CSC News

February 14, 2012

Best Paper Award Presented at CODASPY 2012

Congratulations to Wu Zhou and Yajin ZhouPhD students, and Dr. Xuxian Jiang, assistant professor of computer science, and Dr. Peng Ning, professor of computer science in the NC State Department of Computer Science, for winning the Best Paper Award at the Second ACM Conference on Data and Application Security and Privacy (CODASPY 2012) held in San Antonio, TX on February 7-9, 2012.
 
The winning paper, titled "DroidMOSS: Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces,”  reports on a systematic study conducted on six popular Android-based third-party application (app) marketplaces.  Among these marketplaces, the researchers found a common practice of repackaging legitimate apps (from the official Android Market) and distributing repackaged ones via third-party marketplaces.
 
To better understand the extent of this practice, they implemented an app similarity measurement system called DroidMOSS that applies a fuzzy hashing technique to effectively localize and detect the changes from app-repackaging behavior.  The experiments with DroidMOSS show a worrisome fact that 5-13% of apps hosted on these studied marketplaces are repackaged.  Further investigation indicates that these repackaged apps are mainly used to replace existing in-app advertisements or embed new ones to “steal” or re-route ad revenues.  They also identified a few cases of planted backdoors or malicious payloads among repackaged apps.  The results call for the need of a rigorous vetting process for better regulation of third-party smartphone application marketplaces.
 
CODASPY 2012 is the continuation of the recently launched ACM SIGSAC Annual ACM Conference on Data and Applications Security.  The conference provides a dedicated venue for high-quality research in security and privacy, especially as it pertains to the Internet, smartphones and its cyber infrastructure. 
 
To read the award-winning paper, click here.
 
For more information on the CODASPY 2012 conference, click here.
 

~coates~ 

Return To News Homepage