Detecting plagiarized mobile apps using API birthmarks

Daeyoung Kim, Amruta Gokhale, Vinod Ganapathy, Abhinav Srivastava

Research output: Contribution to journalArticle

6 Citations (Scopus)

Abstract

This paper addresses the problem of detecting plagiarized mobile apps. Plagiarism is the practice of building mobile apps by reusing code from other apps without the consent of the corresponding app developers. Recent studies on third-party app markets have suggested that plagiarized apps are an important vehicle for malware delivery on mobile phones. Malware authors repackage official versions of apps with malicious functionality, and distribute them for free via these third-party app markets. An effective technique to detect app plagiarism can therefore help identify malicious apps. Code plagiarism has long been a problem and a number of code similarity detectors have been developed over the years to detect plagiarism. In this paper we show that obfuscation techniques can be used to easily defeat similarity detectors that rely solely on statically scanning the code of an app. We propose a dynamic technique to detect plagiarized apps that works by observing the interaction of an app with the underlying mobile platform via its API invocations. We propose API birthmarks to characterize unique app behaviors, and develop a robust plagiarism detection tool using API birthmarks.

Original languageEnglish (US)
Pages (from-to)591-618
Number of pages28
JournalAutomated Software Engineering
Volume23
Issue number4
DOIs
StatePublished - Dec 1 2016

Fingerprint

Application programming interfaces (API)
Application programs
Detectors
Mobile phones

All Science Journal Classification (ASJC) codes

  • Software

Keywords

  • API birthmarks
  • Mobile apps
  • Plagiarism

Cite this

Kim, Daeyoung ; Gokhale, Amruta ; Ganapathy, Vinod ; Srivastava, Abhinav. / Detecting plagiarized mobile apps using API birthmarks. In: Automated Software Engineering. 2016 ; Vol. 23, No. 4. pp. 591-618.
@article{1ce966857b3a440599c066473ad3f206,
title = "Detecting plagiarized mobile apps using API birthmarks",
abstract = "This paper addresses the problem of detecting plagiarized mobile apps. Plagiarism is the practice of building mobile apps by reusing code from other apps without the consent of the corresponding app developers. Recent studies on third-party app markets have suggested that plagiarized apps are an important vehicle for malware delivery on mobile phones. Malware authors repackage official versions of apps with malicious functionality, and distribute them for free via these third-party app markets. An effective technique to detect app plagiarism can therefore help identify malicious apps. Code plagiarism has long been a problem and a number of code similarity detectors have been developed over the years to detect plagiarism. In this paper we show that obfuscation techniques can be used to easily defeat similarity detectors that rely solely on statically scanning the code of an app. We propose a dynamic technique to detect plagiarized apps that works by observing the interaction of an app with the underlying mobile platform via its API invocations. We propose API birthmarks to characterize unique app behaviors, and develop a robust plagiarism detection tool using API birthmarks.",
keywords = "API birthmarks, Mobile apps, Plagiarism",
author = "Daeyoung Kim and Amruta Gokhale and Vinod Ganapathy and Abhinav Srivastava",
year = "2016",
month = "12",
day = "1",
doi = "10.1007/s10515-015-0182-6",
language = "English (US)",
volume = "23",
pages = "591--618",
journal = "Automated Software Engineering",
issn = "0928-8910",
publisher = "Springer Netherlands",
number = "4",

}

Detecting plagiarized mobile apps using API birthmarks. / Kim, Daeyoung; Gokhale, Amruta; Ganapathy, Vinod; Srivastava, Abhinav.

In: Automated Software Engineering, Vol. 23, No. 4, 01.12.2016, p. 591-618.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Detecting plagiarized mobile apps using API birthmarks

AU - Kim, Daeyoung

AU - Gokhale, Amruta

AU - Ganapathy, Vinod

AU - Srivastava, Abhinav

PY - 2016/12/1

Y1 - 2016/12/1

N2 - This paper addresses the problem of detecting plagiarized mobile apps. Plagiarism is the practice of building mobile apps by reusing code from other apps without the consent of the corresponding app developers. Recent studies on third-party app markets have suggested that plagiarized apps are an important vehicle for malware delivery on mobile phones. Malware authors repackage official versions of apps with malicious functionality, and distribute them for free via these third-party app markets. An effective technique to detect app plagiarism can therefore help identify malicious apps. Code plagiarism has long been a problem and a number of code similarity detectors have been developed over the years to detect plagiarism. In this paper we show that obfuscation techniques can be used to easily defeat similarity detectors that rely solely on statically scanning the code of an app. We propose a dynamic technique to detect plagiarized apps that works by observing the interaction of an app with the underlying mobile platform via its API invocations. We propose API birthmarks to characterize unique app behaviors, and develop a robust plagiarism detection tool using API birthmarks.

AB - This paper addresses the problem of detecting plagiarized mobile apps. Plagiarism is the practice of building mobile apps by reusing code from other apps without the consent of the corresponding app developers. Recent studies on third-party app markets have suggested that plagiarized apps are an important vehicle for malware delivery on mobile phones. Malware authors repackage official versions of apps with malicious functionality, and distribute them for free via these third-party app markets. An effective technique to detect app plagiarism can therefore help identify malicious apps. Code plagiarism has long been a problem and a number of code similarity detectors have been developed over the years to detect plagiarism. In this paper we show that obfuscation techniques can be used to easily defeat similarity detectors that rely solely on statically scanning the code of an app. We propose a dynamic technique to detect plagiarized apps that works by observing the interaction of an app with the underlying mobile platform via its API invocations. We propose API birthmarks to characterize unique app behaviors, and develop a robust plagiarism detection tool using API birthmarks.

KW - API birthmarks

KW - Mobile apps

KW - Plagiarism

UR - http://www.scopus.com/inward/record.url?scp=84985940163&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84985940163&partnerID=8YFLogxK

U2 - 10.1007/s10515-015-0182-6

DO - 10.1007/s10515-015-0182-6

M3 - Article

AN - SCOPUS:84985940163

VL - 23

SP - 591

EP - 618

JO - Automated Software Engineering

JF - Automated Software Engineering

SN - 0928-8910

IS - 4

ER -