Practical Android Software Protection in the Wild

IF 28 1区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

ACM Computing Surveys Pub Date : 2025-08-01 DOI:10.1145/3757735

Eduardo Blazquez, Juan Tapiador

{"title":"Practical Android Software Protection in the Wild","authors":"Eduardo Blazquez, Juan Tapiador","doi":"10.1145/3757735","DOIUrl":null,"url":null,"abstract":"Software protection refers to a range of methods used to protect applications against reverse engineering. Although this term is commonly used, distinctions arise in the specific tools and techniques utilized, such as packers, protectors, and obfuscators, as each category employs different strategies to defend applications against analysis. Given the growing importance of protecting intellectual property and sensitive user information stored in mobile applications, these protective measures have become indispensable. This paper presents a taxonomy categorizing and describing the main techniques used to secure Android applications. Additionally, we analyze the available software tools designed to aid developers in protecting their applications, as well as their prevalence in the wild using a longitudinal dataset comprising nearly 2.5 million apps, including malicious software, pre-installed applications, and regular market application. Our key findings show that, although the use of software protection techniques has been steadily increasing over the last decade, they are still used only by a small fraction of applications in the Android ecosystem. Games and financial applications are by far the ones that most commonly use some form of protection, and we also observe noticeable differences between marketplaces.","PeriodicalId":50926,"journal":{"name":"ACM Computing Surveys","volume":"27 1","pages":""},"PeriodicalIF":28.0000,"publicationDate":"2025-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Computing Surveys","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3757735","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Software protection refers to a range of methods used to protect applications against reverse engineering. Although this term is commonly used, distinctions arise in the specific tools and techniques utilized, such as packers, protectors, and obfuscators, as each category employs different strategies to defend applications against analysis. Given the growing importance of protecting intellectual property and sensitive user information stored in mobile applications, these protective measures have become indispensable. This paper presents a taxonomy categorizing and describing the main techniques used to secure Android applications. Additionally, we analyze the available software tools designed to aid developers in protecting their applications, as well as their prevalence in the wild using a longitudinal dataset comprising nearly 2.5 million apps, including malicious software, pre-installed applications, and regular market application. Our key findings show that, although the use of software protection techniques has been steadily increasing over the last decade, they are still used only by a small fraction of applications in the Android ecosystem. Games and financial applications are by far the ones that most commonly use some form of protection, and we also observe noticeable differences between marketplaces.

查看原文本刊更多论文

实用的Android软件保护

软件保护是指用于保护应用程序免受逆向工程侵害的一系列方法。尽管这个术语被广泛使用，但是在所使用的特定工具和技术（如包装器、保护器和混淆器）中产生了区别，因为每个类别使用不同的策略来保护应用程序免受分析。鉴于保护知识产权和存储在移动应用程序中的敏感用户信息的重要性日益增加，这些保护措施已变得不可或缺。本文提出了一种分类法，对用于保护Android应用程序的主要技术进行分类和描述。此外，我们还分析了旨在帮助开发人员保护其应用程序的可用软件工具，以及它们在野外的流行程度，使用了包含近250万个应用程序的纵向数据集，包括恶意软件、预装应用程序和常规市场应用程序。我们的主要发现表明，尽管软件保护技术的使用在过去十年中稳步增长，但它们仍然只被Android生态系统中的一小部分应用程序使用。到目前为止，游戏和金融应用最常使用某种形式的保护，我们也观察到市场之间的显著差异。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Computing Surveys 工程技术-计算机：理论方法

CiteScore

33.20

自引率

0.60%

发文量

372

审稿时长

12 months

期刊介绍： ACM Computing Surveys is an academic journal that focuses on publishing surveys and tutorials on various areas of computing research and practice. The journal aims to provide comprehensive and easily understandable articles that guide readers through the literature and help them understand topics outside their specialties. In terms of impact, CSUR has a high reputation with a 2022 Impact Factor of 16.6. It is ranked 3rd out of 111 journals in the field of Computer Science Theory & Methods. ACM Computing Surveys is indexed and abstracted in various services, including AI2 Semantic Scholar, Baidu, Clarivate/ISI: JCR, CNKI, DeepDyve, DTU, EBSCO: EDS/HOST, and IET Inspec, among others.