CRSPR: PageRank for Android Apps

With the sharp increase in mobile apps, modular design and functional reuse are commonly adopted. The inter-component communication (ICC) mechanism in Android allows apps to exchange data with other apps and components, resulting in large amounts of security issues, such as component hijacking vulnerabilities, privilege escalation and spoofing attacks. Although ICC has been extensively studied in previous work, none of the previous approaches is practically scalable to simultaneously analyze a large number of Android apps, giving the combinational explosion of possible inter-component (and inter-app) communications. In this paper, we first propose an explorative study to analyze the ICC-based interaction for a large amount of Android apps. Then we propose CRSPR, a PageRank-like topic-aware app ranking approach to highlight influential Android apps for ICC analysis. The experimental results show that CRSPR is better than the basic counting approach as well as the traditional PageRank-based approach, which further demonstrate that CRSPR is useful for highlighting influential Android apps.