Abstract
The appearance of the Android platform and its popularity has resulted in a sharp rise in the number of reported vulnerabilities and consequently in the number of mobile threats. Leveraging openness of Android app markets and the lack of security testing, malware authors commonly plagiarize Android applications (e.g., through code reuse and repackaging) boosting the amount of malware on the markets and consequently the infection rate. In this study, we present AndroidSOO, a lightweight approach for the detection of repackaging symptoms on Android apps. In this work, we introduce and explore novel and easily extractable attribute called String Offset Order. Extractable from string identifiers list in the .dex file, the method is able to pinpoint symptoms of reverse engineered Android apps without the need for complex further analysis. We performed extensive evaluation of String Order metric to assess its capabilities on datasets made available by three recent studies: Android Malware Genome Project, DroidAnalytics and Drebin. We also performed a large-scale study of over 5,000 Android applications extracted from Google Play market and over 80 000 samples from Virus Total service.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
