A framework for evaluating mobile app repackaging detection algorithms

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 7904 LNCS, Issue , 2013, Pages 169-186

  Huang, Heqing ^a   Zhu, Sencun ^a   Liu, Peng ^a   Wu, Dinghao ^a  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

malware; Mobile apps; obfuscation resilience; repackaging; reverse engineering

Indexed keywords

ANDROID APPLICATIONS; DALVIK VIRTUAL MACHINES; EVALUATION FRAMEWORK; MALWARES; MOBILE APPS; OBFUSCATION RESILIENCE; REPACKAGING; SIMILARITY DETECTION;

ALGORITHMS; COMMERCE; COMPUTER CRIME; DETECTORS; REVERSE ENGINEERING;

SIGNAL DETECTION;

EID: 84884658330     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-38908-5_13     Document Type: Conference Paper

References (30)

1. Android Apktool: A tool for reengineering android apk files, http://code.google.com/p/android-apktool/
2. Dalvik virtual machine: code and documentation, http://code.google.com/p/ dalvik/
3. Dasho, preemptive solutions, http://www.preemptive.com/products/dasho
4. Dex2jar, http://code.google.com/p/dex2jar/
5. Dexguard, http://www.saikoa.com/dexguard
6. Dexobf, http://dexlabs.org/blog/bytecode-obfuscation
7. Dx tool source code, http://grepcode.com/file/repository.grepcode.com/ java/ext/com.google.android/android/4.1.2 r1/com/android/dx/ssa/
8. Gartner says android to command nearly half of worldwide smartphone operating system market by year-end 2012, http://www.gartner.com/it/page.jsp?id= 1622614
9. Klassmaster, http://www.zelix.com/klassmaster/docs/index.html
10. Oracle Virtual Machine, https://wikis.oracle.com/display/MaxineVM/Home/
11. ProGuard, http://proguard.sourceforge.net/
12. Smali/Baksmali, http://code.google.com/p/smali/
13. Soot: a Java optimization framework, http://www.sable.mcgill.ca/soot/
14. Wala, http://wala.sourceforge.net/wiki/index.php/
15. Byte code engineering library (bcel), http://sourceforge.net/projects/ javaclass/
16. Ceccato, M., Di Penta, M., Nagra, J., Falcarin, P., Ricca, F., Torchiano, M., Tonella, P.: Towards experimental evaluation of code obfuscation techniques. In: Proceedings of the 4th ACM Workshop on Quality of Protection, QoP 2008, pp. 39-46. ACM, New York (2008), http://doi.acm.org/10.1145/1456362. 1456371
17. Collberg, C., Myles, G., Huntwork, A.: Sandmarks a tool for software protection research. IEEE Security and Privacy 1(4), 40-49 (2003)
18. Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical report (1997)
19. Crussell, J., Gibler, C., Chen, H.: Attack of the clones: Detecting cloned applications on android markets. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 37-54. Springer, Heidelberg (2012)
20. Desnos, A., Gueguen, G.: Android: From reversing to decompilation. In: Black Hat 2011, Abu Dhabi (2011)
21. Jhi, Y.-C., Wang, X., Jia, X., Zhu, S., Liu, P., Wu, D.: Value-based program characterization and its application to software plagiarism detection. In: Proceedings of the 33rd International Conference on Software Engineering, pp. 756-765. ACM (2011)
22. Karnick, M., Macbride, J.,Mcginnis, S., Tang, Y., Ramach, R.: A qualitative analysis of Java obfuscation
23. Li, S.: Juxtapp: A scalable system for detecting code reuse among android applications. Master's thesis, EECS Department, University of California, Berkeley (May 2012), http://www.eecs.berkeley.edu/Pubs/TechRpts/2012/EECS-2012- 111.html
24. Octeau, D., Enck, W., McDaniel, P.: The ded Decompiler. Technical Report NAS-TR-0140-2010, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA (September 2010), http://siis.cse.psu.edu/ded/papers/NAS-TR-0140-2010.pdf
25. Octeau, D., Jha, S., McDaniel, P.: Retargeting Android Applications to Java Bytecode. In: Proceedings of the 20th International Symposium on the Foundations of Software Engineering (November 2012), http://siis.cse.psu.edu/ dare/papers/octeau-fse12.pdf
26. Wang, X., Jhi, Y.-C., Zhu, S., Liu, P.: Detecting software theft via system call based birthmarks. In: Annual Computer Security Applications Conference, ACSAC 2009, pp. 149-158. IEEE (2009)
27. Xu, R., Saidi, H., Anderson, R.: Aurasium: Practical policy enforcement for android applications. In: Proceedings of the 21st USENIX Conference on Security (2012)
28. You, I.,Yim, K.: Malware obfuscation techniques: A brief survey. In: Proceedings of the 2010 International Conference on Broadband, Wireless Computing, Communication and Applications (2010)
29. Zhou, W., Zhou, Y., Jiang, X., Ning, P.: Detecting repackaged smartphone applications in third-party android marketplaces. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy, CODASPY 2012, pp. 317-326. ACM, New York (2012)
30. Zhou, Y., Jiang, X.: Dissecting android malware: Characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, SP, pp. 95-109. IEEE (2012)