Uncovering Self Code Modification in Android

摘要

Android has proved itself to be the defacto standard for smart phones. Today Android claims a major share of smart phones OS market . The increasing popularity of Android has attracted attention of developers from around the globe in a very short span of time. Concerns and resultantly techniques involving code protection were evolved. The techniques were focused to hide sensitive logic of important pieces of code.These techniques were also used by malicious code writers to hide the malicious functionality of their code. This paper will analyze the techniques being employed in Android applications for code obfuscation. In addition, one of obfuscation technique i.e. runtime code modification in Android would be analyzed in detail.The major part of the paper would focus on tools and techniques for extracting dex files from the memory and analyzing them in order to recover code which has been injected in application process during runtime and is actually being executed in the memory.