Android Undercover: Native Code Translation for AV Stealth - DC615/DEF CON Nashville

This is a live recording of a talk I gave at DEFCON (DC615) Nashville. The presentation explores how translating Java code into Native code thwarts many AV detections. First, I go over a live example of translating Android Java code into Native code, and we watch the changes in AV detections. Later in the presentation, I examine some techniques of how a reverse engineer could analyze a sample with native code. If you would like to follow along, the slides, tools, as well as example code is hosted on my github page here: https://github.com/LaurieWired/AndroidNativeObfuscation_defcon615 Timestamps: 00:00 Introduction / Background 09:02 Anubis Java Code 16:08 Developing Native Cpp Code 19:57 Choosing the Method 22:30 Declaring a Native Method 24:40 Translating to Native 44:45 AV Dete ...