Semantics-based repackaging detection for mobile apps

Quanlong Guan; Heqing Huang; Weiqi Luo; Sencun Zhu

doi:10.1007/978-3-319-30806-7_6

Semantics-based repackaging detection for mobile apps

Quanlong Guan, Heqing Huang, Weiqi Luo, Sencun Zhu

School of Electrical Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

13 Scopus citations

Abstract

While Android app stores keep growing in size and in number, app repackaging has become a major threat to the health of the mobile ecosystem. Different from many syntax-based repackaging detection techniques, in this work we propose a semantic-based approach, RepDetector, which is more robust against code obfuscation attacks. To capture an app’s semantics, our approach extracts input-output states of core functions in the app and then compare function and app similarity. We implement a prototype of RepDetector, and evaluate it against various obfuscation technologies. The results show that our approach can detect repackaged apps effectively. It is also at least a hundred times faster than Androguard.

Original language	English (US)
Title of host publication	Engineering Secure Software and Systems - 8th International Symposium, ESSoS 2016, Proceedings
Editors	Eric Bodden, Juan Caballero, Elias Athanasopoulos
Publisher	Springer Verlag
Pages	89-105
Number of pages	17
ISBN (Print)	9783319308050
DOIs	https://doi.org/10.1007/978-3-319-30806-7_6
State	Published - 2016
Event	8th International Symposium on Engineering Secure Software and Systems, ESSoS 2016 - London, United Kingdom Duration: Apr 6 2016 → Apr 8 2016

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	9639
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	8th International Symposium on Engineering Secure Software and Systems, ESSoS 2016
Country	United Kingdom
City	London
Period	4/6/16 → 4/8/16

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-319-30806-7_6

Fingerprint Dive into the research topics of 'Semantics-based repackaging detection for mobile apps'. Together they form a unique fingerprint.

Cite this

Guan, Q., Huang, H., Luo, W., & Zhu, S. (2016). Semantics-based repackaging detection for mobile apps. In E. Bodden, J. Caballero, & E. Athanasopoulos (Eds.), Engineering Secure Software and Systems - 8th International Symposium, ESSoS 2016, Proceedings (pp. 89-105). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9639). Springer Verlag. https://doi.org/10.1007/978-3-319-30806-7_6

Guan, Quanlong ; Huang, Heqing ; Luo, Weiqi ; Zhu, Sencun. / Semantics-based repackaging detection for mobile apps. Engineering Secure Software and Systems - 8th International Symposium, ESSoS 2016, Proceedings. editor / Eric Bodden ; Juan Caballero ; Elias Athanasopoulos. Springer Verlag, 2016. pp. 89-105 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{483d1fa4550b454e947d8eac95468a60,

title = "Semantics-based repackaging detection for mobile apps",

abstract = "While Android app stores keep growing in size and in number, app repackaging has become a major threat to the health of the mobile ecosystem. Different from many syntax-based repackaging detection techniques, in this work we propose a semantic-based approach, RepDetector, which is more robust against code obfuscation attacks. To capture an app{\textquoteright}s semantics, our approach extracts input-output states of core functions in the app and then compare function and app similarity. We implement a prototype of RepDetector, and evaluate it against various obfuscation technologies. The results show that our approach can detect repackaged apps effectively. It is also at least a hundred times faster than Androguard.",

author = "Quanlong Guan and Heqing Huang and Weiqi Luo and Sencun Zhu",

note = "Funding Information: We thank the anonymous reviewers for their valuable comments and Dr. Nick Nikiforakis for shepherding our paper. The work of Guan and Luo was supported by the Science and Technology Planning Project of Guangdong Province, China (2014A040401027, 2012A080102007, 2015A030401043). The work of Huang and Zhu was partially supported by NSF CCF-1320605; 8th International Symposium on Engineering Secure Software and Systems, ESSoS 2016 ; Conference date: 06-04-2016 Through 08-04-2016",

