International Journal of Internet, Broadcasting and Communication

The Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회)
권호 표지
DOI QR코드

DOI QR Code

Android App Reuse Analysis using the Sequential Hypothesis Testing

  • Ho, Jun-Won (Department of Information Security Seoul Women's University)
  • Received : 2016.08.31
  • Accepted : 2016.09.25
  • Published : 2016.11.30
Download PDF
⟨ Previous Next ⟩

Abstract

Due to open source policy, Android systems are exposed to a variety of security problems. In particular, app reuse attacks are detrimental threat to the Android system security. This is because attacker can create core malign components and quickly generate a bunch of malicious apps by reusing these components. Hence, it is very imperative to discern whether Android apps contain reused components. To meet this need, we propose an Android app reuse analysis technique based on the Sequential Hypothesis Testing. This technique quickly makes a decision with a few number of samples whether a set of Android apps is made through app reuse. We performed experimental study with 6 malicious app groups, 1 google and 1 third-party app group such that each group consists of 100 Android apps. Experimental results demonstrate that our proposed analysis technique efficiently judges Android app groups with reused components.

Keywords

References

  1. Daniel Arp, Michael Spreitzenbarth, Malte Huebner, Hugo Gascon, and Konrad Rieck. Drebin: Efficient and Explainable Detection of Android Malware in Your Pocket, In 21th Annual Network and Distributed System Security Symposium (NDSS), February 2014
  2. Chen, J., Alalfi, M. H., Dean, T. R., and Zou, Y. Detecting Android Malware Using Clone Detection. Journal of Computer Science and Technology, 30(5), 942-956, 2015. https://doi.org/10.1007/s11390-015-1573-7
  3. K. Chen, P. Liu, and Y. Zhang. Achieving accuracy and scalability simultaneously in detecting application clones on Android markets. In International Conference on Software Engineering (ICSE), pages:175-186, 2014.
  4. Crussell, Jonathan, Clint Gibler, and Hao Chen. Scalable semantics-based detection of similar Android applications. In ESORICS 2013, Springer Berlin Heidelberg, 2013.
  5. Crussell, Jonathan, Clint Gibler, and Hao Chen. Attack of the Clones: Detecting Cloned Applications on Android Markets. In ESORICS 2012, 2012
  6. Gonzalez, H., Stakhanova, N., and Ghorbani, A. A. DroidKin: lightweight detection of Android apps similarity. In International Conference on Security and Privacy in Communication Networks, pages:436-453, Springer International Publishing, September 2014.
  7. S. Hanna, L. Huang, E. Wu, S. Li, C. Chen, and D. Song. Juxtapp: a scalable system for detecting code reuse among Android applications. In DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment, 2012.
  8. Jiao, S., Cheng, Y., Ying, L., Su, P., and Feng, D. A Rapid and Scalable Method for Android Application Repackaging Detection. Information Security Practice and Experience, pages:349-364, Springer International Publishing, 2015.
  9. Kim, D., Gokhale, A., Ganapathy, V., and Srivastava, A. Detecting plagiarized mobile apps using API birthmarks. Automated Software Engineering, pages:1-28, 2015.
  10. H. Shahriar and V. Clincy Kullback-Leibler Divergence Based Detection of Repackaged Android Malware. Journal of Information Security Research, Vol. 6, Num. 1, March 2015.
  11. Shao, Y., Luo, X., Qian, C., Zhu, P., and Zhang, L. Towards a scalable resource-driven approach for detecting repackaged Android applications. In Proceedings of the ACM Annual Computer Security Applications Conference, pages:56-65, December 2014.
  12. Soh, C., Tan, H. B. K., Arnatovich, Y. L., and Wang, L. Detecting clones in Android applications through analyzing user interfaces. In IEEE 23rd International Conference on Program Comprehension (ICPC), pages:163-173, May 2015.
  13. Sun, X., Zhongyang, Y., Xin, Z., Mao, B., and Xie, L. Detecting code reuse in Android applications using component-based control flow graph. In ICT Systems Security and Privacy Protection, pages:142-155, Springer Berlin Heidelberg, 2014.
  14. Sun, M., Li, M., and Lui, J. DroidEagle: seamless detection of visually similar Android apps. In Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015.
  15. A. Wald. Sequential Analysis. Dover, 2004.
  16. Wang, H., Guo, Y., Ma, Z., and Chen, X. WuKong: a scalable and accurate two-phase approach to Android app clone detection. In Proceedings of the 2015 International Symposium on Software Testing and Analysis, pages:71-82, July 2015.
  17. Zhang, F., Huang, H., Zhu, S., Wu, D., and Liu, P. ViewDroid: Towards obfuscation-resilient mobile application repackaging detection. In Proceedings of the ACM conference on Security and privacy in wireless & mobile networks, pages: 25-36, July 2014.
  18. Zhauniarovich, Y., Gadyatskaya, O., Crispo, B., La Spina, F., and Moser, E. FSquaDRA: fast detection of repackaged applications. In Data and Applications Security and Privacy XXVIII, pages:130-145, Springer Berlin Heidelberg, 2014.
  19. W. Zhou, X. Zhang, and X. Jiang. AppInk: watermarking Android apps for repackaging deterrence. In ASIA CCS, pages:1-12, May 2013.
  20. W. Zhou, Y. Zhou, X. Jiang, and P. Ning. Detecting repackaged smartphone applications in third-party Android marketplaces. In Proceedings of the Second ACM Conference on Data and Application Security and Privacy (CODASPY), 2012.