Android Application Protection against Static Reverse Engineering based on Multidexing

DEX files are executable files of Android applications. Since DEX files are in the format of Java bytecodes, their Java source codes can be easily obtained using static reverse engineering tools. This results in numerous Android application thefts. There are some tools (e.g. bangcle, ijiami, liapp) that protect Android applications against static reverse engineering utilizing dynamic code loading. These tools usually encrypt classes.dex in an APK file. When the application is launched, the encrypted classes.dex file is decrypted and dynamically loaded. However, these tools fail to protect multidex APKs, which include more than one DEX files (classes2.dex, classes3.dex, ...) to accommodate large-sized execution codes. In this paper, we propose a technique that protects multidex Android applications against static reverse engineering. The technique can encrypt/decrypt multiple DEX files in APK files and dynamically load them. The experimental results show that the proposed technique can effiectively protect multidex APKs.