A Framework to Detect Repackaged Android Applications in Smartphone Devices

Android is one of the most successful OS for smart devices and its large user base has inevitably made it the most targeted mobile OS by malwares. Android malwares have been found to have a host of different motives but most use repackaged apps as the preferred means of propagation into users' devices. This is done to exploit the popularity and trustworthiness of a legitimate app. The repackaged versions of the apps ask for more privileges at the time of installation and innocent or ignorant users install the app anyway. In this paper we propose a framework for automatic detection of repackaged apps. Our framework determines whether an app is asking for unnecessary privileges by leveraging the original manifest information of the app. The developer needs to provide the manifest information at the time of releasing the app. When a new app is installed the user is simply informed whether the app is safe or not. Our solution incurs an ignorable overhead on the Smartphone devices. It can provide highly accurate detection of repackaged version of any known app.