ApkCombiner: Combining Multiple Android Apps to Support Inter-App Analysis

Li, Li; Bartel, Alexandre; Bissyandé, Tegawendé F.; Klein, Jacques; Traon, Yves Le

doi:10.1007/978-3-319-18467-8_34

Cited by 63 publications

(42 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus, for this mining process, we use the AndroZoo [2] dataset to select around 1.5 million Google Play apps. This data set has already been used in other analyses [9,10]. Preliminary Mining Results.…”

Section: Implementation and Preliminary Resultsmentioning

confidence: 99%

Mining families of android applications for extractive SPL adoption

Martínez

Ziadi³

et al. 2016

Proceedings of the 20th International Systems and Software Product Line Conference

Self Cite

View full text Add to dashboard Cite

The myriads of smart phones around the globe gave rise to a vast proliferation of mobile applications. These applications target an increasing number of user profiles and tasks. In this context, Android is a leading technology for their development and on-line markets are the main means for their distribution. In this paper we motivate, from two perspectives, the mining of these markets with the objective to identify families of apps variants in the wild. The first perspective is related to research activities where building realistic case studies for evaluating extractive SPL adoption techniques are needed. The second is related to a largescale, world-wide and time-aware study of reuse practice in an industry which is now flourishing among all others within the software engineering community. This study is relevant to assess potential for SPLE practices adoption. We present initial implementations of the mining process and we discuss analyses of variant families.

show abstract

Section: Implementation and Preliminary Resultsmentioning

confidence: 99%

Mining families of android applications for extractive SPL adoption

Martínez

Ziadi³

et al. 2016

Proceedings of the 20th International Systems and Software Product Line Conference

Self Cite

View full text Add to dashboard Cite

show abstract

“…We plan to invite authors of such approaches to package their implementation into a reusable Apkpler plugin. For example, We are interested in integrating ApkCombiner [8] into our framework, in favor of existing analyzers to prevent collusion attacks among multiple Android apps.…”

Section: Discussionmentioning

confidence: 99%

Towards a generic framework for automating extensive analysis of Android applications

Bartel

et al. 2016

Proceedings of the 31st Annual ACM Symposium on Applied Computing

Self Cite

View full text Add to dashboard Cite

Despite much effort in the community, the momentum of Android research has not yet produced complete tools to perform thorough analysis on Android apps, leaving users vulnerable to malicious apps. Because it is hard for a single tool to efficiently address all of the various challenges of Android programming which make analysis difficult, we propose to instrument the app code for reducing the analysis complexity, e.g., transforming a hard problem to a easy-resolvable one. To this end, we introduce in this paper Apkpler, a plugin-based framework for supporting such instrumentation. We evaluate Apkpler with two plugins, demonstrating the feasibility of our approach and showing that Apkpler can indeed be leveraged to reduce the analysis complexity of Android apps.

show abstract

“…To overcome this limitation, there are approaches like APKCombiner [25] that join two applications into a single APK. This enables information flow tools to analyze app pairs.…”

Section: Related Workmentioning

confidence: 99%

“…In 2015, Li et al proposed APKCombiner, a method to avoid this issue [25]. APKCombiner combines two apps in such a way that IAC channels between the apps are transformed into ICC channels (as the components that communicate are now within the same app).…”

Section: Measuring Collusion Riskmentioning

confidence: 99%

See 1 more Smart Citation

Automated generation of colluding apps for experimental research

Blasco

2017

J Comput Virol Hack Tech

View full text Add to dashboard Cite

Colluding apps bypass the security measures enforced by sandboxed operating systems such as Android. App collusion can be a real threat in cloud environments as well. Research in detecting and protecting against app collusion requires a variety of colluding apps for experimentation. Presently the number of (real or manually crafted) apps available to researchers is very limited. In this paper we propose a system called Application Collusion Engine (ACE) to automatically generate combinations of colluding and noncolluding Android apps to help researchers fairly evaluate different collusion detection and protection methods. Our initial implementation includes a variety of components that enable the system to create more than 5,000 different colluding and non-colluding app sets. ACE can be extended with more functional components to create even more colluding apps. To show the usefulness of our system, we have applied different risk evaluation and collusion detection methods to the created set of colluding apps.

show abstract

ApkCombiner: Combining Multiple Android Apps to Support Inter-App Analysis

Cited by 63 publications

References 14 publications

Mining families of android applications for extractive SPL adoption

Mining families of android applications for extractive SPL adoption

Towards a generic framework for automating extensive analysis of Android applications

Automated generation of colluding apps for experimental research

Contact Info

Product

Resources

About