skip to main content
research-article

IoT-based Cloud Service for Secured Android Markets using PDG-based Deep Learning Classification

Authors Info & Claims
Published:22 October 2021Publication History
Skip Abstract Section

Abstract

Software piracy is an act of illegal stealing and distributing commercial software either for revenue or identify theft. Pirated applications on Android app stores are harming developers and their users by clone scammers. The scammers usually generate pirated versions of the same applications and publish them in different open-source app stores. There is no centralized system between these app stores to prevent scammers from publishing pirated applications. As most of the app stores are hosted on cloud storage, therefore a cloud-based interaction system can prevent scammers from publishing pirated applications. In this paper, we proposed IoT-based cloud architecture for clone detection using program dependency analysis. First, the newly submitted APK and possible original files are selected from app stores. The APK Extractor and JDEX decompiler extract APK and DEX files for Java source code analysis. The dependency graphs of Java files are generated to extract a set of weighted features. The Stacked-Long Short-Term Memory (S-LSTM) deep learning model is designed to predict possible clones.

Experimental results have shown that the proposed approach can achieve an average accuracy of 95.48% among clones from different application stores.

REFERENCES

  1. [1] Hayes B.. 2008. Cloud Computing. ACM, New York City, USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. [2] Gubbi J., Buyya R., Marusic S., and Palaniswami M.. 2013. Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems 29, 7 (2013), 16451660. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. [3] Shah S. A., Ren A., Fan D., Zhang Z., Zhao N., Yang X., Luo M., Wang W., Hu F., and Rehman M. U.. 2018. Internet of Things for sensing: A case study in the healthcare system. Applied Sciences 8, 4 (2018), 508.Google ScholarGoogle ScholarCross RefCross Ref
  4. [4] Zarpelao B. B., Miani R. S., Kawakani C. T., and de Alvarenga S. C.. 2017. A survey of intrusion detection in Internet of Things. Journal of Network and Computer Applications 84 (2017), 2537. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. [5] Chahid Y., Benabdellah M., and Azizi A.. 2017. Internet of Things Security. IEEE, Hefei, P. R. China.Google ScholarGoogle Scholar
  6. [6] Zhou W., Zhou Y., Jiang X., and Ning P.. 2012. Detecting Repackaged Smartphone Applications in Third-party Android Marketplaces. ACM, San Antonio Texas USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. [7] Su X., Chuah M., and Tan G.. 2012. Smartphone Dual Defense Protection Framework: Detecting Malicious Applications in Android Markets. IEEE, Chengdu, Sichuan, China. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. [8] Zhou Y., Wang Z., Zhou W., and Jiang X.. 2012. Hey, You, Get Off of my Market: Detecting Malicious Apps in Official and Alternative Android Markets. Chengdu, Sichuan, China.Google ScholarGoogle Scholar
  9. [9] Masood J. A. F., Shah S. A., Jamal S. S., and Hussain I.. 2020. A novel secure occupancy monitoring scheme based on the multi-chaos mapping. Symmetry 12, 3 (2020), 350.Google ScholarGoogle ScholarCross RefCross Ref
  10. [10] Jang H., Jin B., Hyun S., and Kim H.. 2019. Kerberoid: A Practical Android App Decompilation System with Multiple Decompilers. London United Kingdom. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. [11] Schleimer S., Wilkerson D. S., and Aiken A.. 2003. Winnowing: Local Algorithms for Document Fingerprinting. ACM, San Diego California. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. [12] Kuttal S. K. and Ghosh A.. 2020. Source code comments: Overlooked in the realm of code clone detection. arXiv preprint arXiv:2006.14505 (2020).Google ScholarGoogle Scholar
  13. [13] van Bladel B. and Demeyer S.. 2020. Clone Detection in Test Code: An Empirical Evaluation. IEEE, ON, Canada.Google ScholarGoogle Scholar
  14. [14] Desnos A.. 2013. Androguard-reverse engineering, malware and goodware analysis of Android applications. URL code. Google. com/p/androguard 153 (2013).Google ScholarGoogle Scholar
  15. [15] Liu C., Chen C., Han J., and Yu P. S.. 2006. GPLAG: Detection of Software Plagiarism by Program Dependence Graph Analysis. ACM, Philadelphia PA USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. [16] Chin E., Felt A. P., Greenwood K., and Wagner D.. 2011. Analyzing Inter-application Communication in Android. ACM, Bethesda Maryland USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. [17] Egele M., Kruegel C., Kirda E., and Vigna G.. 2011. PiOS: Detecting Privacy Leaks in iOS Applications. San Diego, California.Google ScholarGoogle Scholar
  18. [18] Enck W., Gilbert P., Han S., Tendulkar V., Chun B.-G., Cox L. P., Jung J., McDaniel P., and Sheth A. N.. 2014. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS) 32, 2 (2014), 5. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. [19] Prado B., Bispo K. A., and Andrade R.. 2018. X9: An Obfuscation Resilient Approach for Source Code Plagiarism Detection in Virtual Learning Environments. Gaula, Portugal.Google ScholarGoogle Scholar
