#14 ACIDroid: A Practical App Cache Integrity Protection System on Android Runtime

To improve the execution performance of applications, Android introduced a new optimization technique using app cache files. However, this new feature also brings a new security concern called ``app cache tampering attack'' that can eventually change the behavior of installed applications by modifying the executable codes in their app cache files. We address this issue with ACIDroid, an efficient app cache integrity protection solution on Android, which relies on the selective transformation of the original DEX codes into the optimized DEX codes. To show the feasibility of ACIDroid, we performed app cache tampering attacks on 14 popular Android apps and tried to detect the changes in app cache files using ACIDroid. With the modified app cache files, ACIDroid was able to correctly detect the (intentional) changes while having an acceptable execution time overhead less than 5% of the total execution time.