Proceedings ArticleDOI
AppInk: watermarking android apps for repackaging deterrence
Wu Zhou,Xinwen Zhang,Xuxian Jiang +2 more
- pp 1-12
TLDR
This work proposes and develops a watermarking mechanism for Android apps, which takes the source code of an app as input to automatically generate a new app with a transparently-embedded watermark and the associated manifest app, and introduces small performance overhead.Abstract:
With increased popularity and wide adoption of smartphones and mobile devices, recent years have seen a new burgeoning economy model centered around mobile apps. However, app repackaging, among many other threats, brings tremendous risk to the ecosystem, including app developers, app market operators, and end users. To mitigate such threat, we propose and develop a watermarking mechanism for Android apps. First, towards automatic watermark embedding and extraction, we introduce the novel concept of manifest app, which is a companion of a target Android app under protection. We then design and develop a tool named AppInk, which takes the source code of an app as input to automatically generate a new app with a transparently-embedded watermark and the associated manifest app. The manifest app can be later used to reliably recognize embedded watermark with zero user intervention. To demonstrate the effectiveness of AppInk in preventing app repackaging, we analyze its robustness in defending against distortive, subtractive, and additive attacks, and then evaluate its resistance against two open source repackaging tools. Our results show that AppInk is easy to use, effective in defending against current known repackaging threats on Android platform, and introduces small performance overhead.read more
Citations
More filters
Proceedings ArticleDOI
The impact of vendor customizations on android security
TL;DR: This paper analyzes stock Android images from five popular smartphone vendors to assess the extent of security issues that may be introduced from vendor customizations and further determine how the situation is evolving over time.
Proceedings ArticleDOI
What the App is That? Deception and Countermeasures in the Android User Interface
Antonio Bianchi,Jacopo Corbetta,Luca Invernizzi,Yanick Fratantonio,Christopher Kruegel,Giovanni Vigna +5 more
TL;DR: This paper analyzes in detail the many ways in which Android users can be confused into misidentifying an app, thus, for instance, being deceived into giving sensitive information to a malicious app and designs and implements an on-device defense that addresses the underlying issue of the lack of a security indicator in the Android GUI.
Journal ArticleDOI
Securing Android: A Survey, Taxonomy, and Challenges
TL;DR: This article distills the state of the art in Android security research and identifies potential research directions for safeguarding billions (and keep counting) of Android-run devices.
Journal ArticleDOI
A Taxonomy and Qualitative Comparison of Program Analysis Techniques for Security Assessment of Android Software
TL;DR: A comprehensive taxonomy to classify and characterize the state-of-the-art research in Android security research is contributed, resulting in the most comprehensive and elaborate investigation of the literature in this area of research.
Proceedings ArticleDOI
NativeGuard: protecting android applications from third-party native libraries
Mengtao Sun,Gang Tan +1 more
TL;DR: NativeGuard is presented, a security framework that isolates native libraries from other components in Android applications that addresses multiple technical issues to support various interfaces that Android provides to the native world.
References
More filters
Proceedings ArticleDOI
Dissecting Android Malware: Characterization and Evolution
Yajin Zhou,Xuxian Jiang +1 more
TL;DR: Systematize or characterize existing Android malware from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software.
Book ChapterDOI
Dynamic Storage Allocation: A Survey and Critical Review
TL;DR: This survey describes a variety of memory allocator designs and point out issues relevant to their design and evaluation, and chronologically survey most of the literature on allocators between 1961 and 1995.
Proceedings ArticleDOI
Detecting repackaged smartphone applications in third-party android marketplaces
TL;DR: An app similarity measurement system called DroidMOSS is implemented that applies a fuzzy hashing technique to effectively localize and detect the changes from app-repackaging behavior, which shows a worrisome fact that 5% to 13% of apps hosted on six popular Android-based third-party marketplaces are repackaged.