@Article{jcs.2025.073547,
AUTHOR = {Mostafa Mohamed Ahmed Mohamed Alsaedy, Atef Zaki Ghalwash, Aliaa Abd Elhalim Yousif, Safaa Magdy Azzam},
TITLE = {E-AAPIV: Merkle Tree-Based Real-Time Android Manifest Integrity Verification for Mobile Payment Security},
JOURNAL = {Journal of Cyber Security},
VOLUME = {7},
YEAR = {2025},
NUMBER = {1},
PAGES = {653--674},
URL = {http://www.techscience.com/JCS/v7n1/65065},
ISSN = {2579-0064},
ABSTRACT = {Mobile financial applications and payment systems face significant security challenges from reverse engineering attacks. Attackers can decompile Android Package Kit (APK) files, modify permissions, and repackage applications with malicious capabilities. This work introduces E-AAPIV (Enhanced Android Apps Permissions Integrity Verifier), an advanced framework that uses Merkle Tree technology for real-time manifest integrity verification. The proposed system constructs cryptographic Merkle Tree from AndroidManifest.xml permission structures. It establishes secure client-server connections using Elliptic Curve Diffie-Hellman Protocol (ECDH-P384) key exchange. Root hashes are encrypted with Advanced Encryption Standard-256-Galois/Counter Mode (AES-256-GCM), integrated with hardware-backed Android Keystore for enhanced security. Testing with modified PayPal APK files achieved 98.7% tampering detection accuracy with genuine applications 142 ms verification time, while manipulated applications were detected in 58.02 ms. This framework provides banks and payment service providers with a practical solution for continuous real-time validation of mobile application integrity.},
DOI = {10.32604/jcs.2025.073547}
}