International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

A Novel Technique for Detection of Repacked Android Application Using Constant Key Point Selection Based Hashing and Limited Binary Pattern Texture Feature Extraction

  • MA Rahim Khan (Department of Computer Science & Engineering, Lingaya's Vidyapeeth) ;
  • Manoj Kumar Jain (Department of Computer Science & Engineering, Lingaya's Vidyapeeth)
  • Received : 2023.09.05
  • Published : 2023.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

Repacked mobile apps constitute about 78% of all malware of Android, and it greatly affects the technical ecosystem of Android. Although many methods exist for repacked app detection, most of them suffer from performance issues. In this manuscript, a novel method using the Constant Key Point Selection and Limited Binary Pattern (CKPS: LBP) Feature extraction-based Hashing is proposed for the identification of repacked android applications through the visual similarity, which is a notable feature of repacked applications. The results from the experiment prove that the proposed method can effectively detect the apps that are similar visually even that are even under the double fold content manipulations. From the experimental analysis, it proved that the proposed CKPS: LBP method has a better efficiency of detecting 1354 similar applications from a repository of 95124 applications and also the computational time was 0.91 seconds within which a user could get the decision of whether the app repacked. The overall efficiency of the proposed algorithm is 41% greater than the average of other methods, and the time complexity is found to have been reduced by 31%. The collision probability of the Hashes was 41% better than the average value of the other state of the art methods.

