A New Technique for Detecting Android App Clones Using Implicit Intent and Method Information

Detecting repackaged apps is one of the important issues in the Android ecosystem. Many attackers usually reverse engineer a legitimate app, modify or embed malicious codes into the app, repackage and distribute it in the online markets. They also employ code obfuscation techniques to hide app cloning or repackaging. In this paper, we propose a new technique for detecting repackaged Android apps, which is robust to code obfuscation. The technique analyzes the similarity of Android apps based on the method call information of component classes that receive implicit intents. We developed a tool Calldroid that implemented the proposed technique, and evaluated it on apps transformed using well-known obfuscators. The evaluation results showed that the proposed technique can effectively detect repackaged apps.

• Publication year

  2019

• Venue

  International Conference on Ubiquitous and Future Networks

• Publication date

  2019-07-01

• Fields of study

  Computer Science

• Identifiers
  DOI 10.1109/ICUFN.2019.8806121
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• Orlis: Obfuscation-Resilient Library Detection for Android

  2018cited by this paper
• SimiDroid: Identifying and Explaining Similarities in Android Apps

  2017influential reference
• Reliable Third-Party Library Detection in Android and its Security Applications

  2016cited by this paper
• AnDarwin: Scalable Detection of Android Application Clones Based on Semantics

  2015influential reference
• DroidEagle: seamless detection of visually similar Android apps

  2015influential reference
• WuKong: a scalable and accurate two-phase approach to Android app clone detection

  2015cited by this paper
• ViewDroid: towards obfuscation-resilient mobile application repackaging detection

  2014cited by this paper
• Achieving accuracy and scalability simultaneously in detecting application clones on Android markets

  2014cited by this paper
• IntentFuzzer: detecting capability leaks of android applications

  2014cited by this paper
• AnDarwin: Scalable Detection of Semantically Similar Android Applications

  2013influential reference
• Attack of the Clones: Detecting Cloned Applications on Android Markets

  2012influential reference
• SmartDroid: an automatic system for revealing UI-based trigger conditions in android applications

  2012cited by this paper
• Detecting repackaged smartphone applications in third-party android marketplaces

  2012cited by this paper
• Dissecting Android Malware: Characterization and Evolution

  2012cited by this paper

• Android App Repackaging Detection: A Comprehensive Survey

  2026cites this paper
• Stacked BiLSTM with multiscale attention residual learning in repackaged Android malware detection

  2025cites this paper
• An APP Privacy Information Leakage Detection Method Based on Deep Learning

  2023cites this paper
• A Formal Method for Description and Decision of Android Apps Behavior Based on Process Algebra

  2022cites this paper
• A survey of android application and malware hardening

  2021cites this paper