Android application reverse engineering & defenses presented at SOURCEDublin 2013

by Patrick Schulz, Felix Matenaar,

Summary : As the Android platform uptake continuously increases, so does the need for robust Android application analysis techniques. Robust, accurate analysis techniques are critical to combating mobile malware, and for developers/vendors trying to protect their mobile application & intellectual property. One approach is collecting knowledge about foundational Android application behavior particulars and where the behavior differs from the official documentation. This talk will briefly introduce the foundational static and dynamic viewpoints of an Android application, and then show new techniques on how an application can defend against static and dynamic program analysis ("anti-reverse-engineering"). Some examples of the new techniques I will discuss include abusing static callgraph ambiguities, using dynamic code loading for obfuscation, and applying different anti-debugging methods and virtualization/container detection.
Patrick and Felix are two mobile security researchers targeting the Android platform. They have developed and presented several Android security tools and techniques including a collaborative reverse engineering platform. Currently they focus on Android application and data protection systems and therefor they dive into the details of the dalvik virtual machine.