AndRadar: Mobile app Marketplace Monitoring and Reputation Analysis

The main goal of this project is to provide a dashboard to analyze and monitor the spreading of Android malware in marketplaces. AndRadar uses lightweight fingerprints to lookup malware samples without the need to download them from the markets.

Once a matching app is found, AndRadar tracks its page, developer, and any kind of meta data associated to it. AndRadar’s data is then crunched into a set of indicators that summarize, for example, the efficiency of a malware author in publishing its app, the speed of the market in responding to threats, etc., and provide an overall reputation of each developer, market and app. By combining data coming from different marketplaces, AndRadar can track spreading campaigns also across markets. No such tool like AndRadar exists so far, so we released it to the public.

The (unmaintained) web application is at: http://andradar.hosting.necst.it

References

(2014). AndRadar: Fast Discovery of Android Applications in Alternative Markets. Detection of Intrusions and Malware, and Vulnerability Assessment.

PDF