Computer Science ›› 2015, Vol. 42 ›› Issue (12): 143-147.

Previous Articles     Next Articles

Detecting Security of Applications in Chinese Third-party Android Market

YAN Jin-pei, HE Hui, AN Wen-huan, ZHANG Xiao-hui, REN Jian-bao and QI Yong   

  • Online:2018-11-14 Published:2018-11-14

Abstract: At present,repackaged apps exist in third-party Android application markets.In this paper,150 official apps are selected randomly and 572 third-party markets apps are used as contrast.Android repackaged apps security detection system was designed.First,we fine-grained identified repackaged apps by calculating their similarity,then gained resource files through reverse engineering, analyzed overprivileged behaviors according to the mappings matcher between system API and permission,and analyzed permission abused behaviors according to constructed methods CFG. By parallel processing,the system detects that there are 33.17% repackaged apps in third-party markets,19.58% permissions are modified,and modified permission apps include 45.95% overprivileged behaviors and 27.03% permission abused behaviors.

Key words: Android,Repackaged,Privacy and security

[1] AppBrain.http://www.appbrain.com/stats/number-of-android-apps
[2] Au K W Y,Zhou Yi-fan,Huang Zhen,et al.D.PScout:analyzing the android permission specification[C]∥Proceedings of the 19thACM Conference on Computer and Communications Security.2012:217-228
[3] Aho A V,Lam M S,Sethi R,et al.Compilers:Principles,Techniques,and Tools[M].Prentice Hall,2006:399-408
[4] Gunasekera S.Android Apps Security[M].Beijing:Publishing House of Electronics Industry,2013:37-53
[5] Yang Bo,Tang Zhu-shou,Zhu Hao-jin,et al.Method of Android Applications Permission Detection Based on Static Dataflow Analysis[J].Computer Science,2012,9(11A):16-18
[6] Zhou Wu,Zhou Ya-jin,Jiang Xu-xian,et al.DroidMOSS:Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces[C]∥Proceedings of the 2nd ACM CODASPY.2012:317-326
[7] Mitchell M,Tian Guang-yu,Wang Zhi.Systematic Audit ofThird-Party Android Phones[C]∥Proceedings of the 4th ACM Conference on Data and Application Security and Privacy.2014:175-186
[8] Wu Lei,Grace M,Zhou Ya-jin,et al.The Impact of Vendor Customizations on Android Security[C]∥Proceedings of the 20th ACM Conference on Computer and Communications Security.2013:623-634
[9] Zhang Yuan,Yang Min,Xu Bing-quan,et al.Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis[C]∥Proceedings of the 20th ACM Conference on Computer and Communications Security.2013:611-622
[10] Crussell J,Gibler C,Chen H.Attack of the Clones:Detecting Cloned Applications on Android Markets[C]∥Proceedings of 17th European Symposium on Research in Computer Security.2012:37-54
[11] Zhou Wu,Zhou Ya-jin,Grace M,et al.Fast,Scalable Detection of ‘Piggybacked’ Mobile Applications[C]∥Proceedings of the 3nd ACM Conference on Data and Application Security and Privacy.2013:185-195
[12] Zhou Ya-jin,Wang Zhi,Zhou Wu,et al.Hey,You,Get off of My Market:Detecting Malicious Apps in Official and Alternative Android Markets[C]∥Proceedings of the 19th NDSS.2012
[13] Felt A P,Chin E,Hanna S,et al.Android Permissions Demystified[C]∥Proceedings of the 18th ACM Conference on Computerand Communications Security.2011:627-637

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[2] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[3] GENG Hai-jun, SHI Xin-gang, WANG Zhi-liang, YIN Xia and YIN Shao-ping. Energy-efficient Intra-domain Routing Algorithm Based on Directed Acyclic Graph[J]. Computer Science, 2018, 45(4): 112 -116 .
[4] CUI Qiong, LI Jian-hua, WANG Hong and NAN Ming-li. Resilience Analysis Model of Networked Command Information System Based on Node Repairability[J]. Computer Science, 2018, 45(4): 117 -121, 136 .
[5] ZHU Shu-qin, WANG Wen-hong and LI Jun-qing. Chosen Plaintext Attack on Chaotic Image Encryption Algorithm Based on Perceptron Model[J]. Computer Science, 2018, 45(4): 178 -181, 189 .
[6] XIAN Xue-feng, CUI Zhi-ming, ZHAO Peng-peng, LIU Zhao-bin and GU Cai-dong. Location-awareness Publication Subscription System Based on Topic Model[J]. Computer Science, 2018, 45(3): 165 -170 .
[7] WEI Qin-shuang, WU You-xi, LIU Jing-yu and ZHU Huai-zhong. Distinguishing Sequence Patterns Mining Based on Density and Gap Constraints[J]. Computer Science, 2018, 45(4): 252 -256 .
[8] LIU Meng-jun, LIU Shu-bo and DING Yong-gang. 0-1 Code Based Privacy-preserving Data Value Matching in Participatory Sensing[J]. Computer Science, 2018, 45(3): 131 -137 .
[9] CUI Jian-jing, LONG Jun, MIN Er-xue, YU Yang and YIN Jian-ping. Survey on Application of Homomorphic Encryption in Encrypted Machine Learning[J]. Computer Science, 2018, 45(4): 46 -52 .
[10] ZHU Hong, LI Qian-mu and LI De-qiang. Facial Multi-landmarks Localization Based on Single Convolution Neural Network[J]. Computer Science, 2018, 45(4): 273 -277, 284 .