Software reverse engineering is reversing a program’s machine code(the string of 0s and 1s that are sent to the logic processor) back to source code, that it was written in, using program language statements. In android development, reverse engineering means to convert an APK back to its source code.
Android’s openness makes it a favorable environment for reverse engineers. Compared to “the other” mobile os, Android offers reverse engineers more advantage. As android is open source technology, you can examine its source code at AOSP (Android Open Source Project) and modify the OS and its standard tools any way you want.
For some reasons reverse-engineering is useful like when to enhance an app with more functionalities, retrieve back lost source code or clone new app, etc. But somehow any developer would like to secure his hard efforts of building a masterpiece app from getting cloned by others.
There are many ways to prevent your precious APK from getting cloned by decompiling it. Following are some guidelines to follow to prevent reverse-engineering of android apps:
Pro guard is an open-source cross-platform tool that is written in JAVA, which ensures the security of Android applications.
It is a command-line tool that shrinks, optimizes, obfuscates, and pre-verifies the code.
a.) Shrink Method: identify the unused classes, fields, methods attributes of the mobile app and remove them.
b.) Optimization: analyze and optimize the bytecode of various methods.
c.) Obfuscation: short meaningless names are given to the rest of classes, fields, and methods The above steps make it difficult to reverse engineer an application by making codebase smaller, more efficient, and complicated.
d.) Pre verification: this process involves adding pre-verification information to the classes that are required by JME, Java 6, or higher.
For the prevention of obfuscation, de-obfuscators are available such as APK De-Guard. It uses machine learning, thereby making it one of the most accurate and efficient de-obfuscators.