A Large-scale Analysis of Cloned Android Apps

Since it is not hard to replicate an Android app, there are many cloned apps, which we call clones in this work. Generally, clones are generated for bad purposes by malicious parties. Besides clones, there are legitimate, similar apps, which we call relatives in this work. These relatives are not clones but are similar in nature, i.e., they are generated by the same app-building framework. Given these observations, this paper aims to answer the following two research questions: (RQ1) How can we distinguish between clone and relatives? (RQ2) What is the breakdown of clones and relatives in the official and third-party marketplaces? To answer RQ1, we developed a scalable framework called APPraiser that systematically extracts similar apps and classifies them into clones and relatives. To answer RQ2, we applied the APPraiser framework to the 1.3 millions of apps collected from official and third-party marketplaces. Our analysis revealed the following findings: In the official marketplace, 76% of similar apps were relatives while, in the third-party marketplace, 45% of similar apps were clones. The majority of relatives were apps developed by prolific developers in both marketplaces.