Visible to the public AEON: Android Encryption Based Obfuscation

TitleAEON: Android Encryption Based Obfuscation
Publication TypeConference Paper
Year of Publication2018
AuthorsGeethanjali, D, Ying, Tan Li, Melissa, Chua Wan Jun, Balachandran, Vivek
Conference NameProceedings of the Eighth ACM Conference on Data and Application Security and Privacy
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5632-9
Keywordsandroid encryption, Android security, Human Behavior, human factors, Metrics, mobile security, obfuscation, pubcrawl, resilience, Resiliency, Scalability, software security

Android applications are vulnerable to reverse engineering which could result in tampering and repackaging of applications. Even though there are many off the shelf obfuscation tools that hardens Android applications, they are limited to basic obfuscation techniques. Obfuscation techniques that transform the code segments drastically are difficult to implement on Android because of the Android runtime verifier which validates the loaded code. In this paper, we introduce a novel obfuscation technique, Android Encryption based Obfuscation (AEON), which can encrypt code segments and perform runtime decryption during execution. The encrypted code is running outside of the normal Android virtual machine, in an embeddable Java source interpreter and thereby circumventing the scrutiny of Android runtime verifier. Our obfuscation technique works well with Android source code and Dalvik bytecode.

Citation KeygeethanjaliAEONAndroidEncryption2018