Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Engineering Secure Software and Systems

ESSoS 2016: Engineering Secure Software and Systems pp 89–105Cite as

Semantics-Based Repackaging Detection for Mobile Apps

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9639))

Abstract

While Android app stores keep growing in size and in number, app repackaging has become a major threat to the health of the mobile ecosystem. Different from many syntax-based repackaging detection techniques, in this work we propose a semantic-based approach, RepDetector, which is more robust against code obfuscation attacks. To capture an app’s semantics, our approach extracts input-output states of core functions in the app and then compare function and app similarity. We implement a prototype of RepDetector, and evaluate it against various obfuscation technologies. The results show that our approach can detect repackaged apps effectively. It is also at least a hundred times faster than Androguard.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Dedexer. http://dedexer.sourceforge.net/

  2. Dex2jar. https://code.google.com/p/dex2jar/

  3. Dexguard. http://www.saikoa.com/dexguard

  4. Desnos, A.Z.: Androidguard. https://code.google.com/p/androguard/

  5. Chen, K., Liu, P., Zhang, Y.: Achieving accuracy and scalability simultaneously in detecting application clones on android markets. In: Proc. of ICSE (2014)

    Google Scholar 

  6. Chen, K., Wang, P., Lee, Y., Wang, X., Zhang, N., Huang, H., Zou, W., Liu, P.: Finding unknown malice in 10 seconds: mass vetting for new threats at the google-play scale. In: Proceedings of the 24th USENIX Conference on Security Symposium, pp. 659–674. USENIX Association (2015)

    Google Scholar 

  7. Collberg, C.S., Myles, G., Huntwork, A.: Sandmark-a tool for software protection research. IEEE Secur. Priv. 1(4), 40–49 (2003)

    Article  Google Scholar 

  8. Crussell, J., Gibler, C., Chen, H.: Attack of the clones: detecting cloned applications on android markets. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 37–54. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  9. Crussell, J., Gibler, C., Chen, H.: Scalable semantics-based detection of similar android applications. Technical report (2012). ucdavis.edu

  10. De Maesschalck, R., Jouan-Rimbaud, D., Massart, D.L.: The mahalanobis distance. Chemom. Intell. Lab. Syst. 50(1), 1–18 (2000)

    Article  Google Scholar 

  11. Fawcett, T.: An introduction to ROC analysis. Pattern Recogn. Lett. 27(8), 861–874 (2006)

    Article  MathSciNet  Google Scholar 

  12. Gibler, C., Stevens, R., Crussell, J., Chen, H., Zang, H., Choi, H.: Characterizing android application plagiarism and its impact on developers. In: Proceedings of MobiSys (2013)

    Google Scholar 

  13. Hanna, S., Huang, L., Wu, E., Li, S., Chen, C., Song, D.: Juxtapp: A scalable system for detecting code reuse among android applications. In: Proceedings of DIMVA (2013)

    Google Scholar 

  14. Hemel, A., Kalleberg, K.T., Vermaas, R., Dolstra, E.: Finding software license violations through binary code clone detection. In: Proceedings of MSR. ACM (2011)

    Google Scholar 

  15. Huang, H., Zhu, S., Liu, P., Wu, D.: A framework for evaluating mobile app repackaging detection algorithms. In: Huth, M., Asokan, N., Čapkun, S., Flechais, I., Coles-Kemp, L. (eds.) TRUST 2013. LNCS, vol. 7904, pp. 169–186. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  16. Jhi, Y.C., Wang, X., Jia, X., Zhu, S., Liu, P., Wu, D.: Value-based program characterization and its application to software plagiarism detection. In: Proceedings of the 33rd International Conference on Software Engineering, pp. 756–765. ACM (2011)

    Google Scholar 

  17. King, T., Barrett, C., Tinelli, C.: Leveraging linear and mixed integer programming for SMT. In: Formal Methods in Computer-Aided Design, FMCAD 2014, pp. 139–146. IEEE (2014)

    Google Scholar 

  18. Lafortune, E.: Proguard. http://proguard.sourceforge.net/

  19. Lim, H., Park, H., Choi, S., Han, T.: Detecting theft of Java applications via a static birthmark based on weighted stack patterns. IEICE - Trans. Inf. Syst. E91–D(9), 2323–2332 (2008)

