In the age of increasing mobile and smart connectivity, malware poses an ever evolving threat to individuals, societies and nations. Anti-malware companies are often the first and only line of defense for mobile users. Driven by economic benefits, quantity and complexity of Android malware are increasing, thus making them difficult to detect. Malware authors employ multiple techniques (e.g. code obfuscation, packaging and encryption) to evade static analysis (signature based) and dynamic analysis (behavior based) detection methods. In this article, we present an overview of Android and its state of the art security services. We then present an exhaustive and analytic taxonomy of Android malware hardening techniques available in the literature. Furthermore, we review and analyze the code obfuscation and preventive techniques used by malware to evade detection. Hardening mechanisms are also popular amongst application developers to fortify against reverse engineering. Based on our in-depth survey, we highlight the issues related to them and manifest future directions. We believe the need to examine the effectiveness and efficiency of hardening techniques and their combination.

在移动和智能连接日益增长的时代，恶意软件对个人，社会和国家构成了不断发展的威胁。反恶意软件公司通常是移动用户的第一道防线，也是唯一的防线。在经济利益的推动下，Android恶意软件的数量和复杂性都在增加，因此使其难以检测。恶意软件作者采用多种技术（例如，代码混淆，打包和加密）逃避了静态分析（基于签名）和动态分析（基于行为）的检测方法。在本文中，我们概述了Android及其最新的安全服务。然后，我们将提供文献中可用的Android恶意软件强化技术的详尽和分析分类法。此外，我们将审查并分析恶意软件用来逃避检测的代码混淆和预防技术。强化机制在应用程序开发人员中也很流行，以加强抵抗逆向工程的能力。根据我们的深入调查，我们重点介绍了与之相关的问题并阐明了未来的发展方向。我们认为有必要检查强化技术及其组合的有效性和效率。