•  
  •  
 

Publisher

The Association of Digital Forensics, Security and Law (ADFSL)

Abstract

The Android smartphone operating system includes a Java virtual machine that enables rapid development and deployment of a wide variety of applications. The open nature of the platform means that reverse engineering of applications is relatively easy, and many developers are concerned as applications similar to their own show up in the Android marketplace and want to know if these applications are pirated. Fortunately, the same characteristics that make an Android application easy to reverse engineer and copy also provide opportunities for Android developers to compare downloaded applications to their own. This paper describes the process for comparing a developer’s application with a downloaded application and defines an identifiability metric to quantify the degree to which an application can be identified by its bytecode.

References

Altova. (2012). DiffDog - XML-aware diff merge tool for file, folder, directory, and database differencing. Retrieved April 17, 2012, from http://www.altova.com/diffdog/diff-merge-tool.html

Android Developers. (2012a). The AndroidManifest.xml file. Retrieved April 17, 2012, from http://developer.android.com/guide/topics/manifest/manifestintro.html

Android Developers. (2012b). Application Resources. Retrieved April 17, 2012, from http://developer.android.com/guide/topics/resources/index.html

Ciancarini, P. and Favini, G.P. (2009). Plagiarism detection in game-playing software. In Proceedings of the 4th International Conference on Fondations of Digital Games, Port Canaveral, FL, April 26-30, 2009.

Google Code. (2011a). ardorleo-p-andoku: p-andoku - soduko-puzzles clone. Retrieved April 18, 2012, from http://code.google.com/r/ardorleo-p-andoku

Google Code. (2011b). Android-Apktool: A tool for reverse engineering Android apk files. Retrieved April 17, 2012, from http://code.google.com/p/android-apktool

Google Code. (2011c). dex2jar: Tools to work with Android .dex and Java .class files. Retrieved April 17, 2012, from http://code.google.com/p/dex2jar

Google Code. (2011d). OpenSudoku-Android: Sudoku for Android. Retrieved April 17, 2012, from http://code.google.com/p/opensudoku-android

Hornshaw, P. (2011, March 18). Game developers struggle with piracy, malware in Android Market. Appolicious Advisor. Retrieved April 17, 2012, from http://www.androidapps.com/tech/articles/7177-game-developersstruggle-with-piracy-malware-in-android-market

Java Decompiler. (2012). Introduction. Retrieved April 17, 2012, from http://java.decompiler.free.fr

Kalinovsky, A. (2004). Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering. Indianapolis: Sams Publishing.

Paller, G. (2009). Understanding the Dalvik bytecode with the Dedexer tool. Retrieved April 17, 2012, from http://pallergabor.uw.hu/common/understandingdalvikbytecode.pdf

Schulman, A. (2005a, July 1). Finding Binary Clones with Opstrings & Function Digests: Part I. Dr. Dobbs Journal. Retrieved April 17, 2012, from http://drdobbs.com/184406152?queryText=Finding+Binary +Clones+with+Opstrings+%26amp%3B+Function

Schulman, A. (2005b, August 1). Finding Binary Clones with Opstrings & Function Digests: Part II. Dr. Dobbs Journal. Retrieved April 17, 2012, from http://drdobbs.com/184406203?queryText=Finding+Binary +Clones+with+Opstrings+%26amp%3B+Function

Schulman, A. (2005c, September 1). Finding Binary Clones with Opstrings & Function Digests: Part III. Dr. Dobbs Journal. Retrieved April 17, 2012, from http://drdobbs.com/tools/184406247?queryText=Finding +Binary+Clones+with+Opstrings+%26amp%3B+Function

Software Analysis & Forensic Engineering Corp. (2011). CodeSuite User’s Guide, v4.3. Retrieved April 17, 2012, from http://www.safecorp.biz/documents/CodeSuite%20Users%20Guide.pdf

Software Analysis & Forensic Engineering Corp. (2012) Our Process. Retrieved April 17, 2012, from http://safe-corp.biz/company_process.htm

Varaneckas, T. (2001) JAD Java Decompiler Download Mirror. Retrieved April 17, 2012, from http://www.varaneckas.com/jad

Zeidman, R. (2006). Software Source Code Correlation. In Proceedings of the 5th IEEE/ACIS International Conference on Computer and Information Science and 1st IEEE/ACIS International Workshop on Component-Based Software Engineering, Software Architecture and Reuse (ICIS-COMSAR'06), August 10-12/2006, Honolulu, HI.

Zeidman, R. (2008). Multidimensional Correlation of Software Source Code. In Proceedings of the Third International Workshop on Systematic Approaches to Digital Forensic Engineering, May 22, 2008, Oakland, CA.

Zeidman, B. (2011). The Software IP Detective’s Handbook. Westford, MA: Prentice Hall.

DOI

https://doi.org/10.15394/jdfsl.2012.1112

 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.