Background and Introduction The recent trend in mobile computing has led to a plethora of relatively inexpensive, high-powered computing devices that can fit in a shirt pocket. These new devices are able to connect to the Internet and are location aware, making this new technology extremely useful and equally dangerous in the hands of malicious hackers. In November 2009, the first iPhone virus was released. It was not malicious and only changed the user's background image. [1] This first worm was written as a proof of concept to warn of the potential dangers of viruses for mobile devices. The author stated in a later interview with ABC his reasons for creating the virus: "I think to raise awareness of one, someone with more malicious intent could have done anything: read your text messages, check your emails and view your contacts, photos – anything."[2] Less than a month later, another virus was released by someone with malicious intent, capable of stealing private information, acting as part of a "bot -net" and even allow the attacker to install other malicious software on the device. [3] With the prevalence of iPhone-like devices it is becoming increasingly important to be able to quickly analyze and decode malicious code to protect users. Since the release of the iPhone, over 1 billion applications have been released, creating a $40 billion market [4]. The importance of keeping track of a company's intellectual property source code is paramount. Software piracy is always a consideration in the field of computer engineering. To counter this threat, several methods have been developed to render pirated applications inert, preventing them from performing their intended function. These same methods imp...... middle of paper ......ctive C is only called a function; objc_msgSend() is responsible for all method calls. The goals of this project are to create a method to recreate as much information as possible with little to no user intervention from a source executable. To reverse engineer a program from object code without debug information to the original source code is considered by many to be impossible and at best an NP-Hard problem. [5] However, by focusing on a static analysis of the Objective C binary it is possible to build a large amount of information that will lead to a good approximation of the original source code. Decompilation attempts are made easier by the fact that all applications written for the iPhone are compiled with Apple Inc.'s compiler, a variant of the GNU compiler. Therefore, we only need to write a backend to recognize assembly idioms.
tags