Plagiarizing smartphone applications: attack strategies and defense techniques
作者: Rahul Potharaju , Andrew Newell , Cristina Nita-Rotaru , Xiangyu Zhang
DOI: 10.1007/978-3-642-28166-2_11
关键词:
摘要: In this paper, we show how an attacker can launch malware onto a large number of smartphone users by plagiarizing Android applications and using elements social engineering to increase infection rate. Our analysis dataset 158,000 meta-information indicates that 29.4% the are more likely be plagiarized. We propose three detection schemes rely on syntactic fingerprinting detect plagiarized under different levels obfuscation used attacker. 7,600 application binaries shows our all instances plagiarism from set real-world incidents with 0.5% false positives scale millions only commodity servers.
springer.com
acm.org
sci-hub.st 参考文章(15)
Ben Shneiderman, Treemaps for space-constrained visualization of hierarchies ,(2005)
Hoan Anh Nguyen, Tung Thanh Nguyen, Nam H. Pham, Jafar M. Al-Kofahi, Tien N. Nguyen, Accurate and Efficient Structural Characteristic Feature Extraction for Clone Detection fundamental approaches to software engineering. pp. 440- 455 ,(2009) , 10.1007/978-3-642-00593-0_31
T. Apiwattanapong, M.J. Harrold, A. Orso, A differencing algorithm for object-oriented programs automated software engineering. pp. 2- 13 ,(2004) , 10.1109/ASE.2004.5
J. Laski, W. Szermer, Identification of program modifications and its applications in software maintenance international conference on software maintenance. pp. 282- 290 ,(1992) , 10.1109/ICSM.1992.242533
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Z. Li, S. Lu, S. Myagmar, Y. Zhou, CP-Miner: finding copy-paste and related bugs in large-scale software code IEEE Transactions on Software Engineering. ,vol. 32, pp. 176- 192 ,(2006) , 10.1109/TSE.2006.28
Mohammad Nauman, Sohail Khan, Xinwen Zhang, Apex: extending Android permission model and enforcement with user-defined runtime constraints computer and communications security. pp. 328- 332 ,(2010) , 10.1145/1755688.1755732
Jackson, Ladd, Semantic Diff: a tool for summarizing the effects of modifications international conference on software maintenance. pp. 243- 252 ,(1994) , 10.1109/ICSM.1994.336770
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner, Android permissions demystified Proceedings of the 18th ACM conference on Computer and communications security - CCS '11. pp. 627- 638 ,(2011) , 10.1145/2046707.2046779
Lingxiao Jiang, Ghassan Misherghi, Zhendong Su, Stephane Glondu, DECKARD: Scalable and Accurate Tree-Based Detection of Code Clones international conference on software engineering. pp. 96- 105 ,(2007) , 10.1109/ICSE.2007.30