Browse > Article

Detecting Repackaged Applications using the Information of App Installation in Android Smartphones  

Joun, Young Nam (광운대학교 컴퓨터과학과)
Ahn, Woo Hyun (광운대학교 컴퓨터소프트웨어학과)
Publication Information
Convergence Security Journal / v.12, no.4, 2012 , pp. 9-15 More about this Journal
Abstract
In recently years, repackaged malwares are becoming increased rapidly in Android smartphones. The repackaging is a technique to disassemble an app in a market, modify its source code, and then re-assemble the code, so that it is commonly used to make malwares by inserting malicious code in an app. However, it is impossible to collect all the apps in many android markets including too many apps. To solve the problem, we propose RePAD (RePackaged App Detector) scheme that is composed of a client and a remote server. In the smartphone-side, the client extracts the information of an app with low CPU overhead when a user installs the app. The remote server analyzes the information to decide whether the app is repackaged or not. Thus, the scheme reduces the time and cost to decide whether apps are repackaged. For the experiments, the client and server are implemented as an app on Galaxy TAB and PC respectively. We indicated that seven pairs of apps among ones collected in official and unofficial market are repackaged. Furthermore, RePAD only increases the average of CPU overhead of 1.9% and the maximum memory usage of 3.5 MB in Galaxy TAB.
Keywords
Android; Application Security; Malware; Repackaging; Multi-Market;
Citations & Related Records
연도 인용수 순위
  • Reference
1 ZdNet, "Report : Android Malware Up 3,325% in 2011", http://www.zdnet.com/blog/hardware/ report -android-malware-up-3325-in-2011/18449.
2 Y. Zhou and X. Jiang, "Dissecting Android Malware: Characterization and Evolution", In Proc. of the 33rd IEEE Symposium on Security and Pri vacy, May 2012.
3 E. Chin, A. Felt, K. Greenwood, and D. Wagner, "Analyzing Inter-Application Commun- ication in Android", 9th Annual International Conference on Mobile Systems, Applications, and Services, June 2011.
4 Y. Zhou, Z. Wang, W. Zhou, and X. Jiang, "Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets", In Proc. of the 19th Network and Distributed System Security Symposium, February 2012.
5 M. Murphy, "Beginning Android 2", Apress, 2010.
6 W. Enck, M. Ongtang, and P. McDaniel, "Under standing Android Security", IEEE Security and Privacy Magazine, Vol. 7, No. 1, pp. 10-17, January 2009.
7 W. Zhou, Y. Zhou, X. Jiang, and P. Ning, "Detecting Repackaged Smartphone Application Third-Party Android Marketplaces", In Proc. of the 2nd ACM Conference on Data and Application Security and Privacy, February 2012.