Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • App Security: Client Side Protection

    Загружено:

    Mohammed Moufti
    26 просмотров16 страниц
    This document discusses various strategies for making an app difficult to reverse engineer, including: 1) Eliminating symbolic information to remove obvious textual clues from code. 2) Obfuscating an app's logic, layout, data and organization to make it less readable while maintaining functionality. 3) Encrypting parts of code using proprietary encryption/decryption algorithms. 4) Checking for device-specific installation details and comparing checksums of code and libraries to detect changes. 5) Inserting irrelevant code to confuse disassemblers and detecting debugging to complicate debugging an app.

    Исходное описание:

    Оригинальное название

    App Security

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    This document discusses various strategies for making an app difficult to reverse engineer, including: 1) Eliminating symbolic information to remove obvious textual clues from code. 2) Obfuscating an app's logic, layout, data and organization to make it less readable while maintaining functionality. 3) Encrypting parts of code using proprietary encryption/decryption algorithms. 4) Checking for device-specific installation details and comparing checksums of code and libraries to detect changes. 5) Inserting irrelevant code to confuse disassemblers and detecting debugging to complicate debugging an app.

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    26 просмотров16 страниц

    App Security: Client Side Protection

    Загружено:

    Mohammed Moufti
    This document discusses various strategies for making an app difficult to reverse engineer, including: 1) Eliminating symbolic information to remove obvious textual clues from code. 2) Obfuscating an app's logic, layout, data and organization to make it less readable while maintaining functionality. 3) Encrypting parts of code using proprietary encryption/decryption algorithms. 4) Checking for device-specific installation details and comparing checksums of code and libraries to detect changes. 5) Inserting irrelevant code to confuse disassemblers and detecting debugging to complicate debugging an app.

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 16

    App Security

    Client Side Protection


    App Ecosystem
    App
    License
    Verification
    Library
    Activity
    Market License
    Server
    App Stores
    Market
    App
    binder
    Download &
    install
    VALID / INVALID
    User Purchase
    nfo
    User & App
    nfo
    License nfo
    App with Native code
    !unnin" App#apk
    $ava Code
    Loaded
    Loaded
    App#apk
    classes#de%
    lib&ative#so
    'hird(party libs
    Device !AM )ile Syste*
    +%,-b.(/+d-0
    +%be-c(,12+0
    Strategy outline for Antireversing
    t is never possible to entirely prevent reversin"
    Make it hard and slow
    3ill re4uire a co*bination of techni4ues
    Strate"y
    D5)5&D
    D5'5C'
    !5AC'
    AL5!'
    Cost
    CPU usa"e 6increased *ips7power8
    Code si9e 6bi""er footprint8
    !eliability 6can the app be less reliable7robust:8
    Maintainability7Up"rade 6back door8
    DEFEND1 : Eliminating Symbolic Information DEFEND1 : Eliminating Symbolic Information DEFEND1 : Eliminating Symbolic Information DEFEND1 : Eliminating Symbolic Information
    5li*inate any obvious te%tual infor*ation fro* the pro"ra*#
    Symbol stripping for redundant code: Auto for C/C++, needed for a!a
    Symbol renaming for app code after stripping
    String encryption
    "ey calculated at runtime/pro!ided by ser!er t#ru asymmetric crypto
    $roprietary encryptor/decryptor
    Cost for ;String encryption%
    &ig#er C$' usage
    Code si(e )bigger footprint*
    +aintainability/'pgrade
    DEFEND : DEFEND : DEFEND : DEFEND : !bfuscating the " !bfuscating the " !bfuscating the " !bfuscating the "ode ode ode ode
    *odifyin" the pro"ra*<s layout= lo"ic= data= and or"ani9ation in a way
    that keeps it functionally identical yet far less readable
    Cost
    &ig#er C$' usage
    ,igger Code si(e
    -eliability
    +aintainability/'pgrade
    DEFEND# : Encrypting the DEFEND# : Encrypting the DEFEND# : Encrypting the DEFEND# : Encrypting the " "" "ode ode ode ode
    5ncryptin" part of the code
    Proprietary 5ncryptor7Decryptor
    >ey "enerated at runti*e7provided by server thru asy**etric crypto
    Cost
    &ig#er C$' usage
    ,igger Code si(e
    -eliability
    +aintainability/'pgrade
    DEFEND$ : Device Specific Install DEFEND$ : Device Specific Install DEFEND$ : Device Specific Install DEFEND$ : Device Specific Install
    Device D 6tbd8
    Part of the install process
    Checked on every launch7re"ularly7rando*ly
    Cost
    DEFEND% : "onfusing the Disassembler DEFEND% : "onfusing the Disassembler DEFEND% : "onfusing the Disassembler DEFEND% : "onfusing the Disassembler
    nsert irrelevant code
    Cost
    $erf
    DE&E"&1 : Anti Debugging DE&E"&1 : Anti Debugging DE&E"&1 : Anti Debugging DE&E"&1 : Anti Debugging
    Special code in the pro"ra* that prevents or co*plicates the process
    of steppin" throu"h the pro"ra* and placin" breakpoints in it#
    Cost
    ,igger Code si(e
    -eliability
    +aintainability/'pgrade
    DE&E"& : DE&E"& : DE&E"& : DE&E"& : "ompute chec'sum(hash on code "ompute chec'sum(hash on code "ompute chec'sum(hash on code "ompute chec'sum(hash on code
    Co*pute checksu*7hash on code0
    Caller 6$ava8 vs Callee 6&ative8
    Can trust this library :
    s this the sa*e library that called in the previous session :
    Co*pare local checksu*7hash vs server one provided thru asy**etric crypto
    Callee 6&ative8 vs Caller 6$ava8
    Can trust this class:
    s this the sa*e class that called *e in the previous session :
    Co*pare local checksu*7hash vs server one provided thru asy**etric crypto
    Checker that runs re"ularly or rando* ti*es to verify that the caller A&D the
    callee are correct#
    Cost
    &ig# C$' usage
    ?nly on sensitive functions# 5ach function verify its own checksu* prior to returnin" to the caller# f the
    checksu* doesn<t *atch= ter*inate or specific behavior that is hard to dia"nose#
    DE&E"&# : )ooted Device DE&E"&# : )ooted Device DE&E"&# : )ooted Device DE&E"&# : )ooted Device
    3hat to do in this case:
    At what ti*e to do the check :
    nstall ti*e
    Launch ti*e
    !e"ularly @ !ando*ly after Launch
    All of the aboveAAA
    Cost
    +aintainability/'pgrade
    )EA"&1: )EA"&1: )EA"&1: )EA"&1: * ** *pon pon pon pon D DD Detection etection etection etection
    5%it the App
    Benerate *isleadin" errors
    !e*ove App
    )i% App
    C
    Cost
    A+E)&1: A+E)&1: A+E)&1: A+E)&1: * ** *pon pon pon pon D DD Detection etection etection etection
    Alert local
    Alert re*ote
    nfo 0
    User d
    App d
    Device d
    C
    Cost
    "onclusions I
    Counter +easure Cost -emar.s
    D5)5&DD /liminating Symbolic Information
    D5)5&D2 0bfuscating t#e Code
    D5)5&DE /ncrypting t#e Code
    D5)5&D- De!ice Specific Install
    D5)5&DF Confusing t#e Disassembler
    D5'5C'D Anti Debugging
    D5'5C'2 Compute c#ec.sum/#as# on code
    D5'5C'E -ooted De!ice
    !5AC'D 'pon Detection
    AL5!'D 'pon Detection
    "onclusions II
    3hat counter *easures to co*bine :

    Вам также может понравиться