Keywords

References

  1. J. Li, X. Liu, H. Zhang, and D. Mu, "A Scalable Cloud-Based Android App Repackaging Detection Framework," Green, Pervasive, and Cloud Computing Lecture Notes in Computer Science, pp. 113-125, 2016. https://doi.org/10.1007/978-3-319-39077-2_8 
  2. X. Sun, J. Han, H. Dai, and Q. Li, "An Active Android Application Repacking Detection Approach," 2018 10th International Conference on Communication Software and Networks (ICCSN), 2018. https://doi.org/10.1109/iccsn.2018.8488263 
  3. Q. Zeng, L. Luo, Z. Qian, X. Du, and Z. Li, "Resilient decentralized Android application repackaging detection using logic bombs," Proceedings of the 2018 International Symposium on Code Generation and Optimization - CGO 2018, 2018. https://doi.org/10.1145/3168820 
  4. K. Khanmohammadi, N. Ebrahimi, A. Hamou-Lhadj, and R. Khoury, "Empirical study of android repackaged applications," Empirical Software Engineering, vol. 24, no. 6, pp. 3587-3629, 2019. https://doi.org/10.1007/s10664-019-09760-3 
  5. M. O. F. K. Russel, S. S. M. M. Rahman, and T. Islam, "A Large-Scale Investigation to Identify the Pattern of App Component in Obfuscated Android Malwares," Communications in Computer and Information Science Machine Learning, Image Processing, Network Security and Data Sciences, pp. 513-526, 2020. https://doi.org/10.1007/978-981-15-6318-8_42 
  6. V. Rastogi, Y. Chen, and X. Jiang, "DroidChameleon," Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security - ASIA CCS 13, 2013. https://doi.org/10.1145/2484313.2484355 
  7. X. Liao, Z. Geng, Y. Meng, Y. Yu, Y. Li, and D. Kang, "A Detection Method for Android Repackaged Applications with Malicious Features Similarity of Family Homology," 2017 International Conference on Computer Technology, Electronics and Communication (ICCTEC), 2017. https://doi.org/10.1109/ICOMSSC45026.2018.8941586 
  8. W. Zhou, Y. Zhou, X. Jiang, and P. Ning, "Detecting repackaged smartphone applications in third-party android marketplaces," Proceedings of the second ACM conference on Data and Application Security and Privacy - CODASKY 12, 2012. https://doi.org/10.1145/2133601.2133640 
  9. A. Gharib and A. Ghorbani, "DNA-Droid: A Real-Time Android Ransomware Detection Framework," Network and System Security Lecture Notes in Computer Science, pp. 184-198, 2017. https://doi.org/10.1007/978-3-319-64701-2_14 
  10. J. Crussell, C. Gibler, and H. Chen, "AnDarwin: Scalable Detection of Android Application Clones Based on Semantics," IEEE Transactions on Mobile Computing, vol. 14, no. 10, pp. 2007-2019, 2015. https://doi.org/10.1109/TMC.2014.2381212 
  11. F. Zhang, H. Huang, S. Zhu, D. Wu, and P. Liu, "ViewDroid," Proceedings of the 2014 ACM conference on Security and privacy in wireless & mobile networks - WiSec 14, 2014. https://doi.org/10.1109/TMC.2014.2381212 
  12. Q. Chen, J. Wang, and Y. Wang, "An Online Approach for Detecting Repackaged Android Applications Based on Multi-user Collaboration," 2015 IEEE 12th Intl Conf on Ubiquitous Intelligence and Computing and 2015 IEEE 12th Intl Conf on Autonomic and Trusted Computing and 2015 IEEE 15th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom), 2015. https://doi.org/10.1109/UIC-ATC-ScalComCBDCom-IoP.2015.66 
  13. S. Hanna, L. Huang, E. Wu, S. Li, C. Chen, and D. Song, "Juxtapp: A Scalable System for Detecting Code Reuse among Android Applications," Detection of Intrusions and Malware, and Vulnerability Assessment Lecture Notes in Computer Science, pp. 62-81, 2013. https://doi.org/10.1007/978-3-642-37300-8_4 
  14. C. Yuan, S. Wei, C. Zhou, J. Guo, and H. Xiang, "Scalable and Obfuscation-Resilient Android App Repackaging Detection Based on Behavior Birthmark," 2017 24th Asia-Pacific Software Engineering Conference (APSEC), 2017. https://doi.org/10.1109/ APSEC.2017.54 
  15. Z. Li, J. Sun, Q. Yan, W. Srisa-An, and Y. Tsutano, "Obfusifier: Obfuscation-Resistant Android Malware Detection System," Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering Security and Privacy in Communication Networks, pp. 214-234, 2019. https://doi.org/10.1007/978-3-030-37228-6_11 
  16. L. Li, D. Li, T. F. Bissyande, J. Klein, Y. L. Traon, D. Lo, and L. Cavallaro, "Understanding Android App Piggybacking," 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C), 2017. https://doi.org/10.1109/ICSE-C.2017.109 
  17. Z. Qin, Q. Zhang, X. Zhang, and Z. Yang, "An efficient method of detecting repackaged android applications," International Conference on Cyberspace Technology (CCT 2014), 2014. https://doi.org/10.1049/cp.2014.1331 
  18. H. Huang, S. Zhu, P. Liu, and D. Wu, "A Framework for Evaluating Mobile App Repackaging Detection Algorithms," Trust and Trustworthy Computing Lecture Notes in Computer Science, pp. 169-186, 2013. https://doi.org/10.1007/978-3-642-38908-5_13 
  19. F. Sierra and A. Ramirez, "Defending Your Android App," Proceedings of the 4th Annual ACM Conference on Research in Information Technology - RIIT 15, 2015. https://doi.org/10.1145/2808062.2808067 
  20. Q. Zeng, L. Luo, Z. Qian, X. Du, Z. Li, C.-T. Huang, and C. Farkas, "Resilient User-Side Android Application Repackaging and Tampering Detection Using Cryptographically Obfuscated Logic Bombs," IEEE Transactions on Dependable and Secure Computing, pp. 1-1, 2019. https://doi.org/10.1109/TDSC.2019.2957787 
  21. S. Dong, M. Li, W. Diao, X. Liu, J. Liu, Z. Li, F. Xu, K. Chen, X. Wang, and K. Zhang, "Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild," Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering Security and Privacy in Communication Networks, pp. 172-192, 2018. https://doi.org/10.1007/978-3-030-01701-9_10 
  22. Y.-L. Chen, "An explicit and novel forward collision probability index," 2015 IEEE 10th Conference on Industrial Electronics and Applications (ICIEA), 2015. https://doi.org/10.1109/ICIEA.2015.7334399