Abstract
This research paper is focused on the issue of method hooking detection which in most of the existing solutions is focused on detection of the framework itself without checking of its real usage. The Authors proposed an algorithm that compares Dalvik bytecode from the application file with the stack trace of the executed code. Detection of the flow which is not a part of the app can be application method hooking. In this paper, the Authors ty to confirm it the concept can be used as a practical solution for the detection of this dynamic application tampering.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Szczepanik, M., Jóźwiak, I.J., Jamka, T., Stasiński, K.: Security lock system for mobile devices based on fingerprint recognition algorithm. In: Świątek, J., Borzemski, L., Grzech, A., Wilimowska, Z. (eds.) Proceedings of 36th International Conference on Information Systems Architecture and Technology – ISAT 2015 – Part III. Advances in Intelligent Systems and Computing, vol 431. Springer, Cham (2016)
Elenkov, N.: Android Security Internals: An In-Depth Guide to Android’s Security Architecture, 1st edn. No Starch Press, San Francisco (2014)
Vidas, T., Nicolas C.: Evading android runtime analysis via sandbox detection. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security. ACM. (2014)
Lim, K., Jeong, Y., Cho, S., Park, M., Han, S.: An android application protection scheme against dynamic reverse engineering attacks. JoWUA 7, 40–52 (2016)
Lim, K., Jeong, J., Cho, S. J., Choi, J., Park, M., Han, S., Jhang, S.: An anti-reverse engineering technique using native code and obfuscator-LLVM for android applications. In: Proceedings of the International Conference on Research in Adaptive and Convergent Systems (RACS 2017). Association for Computing Machinery, New York, NY, USA, pp. 217–221 (2017)
Park, J.K., Choi, S.Y.: Studying security weaknesses of android system. Int. J. Secur. Appl. 9(3), 7–12 (2015)
Costamagna, V., Zheng, C.: ARTDroid: a virtual-method hooking framework on android ART runtime. In: IMPS@ ESSoS, pp. 20–28 (2016)
Mitul, B., Hinaxi, P., Swati, K.: A survey permission based mobile malware detection. Int. J. Comput. Technol. Appl. 6, 2 (2015)
Jang, W.J., Cho, S.W., Lee, H.W., Ju, H.I., Kim, J.N.: Rooting attack detection method on the Android-based smart phone. In: Proceedings of 2011 International Conference on Computer Science and Network Technology, Harbin, pp. 477–481 (2011)
Szczepanik, M., Jóźwiak, I.: Security of mobile banking applications. In: Kościelny, J., Syfert, M., Sztyber, A. (eds.) Advanced Solutions in Diagnostics and Fault Tolerant Control. DPS 2017. Advances in Intelligent Systems and Computing, vol 635. Springer, Cham (2018)
Gallo, R., Hongo P., Dahab, R., Navarro, L., Kawakami, H., Galvão, K., Junqueira, G., Ribeiro, L.: Security and system architecture: comparison of Android customizations. In: Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks (2015)
Xposed Framework. https://xposed.info/. Accessed 10 Jan 2020
Gotta hack‘em all, Meet_Mobile Group meetup (2016). https://www.meetup.com/meet-mobile/events/232943997/. Accessed 10 Jan 2020
Guardsquare Homepage. https://www.guardsquare.com/en. Accessed 10 Jan 2020
Kedziora, M., Gawin, P., Szczepanik, M., Jozwiak, I.: Malware detection using machine learning algorithms and reverse engineering of android java code (2019)
Xposed Module Repository. https://repo.xposed.info/. Accessed 10 Jan 2020
XDA Developers Portal. https://www.xda-developers.com/. Accessed 10 Jan 2020
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Szczepanik, M., Kędziora, M., Jóźwiak, I. (2020). Android Methods Hooking Detection Using Dalvik Code and Dynamic Reverse Engineering by Stack Trace Analysis. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds) Theory and Applications of Dependable Computer Systems. DepCoS-RELCOMEX 2020. Advances in Intelligent Systems and Computing, vol 1173. Springer, Cham. https://doi.org/10.1007/978-3-030-48256-5_62
Download citation
DOI: https://doi.org/10.1007/978-3-030-48256-5_62
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-48255-8
Online ISBN: 978-3-030-48256-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)