Sweetening android lemon markets: Measuring and combating malware in application marketplaces

CODASPY 2013 - Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy

Volumn , Issue , 2013, Pages 197-207

  Vidas, Timothy ^a   Christin, Nicolas ^a  

^a CARNEGIE MELLON UNIVERSITY   (United States)

Author keywords

Android; Malware; Repackaging; Smartphones; Software marketplace

Indexed keywords

ANDROID; COMMUNICATION OVERHEADS; MALWARES; QUANTITATIVE ASSESSMENTS; REPACKAGING; SELF-SIGNED CERTIFICATE; SOFTWARE DISTRIBUTIONS; VERIFICATION PROTOCOL;

AUTHENTICATION; COMMERCE; COMPUTER CRIME; MOBILE DEVICES; PERSONAL COMPUTERS; ROBOTS; SMARTPHONES;

APPLICATION PROGRAMS;

EID: 84874823267     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2435349.2435378     Document Type: Conference Paper

References (38)

1. Virustotal. http://www.virustotal.com.
2. Amazon appstore frequently asked questions. https://developer.amazon.com/ help/faq.html, Oct. 2011.
3. android-apktool: a tool to reverse engineer Android apk files, 2011. https://code.google.com/p/androidapktool/.
4. Android developer guide 4.0 r1. http://developer.android.com/guide/ topics/manifest/manifest-element.html Oct. 2011.
5. android4me: J2ME port of Google's Android, 2011. https://code.google.com/ p/android4me/downloads/list.
6. Security alert: Malware found targeting custom roms. http://blog. mylookout.com/2011/06/security-alert-malware-found-targetingcustom-roms- jsmshider/, June 2011.
7. ASRAR, I. Could sexy space be the birth of the sms botnet? http://www.symantec.com/connect/blogs/could-sexy-space-be-birth-sms-botnet, July 2009.
8. ASRAR, I. A touch of mobile threat déjà vu. http://www.symantec.com/connect/blogs/touch-mobile-threat-deja-vu, Feb. 2010.
9. ASRAR, I. Will sms bring you free vouchers? http://www.symantec.com/ connect/blogs/will-sms-bring-you-free-vouchers, Apr. 2010.
10. ASRAR, I. Will your next tv manual ask you to run a scan instead of adjusting the antenna? http://www.symantec.com/connect/blogs/will-your-next-tv- manual-ask-you-runscan-instead-adjusting-antenna, Oct. 2011.
11. BECHER, M., FREILING, F., HOFFMANN, J., HOLZ, T., UELLENBECK, S., AND WOLF, C. Mobile security catching up? revealing the nuts and bolts of the security of mobile devices. In Proc. IEEE Symp. on Security and Privacy (2011), IEEE, pp. 96-111.
12. BURGUERA, I., ZURUTUZA, U., AND NADJM-TEHRANI, S. Crowdroid: behavior-based malware detection system for android. In Proc. ACM work. Security and privacy in smartphones and mobile devices (2011), ACM, pp. 15-26.
13. CHEN, E., BAU, J., REIS, C., BARTH, A., AND JACKSON, C. App isolation: get the security of multiple browsers with just one. In Proc. ACM CCS (2011), ACM, pp. 227-238.
14. CHENG, J., WONG, S., YANG, H., AND LU, S. Smartsiren: virus detection and alert for smartphones. In Proc. ACM MobiSys (2007), pp. 258-271.
15. CHRISTIN, N., WEIGEND, A., AND CHUANG, J. Content availability, pollution and poisoning in file sharing peer-to-peer networks. In Proceedings of the 6th ACM conference on Electronic commerce (2005), ACM, pp. 68-77.
16. EGELE, M., KRUEGEL, C., KIRDA, E., AND VIGNA, G. PiOS: Detecting privacy leaks in iOS applications. In Proceedings of the Network and Distributed System Security Symposium (2011).
17. ENCK, W., GILBERT, P., CHUN, B., COX, L., JUNG, J., MCDANIEL, P., AND SHETH, A. TaintDroid: an Information-Flow tracking system for realtime privacy monitoring on smartphones. In OSDI 2010 (Vancouver, BC, Canada).
