Paper Info
Title
PackerGrind: An Adaptive Unpacking System for Android Apps
Abstract
App developers are increasingly using packing services (or packers) to protect their code against being reverse engineered or modified. However, such packing techniques are also leveraged by the malicious developers to prevent the malware from being analyzed and detected by the static malware analysis and detection systems. Though there are already studies on unpacking packed Android apps, they usually leverage the manual reverse engineered packing behaviors to unpack apps packed by the specific packers and cannot be appified to the evolved and new packers. In this paper, we propose a novel unpacking approach with the capacity of adaptively unpacking the evolved and newly encountered packers. Also, we develop a new system, named <monospace xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">PackerGrind</monospace> , based on this adaptive approach for unpacking Android packers. The evaluation with real packed apps demonstrates that <monospace xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">PackerGrind</monospace> can successfully reveal packers protection mechanisms, effectively handle their evolution and recover Dex files with low overhead.
Year
DOI
Venue
2022
10.1109/TSE.2020.2996433
IEEE Transactions on Software Engineering
Keywords
DocType
Volume
Android packer,dynamic analysis,binary instrumentation,bytecode obfuscation
Journal
48
Issue
ISSN
Citations 
2
0098-5589
3
PageRank 
References 
Authors
0.45
24
7
Name
Order
Citations
PageRank
Lei Xue110316.03
Hao Zhou230.45
Xiapu Luo31302110.23
Le Yu430.45
Dinghao Wu530.45
Yajin Zhou62382127.03
Xiaobo Ma730.45