Security Analysis and Protection Based on Smali Injection for Android Applications

摘要

Smali code and .Dex file can be completely compiled and decompiled reciprocally. Thus any new functions can be injected into an existing android application directly after decompiling it into smali code under the condition of that we needn't to modify any java code to develop the application. This leads the android applications to be modified and cracked arbitrarily. In order to prevent it from being decompiled and bundled malicious code, we summarized current typical methods of anti-crack and anti-decompilation, then propose two new solutions based on smali injection, which can protect the security of the android applications effectively.