Details
Originalsprache | Englisch |
---|---|
Titel des Sammelwerks | ACM International Conference Proceeding Series |
Herausgeber (Verlag) | Association for Computing Machinery (ACM) |
Seiten | 222-235 |
Seitenumfang | 14 |
ISBN (elektronisch) | 9781450365697 |
Publikationsstatus | Veröffentlicht - 3 Dez. 2018 |
Veranstaltung | 34th Annual Computer Security Applications Conference, ACSAC 2018 - San Juan, USA / Vereinigte Staaten Dauer: 3 Dez. 2018 → 7 Dez. 2018 |
Publikationsreihe
Name | ACM International Conference Proceeding Series |
---|
Abstract
Android applications are frequently plagiarized or repackaged, and software obfuscation is a recommended protection against these practices. However, there is very little data on the overall rates of app obfuscation, the techniques used, or factors that lead to developers to choose to obfuscate their apps. In this paper, we present the first comprehensive analysis of the use of and challenges to software obfuscation in Android applications. We analyzed 1.7 million free Android apps from Google Play to detect various obfuscation techniques, finding that only 24.92% of apps are obfuscated by the developer. To better understand this rate of obfuscation, we surveyed 308 Google Play developers about their experiences and attitudes about obfuscation. We found that while developers feel that apps in general are at risk of plagiarism, they do not fear theft of their own apps. Developers also report difficulties obfuscating their own apps. To better understand, we conducted a follow-up study where the vast majority of 70 participants failed to obfuscate a realistic sample app even while many mistakenly believed they had been successful. These findings have broad implications both for improving the security of Android apps and for all tools that aim to help developers write more secure software.
ASJC Scopus Sachgebiete
- Informatik (insg.)
- Software
- Informatik (insg.)
- Mensch-Maschine-Interaktion
- Informatik (insg.)
- Maschinelles Sehen und Mustererkennung
- Informatik (insg.)
- Computernetzwerke und -kommunikation
Zitieren
- Standard
- Harvard
- Apa
- Vancouver
- BibTex
- RIS
ACM International Conference Proceeding Series. Association for Computing Machinery (ACM), 2018. S. 222-235 (ACM International Conference Proceeding Series).
Publikation: Beitrag in Buch/Bericht/Sammelwerk/Konferenzband › Aufsatz in Konferenzband › Forschung › Peer-Review
}
TY - GEN
T1 - A large scale investigation of obfuscation use in google play
AU - Wermke, Dominik
AU - Huaman, Nicolas
AU - Acar, Yasemin
AU - Reaves, Bradley
AU - Traynor, Patrick
AU - Fahl, Sascha
N1 - Funding Information: This work was supported in part by the National Science Foundation under grant numbers CNS-1526718 and CNS-1562485. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reect the views of the National Science Foundation.
PY - 2018/12/3
Y1 - 2018/12/3
N2 - Android applications are frequently plagiarized or repackaged, and software obfuscation is a recommended protection against these practices. However, there is very little data on the overall rates of app obfuscation, the techniques used, or factors that lead to developers to choose to obfuscate their apps. In this paper, we present the first comprehensive analysis of the use of and challenges to software obfuscation in Android applications. We analyzed 1.7 million free Android apps from Google Play to detect various obfuscation techniques, finding that only 24.92% of apps are obfuscated by the developer. To better understand this rate of obfuscation, we surveyed 308 Google Play developers about their experiences and attitudes about obfuscation. We found that while developers feel that apps in general are at risk of plagiarism, they do not fear theft of their own apps. Developers also report difficulties obfuscating their own apps. To better understand, we conducted a follow-up study where the vast majority of 70 participants failed to obfuscate a realistic sample app even while many mistakenly believed they had been successful. These findings have broad implications both for improving the security of Android apps and for all tools that aim to help developers write more secure software.
AB - Android applications are frequently plagiarized or repackaged, and software obfuscation is a recommended protection against these practices. However, there is very little data on the overall rates of app obfuscation, the techniques used, or factors that lead to developers to choose to obfuscate their apps. In this paper, we present the first comprehensive analysis of the use of and challenges to software obfuscation in Android applications. We analyzed 1.7 million free Android apps from Google Play to detect various obfuscation techniques, finding that only 24.92% of apps are obfuscated by the developer. To better understand this rate of obfuscation, we surveyed 308 Google Play developers about their experiences and attitudes about obfuscation. We found that while developers feel that apps in general are at risk of plagiarism, they do not fear theft of their own apps. Developers also report difficulties obfuscating their own apps. To better understand, we conducted a follow-up study where the vast majority of 70 participants failed to obfuscate a realistic sample app even while many mistakenly believed they had been successful. These findings have broad implications both for improving the security of Android apps and for all tools that aim to help developers write more secure software.
KW - Android
KW - Obfuscation
KW - User Study
UR - http://www.scopus.com/inward/record.url?scp=85060065541&partnerID=8YFLogxK
U2 - 10.48550/arXiv.1801.02742
DO - 10.48550/arXiv.1801.02742
M3 - Conference contribution
AN - SCOPUS:85060065541
T3 - ACM International Conference Proceeding Series
SP - 222
EP - 235
BT - ACM International Conference Proceeding Series
PB - Association for Computing Machinery (ACM)
T2 - 34th Annual Computer Security Applications Conference, ACSAC 2018
Y2 - 3 December 2018 through 7 December 2018
ER -