Empirical study of android repackaged applications

Khanmohammadi, Kobra; Ebrahimi, Neda; Hamou-Lhadj, Abdelwahab; Khoury, Raphaël

doi:10.1007/s10664-019-09760-3

Cited by 18 publications

(7 citation statements)

References 57 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus, a package name on Google Play might be used by a different app on another store (e.g., a Chinese store). In fact, prior research showed that apps sharing package names could be repackaged and thus may have no relation to the original developer [73]. Further, in the case of pre-installed browsers, any manufacturer can modify and pre-install any open-source browser app with the default package name, i.e., com.android.browser [51].…”

Section: Identifying Unique Browsersmentioning

confidence: 99%

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

Pradeep

Feal

Gamba

et al. 2023

PoPETs

View full text Add to dashboard Cite

The transparency and privacy behavior of mobile browsers has remained widely unexplored by the research community. In fact, as opposed to regular Android apps, mobile browsers may present contradicting privacy behaviors. On the one end, they can have access to (and can expose) a unique combination of sensitive user data, from users’ browsing history to permission-protected personally identifiable information (PII) such as unique identifiers and geolocation. However, on the other end, they also are in a unique position to protect users’ privacy by limiting data sharing with other parties by implementing ad-blocking features. In this paper, we perform a comparative and empirical analysis on how hundreds of Android web browsers protect or expose user data during browsing sessions. To this end, we collect the largest dataset of Android browsers to date, from the Google Play Store and four Chinese app stores. Then, we developed a novel analysis pipeline that combines static and dynamic analysis methods to find a wide range of privacy-enhancing (e.g., ad-blocking) and privacy-harming behaviors (e.g., sending browsing histories to third parties, not validating TLS certificates, and exposing PII---including non-resettable identifiers---to third parties) across browsers. We find that various popular apps on both Google Play and Chinese stores have these privacy-harming behaviors, including apps that claim to be privacy-enhancing in their descriptions. Overall, our study not only provides new insights into important yet overlooked considerations for browsers’ adoption and transparency, but also that automatic app analysis systems (e.g., sandboxes) need context-specific analysis to reveal such privacy behaviors.

show abstract

Section: Identifying Unique Browsersmentioning

confidence: 99%

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

Pradeep

Feal

Gamba

et al. 2023

PoPETs

View full text Add to dashboard Cite

show abstract

“…Application repackaging is one of the most vulnerable issues in Android/iOS applications. The authors in [5] presented work on repackaged applications. They addressed five issues, namely (1) the current unfavorable repackaging practices, (2) the way adware is embedded in the code, (3) the types of apps used to repackage, (4) the reasons people download repackaged software, and (5) the way the properties of an app change in the repackaged version.…”

Section: Related Workmentioning

confidence: 99%

“…With the rising number of users, the number of threats and exploitations are also rising. According to the authors of the work [5], malware developers inject code into the service component that runs in the hidden layer without the concern of the user. The first Android Malware included DroidSMS, which targeted SMS services, and TapSnake, which transmitted GPS locations.…”

Section: Android System Architecture and Attacksmentioning

confidence: 99%

Malware Analysis in IoT & Android Systems with Defensive Mechanism

Yadav¹,

Singh

Yadav

et al. 2022

Electronics

View full text Add to dashboard Cite

The Internet of Things (IoT) and the Android operating system have made cutting-edge technology accessible to the general public. These are affordable, easy-to-use, and open-source technology. Android devices connect to different IoT devices such as IoT-enabled cameras, Alexa powered by Amazon, and various other sensors. Due to the escalated growth of Android devices, users are facing cybercrime through their Android devices. This article aims to provide a comprehensive study of the IoT and Android systems. This article classifies different attacks on IoT and Android devices and mitigation strategies proposed by different researchers. The article emphasizes the role of the developer in secure application design. This article attempts to provide a relative analysis of several malware detection methods in the different environments of attacks. This study expands the awareness of certain application-hardening strategies applicable to IoT devices and Android applications and devices. This study will help domain experts and researchers to gain knowledge of IoT systems and Android systems from a security point of view and provide insight into how to design more efficient, robust, and comprehensive solutions. This article discusses different attack vectors and mitigation strategies available to both developers and in the open domain. Certain guidelines are also suggested for application and platform developers, as well as application databases (Google play store), to limit the risk of attack, and users can form their own defense with knowledge regarding keeping hardware and software updated and securing their system with a strong password.

show abstract

“…That also depended on installing a specific unverified APK or has not an illegal certificate. Sometimes, these programs carry out the suspicious activities including spying on information and spreading harmful codes, breaking passwords, and injecting backdoor [11][12][13].…”

Section: General Overviewmentioning

confidence: 99%

Malware Classification Approaches Utilizing Binary and Text Embedding of Permissions

Zyout

Shatnawi

Najadat

2022

Preprint

View full text Add to dashboard Cite

The development of mobile applications is rapidly increasing with the advances in smartphone technology. These applications are intended to assist mobile users in accomplishing various daily tasks including e-commerce and online services. Many mobile applications were also developed to attack smartphone users. Hence, new challenges have been found such as the difficulty to distinguish between benign and malicious malware categories.In this paper, two approaches for classifying malware applications are presented, including Conv1d (Conventional one dimension) and LSTM (Long short Time Memory). The proposed approaches have modeled and solved the malware classification problem using the natural language processing method. Two encoding techniques, binary and text encoding, were conducted on android permissions as a preprocessing phase. In addition, two other classifiers, the Support Vector Machine (SVM) and K-Nearest Neighbor(KNN) were also reported. The two main approaches were evaluated on well-known dataset, the CICMalDroid2020. The Conv1d-approach and LSTM-approach using text encoding achieved the best classification, i.e., high precision and accuracy (98.16\%, 97.72\% and 96.63\%, 96.69\%, respectively). The Conv1d-approach on binary classification has outperformed the LSTM-approach model when compared with Mal-prem and datasets. The Conv1d-approach achieved the best performance, with 99.3\%,99.80\%, 98.90\%, and 98.95\% of accuracy.

show abstract

Empirical study of android repackaged applications

Cited by 18 publications

References 57 publications

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

Malware Analysis in IoT & Android Systems with Defensive Mechanism

Malware Classification Approaches Utilizing Binary and Text Embedding of Permissions

Contact Info

Product

Resources

About