A Large-Scale Empirical Study on Industrial Fake Apps

TL;DR

This paper presents the first large-scale empirical analysis of fake Android apps, revealing their characteristics, development trends, and evasive strategies, thereby shedding light on the mobile underground industry.

Contribution

It provides a comprehensive, systematic study of fake apps at scale, including their ecosystem, naming patterns, and developer behaviors, which was previously underexplored.

Findings

Fake apps exhibit distinct naming tendencies.

Fake developers employ evasive strategies.

Fake app ecosystem is complex and evolving.

Abstract

While there have been various studies towards Android apps and their development, there is limited discussion of the broader class of apps that fall in the fake area. Fake apps and their development are distinct from official apps and belong to the mobile underground industry. Due to the lack of knowledge of the mobile underground industry, fake apps, their ecosystem and nature still remain in mystery. To fill the blank, we conduct the first systematic and comprehensive empirical study on a large-scale set of fake apps. Over 150,000 samples related to the top 50 popular apps are collected for extensive measurement. In this paper, we present discoveries from three different perspectives, namely fake sample characteristics, quantitative study on fake samples and fake authors' developing trend. Moreover, valuable domain knowledge, like fake apps' naming tendency and fake developers' evasive strategies, is then presented and confirmed with case studies, demonstrating a clear vision of fake apps and their ecosystem.