Juxtapp: A Scalable System for Detecting Code Reuse among Android Applications View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2013

AUTHORS

Steve Hanna , Ling Huang , Edward Wu , Saung Li , Charles Chen , Dawn Song

ABSTRACT

Mobile application markets such as the Android Marketplace provide a centralized showcase of applications that end users can purchase or download for free onto their mobile phones. Despite the influx of applications to the markets, applications are cursorily reviewed by marketplace maintainers due to the vast number of submissions. User policing and reporting is the primary method to detect misbehaving applications. This reactive approach to application security, especially when programs can contain bugs, malware, or pirated (inauthentic) code, puts too much responsibility on the end users. In light of this, we propose Juxtapp, a scalable infrastructure for code similarity analysis among Android applications. Juxtapp provides a key solution to a number of problems in Android security, including determining if apps contain copies of buggy code, have significant code reuse that indicates piracy, or are instances of known malware. We evaluate our system using more than 58,000 Android applications and demonstrate that our system scales well and is effective. Our results show that Juxtapp is able to detect: 1) 463 applications with confirmed buggy code reuse that can lead to serious vulnerabilities in real-world apps, 2) 34 instances of known malware and variants (13 distinct variants of the GoldDream malware), and 3) pirated variants of a popular paid game. More... »

PAGES

62-81

Book

TITLE

Detection of Intrusions and Malware, and Vulnerability Assessment

ISBN

978-3-642-37299-5
978-3-642-37300-8

Author Affiliations

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-642-37300-8_4

DOI

http://dx.doi.org/10.1007/978-3-642-37300-8_4

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1031121749


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0802", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computation Theory and Mathematics", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Hanna", 
        "givenName": "Steve", 
        "id": "sg:person.07741311617.07", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07741311617.07"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Intel Labs, USA", 
          "id": "http://www.grid.ac/institutes/grid.419318.6", 
          "name": [
            "Intel Labs, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Huang", 
        "givenName": "Ling", 
        "id": "sg:person.012522703103.43", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012522703103.43"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Wu", 
        "givenName": "Edward", 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Li", 
        "givenName": "Saung", 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Chen", 
        "givenName": "Charles", 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Song", 
        "givenName": "Dawn", 
        "id": "sg:person.01143152610.86", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2013", 
    "datePublishedReg": "2013-01-01", 
    "description": "Mobile application markets such as the Android Marketplace provide a centralized showcase of applications that end users can purchase or download for free onto their mobile phones. Despite the influx of applications to the markets, applications are cursorily reviewed by marketplace maintainers due to the vast number of submissions. User policing and reporting is the primary method to detect misbehaving applications. This reactive approach to application security, especially when programs can contain bugs, malware, or pirated (inauthentic) code, puts too much responsibility on the end users. In light of this, we propose Juxtapp, a scalable infrastructure for code similarity analysis among Android applications. Juxtapp provides a key solution to a number of problems in Android security, including determining if apps contain copies of buggy code, have significant code reuse that indicates piracy, or are instances of known malware. We evaluate our system using more than 58,000 Android applications and demonstrate that our system scales well and is effective. Our results show that Juxtapp is able to detect: 1) 463 applications with confirmed buggy code reuse that can lead to serious vulnerabilities in real-world apps, 2) 34 instances of known malware and variants (13 distinct variants of the GoldDream malware), and 3) pirated variants of a popular paid game.", 
    "editor": [
      {
        "familyName": "Flegel", 
        "givenName": "Ulrich", 
        "type": "Person"
      }, 
      {
        "familyName": "Markatos", 
        "givenName": "Evangelos", 
        "type": "Person"
      }, 
      {
        "familyName": "Robertson", 
        "givenName": "William", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-642-37300-8_4", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-642-37299-5", 
        "978-3-642-37300-8"
      ], 
      "name": "Detection of Intrusions and Malware, and Vulnerability Assessment", 
      "type": "Book"
    }, 
    "keywords": [
      "code reuse", 
      "Android applications", 
      "end users", 
      "significant code reuse", 
      "real-world apps", 
      "mobile application market", 
      "application security", 
      "scalable infrastructure", 
      "Android marketplace", 
      "Android security", 
      "buggy code", 
      "scalable system", 
      "serious vulnerabilities", 
      "application market", 
      "malware", 
      "mobile phones", 
      "reactive approach", 
      "key solution", 
      "users", 
      "reuse", 
      "security", 
      "apps", 
      "number of problems", 
      "vast number", 
      "code", 
      "applications", 
      "similarity analysis", 
      "instances", 
      "phones", 
      "system", 
      "infrastructure", 
      "bugs", 
      "maintainers", 
      "piracy", 
      "game", 
      "showcase", 
      "marketplace", 
      "submission", 
      "vulnerability", 
      "primary method", 
      "number", 
      "solution", 
      "market", 
      "method", 
      "variants", 
      "program", 
      "copies", 
      "results", 
      "reporting", 
      "analysis", 
      "responsibility", 
      "policing", 
      "light", 
      "influx", 
      "problem", 
      "approach"
    ], 
    "name": "Juxtapp: A Scalable System for Detecting Code Reuse among Android Applications", 
    "pagination": "62-81", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1031121749"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-642-37300-8_4"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-642-37300-8_4", 
      "https://app.dimensions.ai/details/publication/pub.1031121749"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-10T10:53", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220509/entities/gbq_results/chapter/chapter_449.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-642-37300-8_4"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-37300-8_4'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-37300-8_4'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-37300-8_4'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-37300-8_4'


