Computer Science ›› 2015, Vol. 42 ›› Issue (12): 143-147.

Previous Articles     Next Articles

Detecting Security of Applications in Chinese Third-party Android Market

YAN Jin-pei, HE Hui, AN Wen-huan, ZHANG Xiao-hui, REN Jian-bao and QI Yong   

  • Online:2018-11-14 Published:2018-11-14

Abstract: At present,repackaged apps exist in third-party Android application markets.In this paper,150 official apps are selected randomly and 572 third-party markets apps are used as contrast.Android repackaged apps security detection system was designed.First,we fine-grained identified repackaged apps by calculating their similarity,then gained resource files through reverse engineering, analyzed overprivileged behaviors according to the mappings matcher between system API and permission,and analyzed permission abused behaviors according to constructed methods CFG. By parallel processing,the system detects that there are 33.17% repackaged apps in third-party markets,19.58% permissions are modified,and modified permission apps include 45.95% overprivileged behaviors and 27.03% permission abused behaviors.

Key words: Android,Repackaged,Privacy and security

[1] AppBrain.http://www.appbrain.com/stats/number-of-android-apps
[2] Au K W Y,Zhou Yi-fan,Huang Zhen,et al.D.PScout:analyzing the android permission specification[C]∥Proceedings of the 19thACM Conference on Computer and Communications Security.2012:217-228
[3] Aho A V,Lam M S,Sethi R,et al.Compilers:Principles,Techniques,and Tools[M].Prentice Hall,2006:399-408
[4] Gunasekera S.Android Apps Security[M].Beijing:Publishing House of Electronics Industry,2013:37-53
[5] Yang Bo,Tang Zhu-shou,Zhu Hao-jin,et al.Method of Android Applications Permission Detection Based on Static Dataflow Analysis[J].Computer Science,2012,9(11A):16-18
[6] Zhou Wu,Zhou Ya-jin,Jiang Xu-xian,et al.DroidMOSS:Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces[C]∥Proceedings of the 2nd ACM CODASPY.2012:317-326
[7] Mitchell M,Tian Guang-yu,Wang Zhi.Systematic Audit ofThird-Party Android Phones[C]∥Proceedings of the 4th ACM Conference on Data and Application Security and Privacy.2014:175-186
[8] Wu Lei,Grace M,Zhou Ya-jin,et al.The Impact of Vendor Customizations on Android Security[C]∥Proceedings of the 20th ACM Conference on Computer and Communications Security.2013:623-634
[9] Zhang Yuan,Yang Min,Xu Bing-quan,et al.Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis[C]∥Proceedings of the 20th ACM Conference on Computer and Communications Security.2013:611-622
[10] Crussell J,Gibler C,Chen H.Attack of the Clones:Detecting Cloned Applications on Android Markets[C]∥Proceedings of 17th European Symposium on Research in Computer Security.2012:37-54
[11] Zhou Wu,Zhou Ya-jin,Grace M,et al.Fast,Scalable Detection of ‘Piggybacked’ Mobile Applications[C]∥Proceedings of the 3nd ACM Conference on Data and Application Security and Privacy.2013:185-195
[12] Zhou Ya-jin,Wang Zhi,Zhou Wu,et al.Hey,You,Get off of My Market:Detecting Malicious Apps in Official and Alternative Android Markets[C]∥Proceedings of the 19th NDSS.2012
[13] Felt A P,Chin E,Hanna S,et al.Android Permissions Demystified[C]∥Proceedings of the 18th ACM Conference on Computerand Communications Security.2011:627-637

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!