All accepted publications from SPARTA partners under its funding.
VisualDroid: automatic triage and detection of Android repackaged applications
Rosangela Casolare, Carlo De Dominicis, Fabio Martinelli, Francesco Mercaldo, Antonella SantoneAbstract
Considering the pervasiveness of mobile devices, malicious writers are constantly focusing their attention in developing malicious payload aimed to gather sensible information from mobile devices without user content. As a matter of fact, it is really easy for malware writers to embed malicious payloads into legitimate applications, by applying the so-called repackagingparadigm, to generate a sample with a signature unknown to anti-malware software. In this paper we propose a twofold approach for the triage and the detection of repackaged Android applications. We propose a visualization schema to assist the malware analyst in the triage of unseen applications and a set of metrics for the automatic detection of repackaged applications. Experimental results show the effectiveness of the proposed approach.