Field of the Invention
The present invention relates to managing an APK file on the Android platform and, more specifically, to an apparatus and a method for managing an APK file in the Android platform in order to forestall an executable file in an APK file from being analyzed by reverse engineering or decompiling.
Background Art
As supply of diverse mobile devices such as smartphone has been skyrocketing, damage is reported in rapid succession caused by malicious applications that intend to an illegal access to a variety of personal information stored in those devices. It is relatively easy to decompile the executable file of an application, which accounts for one of reasons of such malicious applications. A technique to forestall the application decompiling is, inter alia, code obfuscation.
Decompiling is a technique to extract the original source code, which existed prior to compiling, from the machine language or assembler that has already compiled. Since, in many cases, machine language does not correspond to the source code of its high-level language, it is very difficult to decompile. There is DeDe (Delphi decompiler) to decompile Delphi while there are various decompilers including Jasmine, Jad, Mocha, etc., for Java.
Especially, Java creates, when compiled, an executable file that has class as its extension and JVM (Java virtual machine) interprets the executable file while, in Android, Dalvik VM (Dalvik virtual machine) decompresses an APK (Android application package) file and a .dex is used as an executable file.
An APK file that is, in general, on the basis of the ZIP file format and has a structure described in Table 1.
TABLE 1FilenameDescriptionAndroidManifest.xmlDefines the entire structure of APK executablefiles and specifies classes that set additionalpermissions or that use additional functions.Classes.dex.Stores executable code of the Android platform.META-INFFolder containing authorized key values.ResImages and layouts related to graphics.LibSO(Shared object) library that does not useDalvik.When compiled, Java source code is converted a bytecode that Dalvik VM can interpret and saved as classes.dex.
FIGS. 1 through 3 illustrate a procedure example that a classes.dex is decompiled to a .java file by an existing decompiling technique, wherein the .dex file is converted to a .class file then decompiled to a .java file. In other words, a .dex file is decompiled, as illustrated in FIG. 1, to a .class file that is described in FIG. 2. Related source code that has been extracted from the executable file can be identified as in FIG. 3 by decompiling the .class file by mans of JD, a general decompiler for Java thereafter. Accordingly, Android is vulnerable to decompiling in that it uses Dalvik that is a language similar to Java.
Various decompiling tools, for example dex2jar, have recently been developed maladapting the vulnerability, which requires code obfuscation techniques to forestall such decompiling activities. Conventional code obfuscation techniques include DEX analysis prohibition techniques that add code that simply disrupts .dex file analyses or anti-decompiling techniques. A code addition method has, however, demerits in that it may allow reverse engineering or decompiling upon removing the code out of the corresponding .dex file.