year = "2016",

doi = "10.1007/978-3-319-30806-7_6",

language = "English (US)",

isbn = "9783319308050",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "89--105",

editor = "Eric Bodden and Juan Caballero and Elias Athanasopoulos",

booktitle = "Engineering Secure Software and Systems - 8th International Symposium, ESSoS 2016, Proceedings",

address = "Germany",

}

Guan, Q, Huang, H, Luo, W & Zhu, S 2016, Semantics-based repackaging detection for mobile apps. in E Bodden, J Caballero & E Athanasopoulos (eds), Engineering Secure Software and Systems - 8th International Symposium, ESSoS 2016, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9639, Springer Verlag, pp. 89-105, 8th International Symposium on Engineering Secure Software and Systems, ESSoS 2016, London, United Kingdom, 4/6/16. https://doi.org/10.1007/978-3-319-30806-7_6

Semantics-based repackaging detection for mobile apps. / Guan, Quanlong; Huang, Heqing; Luo, Weiqi; Zhu, Sencun.

Engineering Secure Software and Systems - 8th International Symposium, ESSoS 2016, Proceedings. ed. / Eric Bodden; Juan Caballero; Elias Athanasopoulos. Springer Verlag, 2016. p. 89-105 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9639).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Semantics-based repackaging detection for mobile apps

AU - Guan, Quanlong

AU - Huang, Heqing

AU - Luo, Weiqi

AU - Zhu, Sencun

N1 - Funding Information: We thank the anonymous reviewers for their valuable comments and Dr. Nick Nikiforakis for shepherding our paper. The work of Guan and Luo was supported by the Science and Technology Planning Project of Guangdong Province, China (2014A040401027, 2012A080102007, 2015A030401043). The work of Huang and Zhu was partially supported by NSF CCF-1320605

PY - 2016

Y1 - 2016

N2 - While Android app stores keep growing in size and in number, app repackaging has become a major threat to the health of the mobile ecosystem. Different from many syntax-based repackaging detection techniques, in this work we propose a semantic-based approach, RepDetector, which is more robust against code obfuscation attacks. To capture an app’s semantics, our approach extracts input-output states of core functions in the app and then compare function and app similarity. We implement a prototype of RepDetector, and evaluate it against various obfuscation technologies. The results show that our approach can detect repackaged apps effectively. It is also at least a hundred times faster than Androguard.

AB - While Android app stores keep growing in size and in number, app repackaging has become a major threat to the health of the mobile ecosystem. Different from many syntax-based repackaging detection techniques, in this work we propose a semantic-based approach, RepDetector, which is more robust against code obfuscation attacks. To capture an app’s semantics, our approach extracts input-output states of core functions in the app and then compare function and app similarity. We implement a prototype of RepDetector, and evaluate it against various obfuscation technologies. The results show that our approach can detect repackaged apps effectively. It is also at least a hundred times faster than Androguard.

UR - http://www.scopus.com/inward/record.url?scp=84962339719&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84962339719&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-30806-7_6

DO - 10.1007/978-3-319-30806-7_6

M3 - Conference contribution

AN - SCOPUS:84962339719

SN - 9783319308050

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 89

EP - 105

BT - Engineering Secure Software and Systems - 8th International Symposium, ESSoS 2016, Proceedings

A2 - Bodden, Eric

A2 - Caballero, Juan

A2 - Athanasopoulos, Elias

PB - Springer Verlag

T2 - 8th International Symposium on Engineering Secure Software and Systems, ESSoS 2016

Y2 - 6 April 2016 through 8 April 2016

ER -

Guan Q, Huang H, Luo W, Zhu S. Semantics-based repackaging detection for mobile apps. In Bodden E, Caballero J, Athanasopoulos E, editors, Engineering Secure Software and Systems - 8th International Symposium, ESSoS 2016, Proceedings. Springer Verlag. 2016. p. 89-105. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-30806-7_6

Semantics-based repackaging detection for mobile apps

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Cite this