Understanding android app piggybacking

Li Li, Daoyuan Li, Tegawende F. Bissyande, Jacques Klein, Yves Le Traon, David Lo, Lorenzo Cavallaro

Research output: Chapter in Book/Report/Conference proceedingConference PaperOther

5 Citations (Scopus)


The Android packaging model offers adequate opportunities for attackers to inject malicious code into popular benign apps, attempting to develop new malicious apps that can then be easily spread to a large user base. Despite the fact that the literature has already presented a number of tools to detect piggybacked apps, there is still lacking a comprehensive investigation on the piggybacking processes. To fill this gap, in this work, we collect a large set of benign/piggybacked app pairs that can be taken as benchmark apps for further investigation. We manually look into these benchmark pairs for understanding the characteristics of piggybacking apps and eventually we report 20 interesting findings. We expect these findings to initiate new research directions such as practical and scalable piggybacked app detection, explainable malware detection, and malicious code location.

Original languageEnglish
Title of host publicationProceedings
Subtitle of host publication2017 IEEE/ACM 39th International Conference on Software Engineering Companion - ICSE-C 2017
EditorsAlessandro Orso, Martin Robillard
Place of PublicationPiscataway NJ USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Number of pages3
ISBN (Print)9781538615898
Publication statusPublished - 30 Jun 2017
Externally publishedYes
EventInternational Conference on Software Engineering 2017 - Buenos Aires, Argentina
Duration: 20 May 201728 May 2017
Conference number: 39th


ConferenceInternational Conference on Software Engineering 2017
Abbreviated titleICSE-C 2017
CityBuenos Aires
OtherIEEE/ACM International Conference on Software Engineering Companion (ICSE-C 2017)
Internet address

Cite this