Credibility Analysis Of Android Markets

In recent years, mobile devices develop at an unprecedented rate, of which the smart phone is most prominent. Popularity of smart phones application spawned a wide range of feature-rich applications. Mobile users can browse from a variety of application markets and download mobile applications, and install on mobile devices. In practice, in order to meet the needs of regional or localized, in addition to the official market of platform providers (such as Google stores and Apple Store), a number of third-party applications markets with many alternative applications came into being. Today, there are many domestic third-party Android application markets, due to the lack of effective regulation and Android app open distribution policy, triggering a lot of security issues which can’t be ignored. Meanwhile, third-party application store provides users with online commenting and rating. Most users believe that online ratings and reviews with respect to business advertising and the product information delivered by other means is more reliable and has features of readily available and low cost, the use of online ratings and reviews can better understand the quality of application and developer reputation, reducing quality uncertainty and search costs. In fact, some application developers more and more frequent use bad means, such as boast sales or submitted false ratings to obfuscate the real quality of application. From the results released by the Ministry of Industry, these poor applications mostly are downloaded from third-party applications markets. Thus, the credibility analysis of the Android application markets is becoming increasingly urgent.In this paper, based on the research and analysis of abnormal rates of application we regard user ratings as a factor in the credibility analysis, in Android system security digital signature mechanism as a research direction. Based on Android applications static analysis method and make Android application reverse engineering as realization basis, take advantage of trust model to design estimation methods, thus establishing a complete and efficient third-party application store credibility evaluation system.The main contents of this paper include:design depth-first crawling algorithm and implement web crawler to crawl the application and the rating of application and stored in the database; select ratings, package name, version code, digital signatures, permission, Dalvik executable file which are distinctive features characteristic values as a basis for static analysis, design static testing program for comparison testing with third-party applications corresponding to the official, according to test results applications are divided into three types; select trust model based on the results of the static test and design specific and feasible confidence calculation scheme for third-party applications store to calculate credibility score; according to the program designed to achieve on a Windows platform, and test from coding defects and correct angles; detailed description of the results of the analysis of the data.