App repackaging is a method for conveying malicious or disturbing code, consisting in decompiling an existing app, adding third party code, recompiling the resulting app and distributing it on marketplaces. Recent studies claim that repackaged apps populate both third party and official marketplaces. Solutions for detecting repackaging have been proposed in the literature but few efforts have been devoted to support the triaging activities. The triage is a preliminary automatic analysis aimed at minimizing the time an analyst spends examining potentially harmful applications. Given the high volumes of apps published on the marketplaces and the high speed of production and diffusion of apps, analysts need effective means for accelerating the triaging phase. For this reason, we propose a solution for visually comparing a legitimate app with a repackaged one, and allowing the analyst to immediately locate and quantify the impact of repackaging on the original app’s code.

Repadiography: Towards a visual support for triaging repackaged ApPs

Canfora G.;Di Sorbo A.;Visaggio C. A.
2020-01-01

Abstract

App repackaging is a method for conveying malicious or disturbing code, consisting in decompiling an existing app, adding third party code, recompiling the resulting app and distributing it on marketplaces. Recent studies claim that repackaged apps populate both third party and official marketplaces. Solutions for detecting repackaging have been proposed in the literature but few efforts have been devoted to support the triaging activities. The triage is a preliminary automatic analysis aimed at minimizing the time an analyst spends examining potentially harmful applications. Given the high volumes of apps published on the marketplaces and the high speed of production and diffusion of apps, analysts need effective means for accelerating the triaging phase. For this reason, we propose a solution for visually comparing a legitimate app with a repackaged one, and allowing the analyst to immediately locate and quantify the impact of repackaging on the original app’s code.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12070/44164
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact