Following Devil's Footprints - Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS

Explore a comprehensive cross-platform analysis of potentially harmful libraries (PhaLibs) on Android and iOS in this 22-minute IEEE conference talk. Dive into the groundbreaking research presented by Kai Chen from the Institute of Information Engineering, Chinese Academy of Sciences, at the 2016 IEEE Symposium on Security & Privacy. Discover the innovative methodology used to identify and analyze PhaLibs across both platforms, including clustering similar packages from Android apps, utilizing anti-virus systems, and searching for iOS counterparts based on shared features. Learn about the alarming prevalence of PhaLibs, with 117 identified on Android infecting 6.84% of Google Play apps and 23 on iOS affecting 2.94% of Apple App Store apps. Uncover newly discovered back-door libraries and their risky behaviors, such as accessing keychains, recording audio and video, and attempting unauthorized phone calls. Gain valuable insights into the cross-platform preservation of harmful behaviors and the growing threat of library repackaging for malware propagation in mobile app ecosystems.