Enhanced Android App-Repackaging Attack on In-Vehicle Network

<table class="fixed-width table-group" id="tab7"><tr><td><table class="table"><colgroup><col style="width:9.08em"/><col style="width:45.87em"/></colgroup><tr><td class="thead-hr" colspan="2"><hr/></td></tr><tr class="thead"><td class="align_left">Obfuscation</td><td class="align_center">Description</td></tr><tr><td class="thead-hr" colspan="2"><hr/></td></tr><tr><td class="align_left">string encryption</td><td class="align_center">The used string is replaced with an encrypted string, and a decryption method is added to the class file and the encrypted string is decrypted during runtime.</td></tr><tr><td class="align_left">renaming</td><td class="align_center">The classes, fields, and methods are renamed with meaningless names to make it difficult to analyze the decompiled source code.</td></tr><tr><td class="align_left">control flow</td><td class="align_center">The positions of commands in the code area of the class file are changed or trash commands are inserted to make it difficult to analyze flow during decompiling.</td></tr><tr><td class="align_left">API hiding</td><td class="align_center">Sensitive libraries are used or the method calling is hidden.</td></tr><tr><td class="align_left">class encryption</td><td class="align_center">A specific class file is encrypted and stored, and the dynamically decrypted code is run during runtime.</td></tr><tr class="table-tr"><td colspan="2"><hr class="tbody-hr"/></td></tr></table></td></tr></table>

<div>App analysis results using automatic vulnerability analysis tool.</div>

Wireless Communications and Mobile Computing

tab7

Table 7

Table 7: Enhanced Android App-Repackaging Attack on In-Vehicle Network 