An optimal algorithm for approximate nearest neighbor searching fixed dimensions
Journal of the ACM (JACM)
Semantics-preserving procedure extraction
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
Semantic Diff: A Tool for Summarizing the Effects of Modifications
ICSM '94 Proceedings of the International Conference on Software Maintenance
Obfuscation of executable code to improve resistance to static disassembly
Proceedings of the 10th ACM conference on Computer and communications security
A Differencing Algorithm for Object-Oriented Programs
Proceedings of the 19th IEEE international conference on Automated software engineering
CP-Miner: Finding Copy-Paste and Related Bugs in Large-Scale Software Code
IEEE Transactions on Software Engineering
DECKARD: Scalable and Accurate Tree-Based Detection of Code Clones
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Accurate and Efficient Structural Characteristic Feature Extraction for Clone Detection
FASE '09 Proceedings of the 12th International Conference on Fundamental Approaches to Software Engineering: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Apex: extending Android permission model and enforcement with user-defined runtime constraints
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Retroactive detection of malware with applications to mobile platforms
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Using probabilistic generative models for ranking risks of Android apps
Proceedings of the 2012 ACM conference on Computer and communications security
AppInk: watermarking android apps for repackaging deterrence
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Social engineering attacks on the knowledge worker
Proceedings of the 6th International Conference on Security of Information and Networks
DIVILAR: diversifying intermediate language for anti-repackaging on android platform
Proceedings of the 4th ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
In this paper, we show how an attacker can launch malware onto a large number of smartphone users by plagiarizing Android applications and by using elements of social engineering to increase infection rate. Our analysis of a dataset of 158,000 smartphone applications meta-information indicates that 29.4% of the applications are more likely to be plagiarized. We propose three detection schemes that rely on syntactic fingerprinting to detect plagiarized applications under different levels of obfuscation used by the attacker. Our analysis of 7,600 smartphone application binaries shows that our schemes detect all instances of plagiarism from a set of real-world malware incidents with 0.5% false positives and scale to millions of applications using only commodity servers.