An Investigation of Android Application Plagiarism

Jonathan Crussell

Master’s Thesis, University of California, Davis (2012)

Abstract

Smart phones are rapidly becoming a fixture of modern day life. Their popularity and market penetration have given rise to a flourishing ecosystem of mobile applications that provide users with a wide range of useful functionality. Android users may download applications from Google’s official Android Market or from a number of third-party markets. To ensure a healthy mobile application environment, users should have access to high quality applications and developers should be financially compensated for their efforts. However, applications may be copied, or “cloned,” by a dishonest developer and released as her own, subverting revenue from the original developer or possibly including additional malicious functionality.

We present DNADroid, a tool that detects Android application copying, or “cloning”, by robustly computing the similarity between two applications. DNADroid achieves this by comparing program dependency graphs between methods in candidate applications. Using DNADroid, we found at least 141 applications that have been the victims of cloning, some as many as seven times. DNADroid has a very low false positive rate — we manually confirmed that all the applications detected are indeed clones by either visual or behavioral similarity. We present several case studies that give insight into why applications are cloned, including localization and redirecting ad revenue. We describe a case of malware being added to an application and show how DNADroid was able to detect two variants of the same malware. Lastly, we offer examples of a cracking tool being used in the wild.

@thesis{crussell2012investigation,
  title={An Investigation of Android Application Plagiarism},
  author={Crussell, Jonathan},
  year={2012},
  school={University of California, Davis}
}