Detecting camouflaged applications on mobile application markets

Abstract

Application plagiarism or application cloning is an emerging threat in mobile application markets. It reduces profits of original developers and sometimes even harms the security and privacy of users. In this paper, we introduce a new concept, called camouflaged applications, where external features of mobile applications, such as icons, screenshots, application names or descriptions, are copied.We then propose a scalable detection framework, which can find these suspiciously similar camouflaged applications. To accomplish this, we apply text-based retrieval methods and content-based image retrieval methods in our framework. Our framework is implemented and tested with 30,625 Android applications from the official Google Play market. The experiment results show that even the official market is comprised of 477 potential camouflaged victims, which cover 1.56% of tested samples. Our paper highlights that these camouflaged applications not only expose potential security threats but also degrade qualities of mobile application markets. Our paper also analyze the behaviors of detected camouflaged applications and calculate the false alarm rates of the proposed framework.