Skip to Main content Skip to Navigation
Conference papers

SherlockDroid, an Inspector for Android Marketplaces

Axelle Apvrille Ludovic Apvrille 1, 2 
1 LabSoC - System on Chip
LTCI - Laboratoire Traitement et Communication de l'Information
Abstract : With over 1,200,000 Android applications in Google Play alone, and dozens of different marketplaces, Android malware unfortunately have no difficulty to sneak in and silently spread. This puts a high pressure on antivirus teams. To try and spot new malware instances, we have built an infrastructure, named SherlockDroid, whose goal is to filter out the mass of applications and only keep those which are the most likely to be malicious for future inspection by Anti-virus teams. SherlockDroid consists of marketplace crawlers, code-level property extractors and a classification tool named Alligator which decides whether the sample looks malicious or not, based on some prior learning. During our tests, we have extracted properties and classified over 480k applications. Since the beginning of July 2014, SherlockDroid has crawled 88,369 applications with the detection of one new malware, Android/Odpa.A!tr.spy, and one new riskware. With previous findings, this increases SherlockDroid and Alligator’s “Hall of Shame” to 7 malware and potentially unwanted applications.
Complete list of metadata
Contributor : TelecomParis HAL Connect in order to contact the contributor
Submitted on : Sunday, December 15, 2019 - 12:44:49 PM
Last modification on : Tuesday, October 19, 2021 - 11:15:20 AM


  • HAL Id : hal-02412084, version 1


Axelle Apvrille, Ludovic Apvrille. SherlockDroid, an Inspector for Android Marketplaces., Oct 2014, Luxembourg, Luxembourg. ⟨hal-02412084⟩



Record views