I declare this manuscript finished
All checks were successful
/ test_checkout (push) Successful in 1m48s
All checks were successful
/ test_checkout (push) Successful in 1m48s
This commit is contained in:
Jean-Marie Mineau
parent
9f39ded209
commit
5c3a6955bd
GPG key ID:
B66AEEDA9B645AD2
14 changed files with 162 additions and 131 deletions
|
|
@ -107,14 +107,6 @@ We used 4 versions of this application:
|
|||
Like for the third one, we similarly store data in `com.android.okhttp.Request` and then retrieve it.
|
||||
Again, the shadowing implementation discards the data.
|
||||
|
||||
We used the 4 selected tools on the 4 versions of the application and compared the results on the control application to the results on the other application implementing the different obfuscation techniques.
|
||||
We found that these static analysis tools do not consider the class loading mechanism, either because the tools only look at the content of the application file (#eg a disassembler) or because they consider class loading to be a dynamic feature and thus out of their scope.
|
||||
In @tab:cl-results, we report on the types of shadowing that can trick each tool.
|
||||
A plain circle is a shadow attack that leads to a wrong result.
|
||||
A white circle indicates a tool emitting warnings or that displays the two versions of the class.
|
||||
A cross is a tool not impacted by a shadow attack.
|
||||
//We explain in more detail in the following the results for each considered tool.
|
||||
|
||||
#figure({
|
||||
table(
|
||||
columns: 5,
|
||||
|
|
@ -147,6 +139,14 @@ A cross is a tool not impacted by a shadow attack.
|
|||
caption: [Working attacks against static analysis tools]
|
||||
) <tab:cl-results>
|
||||
|
||||
We used the 4 selected tools on the 4 versions of the application and compared the results on the control application to the results on the other application implementing the different obfuscation techniques.
|
||||
We found that these static analysis tools do not consider the class loading mechanism, either because the tools only look at the content of the application file (#eg a disassembler) or because they consider class loading to be a dynamic feature and thus out of their scope.
|
||||
In @tab:cl-results, we report on the types of shadowing that can trick each tool.
|
||||
A plain circle is a shadow attack that leads to a wrong result.
|
||||
A white circle indicates a tool emitting warnings or that displays the two versions of the class.
|
||||
A cross is a tool not impacted by a shadow attack.
|
||||
//We explain in more detail in the following the results for each considered tool.
|
||||
|
||||
==== Jadx
|
||||
|
||||
//Jadx is a reverse engineering tool that regenerates the Java source code of an application.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue