Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets
In this paper, the authors present a systematic study for the detection of malicious applications (or apps) on popular Android Markets. To this end, they first propose a permission-based behavioral foot-printing scheme to detect new samples of known Android malware families. Then they apply a heuristics-based filtering scheme to identify certain inherent behaviors of unknown malicious families. They implemented both schemes in a system called DroidRanger. The experiments with 204, 040 apps collected from five different Android Markets in May-June 2011 reveal 211 malicious ones: 32 from the official Android Market (0.02% infection rate) and 179 from alternative marketplaces (infection rates ranging from 0.20% to 0.47%).