Detecting Repackaged Android Applications
作者: Zhongyuan Qin , Zhongyun Yang , Yuxing Di , Qunfang Zhang , Xinshuai Zhang
DOI: 10.1007/978-3-319-01766-2_125
关键词: Database 、 Android (operating system) 、 Edit distance 、 Instruction sequence 、 Hash function 、 Computer science
摘要: The rapid development of the smartphone brings immense convenience to people. Recently more and developers publish their own applications (or apps) on android markets make profits. so-called repackaged apps emerge by embedding malicious codes or injecting ads into existing then republishing them. In this paper, focusing shortcomings detection system, we propose an efficient scheme based context-triggered piecewise hash (CTPH). We also optimize similarity calculation method (edit distance) filter unnecessary matching process efficient. Experimental results show that there are about 5 % in pre-collected data. proposed improves accuracy has positive significance ecosystem markets.
springer.com
sci-hub.st 参考文章(3)
Jonathan Crussell, Clint Gibler, Hao Chen, Attack of the Clones: Detecting Cloned Applications on Android Markets Computer Security – ESORICS 2012. pp. 37- 54 ,(2012) , 10.1007/978-3-642-33167-1_3
Wu Zhou, Yajin Zhou, Xuxian Jiang, Peng Ning, Detecting repackaged smartphone applications in third-party android marketplaces Proceedings of the second ACM conference on Data and Application Security and Privacy - CODASKY '12. pp. 317- 326 ,(2012) , 10.1145/2133601.2133640
Jesse Kornblum, Identifying almost identical files using context triggered piecewise hashing Digital Investigation. ,vol. 3, pp. 91- 97 ,(2006) , 10.1016/J.DIIN.2006.06.015