Framework for Vetting and Identifying Emulated Android Mobile Apps

  • Mr. Faustine Moogi Soroncho School of Computer Science and Information Technology
  • Dr. Wilson Cheruiyot Jomo Kenyatta University of Agriculture and Technology
  • Dr. Stephen Kimani
Keywords: Emulation, Repackaging, Mobile Apps, Similarity Levels, XDroid Moss.

Abstract

Mobile apps emulation is increasing becoming serious threat. Criminals target popular apps that are used to carry sensitive user information like financial usernames and passwords. Criminals can download and repackage these apps with malicious codes which will help in stealing user information or send annoying adverts to user that will benefit the criminals. This paper focuses on XDroid Moss, an enhanced vetting framework to detect the emulated apps.

References

Statista. (2015). Number of apps available in leading app stores as of July 2015. Retrieved from http://www.statista.com/statistics/276623/number-of-apps-available-in-leading-app-stores/ on Jan 2016.

Symphony Luo and Peter Yan. (2014). Fake Apps Feigning Legitimacy. Mobile Threat Research Team published on A Trend Micro Research Paper

S. Li. Juxtapp. (2012). A scalable system for detecting code reuse among android applications.

Gartner. (2011) Gartner says android to command nearly half of worldwide smartphone operating system market by year-end 2012. Retrieved from http://www.gartner.com/it/page.jsp?id=1622614 on Jan 2016

Play. (2016). Google Play Developer Console retrieved form https://play.google.com/apps/publish/signup on Jan 2016

Heqing Huang, Sencun Zhu, Peng Liu, and Dinghao Wu. (2013). A Framework for Evaluating Mobile App Repackaging Detection Algorithms

You and K. Yim. (2010). Malware obfuscation techniques: A brief survey. In In Proceedings of the 2010 International Conference on Broadband, Wireless Computing, Communication and Applications,

J. Crussell, C. Gibler, and H. Chen. (2012). Attack of the clones: Detecting cloned applications on android markets.

W. Zhou, Y. Zhou, X. Jiang, and P. Ning. (2012). Detecting repackaged smartphone applications in third-party android marketplaces.

Zhihong Zeng, Tianhong Fang, Shishir Shah and Ioannis A. Kakadiaris. (2013). Local Feature Hashing for Face Recognition

Chao Liu, Chen Chen, Jiawei Han. (2006). Detection of Software Plagiarism by Program Dependence Graph Analysis,

Dalvik virtual machine: code and documentation accessed from http://code.google.com/p/dalvik on Dec 2015.

Smali/Baksmali. Accessed from http://code.google.com/p/smali/ on Dec 2015

David J. Eck (2006). Introduction to Programming Using Java Version 5.0,

Wala.(n.d). Welcome to the T.J. Watson Libraries for Analysis (WALA) http://wala.sourceforge.net/wiki/index.php/Main_Page accessed on Jan 2016

Published
2016-11-07
How to Cite
Soroncho, M. F. M., Cheruiyot, D. W., & Kimani, D. S. (2016). Framework for Vetting and Identifying Emulated Android Mobile Apps. International Journal of Computer (IJC), 23(1), 35-41. Retrieved from https://ijcjournal.org/index.php/InternationalJournalOfComputer/article/view/740
Issue
Vol 23 No 1 (2016)
Section
Articles

Authors who submit papers with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
  4. By submitting the processing fee, it is understood that the author has agreed to our terms and conditions which may change from time to time without any notice.
  5. It should be clear for authors that the Editor In Chief is responsible for the final decision about the submitted papers; have the right to accept\reject any paper.  The Editor In Chief will choose any option from the following to review the submitted papers:A. send the paper to two reviewers, if the results were negative by one reviewer and positive by the other one; then the editor may send the paper for third reviewer or he take immediately the final decision by accepting\rejecting the paper. The Editor In Chief will ask the selected reviewers to present the results within 7 working days, if they were unable to complete the review within the agreed period then the editor have the right to resend the papers for new reviewers using the same procedure. If the Editor In Chief was not able to find suitable reviewers for certain papers then he have the right to reject the paper.
  6. Author will take the responsibility what so ever if any copyright infringement or any other violation of any law is done by publishing the research work by the author
  7. Before publishing, author must check whether this journal is accepted by his employer, or any authority he intends to submit his research work. we will not be responsible in this matter.
  8. If at any time, due to any legal reason, if the journal stops accepting manuscripts or could not publish already accepted manuscripts, we will have the right to cancel all or any one of the manuscripts without any compensation or returning back any kind of processing cost.
  9. The cost covered in the publication fees is only for online publication of a single manuscript.