Authors : Jaekyu Lee and Hyung-Woo Lee
Abstract: Android Apps. developed in Java language is vulnerable to repackaging attacks as it is easy to decompile an App. Therefore, obfuscation techniques can be used to make it difficult to analyzing the source of Android Apps. However, repackaging attacks are fundamentally impossible to block. Especially, it has been confirmed that most Android-based smart phones do not support verification process for the forged applications. Android is compiled into a class from a Java source and then compressed and stored as a Dex file to run in the Dalvik virtual machine. Then package the Dex file with xml+resource and distribute it as APK file. Therefore, if you add a module that maliciously acts after decompiling a Java class file in a normal APK file, you can create a Counterfeit App. In this study, we propose a process to repackage malicious Forged Apps. from normal APK files and propose a method to detect Forged Apps. Accordingly, the user installs and uses a Fake App. that appears to be functioning normally. In this case, the user is easily exposed to attacks such as leakage of personal information. Therefore, in this study, we have constructed Mobile Apps. identification system that applies the signature self-verification server monitoring method for Android Apps. and proposed a method of judging Android mobile Forgery Apps. by performing the verification process.
Jaekyu Lee and Hyung-Woo Lee, 2018. Forged Android Mobile Apps. Detection System with Server-Side Signature Verification Method. Journal of Engineering and Applied Sciences, 13: 1567-1574.