Measuring Android App Repackaging Prevalence based on the Permissions of App. (2016)
- Record Type:
- Journal Article
- Title:
- Measuring Android App Repackaging Prevalence based on the Permissions of App. (2016)
- Main Title:
- Measuring Android App Repackaging Prevalence based on the Permissions of App
- Authors:
- Rastogi, Sajal
Bhushan, Kriti
Gupta, B.B. - Abstract:
- Abstract: Google Play is the official market of Android apps. The app publishers make money by selling apps, through in-app billing, and through advertisements. The apps, especially the popular ones, are disassembled by adversaries, who then add/replace ads in the apps, and/or add some malicious code to the apps, and then release it to app markets. This is called app repackaging. Any revenue these repacked-apps make on these ads go to the adversaries. Also, if the repackaged apps have malwares then the malwares now spread more swiftly because of the popularity of the apps. In this paper, we present our study on some Android apps released to unofficial markets which were originally released to Google Play to find how prevalent the repackaging of Android apps is. Moreover, we proposed a mechanism for the detection of repackaging based on the permissions of the apps. To evaluate the performance of proposed approach, we downloaded 50 apps, each with well over a hundred million downloads from the official Android market, and tried to find their repackaged versions on unofficial markets based on extra permissions. We found repackaged versions of 6 out of these 50 apps without such a naive approach. This just goes to demonstrate how widely available the repackaged versions of some of the most popular Android apps are. It also proves that, in many cases, it is possible to detect repackaging only by comparing the permissions of an app with its original version. To a wide extent,Abstract: Google Play is the official market of Android apps. The app publishers make money by selling apps, through in-app billing, and through advertisements. The apps, especially the popular ones, are disassembled by adversaries, who then add/replace ads in the apps, and/or add some malicious code to the apps, and then release it to app markets. This is called app repackaging. Any revenue these repacked-apps make on these ads go to the adversaries. Also, if the repackaged apps have malwares then the malwares now spread more swiftly because of the popularity of the apps. In this paper, we present our study on some Android apps released to unofficial markets which were originally released to Google Play to find how prevalent the repackaging of Android apps is. Moreover, we proposed a mechanism for the detection of repackaging based on the permissions of the apps. To evaluate the performance of proposed approach, we downloaded 50 apps, each with well over a hundred million downloads from the official Android market, and tried to find their repackaged versions on unofficial markets based on extra permissions. We found repackaged versions of 6 out of these 50 apps without such a naive approach. This just goes to demonstrate how widely available the repackaged versions of some of the most popular Android apps are. It also proves that, in many cases, it is possible to detect repackaging only by comparing the permissions of an app with its original version. To a wide extent, there is no need of complex code analysis, or adding some authentication entity such as a watermark to the app for deterring repackaging. … (more)
- Is Part Of:
- Procedia technology. Volume 24(2016)
- Journal:
- Procedia technology
- Issue:
- Volume 24(2016)
- Issue Display:
- Volume 24, Issue 2016 (2016)
- Year:
- 2016
- Volume:
- 24
- Issue:
- 2016
- Issue Sort Value:
- 2016-0024-2016-0000
- Page Start:
- 1436
- Page End:
- 1444
- Publication Date:
- 2016
- Subjects:
- Android -- security -- repackaging -- permissions -- mobile device -- authentication -- malware.
Technology -- Congresses
Technology -- Periodicals
Engineering -- Congresses
Engineering -- Periodicals
Engineering
Technology
Conference proceedings
Periodicals
605 - Journal URLs:
- http://www.sciencedirect.com/science/journal/22120173 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.protcy.2016.05.172 ↗
- Languages:
- English
- ISSNs:
- 2212-0173
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 2229.xml