MARVEL (Mobile-app Anti-Repackaging for Virtual Environments Locking) is an anti-repackaging protection scheme that leverages the virtualization technique to mitigate traditional and virtualization-based repackaging attacks.
This repository contains the implementation of MARVEL that consists of:
-
Trusted Container, a virtualization app that extends the VirtualApp framework and is responsible for the enforcement of the MARVEL runtime protection.
-
MARVELoid, a Java tool that implements the MARVEL protection scheme for Android apps. The tool protects a plugin app by using code splitting and Interconnected Anti-Tampering Control (IAT). Code splitting allows to remove portions of code from the original app, thus introducing mitigation against static analysis inspection. IATs involve the injection of integrity controls, evaluated during the interaction between the Trusted Container and a plugin app.
The repo contains the following folders:
Binaries- the executable files of MARVELoid (i.e., a jar file) and of the Trusted Container app (i.e., an APK file);Docker- a docker image to run the MARVELoid protection process on a set of apks;Example- an example of the MARVELoid protection process with instructions for reproducing it;Experiments- the details concerning the test-set used in our experimental campaign and the results of the protection;Sources- the source code of the MARVELoid tool and of the Trusted Container Android app.
For more details, please refer to the READMEs in the specific folders.
More details can be found in the ACSAC '21 paper "Repack Me If You Can: An Anti-Repackaging Solution based on Android Virtualization".
You can cite the paper as follows:
@inproceedings{ruggia2021repack,
author = {Ruggia, Antonio and Losiouk, Eleonora and Verderame, Luca and Conti, Mauro and Merlo, Alessio},
title = {Repack Me If You Can: An Anti-Repackaging Solution Based on Android Virtualization},
year = {2021},
publisher = {Association for Computing Machinery},
url = {https://doi.org/10.1145/3485832.3488021},
doi = {10.1145/3485832.3488021},
booktitle = {Annual Computer Security Applications Conference},
series = {ACSAC}
}
The content of this repository has been submittes as Artifact for the ACSAC '21 conference and receive the REUSABLE badge.
This tool is available under a dual license: a commercial one required for closed source projects or commercial projects, and an AGPL license for open-source projects.
Depending on your needs, you must choose one of them and follow its policies. A detail of the policies and agreements for each license type is available in the LICENSE.COMMERCIAL and LICENSE files.
- Antonio Ruggia - PhD. Student
- Eleonora Losiouk - Assistant Professor
- Luca Verderame - Postdoctoral Researcher
- Mauro Conti - Full Professor
- Alessio Merlo - Associate Professor