A Large Scale Investigation of Obfuscation Use in Google Play

01/09/2018
by   Dominik Wermke, et al.
0

Android applications are frequently plagiarized or maliciously repackaged, and software obfuscation is a popular protection against these practices. In this study, we present the first comprehensive analysis of the use and challenges of software obfuscation in Android applications. We surveyed 308 Google Play developers about their experiences with obfuscation, finding that the free ProGuard software is by far the most commonly used obfuscation tool. With this insight, we analyzed 1.7 million Android apps from Google Play, finding that only 24.9 is surprising, given that the most common integrated development environment for Android, Android Studio, includes ProGuard by default. We investigated root causes of this low rate of obfuscation in an in-depth study with 79 Google Play developers, assessing their experiences with obfuscation and asking them to obfuscate a sample app using ProGuard. We found that while developers feel that apps in general are at risk of malicious repackaging or plagiarism, they do not fear theft of their own intellectual property. Developers also report difficulties applying obfuscation for their own apps, which was substantiated when they demonstrated problems with all but the most basic configurations to obfuscate our sample app. Our findings indicate that more work is needed to make the application of obfuscation more usable and to educate developers on the risk of their apps being reverse engineered, their intellectual property stolen and their apps being repackaged and redistributed as malware.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

09/26/2018

Beyond Google Play: A Large-Scale Comparative Study of Chinese Android App Markets

China is one of the largest Android markets in the world. As Chinese use...
01/05/2018

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild

In this paper, we seek to better understand Android obfuscation and depi...
03/01/2020

Unblind Your Apps: Predicting Natural-Language Labels for Mobile GUI Components by Deep Learning

According to the World Health Organization(WHO), it is estimated that ap...
06/16/2020

From Ancient Contemplative Practice to the App Store: Designing a Digital Container for Mindfulness

Hundreds of popular mobile apps today market their ties to mindfulness. ...
07/02/2020

CRYLOGGER: Detecting Crypto Misuses Dynamically

Cryptographic (crypto) algorithms are the essential ingredients of all s...
01/23/2020

An Android Application Risk Evaluation Framework Based on Minimum Permission Set Identification

Android utilizes a security mechanism that requires apps to request perm...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.