Detect repackaged Android applications by using representative graphs

Abstract

In recent years, the development of smartphones, as well as mobile applications, has not stopped accelerating. Almost everyone has at least one smartphone. However, that development has also increased forms of attacks on mobile devices, especially application repackaging. Attackers can easily repackage an app under their own name or embed ads for profit. They can also modify a popular application and insert malicious code into it to create a repackaged app and take advantage of the popularity of the original application to accelerate the malware’s propagation. In particular, with the popularity of paid applications on smartphones and many applications being restricted to release in countries, the demand for applications from other non-mainstream sources has also increased. In this study, we propose a system named uitRAAD that can be used to detect repackaged Android applications using representative graphs. The experimental results show that the proposed approach has the potential effectiveness.