A Framework for Third Party Android Marketplaces to Identify Repackaged Apps

App security on third party Android marketplaces has been one of the most serious concerns in Android ecosystem. Without screening and integrity evaluation on uploaded Apps like the App publishing process done by Google Play market, there might exist many malicious Apps in third party Android markets. Malicious Apps can leak sensitive user information and personal data, steal user identity and conduct financial frauds accordingly. As the easiest way to generate a malicious App is to modify a released App and repackage it, therefore, how to detect repackaged Apps has become an interesting research topic. For third party Android markets to eliminate or mitigate repackaged Apps uploaded into markets, a framework based on App fingerprint and whitelist/blacklist of Apps is proposed to evaluate the integrity of an App before it is released on the market in this paper. A framework prototype, called as Secure Market, is implemented and evaluated through various test scenarios. Our evaluation results have shown that the proposed framework detected 96% of repackaged Apps in average.

[1]  Dongho Won,et al.  Enhanced Code-Signing Scheme for Smartphone Applications , 2011, FGIT.

[2]  Jeremy Clark,et al.  Understanding and improving app installation security mechanisms through empirical analysis of android , 2012, SPSM '12.

[3]  Carrie Gates,et al.  Proceedings of the 38th Annual Computer Security Applications Conference , 2010, ACSAC 2010.

[4]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[5]  Charlie Miller,et al.  Mobile Attacks and Defense , 2011, IEEE Security & Privacy.

[6]  Trent Jaeger,et al.  Measuring integrity on mobile phone systems , 2008, SACMAT '08.

[7]  Yajin Zhou,et al.  Detecting repackaged smartphone applications in third-party android marketplaces , 2012, CODASPY '12.

[8]  Dimitris Gritzalis,et al.  A Secure Smartphone Applications Roll-out Scheme , 2011, TrustBus.

[9]  Patrick Traynor,et al.  Short paper: rethinking permissions for mobile web apps: barriers and the road ahead , 2012, SPSM '12.

[10]  Steve Hanna,et al.  A survey of mobile malware in the wild , 2011, SPSM '11.

[11]  Chen-Yuan Chuang,et al.  Digital Right Management and Software Protection on Android Phones , 2010, 2010 IEEE 71st Vehicular Technology Conference.

[12]  Jonathon T. Giffin,et al.  Automated remote repair for mobile malware , 2011, ACSAC '11.

[13]  Guofei Gu,et al.  SmartDroid: an automatic system for revealing UI-based trigger conditions in android applications , 2012, SPSM '12.

[14]  Pern Hui Chia,et al.  Is this app safe?: a large scale study on application permissions and risk signals , 2012, WWW.

[15]  Herbert Bos,et al.  Paranoid Android: versatile protection for smartphones , 2010, ACSAC '10.

[16]  Max Landman Managing smart phone security risks , 2010, InfoSecCD.

[17]  Yajin Zhou,et al.  Fast, scalable detection of "Piggybacked" mobile applications , 2013, CODASPY.

[18]  Simin Nadjm-Tehrani,et al.  Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[19]  Swarat Chaudhuri,et al.  A Study of Android Application Security , 2011, USENIX Security Symposium.

[20]  Ayumu Kubota,et al.  Kernel-based Behavior Analysis for Android Malware Detection , 2011, 2011 Seventh International Conference on Computational Intelligence and Security.