research-article

IoT-based Cloud Service for Secured Android Markets using PDG-based Deep Learning Classification

Authors:

Muhammad Rashid Naeem,

Abdullah S. Bajahzar,

Fadi Al-TurjmanAuthors Info & Claims

ACM Transactions on Internet Technology (TOIT), Volume 22, Issue 2

Article No.: 40, Pages 1 - 17

https://doi.org/10.1145/3418206

Published: 22 October 2021 Publication History

Abstract

Software piracy is an act of illegal stealing and distributing commercial software either for revenue or identify theft. Pirated applications on Android app stores are harming developers and their users by clone scammers. The scammers usually generate pirated versions of the same applications and publish them in different open-source app stores. There is no centralized system between these app stores to prevent scammers from publishing pirated applications. As most of the app stores are hosted on cloud storage, therefore a cloud-based interaction system can prevent scammers from publishing pirated applications. In this paper, we proposed IoT-based cloud architecture for clone detection using program dependency analysis. First, the newly submitted APK and possible original files are selected from app stores. The APK Extractor and JDEX decompiler extract APK and DEX files for Java source code analysis. The dependency graphs of Java files are generated to extract a set of weighted features. The Stacked-Long Short-Term Memory (S-LSTM) deep learning model is designed to predict possible clones.

Experimental results have shown that the proposed approach can achieve an average accuracy of 95.48% among clones from different application stores.

References

[1]

B. Hayes. 2008. Cloud Computing. ACM, New York City, USA.

Digital Library

[2]

J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami. 2013. Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems 29, 7 (2013), 1645–1660.

Digital Library

[3]

S. A. Shah, A. Ren, D. Fan, Z. Zhang, N. Zhao, X. Yang, M. Luo, W. Wang, F. Hu, and M. U. Rehman. 2018. Internet of Things for sensing: A case study in the healthcare system. Applied Sciences 8, 4 (2018), 508.

[4]

B. B. Zarpelao, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga. 2017. A survey of intrusion detection in Internet of Things. Journal of Network and Computer Applications 84 (2017), 25–37.

Digital Library

[5]

Y. Chahid, M. Benabdellah, and A. Azizi. 2017. Internet of Things Security. IEEE, Hefei, P. R. China.

[6]

W. Zhou, Y. Zhou, X. Jiang, and P. Ning. 2012. Detecting Repackaged Smartphone Applications in Third-party Android Marketplaces. ACM, San Antonio Texas USA.

Digital Library

[7]

X. Su, M. Chuah, and G. Tan. 2012. Smartphone Dual Defense Protection Framework: Detecting Malicious Applications in Android Markets. IEEE, Chengdu, Sichuan, China.

Digital Library

[8]

Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. 2012. Hey, You, Get Off of my Market: Detecting Malicious Apps in Official and Alternative Android Markets. Chengdu, Sichuan, China.

[9]

J. A. F. Masood, S. A. Shah, S. S. Jamal, and I. Hussain. 2020. A novel secure occupancy monitoring scheme based on the multi-chaos mapping. Symmetry 12, 3 (2020), 350.

[10]

H. Jang, B. Jin, S. Hyun, and H. Kim. 2019. Kerberoid: A Practical Android App Decompilation System with Multiple Decompilers. London United Kingdom.

Digital Library

[11]

S. Schleimer, D. S. Wilkerson, and A. Aiken. 2003. Winnowing: Local Algorithms for Document Fingerprinting. ACM, San Diego California.

Digital Library

[12]

S. K. Kuttal and A. Ghosh. 2020. Source code comments: Overlooked in the realm of code clone detection. arXiv preprint arXiv:2006.14505 (2020).

[13]

B. van Bladel and S. Demeyer. 2020. Clone Detection in Test Code: An Empirical Evaluation. IEEE, ON, Canada.

[14]

A. Desnos. 2013. Androguard-reverse engineering, malware and goodware analysis of Android applications. URL code. Google. com/p/androguard 153 (2013).

[15]

C. Liu, C. Chen, J. Han, and P. S. Yu. 2006. GPLAG: Detection of Software Plagiarism by Program Dependence Graph Analysis. ACM, Philadelphia PA USA.

Digital Library

[16]

E. Chin, A. P. Felt, K. Greenwood, and D. Wagner. 2011. Analyzing Inter-application Communication in Android. ACM, Bethesda Maryland USA.

Digital Library

[17]

M. Egele, C. Kruegel, E. Kirda, and G. Vigna. 2011. PiOS: Detecting Privacy Leaks in iOS Applications. San Diego, California.

[18]

W. Enck, P. Gilbert, S. Han, V. Tendulkar, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. 2014. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS) 32, 2 (2014), 5.

