Checking App Behavior Against App Descriptions: What If There are No App Descriptions?

TL;DR

This paper introduces REACT, a reverse engineering approach to classify mobile apps based on internal data, addressing challenges when app descriptions are missing or unreliable.

Contribution

The paper presents REACT, a novel method for app classification using internal app data, extending its application to malware detection and analyzing its limitations.

Findings

REACT successfully classifies apps without relying on descriptions.

REACT demonstrates scalability and potential for malware detection.

Limitations exist in grouping similar apps, revealing areas for improvement.

Abstract

Classifying mobile apps based on their description is beneficial for several purposes. However, many app descriptions do not reflect app functionalities, whether accidentally or on purpose. Most importantly, these app classification methods do not work if the app description is unavailable. This paper investigates a Reverse Engineering-based Approach to Classify mobile apps using The data that exists in the app, called REACT. To validate the proposed REACT method, we use a large set of Android apps (24,652 apps in total). We also show REACTs' extendibility for malware/anomaly detection and prove its reliability and scalability. However, our analysis shows some limitations in REACT procedure and implementation, especially for similar feature based app grouping. We discuss the root cause of these failures, our key lessons learned, and some future enhancement ideas. We also share our REACT tools and reproduced datasets for the app market analyst, mobile app developers and software engineering research communities for further research purposes.