Detecting Plagiarized Mobile Apps using API Birthmarks

Daeyoung Kim, Amruta Gokhale, Vinod Ganapathy, Abhinav Srivastava.

Automated Software Engineering; Volume 23, Issue 4, pages 591--618; December 2016.

This article addresses the problem of detecting plagiarized mobile apps. Plagiarism is the practice of building mobile apps by reusing code from other apps without the consent of the corresponding app developers. Recent studies on third-party app markets have suggested that plagiarized apps are an important vehicle for malware delivery on mobile phones. Malware authors repackage official versions of apps with malicious functionality, and distribute them for free via these third-party app markets. An effective technique to detect app plagiarism can therefore help identify malicious apps.

Code plagiarism has long been a problem and a number of code similarity detectors have been developed over the years to detect plagiarism. In this article, we show that obfuscation techniques can be used to easily defeat similarity detectors that rely solely on statically scanning the code of an app. We propose a dynamic technique to detect plagiarized apps that works by observing the interaction of an app with the underlying mobile platform via its API invocations. We characterize this interaction using API birthmarks. We use API birthmarks to characterize unique app behaviors and develop a robust plagiarism detection tool using API birthmarks.

Article: [ PDF ] (© Springer)
Code: [ Androcrypt ]
DOI: [ 10.1007/s10515-015-0182-6 ]

Papers page