Digital Library

[19]

B. Prado, K. A. Bispo, and R. Andrade. 2018. X9: An Obfuscation Resilient Approach for Source Code Plagiarism Detection in Virtual Learning Environments. Gaula, Portugal.

[20]

H. Wang, Y. Guo, Z. Ma, and X. Chen. 2015. Wukong: A Scalable and Accurate Two-phase Approach to Android App Clone Detection. ACM, Baltimore MD USA.

Digital Library

[21]

J. Crussell, C. Gibler, and H. Chen. 2013. Scalable Semantics-based Detection of Similar Android Applications. Citeseer, Egham, UK.

[22]

M. Li, W. Wang, P. Wang, S. Wang, D. Wu, J. Liu, R. Xue, and W. Huo. 2017. LibD: Scalable and Precise Third-Party Library Detection in Android Markets. IEEE, Buenos Aires, Argentina.

Digital Library

[23]

C. Soh, H. B. K. Tan, Y. L. Arnatovich, and L. Wang. 2015. Detecting Clones in Android Applications Through Analyzing User Interfaces. IEEE Press, Florence, Italy.

Digital Library

[24]

M. Joshi and K. Khanna. 2013. Plagiarism detection over the web. International Journal of Computer Applications 68, 15 (2013), 17–20.

[25]

I. Ghafir, J. Saleem, M. Hammoudeh, H. Faour, V. Prenosil, S. Jaf, S. Jabbar, and T. Baker. 2018. Security threats to critical infrastructure: The human factor. The Journal of Supercomputing (2018), 1–17.

Digital Library

[26]

K. Chen, P. Liu, and Y. Zhang. 2014. Achieving Accuracy and Scalability Simultaneously in Detecting Application Clones on Android Markets. ACM, Hyderabad India.

Digital Library

[27]

F. Ullah, H. Naeem, M. R. Naeem, S. Jabbar, S. Khalid, F. Al-Turjman, and A. Abuarqoub. 2019. Detection of clone scammers in Android markets using IoT-based edge computing. Transactions on Emerging Telecommunications Technologies (2019), e3791.

[28]

R. Cartwright and M. Felleisen. 1989. The Semantics of Program Dependence. ACM, Texas, USA.

Digital Library

[29]

J. Ferrante, K. J. Ottenstein, and J. D. Warren. 1987. The program dependence graph and its use in optimization. ACM Transactions on Programming Languages and Systems (TOPLAS) 9, 3 (1987), 319–349.

Digital Library

[30]

T. Parr, P. Wells, R. Klaren, L. Craymer, J. Coker, S. Stanchfield, J. Mitchell, and C. Flack. 2004. What's ANTLR (2004).

[31]

W. Zhang, T. Yoshida, and X. Tang. 2011. A comparative study of TF* IDF, LSI and multi-words for text classification. Expert Systems with Applications 38, 3 (2011), 2758–2765.

Digital Library

[32]

J. H. Paik. 2013. A Novel TF-IDF Weighting Scheme for Effective Ranking. ACM, Dublin Ireland.

Digital Library

[33]

B. P. Eddy, J. A. Robinson, N. A. Kraft, and J. C. Carver. 2013. Evaluating Source Code Summarization Techniques: Replication and Expansion. IEEE San Francisco, CA, USA.

[34]

H. Wei and M. Li. 2017. Supervised Deep Features for Software Functional Clone Detection by Exploiting Lexical and Syntactical Information in Source Code. Melbourne, Australia.

Digital Library

[35]

L. Büch and A. Andrzejak. 2019. Learning-based Recursive Aggregation of Abstract Syntax Trees for Code Clone Detection. IEEE, Hangzhou, China.

[36]

F. Agostinelli, M. Hoffman, P. Sadowski, and P. Baldi. 2014. Learning activation functions to improve deep neural networks. arXiv preprint arXiv:1412.6830 (2014).

[37]

S. Aziz Shah, J. Ahmad, A. Tahir, F. Ahmed, G. Russel, S. Y. Shah, W. Buchanan, and Q. H. Abbasi. 2020. Privacy-preserving non-wearable occupancy monitoring system exploiting Wi-Fi imaging for next-generation body-centric communication. Micromachines 11, 4 (2020), 379.

[38]

S. K. Abd-El-Hafiz. 2011. A Metrics-based data Mining Approach for Software Clone Detection. IEEE.

Digital Library

[39]

D. M. Powers. 2011. Evaluation: From precision, recall and F-measure to ROC, informedness, markedness and correlation (2011).

