Abstract
Application repackaging is a widely used method for malware distribution, revenue stealing and piracy. Repackaged applications are modified versions of original applications, that can potentially target large audiences based on the original application's popularity. In this paper, we propose an approach for detecting repackaged applications. Our approach takes advantage of the attacker's reluctance to significantly alter the elements that characterise an application without notably impacting the application's distribution. These elements include the application's name and icon. The detection is initiated from the client side, prior to an application's installation, making it application store agnostic. Our experimental results show that detection based on our algorithm is effective and efficient.
Original language | English |
---|---|
Pages (from-to) | 1-9 |
Number of pages | 9 |
Journal | Future Generation Computer Systems |
Volume | 65 |
Early online date | 30 May 2016 |
DOIs | |
Publication status | Published - Dec 2016 |