Active warden attack: On the (in)effectiveness of Android app repackage-proofing

Active warden attack: On the (in)effectiveness of Android app repackage-proofing

App repackaging has raised serious concerns to the Android ecosystem with the repackage-proofing technology attracting attention in the Android research community. In this paper, we first show that existing repackage-proofing schemes rely on a flawed security assumption, and then propose a new class...

Full description

Saved in:

Bibliographic Details
Main Authors:	MA, Haoyu, LI, Shijia, GAO, Debin, WU, Daoyuan, JIA, Qiaowen, JIA, Chunfu
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2022
Subjects:	Android security app repackage-proofing active warden attack Information Security Software Engineering
Online Access:	https://ink.library.smu.edu.sg/sis_research/6703 https://ink.library.smu.edu.sg/context/sis_research/article/7706/viewcontent/tdsc_2021_1.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Secure repackage-proofing framework for Android apps using Collatz conjecture
by: MA, Haoyu, et al.
Published: (2021)

Measuring the declared SDK versions and their consistency with API calls in android apps
by: WU, Daoyuan, et al.
Published: (2017)

Understanding Android app piggybacking: A systematic study of malicious code grafting
by: LI, Li, et al.
Published: (2017)

MtdScout : Complementing the identification of insecure methods in Android apps via source-to-bytecode signature generation and tree-based layered search
by: ZHANG, Zicheng, et al.
Published: (2024)

On the usability (in)security of in-app browsing interfaces in mobile apps
by: ZHANG, Zicheng, et al.
Published: (2021)

On-the-fly Android static analysis with applications in vulnerability discovery
by: WU, Daoyuan
Published: (2019)

Looking back! Using early versions of Android apps as attack vectors
by: ZHANG, Yue, et al.
Published: (2021)

Stack Layout Randomization with Minimal Rewriting of Android Binaries
by: Liang, Yu, et al.
Published: (2015)

SeqAdver: Automatic payload construction and injection in sequence-based Android adversarial attack
by: ZHANG, Fei, et al.
Published: (2023)

SplitSecond: Flexible privilege separation of Android apps
by: LEE, Jehyun, et al.
Published: (2019)

Android app in conjunction with BLE beacon
by: Goh, Jun Yang
Published: (2024)

Automatically distilling storyboard with rich features for Android apps
by: Chen, Sen, et al.
Published: (2022)

SCLib: A practical and lightweight defense against component hijacking in android applications
by: WU, Daoyuan, et al.
Published: (2018)

Custom permission misconfigurations in Android : A Large-scale security analysis
by: LI, Rui, et al.
Published: (2024)

On return oriented programming threats in Android runtime
by: RAJA, Akshaya Venkateswara, et al.
Published: (2017)

AutoDebloater: Automated android app debloating
by: LIU, Jiakun, et al.
Published: (2023)

Denial-of-Service Attacks on Host-Based Generic Unpackers
by: LIU, Limin, et al.
Published: (2009)

FA3: Fine-Grained Android Application Analysis
by: LIN, Yan, et al.
Published: (2023)

Android app development for image and video processing
by: Zhang, Zongxian
Published: (2024)

Walls have ears: Eavesdropping user behaviors via graphics-interrupt-based side channel
by: MA, Haoyu, et al.
Published: (2020)

On locating malicious code in piggybacked Android apps
by: LI, Li, et al.
Published: (2017)

Towards understanding Android system vulnerabilities: Techniques and insights
by: WU, Daoyuan, et al.
Published: (2019)

Scalable online vetting of Android apps for measuring declared SDK versions and their consistency with API calls
by: WU, Daoyuan, et al.
Published: (2021)

Fine-grained in-context permission classification for Android apps using control-flow graph embedding
by: MALVIYA, Vikas Kumar, et al.
Published: (2023)

Chosen-instruction attack against commercial code virtualization obfuscators
by: LI, Shijia, et al.
Published: (2022)

Automated deprecated-API usage update for Android apps: How far are we?
by: THUNG, Ferdian, et al.
Published: (2020)

Zero-knowledge watermark detection resistant to ambiguity attacks
by: Li, Q., et al.
Published: (2013)

Deep-learning-based app sensitive behavior surveillance for Android powered cyber-physical systems
by: MA, Haoyu, et al.
Published: (2020)

Attacking Android smartphone systems without permissions
by: SU, Mon Kywe, et al.
Published: (2016)

App-based scaffolds for writing two-column proofs
by: Verzosa, Debbie Marie, et al.
Published: (2018)

SDAC: A slow-aging solution for Android malware detection using semantic distance based API clustering
by: XU, Jiayun, et al.
Published: (2022)

Information Security: Facilitating User Precautions Vis-a-Vis Enforcement Against Attackers
by: PNG, Ivan P. L., et al.
Published: (2009)

AnFlo: Detecting anomalous sensitive information flows in Android apps
by: DEMISSIE, Biniam Fisseha, et al.
Published: (2018)

A software environment for confining malicious android applications via resource virtualization
by: Li, X., et al.
Published: (2014)

Information security: Facilitating user precautions vis-à-vis enforcement against attackers
by: Png, I., et al.
Published: (2013)

TinyVisor: An extensible secure framework on Android platforms
by: SHEN, Dong, et al.
Published: (2018)

Do Hacker Forums Contribute to Security Attacks?
by: QIU-HONG WANG,, et al.
Published: (2012)

Privacy-preserving offloading of mobile app to the public cloud
by: DUAN, Yue, et al.
Published: (2015)

A home monitoring system using ultrasonic, magnet, and infrared sensors, wirelessly integrated to an android application
by: Borromeo, Edmar Francis M.
Published: (2017)

Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel
by: LIN, Yan, et al.
Published: (2024)