 

This table displays all metadata directly associated to this object as RDF triples.

161 TRIPLES      23 PREDICATES      82 URIs      75 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-642-37300-8_4 schema:about anzsrc-for:08
2 anzsrc-for:0802
3 schema:author N8ac8e020b2fc4c68af0af6dce97e61de
4 schema:datePublished 2013
5 schema:datePublishedReg 2013-01-01
6 schema:description Mobile application markets such as the Android Marketplace provide a centralized showcase of applications that end users can purchase or download for free onto their mobile phones. Despite the influx of applications to the markets, applications are cursorily reviewed by marketplace maintainers due to the vast number of submissions. User policing and reporting is the primary method to detect misbehaving applications. This reactive approach to application security, especially when programs can contain bugs, malware, or pirated (inauthentic) code, puts too much responsibility on the end users. In light of this, we propose Juxtapp, a scalable infrastructure for code similarity analysis among Android applications. Juxtapp provides a key solution to a number of problems in Android security, including determining if apps contain copies of buggy code, have significant code reuse that indicates piracy, or are instances of known malware. We evaluate our system using more than 58,000 Android applications and demonstrate that our system scales well and is effective. Our results show that Juxtapp is able to detect: 1) 463 applications with confirmed buggy code reuse that can lead to serious vulnerabilities in real-world apps, 2) 34 instances of known malware and variants (13 distinct variants of the GoldDream malware), and 3) pirated variants of a popular paid game.
7 schema:editor N548433a268fa403e8be622ffbb1dc567
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree true
11 schema:isPartOf Nf3f10b1c040a4d5ea9f6e2d34a029cb4
12 schema:keywords Android applications
13 Android marketplace
14 Android security
15 analysis
16 application market
17 application security
18 applications
19 approach
20 apps
21 buggy code
22 bugs
23 code
24 code reuse
25 copies
26 end users
27 game
28 influx
29 infrastructure
30 instances
31 key solution
32 light
33 maintainers
34 malware
35 market
36 marketplace
37 method
38 mobile application market
39 mobile phones
40 number
41 number of problems
42 phones
43 piracy
44 policing
45 primary method
46 problem
47 program
48 reactive approach
49 real-world apps
50 reporting
51 responsibility
52 results
53 reuse
54 scalable infrastructure
55 scalable system
56 security
57 serious vulnerabilities
58 showcase
59 significant code reuse
60 similarity analysis
61 solution
62 submission
63 system
64 users
65 variants
66 vast number
67 vulnerability
68 schema:name Juxtapp: A Scalable System for Detecting Code Reuse among Android Applications
69 schema:pagination 62-81
70 schema:productId N470b6478494e414ca92661bb7c8674d5
71 Nc147a2001f174c17b6d830bdc79207ff
72 schema:publisher N39de423b12194fe68230cb8e4e3bb767
73 schema:sameAs https://app.dimensions.ai/details/publication/pub.1031121749
74 https://doi.org/10.1007/978-3-642-37300-8_4
75 schema:sdDatePublished 2022-05-10T10:53
76 schema:sdLicense https://scigraph.springernature.com/explorer/license/
77 schema:sdPublisher N03aba31706dd454f824b12506c075cd1
78 schema:url https://doi.org/10.1007/978-3-642-37300-8_4
79 sgo:license sg:explorer/license/
80 sgo:sdDataset chapters
81 rdf:type schema:Chapter
82 N03aba31706dd454f824b12506c075cd1 schema:name Springer Nature - SN SciGraph project
83 rdf:type schema:Organization
84 N2c02f65839c441579b93f8fc478240bd rdf:first Naa583b70f9b04f299e41371f34803a55