    Article  Google Scholar 

  20. Myles, G., Collberg, C.S.: K-gram based software birthmarks. In: SAC (2005)

    Google Scholar 

  21. Potharaju, R., Newell, A., Nita-Rotaru, C., Zhang, X.: Plagiarizing smartphone applications: attack strategies and defense techniques. In: Proceedings of ESoSS (2012)

    Google Scholar 

  22. Schleimer, S., Wilkerson, D.S., Aiken, A.: Winnowing: local algorithms for document fingerprinting. In: Proceedings of ACM SIGMOD International Conference on Management of Data (2003)

    Google Scholar 

  23. Shao, Y., Luo, X., Qian, C., Zhu, P., Zhang, L.: Towards a scalable resource-driven approach for detecting repackaged android applications. In: Proceedings of ACSAC. ACM (2014)

    Google Scholar 

  24. Wang, X., Jhi, Y., Zhu, S., Liu, P.: Behavior based software theft detection. In: Proceedings of 16th ACM Conference on Computer and Communications Security (CCS) (2009)

    Google Scholar 

  25. Wang, X., Jhi, Y.C., Zhu, S., Liu, P.: Detecting software theft via system call based birthmarks. In: Computer Security Applications Conference, ACSAC 2009. Annual, pp. 149–158. IEEE (2009)

    Google Scholar 

  26. Zhang, F., Jhi, Y., Wu, D., Liu, P., Zhu, S.: A first step towards algorithm plagiarism detection. In: Proceedings of the 2012 International Symposium on Software Testing and Analysis. ACM (2012)

    Google Scholar 

  27. Zhang, F., Huang, H., Zhu, S., Wu, D., Liu, P.: Viewdroid: Towards obfuscation-resilient mobile application repackaging detection. In: Proceedings of ACM WiSec, pp. 25–36. ACM, New York, NY, USA (2014)

    Google Scholar 

  28. Zheng, C., Zhu, S., Dai, S., Gu, G., Gong, X., Han, X., Zou, W.: SmartDroid: an automatic system for revealing UI-based trigger conditions in Android applications. In: Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices, pp. 93–104. ACM (2012)

    Google Scholar 

  29. Zhou, W., Zhou, Y., Grace, M., Jiang, X., Zou, S.: Fast, scalable detection of piggybacked mobile applications. In: Proceedings of ACM CODASpPY (2013)

    Google Scholar 

  30. Zhou, W., Zhou, Y., Jiang, X., Ning, P.: Detecting repackaged smartphone applications in third-party android marketplaces. In: Proceedings of ACM CODASpPY (2012)

    Google Scholar 

Download references

Acknowledgments

We thank the anonymous reviewers for their valuable comments and Dr. Nick Nikiforakis for shepherding our paper. The work of Guan and Luo was supported by the Science and Technology Planning Project of Guangdong Province, China ( 2014A040401027,  2012A080102007,  2015A030401043). The work of Huang and Zhu was partially supported by NSF CCF-1320605.

Author information

Authors and Affiliations

  1. Jinan University, Guangzhou, China

    Quanlong Guan & Weiqi Luo

  2. Department of Computer Science and Engineering, The Pennsylvania State University, University Park, PA, 16802, USA

    Heqing Huang & Sencun Zhu

Authors
  1. Quanlong Guan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Heqing Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Weiqi Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sencun Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Quanlong Guan .

Editor information

Editors and Affiliations

  1. IMDEA Software Institute, Madrid, Spain

    Juan Caballero

  2. Paderborn University & Fraunhofer IEM, Paderborn, Germany

    Eric Bodden

  3. VU University, Amsterdam, The Netherlands

    Elias Athanasopoulos

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Guan, Q., Huang, H., Luo, W., Zhu, S. (2016). Semantics-Based Repackaging Detection for Mobile Apps. In: Caballero, J., Bodden, E., Athanasopoulos, E. (eds) Engineering Secure Software and Systems. ESSoS 2016. Lecture Notes in Computer Science(), vol 9639. Springer, Cham. https://doi.org/10.1007/978-3-319-30806-7_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-30806-7_6

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-30805-0

  • Online ISBN: 978-3-319-30806-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation