anti-reverse engineering on android apk
Question
I am trying out various way to deter reverse engineering on my apk file.
What are the "Bad Codes" that i can inject into my apk's source code or smali files to prevent attacker from reverse engineering.
I saw some research paper that could make the decompiler crash when the bad code are read.
And what are the methods i can use to throttle the decompiling process and not affect the apk orginal function itself?
Disclaimer: this is just for self learning purposes. Very new to android development. Any recommendations are welcome.
1 answers
solution1
1 2019-03-26 13:15:34
"some research papers" does not provide the least reference what you are even talking about. just try to de-compile it with Luyten and see how pointless your approach is. proper obfuscation and moving security-related functionality into native assembly are the most effective methods available, to add timely effort to the reverse engineering. making API calls dependent on code-signature is also quite effective. recently the NSA open-sourced Ghidra , which might also contain relevant tools to test the effectiveness of preventive methods employed. adding useless complexity ordinary is barely effective, while still trying to keep the code-base maintainable. also rooted devices provide a whole different attack vector - and SafetyNet is problematic to test (it keeps failing with the pre-release checks on emulators), nevertheless this article still provides a reliable check-list for security features. after all, an Android device in most cases does not feature a vandal-proof housing made from stainless steel.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.