Android Protection Reverse Engineering Client-Server

5

I see that it is very common for applications Android (games for example) to be modified through engenharia reversa .

Even using obfuscação and other anti-reverse engineering techniques, it's hard to keep an Android application completely free eavesdropping, cheaters, etc.

In the face of this scenario, I have come to wonder how best to keep client-server communication intact, since ensuring the integrity of the application is a difficult task.

  • How to ensure that the data that arrives on the server actually comes from an entire application (not modified by engenharia reversa )?
asked by anonymous 13.12.2015 / 14:38

1 answer

3

You can use Protocol Buffers from Google itself.

Protocol Buffers is neutral to any language, platform, and has a very good way of serializing objects. They are flexible, efficient and have an automated mechanism for serializing data.

In addition to being more efficient than XML or Json, if it is intercepted, it is not human readable. Its structure does not allow easy understanding if it does not have the files called "contracts".

You can have better references and how it works and how to implement directly from official documentation .

Useful links:

-Github: link

-5 Reasons to Use Protocol Buffers: link

    
14.12.2015 / 18:42