18. ENCK, W., OCTEAU, D., MCDANIEL, P., AND CHAUDHURI, S. A study of android application security. In Proc. of the 20th USENIX Security Symposium (2011).
19. ENCK, W., ONGTANG, M., AND MCDANIEL, P. On lightweight mobile phone application certification. In Proc. ACM CCS (Chicago, IL), pp. 235-245.
20. FELT, A., FINIFTER, M., CHIN, E., HANNA, S., AND WAGNER, D. A survey of mobile malware in the wild. In Proc. ACM work. Security and privacy in smartphones and mobile devices (2011), ACM, pp. 3-14.
21. FELT, A., AND WAGNER, D. Phishing on mobile devices. In IEEE Workshop on Web 2.0 Security and Privacy (2011).
22. HORNYACK, P., HAN, S., JUNG, J., SCHECHTER, S., AND WETHERALL, D. These aren't the droids you're looking for: retrofitting android to protect data from imperious applications. In Proc. ACM CCS (Chicago, IL, 2011), ACM, pp. 639-652.
23. JOHN, J., YU, F., XIE, Y., ABADI, M., AND KRISHNAMURTHY, A. deSEO: Combating search-result poisoning. In Proceedings of USENIX Security 2011 (San Francisco, CA, Aug. 2011).
24. KELLEY, P., CONSOLVO, S., CRANOR, L., JUNG, J., SADEH, N., AND WETHERALL, D. An conundrum of permissions: Installing applications on an android smartphone. In the Workshop on Usable Security (2012).
25. LEIBA, B., AND FENTON, J. Domainkeys identified mail (dkim): Using digital signatures for domain verification. In Proceedings of the Fourth Conference on Email and Anti-Spam (CEAS) (2007), Citeseer.
26. MOORE, T., AND EDELMAN, B. Measuring the perpetrators and funders of typosquatting. Financial Cryptography and Data Security (2010), 175-191.
27. MOORE, T., LEONTIADIS, N., AND CHRISTIN, N. Fashion crimes: trending-term exploitation on the web. In Proc. ACM CCS (Chicago, IL, 2011), pp. 455-466.
28. PILZ, H., AND SCHINDLER, S. Are free android virus scanners any good? Tech. rep., Nov. 2011.
29. SCHMIDT, A., BYE, R., SCHMIDT, H., CLAUSEN, J., KIRAZ, O., YUKSEL, K., CAMTEPE, S., AND ALBAYRAK, S. Static analysis of executables for collaborative malware detection on android. In Proc. IEEE ICC (2009), IEEE, pp. 1-5.
30. SCHMIDT, A., CLAUSEN, J., CAMTEPE, A., AND ALBAYRAK, S. Detecting symbian os malware through static function call analysis. In Proc. MALWARE (2009), IEEE, pp. 15-22.
31. SCHÖNEFELD, M. Reconstructing dalvik applications. CANSECWEST 2009 (Mar. 2009).
32. SCHWARTS, M. Google removes malware apps from android market. http://www.informationweek.com/news/security/client/229700298 June 2011.
33. THOUGHTCRIME LABS. Convergence: An agile, distributed and secure stratefy for replacing certificate authorities. http://convergence.io.
34. VIDAS, T., VOTIPKA, D., AND CHRISTIN, N. All your droid are belong to us: A survey of current android attacks. In Proceedings of the 5th USENIX Workshop on Offensive technologies (2011), USENIX Association.
35. WENDLANDT, D., ANDERSEN, D., AND PERRIG, A. Perspectives: Improving SSH-style host authentication with multi-path probing. In USENIX Annual Technical Conference (2008), pp. 321-334.
36. ZHOU, W. ZHOU Y. JIANG, X., AND NING, P. Detecting repackaged smartphone applications in third-party android marketplaces. In Proc. 3rd ACM Conference on Data and Application Security and Privacy (2012).
37. ZHOU, Y., AND JIANG, X. Dissecting android malware: Characterization and evolution. In Proc. IEEE Symp. on Security and Privacy (2012).
38. ZHOU, Y., WANG, Z., ZHOU, W., AND JIANG, X. Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In NDSS (2012).