The undecidability of aliasing
ACM Transactions on Programming Languages and Systems (TOPLAS)
Is it a tree, a DAG, or a cyclic graph? A shape analysis for heap-directed pointers in C
POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Manufacturing cheap, resilient, and stealthy opaque constructs
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Software watermarking: models and dynamic embeddings
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A functional taxonomy for software watermarking
ACSC '02 Proceedings of the twenty-fifth Australasian conference on Computer science - Volume 4
Dynamic Storage Allocation: A Survey and Critical Review
IWMM '95 Proceedings of the International Workshop on Memory Management
A Practical Method for Watermarking Java Programs
COMPSAC '00 24th International Computer Software and Applications Conference
Experience with software watermarking
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Sandmark--A Tool for Software Protection Research
IEEE Security and Privacy
Advanced obfuscation techniques for Java bytecode
Journal of Systems and Software
Dynamic path-based software watermarking
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Control Code Obfuscation by Abstract Interpretation
SEFM '05 Proceedings of the Third IEEE International Conference on Software Engineering and Formal Methods
Krakatoa: decompilation in java (dose bytecode reveal source?)
COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3
An event-flow model of GUI-based applications for testing: Research Articles
Software Testing, Verification & Reliability
Experiences of System-Level Model-Based GUI Testing of an Android Application
ICST '11 Proceedings of the 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation
IH'04 Proceedings of the 6th international conference on Information Hiding
Detecting repackaged smartphone applications in third-party android marketplaces
Proceedings of the second ACM conference on Data and Application Security and Privacy
Plagiarizing smartphone applications: attack strategies and defense techniques
ESSoS'12 Proceedings of the 4th international conference on Engineering Secure Software and Systems
Dissecting Android Malware: Characterization and Evolution
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Combining model-based and combinatorial testing for effective test case generation
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Using GUI ripping for automated testing of Android applications
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
Aurasium: practical policy enforcement for Android applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Automated concolic testing of smartphone apps
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
Fast, scalable detection of "Piggybacked" mobile applications
Proceedings of the third ACM conference on Data and application security and privacy
Juxtapp: a scalable system for detecting code reuse among android applications
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
ADAM: an automatic and extensible platform to stress test android anti-virus systems
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
The impact of vendor customizations on android security
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
DIVILAR: diversifying intermediate language for anti-repackaging on android platform
Proceedings of the 4th ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
With increased popularity and wide adoption of smartphones and mobile devices, recent years have seen a new burgeoning economy model centered around mobile apps. However, app repackaging, among many other threats, brings tremendous risk to the ecosystem, including app developers, app market operators, and end users. To mitigate such threat, we propose and develop a watermarking mechanism for Android apps. First, towards automatic watermark embedding and extraction, we introduce the novel concept of manifest app, which is a companion of a target Android app under protection. We then design and develop a tool named AppInk, which takes the source code of an app as input to automatically generate a new app with a transparently-embedded watermark and the associated manifest app. The manifest app can be later used to reliably recognize embedded watermark with zero user intervention. To demonstrate the effectiveness of AppInk in preventing app repackaging, we analyze its robustness in defending against distortive, subtractive, and additive attacks, and then evaluate its resistance against two open source repackaging tools. Our results show that AppInk is easy to use, effective in defending against current known repackaging threats on Android platform, and introduces small performance overhead.