Adaptive Coverage and Operational Profile-based Testing for Reliability Improvement

Author email: antonia.bertolino@isti.cnr.it
Tool name: Covrel
Description: More and more app developers use the packing services (or packers) to prevent attackers from reverse engineering and modifying the executable (or Dex files) of their apps. At the same time, malware authors also use the packers to hide the malicious component and evade the signature-based detection. Although there are a few recent studies on unpacking Android apps, it has been shown that the evolving packers can easily circumvent them because they are not adaptive to the changes of packers. In this paper, we propose a novel adaptive approach and develop a new system, named PackerGrind, to unpack Android apps. We also evaluate PackerGrind with real packed apps, and the results show that PackerGrind can successfully reveal the packers' protection mechanisms and recover the Dex files with low overhead, showing that our approach can effectively handle the evolution of packers.
Bibtex: @inproceedings{10.1109/ICSE.2017.40, author = {Xue, Lei and Luo, Xiapu and Yu, Le and Wang, Shuai and Wu, Dinghao}, title = {Adaptive Unpacking of Android Apps}, year = {2017}, isbn = {9781538638682}, publisher = {IEEE Press}, url = {https://doi.org/10.1109/ICSE.2017.40}, doi = {10.1109/ICSE.2017.40}, booktitle = {Proceedings of the 39th International Conference on Software Engineering}, pages = {358–369}, numpages = {12}, location = {Buenos Aires, Argentina}, series = {ICSE ’17} }
Link to public pdf: https://dl.acm.org/doi/abs/10.1109/ICSE.2017.40
Link to tool webpage: http://labsedc.isti.cnr.it/covrel2017/
Link to demo: Not provided by authors
Category: None
Year and Conference: 2017, ICSE
Terms of use