Since Android is widely used as an operating system (OS) for smartphones, applications running on the OS are being targeted by malware developers. Android applications are generally created using Java, which means it is easy to decompile the application and add or change the code; therefore, malware developers can easily insert malware and illegal advertisements into legitimate applications. The modified applications are called repackaged applications. These applications are uploaded to a market for users to install, however since repackaged applications have a negative effect on users, their detection and removal are important. The Developers of repackaged applications tend to be reluctant to make large changes to data, called application metadata, to make users misrecognition. To detect repackaged applications, “CloneSpot” has been proposed which uses the above trends, however, improvements are required for efficient detection. In this study, we propose an improved method of “CloneSpot” for the efficient detection of repackaged applications. Specifically, we improve the clustering of “CloneSpot” and introduce evaluation indexes for efficient repackaged application detection. In the evaluation experiments, we evaluated the clustering accuracy and the repackaged application estimation accuracy of the proposed method.
リポジトリのご案内
メタデータを用いたリパッケージアプリの検出手法「CloneSpot」の改良
本文
(949.22KB)
