Please use this identifier to cite or link to this item:
Full metadata record
DC FieldValueLanguage
dc.contributor.authorArnatovich, Yauhen Leanidavichen
dc.contributor.authorWang, Lipo.en
dc.contributor.authorNgo, Ngoc Minhen
dc.contributor.authorSoh, Charlieen
dc.identifier.citationArnatovich, Y. L., Wang, L., Ngo, N. M., & Soh, C. (2018). A comparison of Android reverse engineering tools via program behaviors validation based on intermediate languages transformation. IEEE Access, 6, 12382-12394.en
dc.description.abstractIn Android, performing a program analysis directly on an executable source is usually inconvenient. Therefore, a reverse engineering technique has been adapted to enable a user to perform a program analysis on a textual form of the executable source which is represented by an intermediate language (IL). For Android, Smali, Jasmin, and Jimple ILs have been introduced to represent applications executable Dalvik bytecode in a human-readable form. To use these ILs, we downloaded three of the most popular Android reversing tools, including Apktool, dex2jar, and Soot, which perform transformation of the executable source into Smali, Jasmin, and Jimple ILs, respectively. However, the main concern here is that inaccurate transformation of the executable source may severely degrade the program analysis performance, and obscure the results. To the best of our knowledge, it is still unknown which tool most accurately performs a transformation of the executable source so that the re-assembled Android applications can be executed, and their original behaviors remain intact. Therefore, in this paper, we conduct an experiment to identify the tool which most accurately performs the transformation. We designed a statistical event-based comparative scheme, and conducted a comprehensive empirical study on a set of 1,300 Android applications. Using the designed scheme, we compare Apktool, dex2jar, and Soot via random-event-based and statistical tests to determine the tool which allows the re-assembled applications to be executed, and evaluate how closely they preserve their original behaviors. Our experimental results show that Apktool, using Smali IL, perform the most accurate transformation of the executable source since the applications, which are assembled from Smali, exhibit their behaviours closest to the original ones.en
dc.format.extent13 p.en
dc.relation.ispartofseriesIEEE Accessen
dc.rights© 2018 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution requires IEEE permission. See for more information.en
dc.subjectIntermediate Languagesen
dc.subjectEvent-based Testingen
dc.titleA comparison of Android reverse engineering tools via program behaviors validation based on intermediate languages transformationen
dc.typeJournal Articleen
dc.contributor.schoolSchool of Electrical and Electronic Engineeringen
dc.description.versionPublished versionen
item.fulltextWith Fulltext-
Appears in Collections:EEE Journal Articles

Google ScholarTM



Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.