DEFEND1 : Eliminating Symbolic Information DEFEND1 : Eliminating Symbolic Information
    5li*inate any obvious te%tual infor*ation fro* the pro"ra*#
    Symbol stripping for redundant code: Auto for C/C++, needed for a!a
    Symbol renaming for app code after stripping
    String encryption
    "ey calculated at runtime/pro!ided by ser!er t#ru asymmetric crypto
    $roprietary encryptor/decryptor
    Cost for ;String encryption%
    &ig#er C$' usage
    Code si(e )bigger footprint*
    +aintainability/'pgrade
    DEFEND : DEFEND : DEFEND : DEFEND : !bfuscating the " !bfuscating the " !bfuscating the " !bfuscating the "ode ode ode ode
    *odifyin" the pro"ra*<s layout= lo"ic= data= and or"ani9ation in a way
    that keeps it functionally identical yet far less readable
    Cost
    &ig#er C$' usage
    ,igger Code si(e
    -eliability
    +aintainability/'pgrade
    DEFEND# : Encrypting the DEFEND# : Encrypting the DEFEND# : Encrypting the DEFEND# : Encrypting the " "" "ode ode ode ode
    5ncryptin" part of the code
    Proprietary 5ncryptor7Decryptor
    >ey "enerated at runti*e7provided by server thru asy**etric crypto
    Cost
    &ig#er C$' usage
    ,igger Code si(e
    -eliability
    +aintainability/'pgrade
    DEFEND$ : Device Specific Install DEFEND$ : Device Specific Install DEFEND$ : Device Specific Install DEFEND$ : Device Specific Install
    Device D 6tbd8
    Part of the install process
    Checked on every launch7re"ularly7rando*ly
    Cost
    DEFEND% : "onfusing the Disassembler DEFEND% : "onfusing the Disassembler DEFEND% : "onfusing the Disassembler DEFEND% : "onfusing the Disassembler
    nsert irrelevant code
    Cost
    $erf
    DE&E"&1 : Anti Debugging DE&E"&1 : Anti Debugging DE&E"&1 : Anti Debugging DE&E"&1 : Anti Debugging
    Special code in the pro"ra* that prevents or co*plicates the process
    of steppin" throu"h the pro"ra* and placin" breakpoints in it#
    Cost
    ,igger Code si(e
    -eliability
    +aintainability/'pgrade
    DE&E"& : DE&E"& : DE&E"& : DE&E"& : "ompute chec'sum(hash on code "ompute chec'sum(hash on code "ompute chec'sum(hash on code "ompute chec'sum(hash on code
    Co*pute checksu*7hash on code0
    Caller 6$ava8 vs Callee 6&ative8
    Can trust this library :
    s this the sa*e library that called in the previous session :
    Co*pare local checksu*7hash vs server one provided thru asy**etric crypto
    Callee 6&ative8 vs Caller 6$ava8
    Can trust this class:
    s this the sa*e class that called *e in the previous session :
    Co*pare local checksu*7hash vs server one provided thru asy**etric crypto
    Checker that runs re"ularly or rando* ti*es to verify that the caller A&D the
    callee are correct#
    Cost
    &ig# C$' usage
    ?nly on sensitive functions# 5ach function verify its own checksu* prior to returnin" to the caller# f the
    checksu* doesn<t *atch= ter*inate or specific behavior that is hard to dia"nose#
    DE&E"&# : )ooted Device DE&E"&# : )ooted Device DE&E"&# : )ooted Device DE&E"&# : )ooted Device
    3hat to do in this case:
    At what ti*e to do the check :
    nstall ti*e
    Launch ti*e
    !e"ularly @ !ando*ly after Launch
    All of the aboveAAA
    Cost
    +aintainability/'pgrade
    )EA"&1: )EA"&1: )EA"&1: )EA"&1: * ** *pon pon pon pon D DD Detection etection etection etection
    5%it the App
    Benerate *isleadin" errors
    !e*ove App
    )i% App
    C
    Cost
    A+E)&1: A+E)&1: A+E)&1: A+E)&1: * ** *pon pon pon pon D DD Detection etection etection etection
    Alert local
    Alert re*ote
    nfo 0
    User d
    App d
    Device d
    C
    Cost
    "onclusions I
    Counter +easure Cost -emar.s
    D5)5&DD /liminating Symbolic Information
    D5)5&D2 0bfuscating t#e Code
    D5)5&DE /ncrypting t#e Code
    D5)5&D- De!ice Specific Install
    D5)5&DF Confusing t#e Disassembler
    D5'5C'D Anti Debugging
    D5'5C'2 Compute c#ec.sum/#as# on code
    D5'5C'E -ooted De!ice
    !5AC'D 'pon Detection
    AL5!'D 'pon Detection
    "onclusions II
    3hat counter *easures to co*bine :

    You might also like