Publication:
CloneSpot: Fast detection of Android repackages

Loading...
Thumbnail Image
Identifiers
Publication date
2019-05
Defense date
Advisors
Tutors
Journal Title
Journal ISSN
Volume Title
Publisher
Elsevier
Impact
Google Scholar
Export
Research Projects
Organizational Units
Journal Issue
Abstract
Repackaging of applications is one of the key attack vectors for mobile malware. This is particularly easy and popular in Android Markets, where applications can be downloaded, decompiled, modified and re-uploaded at a very low cost. Detecting clones and victims is often a hard task, especially in markets with several million of applications to analyze, such as Google Play Store. This work proposes CloneSpot, a novel methodology to efficiently detect Repackaged versions of Android apps using Min-Hashing techniques applied to applications’ meta-data publicly available at Google Play. We validate our approach by analyzing 1.3 Million of applications collected from Google Play in September 2017, from which around 420K are detected as potential repackaged or victim versions of other applications.
Description
Keywords
Android malware, Repackaging, Min-hashing, Meta-information
Bibliographic citation
Martín, I. & Hernández, J. A. (2019). CloneSpot: Fast detection of Android repackages. Future Generation Computer Systems, 94, 740–748.