A Cloud-Based Compilation and Hardening Platform for Android Apps

Software piracy in general and repackaged apps with attached malware in particular pose serious threats for the Android ecosystem. In this paper, we present a cloud-compilation approach enabling sophisticated hardening of apps for non-rooted stock Android. Our design is based on off-device ahead-of-time compilation made possible by the Android Runtime (ART). Due to an installer-stub-based second-stage delivery, we stay compatible to established app store distribution processes. We argue with a significant gain in security for our approach, since an adversary's toolbox is usually aimed at exploiting the type-information-rich bytecode shipped with apps, which is stripped to a large extent and almost entirely useless for reverse engineering attacks. We confirm the gain in security by comparing the output of popular reverse engineering tools for original and stripped versions of 695 real-world apps in our test set. In average 81.5 % of an app's bytecode is no longer of use to reverse engineers. Complementing existing protection approaches, we propose a platform that can integrate bytecode-targeting protection solutions and offers binary-targeting hooks to incorporate advanced protection measures for ahead-of-time compiled apps. Our evaluation shows a negligible performance impact at runtime and demonstrates the approach's compatibility on our test set.