Security for Android Mobile Applications

Android is Everywhere and Vulnerable!

Worldwide use of Android-powered devices continues to grow. As industries, such as digital media, financial services, high tech and retail leverage this open-source OS with new mobile applications for their consumer and business customers, concerns about Android security take center stage. Specifically, Android applications, whether Java/Dalvik bytecode or native Android application code, are vulnerable due to:

  • Limited security components of Android Market and multitude of app stores around the globe
  • Hacker toolkits designed to:
    • Reverse-engineer
    • Disassemble
    • Debug
  • Susceptibility to malware attacks
  • Rapid, global distribution which facilitates sophisticated global collaboration of cybergangs

Arxan’s Solution for Android

Arxan’s EnsureIT for Android delivers automated embedded software protection that is easy to deploy and durable. EnsureIT features automated defend, detect and react capabilities by deploying various security techniques (called Guards) such as obfuscation, checksum, repair and debugger detection directly into the software code of each application for defense-in-depth. This layered pro¬tection of diverse Guard types provides control, trust and tamper-resistance for the application.

Specifically, EnsureIT for Android provides application hardening for Android applications that run in the Dalvik virtual machine and call into native code via the Android Native Development Kit (NDK). The NDK is used to implement native code languages such as C and C++ in a manner that can increase efficiency and speed by reusing existing code.

The result is customized, low-impact, high-durability application security that is embedded into applications to protect valuable assets.

Core Features

  • Tunable security for mobile platforms and their application offerings
  • Layered network of protections, with no single point of failure
  • Self-heal in the event of an attack
  • Requires no changes to source code
  • Support for a broad range of emulators and devices
  • Support for the entire Google development platform and other Android platforms
  • Support for the ARM processor
  • Command line interface to integrate into build environment

Guards at work to protect Android 24/7:

EnsureIT leverages thousands of guard instances, of many types, to comprehensively safeguard your applications against tampering, piracy, and theft. The following table summarizes the types of Guards that can be leveraged to protect Android apps: Android_Defense_in_Depth

The functions performed by each of these Guards is described below:

Class of DefenseGuard TypeFunction
DEFENDObfuscationTransforms programs into code that’s difficult to disassemble and understand, but has the same functionality as the original
String EncryptionEncrypts string literals and decryption at run -time
DETECTDebugger DetectionDetects whether a program has been executing in a debugging environment
ChecksumDetects whether a program has been modified by computing checksum within a specified range
Detects whether the mobile device on which the application is running is a rooted device
DamageDamages a specified range at runtime with random bytes or user-specified bytes
Hook DetectionDetects whether an attacker has overridden a called function that resides in a system library or within the application
REACTRepairSelf-repairs any damaged or tampered code/data


The following exhibit shows where EnsureIT® is applied in order to transform an unprotected application into a protected application. EnsureIT® Guards are applied at the Bit Code and Executable code levels. EnsureIT_process