Á¤º¸°úÇÐȸ³í¹®Áö (Journal of KIISE)
| ÇѱÛÁ¦¸ñ(Korean Title) |
AES ¾Ë°í¸®ÁòÀ» »ç¿ëÇÏ¿© ¾Èµå·ÎÀÌµå ¾îÇø®ÄÉÀ̼ÇÀ» º¸È£Çϱâ À§ÇÑ °ß°íÇÑ ¿ª°øÇÐ ¹æÁö±â¹ý |
| ¿µ¹®Á¦¸ñ(English Title) |
Robust Anti Reverse Engineering Technique for Protecting Android Applications using the AES Algorithm |
| ÀúÀÚ(Author) |
±èÁ¤Çö
ÀÌ°½Â
JungHyun Kim
Kang Seung Lee
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 42 NO. 09 PP. 1100 ~ 1108 (2015. 09) |
Çѱ۳»¿ë
(Korean Abstract) |
¾Èµå·ÎÀÌµå ¿î¿µÃ¼Á¦ÀÇ ½ÇÇàÆÄÀÏÀÎ classess.dexÆÄÀÏÀº Java ¹ÙÀÌÆ®ÄÚµå Çü½ÄÀ̹ǷΠ´©±¸³ª ½±°Ô ¿ª°øÇÐÀ¸·Î ¼Ò½ºÄڵ带 ºÐ¼®ÇÏ°í ¼öÁ¤ÀÌ °¡´ÉÇÏ´Ù. ÀÌ·¯ÇÑ Æ¯Â¡ ¶§¹®¿¡ ¸¹Àº ¾îÇø®ÄÉÀ̼ǵéÀÌ ºÒ¹ý º¹Á¦µÇ¾î À¯ÅëµÊ¿¡ µû¶ó ÇÇÇØ°¡ Áõ°¡ÇÏ°í ÀÖ´Ù. ÀÌ·¯ÇÑ ¹®Á¦¸¦ ÇØ°áÇϱâ À§ÇØ º» ³í¹®Àº classes.dex.ÆÄÀÏÀ» AES ¾ÏÈ£È ¾Ë°í¸®ÁòÀ¸·Î ¾ÏÈ£ÈÇÏ¿© ¹èÆ÷ÇÏ°í, ¾ÏÈ£ÈµÈ ¾îÇø®ÄÉÀ̼ÇÀ» º¹È£ÈÇÏ¿© ½ÇÇàÇÏ´Â ¾îÇø®ÄÉÀÌ¼Ç ºÒ¹ýº¹Á¦¸¦ ¹æÁöÇÏ´Â ±â¹ýÀ» Á¦¾ÈÇÑ´Ù. ¾ÏÈ£È ¹× º¹È£È¿¡ »ç¿ëµÇ´Â Key´Â ·£´ýÇÑ °ªÀÎ Salt°ª¸¦ ±â¹ÝÀ¸·Î Á¶ÇÕÇÏ¿© HashÇÔ¼ö¿¡ ´ëÀÔÇÏ¿© ¾ò¾îÁø Hash°ªÀ» Key·Î »ç¿ëÇÏ¿© ¿ª°øÇÐ °ø°ÝÀ¸·ÎºÎÅÍ °ß°íÇÔÀ» ´õÇß´Ù. ½ÉÇèÀ» ÅëÇØ Á¦¾ÈÇÑ ±â¹ýÀÌ ¾îÇø®ÄÉÀ̼ÇÀÌ ºÒ¹ýº¹Á¦¸¦ ¹æÁöÇϴµ¥ È¿°úÀûÀÌ°í, ¿ª°øÇÐ °ø°ÝÀ» ºÒ°¡´ÉÇÏ°Ô ÇÏ¿© ¾îÇø®ÄÉÀ̼ÇÀÇ ¿øõ±â¼ú º¸È£¿Í ¸®ÆäÀÌ¡À¸·Î ÀÎÇÑ ¾Ç¼ºÄÚµåÀÇ ÀüÆĵµ ¹æÁöÇÒ ¼ö ÀÖÀ½À» º¸¿´´Ù.
|
¿µ¹®³»¿ë
(English Abstract) |
Classes.dex, which is the executable file for android operation system, has Java bite code format, so that anyone can analyze and modify its source codes by using reverse engineering. Due to this characteristic, many android applications using classes.dex as executable file have been illegally copied and distributed, causing damage to the developers and software industry. To tackle such ill-intended behavior, this paper proposes a technique to encrypt classes.dex file using an AES(Advanced Encryption Standard) encryption algorithm and decrypts the applications encrypted in such a manner in order to prevent reverse engineering of the applications. To reinforce the file against reverse engineering attack, hash values that are obtained from substituting a hash equation through the combination of salt values, are used for the keys for encrypting and decrypting classes.dex. The experiments demonstrated that the proposed technique is effective in preventing the illegal duplication of classes.dex-based android applications and reverse engineering attack. As a result, the proposed technique can protect the source of an application and also prevent the spreading of malicious codes due to repackaging attack.
|
| Å°¿öµå(Keyword) |
¾Èµå·ÎÀ̵å
¾ÏÈ£È
ºÒ¹ýº¹Á¦
AES ¾Ë°í¸®Áò
¿ª°øÇÐ
android
encryption
illegal copy
AES algorithm
reverse engineering
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
