TY - GEN
T1 - UI Obfuscation and Its Effects on Automated UI Analysis for Android Apps
AU - Zhou, Hao
AU - Chen, Ting
AU - Wang, Haoyu
AU - Yu, Le
AU - Luo, Xiapu
AU - Wang, Ting
AU - Zhang, Wei
N1 - Funding Information:
We thank the anonymous reviewers for their helpful comments. This research is partially supported by the Hong Kong RGC Projects (No. 152279/16E, 152223/17E, CityU C1008-16G) and the National Natural Science Foundation of China (No. 61872057, 61702045, 61672297) and National Key R&D Program of China (2018YFB0804100, 2019YFB2101704) and the National Science Foundation under Grant (No. 1953893, 1953813, and 1951729).
Publisher Copyright:
© 2020 ACM.
PY - 2020/9
Y1 - 2020/9
N2 - The UI driven nature of Android apps has motivated the development of automated UI analysis for various purposes, such as app analysis, malicious app detection, and app testing. Although existing automated UI analysis methods have demonstrated their capability in dissecting apps' UI, little is known about their effectiveness in the face of app protection techniques, which have been adopted by more and more apps. In this paper, we take a first step to systematically investigate UI obfuscation for Android apps and its effects on automated UI analysis. In particular, we point out the weaknesses in existing automated UI analysis methods and design 9 UI obfuscation approaches. We implement these approaches in a new tool named UI obfuscator after tackling several technical challenges. Moreover, we feed 3 kinds of tools that rely on automated UI analysis with the apps protected by UI obfuscator, and find that their performances severely drop. This work reveals limitations of automated UI analysis and sheds light on app protection techniques.
AB - The UI driven nature of Android apps has motivated the development of automated UI analysis for various purposes, such as app analysis, malicious app detection, and app testing. Although existing automated UI analysis methods have demonstrated their capability in dissecting apps' UI, little is known about their effectiveness in the face of app protection techniques, which have been adopted by more and more apps. In this paper, we take a first step to systematically investigate UI obfuscation for Android apps and its effects on automated UI analysis. In particular, we point out the weaknesses in existing automated UI analysis methods and design 9 UI obfuscation approaches. We implement these approaches in a new tool named UI obfuscator after tackling several technical challenges. Moreover, we feed 3 kinds of tools that rely on automated UI analysis with the apps protected by UI obfuscator, and find that their performances severely drop. This work reveals limitations of automated UI analysis and sheds light on app protection techniques.
UR - http://www.scopus.com/inward/record.url?scp=85097182423&partnerID=8YFLogxK
U2 - 10.1145/3324884.3416642
DO - 10.1145/3324884.3416642
M3 - Conference article published in proceeding or book
AN - SCOPUS:85097182423
T3 - Proceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
SP - 199
EP - 210
BT - Proceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
Y2 - 22 September 2020 through 25 September 2020
ER -