ViewDroid: Towards obfuscation-resilient mobile application repackaging detection

Fangfang Zhang, Heqing Huang, Sencun Zhu, Dinghao Wu, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

112 Scopus citations

Abstract

In recent years, as mobile smart device sales grow quickly, the development of mobile applications (apps) keeps accelerating, so does mobile app repackaging. Attackers can easily repackage an app under their own names or embed advertisements to earn pecuniary profits. They can also modify a popular app by inserting malicious payloads into the original app and leverage its popularity to accelerate malware propagation. In this paper, we propose ViewDroid, a user interface based approach to mobile app repackaging detection. Android apps are user interaction intensive and event dominated, and the interactions between users and apps are performed through user interface, or views. This observation inspires the design of our new birthmark for Android apps, namely, feature view graph, which captures users' navigation behavior across app views. Our experimental results demonstrate that this birthmark can characterize Android apps from a higher level abstraction, making it resilient to code obfuscation. ViewDroid can detect repackaged apps at a large scale, both effectively and efficiently. Our experiments also show that the false positive and false negative rates of ViewDroid are both very low.

Original languageEnglish (US)
Title of host publicationWiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks
PublisherAssociation for Computing Machinery
Pages25-36
Number of pages12
ISBN (Print)9781450329729
DOIs
StatePublished - Jan 1 2014
Event7th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2014 - Oxford, United Kingdom
Duration: Jul 23 2014Jul 25 2014

Publication series

NameWiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Other

Other7th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2014
CountryUnited Kingdom
CityOxford
Period7/23/147/25/14

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'ViewDroid: Towards obfuscation-resilient mobile application repackaging detection'. Together they form a unique fingerprint.

  • Cite this

    Zhang, F., Huang, H., Zhu, S., Wu, D., & Liu, P. (2014). ViewDroid: Towards obfuscation-resilient mobile application repackaging detection. In WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks (pp. 25-36). (WiSec 2014 - Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks). Association for Computing Machinery. https://doi.org/10.1145/2627393.2627395