  20. [20] Wang H., Guo Y., Ma Z., and Chen X.. 2015. Wukong: A Scalable and Accurate Two-phase Approach to Android App Clone Detection. ACM, Baltimore MD USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. [21] Crussell J., Gibler C., and Chen H.. 2013. Scalable Semantics-based Detection of Similar Android Applications. Citeseer, Egham, UK.Google ScholarGoogle Scholar
  22. [22] Li M., Wang W., Wang P., Wang S., Wu D., Liu J., Xue R., and Huo W.. 2017. LibD: Scalable and Precise Third-Party Library Detection in Android Markets. IEEE, Buenos Aires, Argentina. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. [23] Soh C., Tan H. B. K., Arnatovich Y. L., and Wang L.. 2015. Detecting Clones in Android Applications Through Analyzing User Interfaces. IEEE Press, Florence, Italy. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. [24] Joshi M. and Khanna K.. 2013. Plagiarism detection over the web. International Journal of Computer Applications 68, 15 (2013), 1720.Google ScholarGoogle ScholarCross RefCross Ref
  25. [25] Ghafir I., Saleem J., Hammoudeh M., Faour H., Prenosil V., Jaf S., Jabbar S., and Baker T.. 2018. Security threats to critical infrastructure: The human factor. The Journal of Supercomputing (2018), 117. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. [26] Chen K., Liu P., and Zhang Y.. 2014. Achieving Accuracy and Scalability Simultaneously in Detecting Application Clones on Android Markets. ACM, Hyderabad India. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. [27] Ullah F., Naeem H., Naeem M. R., Jabbar S., Khalid S., Al-Turjman F., and Abuarqoub A.. 2019. Detection of clone scammers in Android markets using IoT-based edge computing. Transactions on Emerging Telecommunications Technologies (2019), e3791.Google ScholarGoogle Scholar
  28. [28] Cartwright R. and Felleisen M.. 1989. The Semantics of Program Dependence. ACM, Texas, USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. [29] Ferrante J., Ottenstein K. J., and Warren J. D.. 1987. The program dependence graph and its use in optimization. ACM Transactions on Programming Languages and Systems (TOPLAS) 9, 3 (1987), 319349. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. [30] Parr T., Wells P., Klaren R., Craymer L., Coker J., Stanchfield S., Mitchell J., and Flack C.. 2004. What's ANTLR (2004).Google ScholarGoogle Scholar
  31. [31] Zhang W., Yoshida T., and Tang X.. 2011. A comparative study of TF* IDF, LSI and multi-words for text classification. Expert Systems with Applications 38, 3 (2011), 27582765. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. [32] Paik J. H.. 2013. A Novel TF-IDF Weighting Scheme for Effective Ranking. ACM, Dublin Ireland. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. [33] Eddy B. P., Robinson J. A., Kraft N. A., and Carver J. C.. 2013. Evaluating Source Code Summarization Techniques: Replication and Expansion. IEEE San Francisco, CA, USA.Google ScholarGoogle Scholar
  34. [34] Wei H. and Li M.. 2017. Supervised Deep Features for Software Functional Clone Detection by Exploiting Lexical and Syntactical Information in Source Code. Melbourne, Australia. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. [35] Büch L. and Andrzejak A.. 2019. Learning-based Recursive Aggregation of Abstract Syntax Trees for Code Clone Detection. IEEE, Hangzhou, China.Google ScholarGoogle ScholarCross RefCross Ref
  36. [36] Agostinelli F., Hoffman M., Sadowski P., and Baldi P.. 2014. Learning activation functions to improve deep neural networks. arXiv preprint arXiv:1412.6830 (2014).Google ScholarGoogle Scholar
  37. [37] Shah S. Aziz, Ahmad J., Tahir A., Ahmed F., Russel G., Shah S. Y., Buchanan W., and Abbasi Q. H.. 2020. Privacy-preserving non-wearable occupancy monitoring system exploiting Wi-Fi imaging for next-generation body-centric communication. Micromachines 11, 4 (2020), 379.Google ScholarGoogle ScholarCross RefCross Ref
  38. [38] Abd-El-Hafiz S. K.. 2011. A Metrics-based data Mining Approach for Software Clone Detection. IEEE. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. [39] Powers D. M.. 2011. Evaluation: From precision, recall and F-measure to ROC, informedness, markedness and correlation (2011).Google ScholarGoogle Scholar

Index Terms

  1. IoT-based Cloud Service for Secured Android Markets using PDG-based Deep Learning Classification

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM Transactions on Internet Technology
      ACM Transactions on Internet Technology  Volume 22, Issue 2
      May 2022
      582 pages
      ISSN:1533-5399
      EISSN:1557-6051
      DOI:10.1145/3490674
      • Editor:
      • Ling Liu
      Issue’s Table of Contents

      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 22 October 2021
      • Revised: 1 July 2020
      • Accepted: 1 July 2020
      • Received: 1 May 2020
      Published in toit Volume 22, Issue 2

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Qualifiers

      • research-article
      • Refereed

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Full Text

    View this article in Full Text.

    View Full Text

    HTML Format

    View this article in HTML Format .

    View HTML Format
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!