Fast, scalable detection of "piggybacked" mobile applications

CODASPY 2013 - Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy

Volumn , Issue , 2013, Pages 185-195

  Zhou, Wu ^a   Zhou, Yajin ^a   Grace, Michael ^a   Jiang, Xuxian ^a   Zou, Shihong ^b  

^a NORTH CAROLINA STATE UNIVERSITY   (United States)

^b BEIJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS   (China)

Author keywords

App repackaging; Mobile application; Piggybacked application; Smartphone security

Indexed keywords

APP REPACKAGING; DECOUPLING TECHNIQUE; FINGERPRINT TECHNIQUES; MOBILE APPLICATIONS; PAIR-WISE COMPARISON; PRIVACY AND SECURITY; SEARCH ALGORITHMS; SMARTPHONE SECURITIES;

COMPUTER APPLICATIONS; MOBILE COMPUTING; ROBOTS; SCALABILITY; SEMANTICS;

COMMERCE;

EID: 84874828789     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2435349.2435377     Document Type: Conference Paper

References (47)

1. MMSBG: An Open-Source Project. https://code.google.com/p/mmsbg. Online; accessed at Dec 1, 2011.
2. ProGuard | Android Developers http://developer.android.com/guide/ developing/tools/proguard.html. Online; accessed at Dec 1, 2011.
3. Smali - An Assembler/Disassembler for Android's dex Format. http://code.google.com/p/smali/. Online; accessed at Dec 1, 2011.
4. AndroidCommunity. [ALERT] New Trojan Called Hong Tou Tou Lurking. http://androidcommunity.com/android-trojan-alert-hong-tou-tou-20110216/. Online; accessed at Dec 1, 2011.
5. Nicolas Anquetil, Cédric Fourrier, and Timothy C. Lethbridge. Experiments with Clustering as a Software Remodularization Method. In Proceedings of the Sixth Working Conference on Reverse Engineering, WCRE '99, pages 235-, Washington, DC, USA, 1999. IEEE Computer Society.
6. AppBrain. Number of Available Android Applications. http://www.appbrain. com/stats/number-ofandroid-apps. Online; accessed at Dec 1, 2011.
7. David Barrera, William Enck, and Paul Oorschot. Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems. Technical report, School of Computer Science, Carleton University, http://www.scs.carleton.ca/shared/research/tech-reports/2010/TR-11-06%20Barrera. pdf. Online; accessed at Dec 1, 2011.
8. David Barrera, H. Günȩs Kayacik, Paul C. van Oorschot, and Anil Somayaji. A Methodology for Empirical Analysis of Permission-Based Security Models and Its Application to Android. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS '10, 2010.
9. Joany Boutet. Malicious Android Applications: Risks and Exploitation - A Spyware Story about Android Application and Reverse Engineering. http://www.sans.org/reading-room/whitepapers/malicious/malicious-android- applications-risksexploitation-33578. Online; accessed at Dec 1, 2011.
10. Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Ahmad-Reza Sadeghi, and Bhargava Shastry. Towards Taming Privilege-Escalation Attacks on Android. In 19th Annual Network & Distributed System Security Symposium (NDSS), Feb 2012.
11. Erika Chin, Adrienne Felt, Kate Greenwood, and David Wagner. Analyzing Inter-Application Communication in Android. In Proceedings of the 9th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2011, 2011.
12. Jonathan Crussell, Clint Gibler, and Hao Chen. Attack of the Clones: Detecting Cloned Applications on Android Markets. In Sara Foresti, Moti Yung, and Fabio Martinelli, editors, Computer Security âǍ Ş ESORICS 2012, volume 7459 of Lecture Notes in Computer Science, pages 37-54. Springer Berlin Heidelberg, 2012.
13. Michael Dietz, Shashi Shekhar, Yuliy Pisetsky, Anhei Shu, and Dan Wallach. QUIRE: Lightweight Provenance for Smart Phone Operating Systems. In Proceedings of the 20th USENIX Security Symposium, USENIX Security '11, San Francisco, CA, 2011.
14. Manuel Egele, Christopher Kruegel, Engin Kirda, and Giovanni Vigna. PiOS: Detecting Privacy Leaks in iOS Applications. In Proceedings of the 18th Annual Network and Distributed System Security Symposium, NDSS '11, February 2011.
15. William Enck, Peter Gilbert, Byung-gon Chun, Landon Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol Sheth. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, USENIX OSDI '11, 2011.
16. William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri. A Study of Android Application Security. In Proceedings of the 20th USENIX Security Symposium, USENIX Security '11, San Francisco, CA, 2011.
17. Adrienne Felt, Erika Chin, Steve Hanna, Dawn Song, and David Wagner. Android Permissions Demystified. In Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS' 11, 2011.
18. Adrienne Felt, Helen Wang, Alexander Moschhuk, Steve Hanna, and Erika Chin. Permission Re-Delegation: Attacks and Defense. In Proceedings of the 20th USENIX Security Symposium, USENIX Security '11, San Francisco, CA, 2011.
19. Adam Fuchs, Avik Chaudhuri, and Jeffrey Foster. SCanDroid: Automated Security Certification of Android Applications. http://www.cs.umd.edu/~avik/ projects/scandroidascaa/paper.pdf. Online; accessed at Dec 1, 2011.
20. Michael Grace, Wu Zhou, Xuxian Jiang, and Ahmad-Reza Sadeghi. Unsafe Exposure Analysis of Mobile In-App Advertisements. In Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2012.
21. Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang. Systematic Detection of Capability Leaks in Stock Android Smartphones. In Proceedings of the 19th Annual Network and Distributed System Security Symposium, NDSS '12, February 2012.
22. Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, and Xuxian Jiang. RiskRanker: Scalable and Accurate Zero-day Android Malware Detection. In 10th International Conference on Mobile Systems, Applications and Services, June 2012.
23. Xin Hu, Tzi-cker Chiueh, and Kang G. Shin. Large-Scale Malware Indexing using Function-Call Graphs. In Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pages 611-620, New York, NY, USA, 2009. ACM.
24. Google Inc. Admob for Android Developers. http://developer.admob.com/ wiki/Android.
25. Google Inc. Android Market. https://market.android.com/. Online; accessed at Dec 1, 2011.
26. Lookout Inc. App Genome Report: February 2011. https://www.mylookout.com/ appgenome/. Online; accessed at Dec 1, 2011.
27. Lookout Inc. Security Alert: Geinimi, Sophisticated New Android Trojan Found in Wild. http://blog.mylookout.com/2010/12/geinimi-trojan/. Online; accessed at Dec 1, 2011.
28. Lookout Inc. Update: Security Alert: DroidDream Malware Found in Official Android Market. http://blog.mylookout.com/2011/03/security-alertmalware-found- in-official-androidmarket-droiddream/. Online; accessed at Dec 1, 2011.
29. MobClix Inc. Mobclix SDK Integration Guide. http://support.mobclix.com/ attachments/token/lvbgrqsfpjgvgxb/?name=Detailed-Start-Guide-for-Android.pdf Online; accessed at Dec 1, 2011.
30. Scoreloop Inc. Scoreloop : Cross Platform Mobile Gaming SDK for Virtual Currency, Social Games and Distribution. http://www.scoreloop.com/developers/.
31. Symantec Inc. Android Threats Getting Steamy. http://www.symantec.com/ connect/blogs/androidthreats-getting-steamy. Online; accessed at Dec 1, 2011.
32. Symantec Inc. Android.Basebridge: Technical Details. http://www.symantec. com/security-response/writeup.jsp?docid=2011-060915-4938-99&tabid=2. Online; accessed at Dec 1, 2011.
33. Wooboo Inc. How to Add Wooboo Advertisement SDK into Android. http://admin.wooboo.com.cn:9001/cbFiles/down/1272545843644.swf.
34. Jiyong Jang, David Brumley, and Shobha Venkataraman. BitShred: Feature Hashing Malware for Scalable Triage and Semantic Analysis. In Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pages 309-320, New York, NY, USA, 2011. ACM.
35. Christian Lindig and Gregor Snelting. Assessing Modular Structure of Legacy Code based on Mathematical Concept Analysis. In Proceedings of the 19th international conference on Software engineering, ICSE '97, pages 349-359, New York, NY, USA, 1997. ACM.
36. S. Mancoridis, B. S. Mitchell, C. Rorres, Y. Chen, and E. R. Gansner. Using Automatic Clustering to Produce High-Level System Organizations of Source Code. In Proceedings of the 6th International Workshop on Program Comprehension, IWPC '98, pages 45-, Washington, DC, USA, 1998. IEEE Computer Society.
37. Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric Security in Android. In Proceedings of the 2009 Annual Computer Security Applications Conference, ACSAC '09, 2009.
38. OpenFeint. OpenFeint Developers - Mobile Open Source Social SDK & Tools for iOS & Android. http://openfeint.com/developers. Online; accessed at Dec 1, 2011.
39. Paolo Passeri. One Year of Android Malware (Full List)). http://paulsparrows.wordpress.com/2011/08/11/one-year-of-android-malware- fulllist/. Online; accessed at Dec 1, 2011.
40. Google Code Project. Android-apktool - Tool for Reengineering Android apk Files. http://code.google.com/p/android-apktool/. Online; accessed at Dec 1, 2011.
41. Helmuth Spaeth. Cluster Analysis Algorithms for Data Reduction and Classification of Objects. J. Wiley and Sons, 1980.
42. Paolo Tonella. Concept Analysis for Module Restructuring. IEEE Trans. Softw. Eng., 27:351-363, April 2001.
43. Peter N. Yianilos. Data Structures and Algorithms for Nearest Neighbor Search in General Metric Spaces. In Proceedings of the fourth annual ACM-SIAM Symposium on Discrete algorithms, SODA '93, pages 311-321, Philadelphia, PA, USA, 1993. Society for Industrial and Applied Mathematics.
44. Wu Zhou, Yajin Zhou, Xuxian Jiang, and Peng Ning. DroidMOSS: Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces. In Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy, CODASPY '12, February 2012.
45. Yajin Zhou and Xuxian Jiang. Dissecting Android Malware: Characterization and Evolution. In Proceedings of the 33rd IEEE Symposium on Security and Privacy, 2012.
46. Yajin Zhou and Xuxian Jiang. Detecting Passive Content Leaks and Pollution in Android Applications. In Proceedings of the 20th Annual Symposium on Network and Distributed System Security, 2013.
47. Yajin Zhou, Zhi Wang, Wu Zhou, and Xuxian Jiang. Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In Proceedings of the 19th Annual Network and Distributed System Security Symposium, NDSS '12, February 2012.