Rotten Apples Spoil the Bunch: Anatomy of Google Play Malware

The popularity of mobile phones has increased rapidly in the past decade. Together with the increased popularity, their wide adoption greatly stimulated the growth of mobile malware. Understanding the characteristics of such malware is an important step towards building effective malware detection tools.

In this study, we performed a detailed analysis of recent Android malware that bypassed the defenses of the Google Play application store between January 2016 to July 2021. We systematically identified 1,238 such malicious applications, grouped them into 134 families, and manually analyzed one application from 105 distinct families. In addition to detailed malware analysis reports, we classified the capabilities of existing malware detection tools in context of our collected dataset.

Please use the menu on the left to obtain more details about each step.

If you use our dataset or refer to our analysis results, please cite the following paper:

Michael Cao, Khaled Ahmed, and Julia Rubin. “Rotten Apples Spoil the Bunch: An Anatomy of Google Play Malware.” In Proc. of the 44th IEEE/ACM International Conference on Software Engineering (ICSE), 2022. [pdf, bibtex]