本项目针对当前Android应用面临的重打包、代码剽窃和动态代码加载欺骗等威胁，从提高逆向分析、破坏或绕过防篡改机制的难度出发，研究Android应用主动防篡改技术的关键问题。项目针对Android插件化技术的兴起和遭到广泛滥用之现状，尝试解决现有应用防篡改方案面对结合插件化的重打包及基于前沿动态程序分析的恶意攻击时存在的缺陷，从本质上为Android应用防篡改问题的研究提出一套新的解决思路。具体研究内容包括：（1）明确Android应用主动防篡改面对的安全威胁模型；（2）利用混合布尔-算术编码、数据导向编程等技术与常规检测手段相结合，研究Android应用完整性验证的有效新方法；（3）利用基于Collatz猜想的控制流混淆实现隐蔽信道技术，结合延迟响应思想设计具备更高追溯复杂度的完整性异常响应机制；（4）在上述工作基础上，开发完整的自动化Android应用主动防篡改原型系统。

In order to confront the emerging threats against Android applications from attacks such as repackaging, code plagiarism, and dynamic code loading cheating, this project aims to explore the key problems of tamper-proofing techniques for Android applications, from the perspective of increasing the difficulty of reverse-engineering and destroying or bypassing this mechanics. The goal is to provide new solutions for tamper-proofing Android applications with full proprietary intellectual property rights, which should be able to overcome shortcomings of existing peer techniques against repackaging attacks assisted by emerging Android plugin techniques as well as their weaknesses against sophisticated dynamic program analysis tools. The content of this project includes: (1) defining the threat model which should be considered now in the tamper-proofing mechanisms of Android applications; (2) proposing an effective new verification method for program integrity of Android applications by utilizing Mixed Boolean-Arithmetic (MBA) technology and Data-Oriented Programming (DOP) technology in combination with conventional detection approaches; (3) designing a novel stealth communication channel mechanism based on a control flow obfuscation technique which leverages Collatz conjecture, and combining it with the delayed responding strategy to establish an effective reaction protocol on program integrity abnormality of Android applications which is hard to be traced either forwardly or backwardly; and (4) on the basis of the above, this project plans to develop an automated program reinforcement system, which is able to deploy the proposed tamper-proofing mechanisms on Android applications.