Cited By

Ishtaiwi AAl Maqousi AAldweesh A(2024)Securing Emerging IoT Environments with Super Learner Ensembles2024 2nd International Conference on Cyber Resilience (ICCR)10.1109/ICCR61006.2024.10533002(1-7)Online publication date: 26-Feb-2024
https://doi.org/10.1109/ICCR61006.2024.10533002
Dhanasekaran SThamaraimanalan TVivek Karthick PSilambarasan D(2024)A Lightweight CNN with LSTM Malware Detection Architecture for 5G and IoT NetworksIETE Journal of Research10.1080/03772063.2024.2352151(1-12)Online publication date: 19-May-2024
https://doi.org/10.1080/03772063.2024.2352151
Cui NChen LShi G(2023)BVSNO: Binary Code Vulnerability Detection Based on Slice Semantic and Node Order2023 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC58397.2023.10218114(373-379)Online publication date: 9-Jul-2023
https://doi.org/10.1109/ISCC58397.2023.10218114
Show More Cited By

Index Terms

IoT-based Cloud Service for Secured Android Markets using PDG-based Deep Learning Classification
1. Security and privacy
  1. Software and application security
    1. Software reverse engineering

Recommendations

Migrating Android Applications to the Cloud

Recently, smartphone technologies have evolved quickly and offered end users the computing power and networking capabilities required to perform useful network and multimedia applications. However, due to limited physical sizes and battery capacities, ...
Android: Changing the Mobile Landscape

The mobile phone landscape changed last year with the introduction of smart phones running Android, a platform marketed by Google. Android phones are the first credible threat to the iPhone market. Not only did Google target the same consumers as iPhone,...
Learning Android Intents

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Internet Technology

ACM Transactions on Internet Technology Volume 22, Issue 2

May 2022

582 pages

ISSN:1533-5399

EISSN:1557-6051

DOI:10.1145/3490674

Editor:
Ling Liu
Georgia Institute of Technology, USA

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 October 2021

Accepted: 01 July 2020

Revised: 01 July 2020

Received: 01 May 2020

Published in TOIT Volume 22, Issue 2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
470
Total Downloads

Downloads (Last 12 months)52
Downloads (Last 6 weeks)1

Reflects downloads up to 09 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ishtaiwi AAl Maqousi AAldweesh A(2024)Securing Emerging IoT Environments with Super Learner Ensembles2024 2nd International Conference on Cyber Resilience (ICCR)10.1109/ICCR61006.2024.10533002(1-7)Online publication date: 26-Feb-2024
https://doi.org/10.1109/ICCR61006.2024.10533002
Dhanasekaran SThamaraimanalan TVivek Karthick PSilambarasan D(2024)A Lightweight CNN with LSTM Malware Detection Architecture for 5G and IoT NetworksIETE Journal of Research10.1080/03772063.2024.2352151(1-12)Online publication date: 19-May-2024
https://doi.org/10.1080/03772063.2024.2352151
Cui NChen LShi G(2023)BVSNO: Binary Code Vulnerability Detection Based on Slice Semantic and Node Order2023 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC58397.2023.10218114(373-379)Online publication date: 9-Jul-2023
https://doi.org/10.1109/ISCC58397.2023.10218114
Dong YTang YCheng XYang YWang S(2023)SedSVDInformation and Software Technology10.1016/j.infsof.2023.107168158:COnline publication date: 1-Jun-2023
https://dl.acm.org/doi/10.1016/j.infsof.2023.107168
Ullah FAlsirhani AAlshahrani MAlomari ANaeem HShah S(2022)Explainable Malware Detection System Using Transformers-Based Transfer Learning and Multi-Model Visual RepresentationSensors10.3390/s2218676622:18(6766)Online publication date: 7-Sep-2022
https://doi.org/10.3390/s22186766
Ullah FUllah SNaeem MMostarda LRho SCheng X(2022)Cyber-Threat Detection System Using a Hybrid Approach of Transfer Learning and Multi-Model Image RepresentationSensors10.3390/s2215588322:15(5883)Online publication date: 6-Aug-2022
https://doi.org/10.3390/s22155883
Ashraf MHuang CKhalid SRana AAhmad MRaza U(2022)Dynamic Naming Scheme and Lookup Method Based on Trie for Vehicular Named Data NetworkWireless Communications & Mobile Computing10.1155/2022/65395322022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/6539532
Bao YQiu WCheng X(2022) Privacy‐preserving and fine‐grained data sharing for resource‐constrained healthcare CPS devices Expert Systems10.1111/exsy.1322040:6Online publication date: 28-Dec-2022
https://doi.org/10.1111/exsy.13220
Cui NChen LDu GWu TZhu CShi G(2022)BHMVD: Binary Code-based Hybrid Neural Network for Multiclass Vulnerability Detection2022 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom)10.1109/ISPA-BDCloud-SocialCom-SustainCom57177.2022.00037(238-245)Online publication date: Dec-2022
https://doi.org/10.1109/ISPA-BDCloud-SocialCom-SustainCom57177.2022.00037

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Full Text

View this article in Full Text.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View full text|Download PDF

View Issue’s Table of Contents