An Active Android Application Repacking Detection Approach
student placement system android app source code
Repackaging applications as the main carrier of Android malware have caused huge losses to users. In addition, the third-party application market that Android applications rely on is characterized by missing audits and lax supervision, which further encourages the distribution of repackaged applications. Most of the traditional repackaging detection approaches need to rely on a third-party detection platform to passively determine whether or not the Android application is repackaged, which has a high false negative rate. In order to solve the problem, this paper proposes an active detection approach for Android code repacking. The approach embeds code watermarking with the detection code into the appropriate conditional branch code block by means of dynamic loading to achieve the hidden purpose. Then, the active detection approach compares the consistency of the runtime application signature and the original code watermarking signature to realize the code repackaging recognition. Finally, this work takes eight different types of Android applications from Github on three different mobile phones to verify the validity of the approach. Experimental results show that an Android application containing a self-detecting code watermarking can effectively perform repackaging detection without relying on third parties.
Due to the openness and personalization, the Android operating system has become the most used smartphone operating system in the world, and it also faces severe security issues [1]. Attackers often perform reverse analysis on genuine Android applications, then embed malicious code in applications, and finally repackage them. Therefore, repackaging is the main carrier of Android malware seriously, which affects user security [2]. For example, the attacker makes use of the malicious code to control the user remotely and steals private data such as the user’s short message and address book. There are a large number of third-party application stores on the market, and each Android mobile phone manufacturer installs its own application store in the mobile phone. However, different application stores use different standards to review applications, and even some third-party application markets intentionally tolerate repackaged applications. Due to the lack of audits and strict supervision in the third-party application market, the distribution of repackaged applications is further encouraged, which poses a threat to users’ mobile phones. Therefore, it is important to detect repackaged Android applications to maintain a good market order. The current detection approach is that the application store checks the application to be put on the shelf. The application store rejects it on the shelf if the Android application is determined to be a repackaged application. student placement system android app source code However, the Android system application distribution management is confusing, and some small application stores do not have the ability to scan all the repackaged applications. Even some application stores are inherently malicious. Therefore, this paper proposes an active Android application repacking detection approach. The active detection approach embeds the code watermarking with detection function in the application program, reinforces the application by itself, and resists the attacker’s repackaging attack. The effectiveness of proposed approach is verified by comparing application signatures and code watermarking signatures.
Scholars proposed many ways to identify repackaged Android applications, which mainly focus on static and dynamic analysis. Zhou et al. detect the repackaged applications according to the fingerprint similarity with those applications from the official Android Market [3]. They generate app-specific fingerprint based on a fuzzy hashing technique. To improve detection speed and analyze a much larger application corpus, Hanna et al. proposed a scalable distributed similarity detection infrastructure based on feature hashing [4]. However, the static analysis approaches have a high false positive rate. In order to reduce the false positive rate, researchers began to use dynamic analysis methods to determine the Android code repackaging [5]. Crussell et al. detected cloned Android applications based on program dependence graphs [6]. Wang et al. identified software theft based on application birthmark that represents the unique character of the runtime behavior [7]. Based on an observation that some critical runtime values are hard to be replaced or eliminated, Jhi et al. detected application plagiarism based on runtime values [8]. Similarly, Huang et al. proposed a new mobile application repackaging detection framework to resilience all the obfuscation algorithms based on static analysis of Dalvik bytecode [9]. https://codeshoppy.com/android-project-with-source-code-students.html In addition, Zhou et al. made use of similarity from the visual content to detect Android application repackaging [10]. They dynamically traversed each interface included in the Android application to generate the feature fingerprint of the application and then identified the repacking application according to the similarity of the fingerprint. Zhou et al.identified Android application repackaging combining graph feature vector detection algorithm based on code features and resource picture file similarity algorithm [11]. But, current detection methods are dependent on third-party platforms.
Tech Development 