85 rdf:rest N718401f0452c45408b733e12ba0847b9
86 N3957fcae188e4efb8a2f1963cb97c120 schema:familyName Flegel
87 schema:givenName Ulrich
88 rdf:type schema:Person
89 N39de423b12194fe68230cb8e4e3bb767 schema:name Springer Nature
90 rdf:type schema:Organisation
91 N3ff13946acb04442818037fd46e84c38 schema:familyName Robertson
92 schema:givenName William
93 rdf:type schema:Person
94 N470b6478494e414ca92661bb7c8674d5 schema:name doi
95 schema:value 10.1007/978-3-642-37300-8_4
96 rdf:type schema:PropertyValue
97 N548433a268fa403e8be622ffbb1dc567 rdf:first N3957fcae188e4efb8a2f1963cb97c120
98 rdf:rest N6c486f52febd4266bea38e4b7a33f79a
99 N567eccb75dfe41528d7bfac4595ebbee rdf:first sg:person.012522703103.43
100 rdf:rest N2c02f65839c441579b93f8fc478240bd
101 N688d6b4eed05420fa14fbbe2f352a13d schema:familyName Markatos
102 schema:givenName Evangelos
103 rdf:type schema:Person
104 N6c486f52febd4266bea38e4b7a33f79a rdf:first N688d6b4eed05420fa14fbbe2f352a13d
105 rdf:rest Nf463614e1c3a4f2996a2bda9fc054c91
106 N718401f0452c45408b733e12ba0847b9 rdf:first Nf5b3459626e34ce993b5dc77d6771b80
107 rdf:rest N98833c3612274a6292b14fce4731b820
108 N8ac8e020b2fc4c68af0af6dce97e61de rdf:first sg:person.07741311617.07
109 rdf:rest N567eccb75dfe41528d7bfac4595ebbee
110 N98833c3612274a6292b14fce4731b820 rdf:first Ne914a70698eb4b5aa72a6e463af3d296
111 rdf:rest Ne5e3922ec2f24aad86895b1b7b6622b7
112 Naa583b70f9b04f299e41371f34803a55 schema:affiliation grid-institutes:grid.47840.3f
113 schema:familyName Wu
114 schema:givenName Edward
115 rdf:type schema:Person
116 Nc147a2001f174c17b6d830bdc79207ff schema:name dimensions_id
117 schema:value pub.1031121749
118 rdf:type schema:PropertyValue
119 Ne5e3922ec2f24aad86895b1b7b6622b7 rdf:first sg:person.01143152610.86
120 rdf:rest rdf:nil
121 Ne914a70698eb4b5aa72a6e463af3d296 schema:affiliation grid-institutes:grid.47840.3f
122 schema:familyName Chen
123 schema:givenName Charles
124 rdf:type schema:Person
125 Nf3f10b1c040a4d5ea9f6e2d34a029cb4 schema:isbn 978-3-642-37299-5
126 978-3-642-37300-8
127 schema:name Detection of Intrusions and Malware, and Vulnerability Assessment
128 rdf:type schema:Book
129 Nf463614e1c3a4f2996a2bda9fc054c91 rdf:first N3ff13946acb04442818037fd46e84c38
130 rdf:rest rdf:nil
131 Nf5b3459626e34ce993b5dc77d6771b80 schema:affiliation grid-institutes:grid.47840.3f
132 schema:familyName Li
133 schema:givenName Saung
134 rdf:type schema:Person
135 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
136 schema:name Information and Computing Sciences
137 rdf:type schema:DefinedTerm
138 anzsrc-for:0802 schema:inDefinedTermSet anzsrc-for:
139 schema:name Computation Theory and Mathematics
140 rdf:type schema:DefinedTerm
141 sg:person.01143152610.86 schema:affiliation grid-institutes:grid.47840.3f
142 schema:familyName Song
143 schema:givenName Dawn
144 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86
145 rdf:type schema:Person
146 sg:person.012522703103.43 schema:affiliation grid-institutes:grid.419318.6
147 schema:familyName Huang
148 schema:givenName Ling
149 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012522703103.43
150 rdf:type schema:Person
151 sg:person.07741311617.07 schema:affiliation grid-institutes:grid.47840.3f
152 schema:familyName Hanna
153 schema:givenName Steve
154 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07741311617.07
155 rdf:type schema:Person
156 grid-institutes:grid.419318.6 schema:alternateName Intel Labs, USA
157 schema:name Intel Labs, USA
158 rdf:type schema:Organization
159 grid-institutes:grid.47840.3f schema:alternateName UC Berkeley, USA
160 schema:name UC Berkeley, USA
161 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...