The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Rahul Potharaju - Purdue University

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

I'm not stealing, I'm merely borrowing - Plagiarism in Smartphone App Markets

Feb 13, 2013

Download: Video Icon MP4 Video Size: 161.0MB  
Watch on Youtube Watch on YouTube

Abstract

Plagiarism is the copying of another party's ideas and passing them off as your own. In the world of smartphone app-markets, this is usually followed by confusion for the buyers (users) and lost sales for the original developer. In some cases, these plagiarized applications act as carriers for malware that can steal your bank details or leak your private information to third-parties. While closed markets such as Apple's AppStore and Windows Marketplace mitigate this problem to some extent through their manual application approval process, open markets such as Google's Android Market, where anyone can publish an application for others to download, are plagued by this problem.

In this talk, I will show how an attacker can launch malware onto a large number of smartphone users by plagiarizing Android applications and by using elements of social engineering to increase the infection rate. Using a dataset of 158,000 smartphone applications' meta-information, I will portray the seriousness of this problem. To this end, we propose three detection schemes that rely on syntactic fingerprinting to detect plagiarized applications under different levels of obfuscation used by the attacker. Experimental analysis of 7,600 smartphone application binaries shows that the proposed schemes detect all instances of plagiarism from a set of real-world malware incidents with 0.5% false positives and scale to millions of applications using only commodity servers.

About the Speaker

Rahul Potharaju is a PhD student in the Department of Computer Science at Purdue University and a member of CERIAS. Prior to that, in 2009, he earned his Masters Degree in Computer Science from Northwestern University. He has over two years of industrial research experience working on projects in collaboration with Microsoft Research, Redmond and Motorola Applied Research Center. His current work focuses on large-scale Internet measurements, intrusion detection and security aspects of smartphone architectures, and reliability aspects of data centers both from a hardware and a software perspective. A recurring theme in all his research is combining cross-domain techniques such as those from natural language processing with statistical machine learning and data mining to make surprising inferences in the networking and smartphone areas. His research advisor is Prof. Cristina Nita-Rotaru.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!