Meteor: Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems

Overview

Meteor is a security-enhancing application installation framework that leverages information from a configurable set of security information sources.

UAppID

In our paper, we highlight the importance of having a reliable way to uniquely identify apps across multiple markets. Since package names (e.g., com.google.maps) are developer chosen, we use digital signatures and a hash of the bianry to construct a unique identifier for each app.

Coming soon: scripts and libraries to obtain a UAppID given an Android apk

Meteorite App

Source code for the Meteorite app is available on Github

Publications

David Barrera, William Enck, P.C. van Oorschot. Meteor: Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems IEEE Mobile Security Technologies Workshop (MoST 2012)

Contact

Questions or comments? Email dbarrera@ccsl.carleton.ca