Glanz, LeonidAmann, SvenEichberg, MichaelReif, MichaelMezini, MiraTichy, MatthiasBodden, EricKuhrmann, MarcoWagner, StefanSteghöfer, Jan-Philipp2019-03-292019-03-292018978-3-88579-673-2https://dl.gi.de/handle/20.500.12116/21163ESEC/FSE 2017 Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering. Popular mobile apps are regularly installed by millions of users. This fact attracts malicious actors to create altered, repackaged versions of those apps to steal the original owner’s revenue or to trick users to infect their devices with malware. Detecting such repackaged apps is, therefore, necessary for a secure and viable app market but is challenging due to the use of code obfuscation and the widespread usage of libraries. Due to the recent fact, non-repackaged, legitimate apps often share a majority of their code base and are classified as repackaged by state-of-the-art detectors. We, therefore, propose a new library filtering approach that relies on code representations at five different abstraction levels to achieve resilience against code obfuscation. Additionally, we propose to use the most abstract representation in combination with fuzzy-hashing to detect repackaged apps. Our evaluation shows that the overall approach leads to a better detection rate up to 50%.enlibrary detectionrepackage detectionobfuscationcode analysisText/Conference Paper1617-5468