Authors : Ji-ho Cho, Chung-hyun Lim, Hyo-jung Ahn and Geuk Lee
Abstract: As the number of smartphone user increase rapidly over the recent several years, numerous android applications are developed. In the android market, due to the openness of the market, the distribution of not only normal applications but also, malicious applications disguised as normal applications are increasing. Malicious financial applications disguise themselves as normal applications to steal personal information, account passwords and security card information and attempt illegal transactions. Malicious banking applications easily evade integrity verification and are transformed into another malicious applications using repackaging method. Banking applications require very rigid integrity verification method. In this study, integrity evasion methods of android banking application are introduced and a verification method using dynamic key values to prevent the integrity evasion attack is proposed. Application programs memory load address is used as dynamic key value.
Ji-ho Cho, Chung-hyun Lim, Hyo-jung Ahn and Geuk Lee, 2018. Improvement of Android Banking Application Integrity Using Dynamic Key Value. Journal of Engineering and Applied Sciences, 13: 3261-3266.