Security for Android Mobile Applications


Android is Everywhere and Vulnerable!

Worldwide use of Android-powered devices continues to grow. As industries, such as digital media, financial services, high tech and retail leverage this open-source OS with new mobile applications for their consumer and business customers, concerns about Android security take center stage.

Specifically, Android applications, whether Java/Dalvik bytecode or native Android application code, are vulnerable due to:

  • Limited security components of Android Market and multitude of app stores around the globe
  • Hacker toolkits designed to:
    • Reverse-engineer
    • Disassemble
    • Debug
  • Susceptibility to malware attacks 
  • Rapid, global distribution which facilitates sophisticated global collaboration of cybergangs

 


Arxan's Solution for Android

Arxan’s EnsureIT for Android delivers automated embedded software protection that is easy to deploy and durable. EnsureIT features automated defend, detect and react capabilities by deploying various security techniques (called Guards) such as obfuscation, checksum, repair and anti-debug directly into the software code of each application for defense-in-depth. This layered pro¬tection of diverse Guard types provides control, trust and tamper-resistance for the application.

Specifically, EnsureIT for Android provides application hardening for Android applications that run in the Dalvik virtual machine and call into native code via the Android Native Development Kit (NDK). The NDK is used to implement native code languages such as C and C++ in a manner that can increase efficiency and speed by reusing existing code.

The result is customized, low-impact, high-durability application security that is embedded into applications to protect valuable assets.
 

Core Features

  • Tunable security for mobile platforms and their application offerings
  • Layered network of protections, with no single point of failure
  • Self-heal in the event of an attack 
  • Requires no changes to source code
  • Support for a broad range of emulators and devices
  • Support for the entire Google development platform and other Android platforms
  • Support for the ARM processor
  • Command line interface to integrate into build environment

Guards at work to protect Android 24/7:

EnsureIT leverages thousands of guard instances, of many types, to comprehensively safeguard your applications against tampering, piracy, and theft. The following table summarizes the types of Guards that can be leveraged to protect Android apps:

Android_Defense_in_Depth

 

The functions performed by each of these Guards is described below: 

Class of Defense Guard Type Function
DEFEND Obfuscation Transforms programs into code that’s difficult to disassemble and understand, but has the same functionality as the original
  String Encryption Encrypts string literals and decryption at run -time
DETECT Debugger Detection Detects whether a program has been executing in a debugging environment
  Checksum Detects whether a program has been modified by computing checksum within a specified range
 

Root
Detection

Detects whether the mobile device on which the application is running is a rooted device
  Damage

Damages a specified range at runtime with random bytes or user-specified bytes

  Hook Detection Detects whether an attacker has overridden a called function that resides in a system library or within the application
REACT Repair Self-repairs any damaged or tampered code/data

 


The following exhibit shows where EnsureIT® is applied in order to transform an unprotected application into a protected application. EnsureIT® Guards are applied at the Bit Code and Executable code levels.   

EnsureIT_process

 


 

Terms of Use|Site Map

Ā© 2014 Arxan Technologies, Inc. All Rights Reserved.