Plagiarizing Smartphone Applications: Attack Strategies and Defense Techniques

  • Rahul Potharaju
  • Andrew Newell
  • Cristina Nita-Rotaru
  • Xiangyu Zhang
Conference paper

DOI: 10.1007/978-3-642-28166-2_11

Part of the Lecture Notes in Computer Science book series (LNCS, volume 7159)
Cite this paper as:
Potharaju R., Newell A., Nita-Rotaru C., Zhang X. (2012) Plagiarizing Smartphone Applications: Attack Strategies and Defense Techniques. In: Barthe G., Livshits B., Scandariato R. (eds) Engineering Secure Software and Systems. ESSoS 2012. Lecture Notes in Computer Science, vol 7159. Springer, Berlin, Heidelberg

Abstract

In this paper, we show how an attacker can launch malware onto a large number of smartphone users by plagiarizing Android applications and by using elements of social engineering to increase infection rate. Our analysis of a dataset of 158,000 smartphone applications meta-information indicates that 29.4% of the applications are more likely to be plagiarized. We propose three detection schemes that rely on syntactic fingerprinting to detect plagiarized applications under different levels of obfuscation used by the attacker. Our analysis of 7,600 smartphone application binaries shows that our schemes detect all instances of plagiarism from a set of real-world malware incidents with 0.5% false positives and scale to millions of applications using only commodity servers.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Rahul Potharaju
    • 1
  • Andrew Newell
    • 1
  • Cristina Nita-Rotaru
    • 1
  • Xiangyu Zhang
    • 1
  1. 1.Department of Computer SciencePurdue UniversityUSA

Personalised recommendations