Automated generation of colluding apps for experimental research

Jorge Blasco Alis, Thomas M. Chen

Research output: Contribution to journalArticlepeer-review

195 Downloads (Pure)


Colluding apps bypass the security measures enforced by sandboxed operating systems such as Android. App collusion can be a real threat in cloud environments as well. Research in detecting and protecting against app collusion requires a variety of colluding apps for experimentation. Presently the number of (real or manually crafted) apps available to researchers is very limited. In this paper we propose a system called Application Collusion Engine (ACE) to automatically generate combinations of colluding and non-colluding Android apps to help researchers fairly evaluate different collusion detection and protection methods. Our initial implementation includes a variety of components that enable the system to create more than 5,000 different colluding and non-colluding app sets. ACE can be extended with more functional components to create even more colluding apps. To show the usefulness of our system, we have applied different risk evaluation and collusion detection methods to the created set of colluding apps.
Original languageEnglish
Pages (from-to)127–138
Number of pages12
JournalJournal of Computer Virology and Hacking Techniques
Issue number2
Early online date6 Apr 2017
Publication statusPublished - May 2018

Cite this