|![[Search]](http://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](http://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](http://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](http://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](http://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > Catch Me If You Scan: A Longitudinal Analysis of Stalkerware Evasion Tactics
Catch Me If You Scan: A Longitudinal Analysis of Stalkerware Evasion TacticsAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Alexandre Pauwels. Stalkerware–mobile software that enables covert surveillance, especially in intimate partner relationships–persists as a significant threat on the Android ecosystem despite platform-level policy and security enhancements. We present the first multi-application longitudinal analysis of the stalkerware ecosystem. We analyse 82 APKs from four prominent stalkerware brands sourced from official, third-party, and modded marketplaces, mapping their technical evolution against key policy and OS updates from 2012 to 2025. We find a strategic dichotomy in developer behaviour based on distribution channels. Applications distributed on third-party channels, away from Google Play, consistently target older, less-secure APIs to preserve invasive functionality, effectively ignoring platform policies. In contrast, developers on the Google Play platform respond reluctantly, often employing malicious compliance (e.g., obfuscated notifications) or strategic re-architecting (e.g., ‘split-app’ models) to circumvent rules while maintaining a market presence. Our findings suggest that platform policies displace rather than eliminate abusive functionality. By systematically documenting how stalkerware developers navigate and subvert platform governance, we provide a nuanced understanding of their adaptive capabilities, offering critical insights for developing more robust, future-proof detection and mitigation strategies. This talk is part of the Computer Laboratory Security Seminar series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsStem Cell Seminars and Events in Cambridge Trinity Hall Fairtrade Fortnight EPIGENETICS: Technology, Tools and Applications of Epigenetic data (21 September 2009, Hinxton)Other talksWelcome and overview of the Turing Book Launch: Naturekind: Language, Culture and Power Beyond the Human Basic Principles: Audiences & Speaking and Presenting Artificial Intelligence in Radiotherapy Group Work Lost software, Polar Research Ships, Antarctica, and Doom: Rescuing 30+ years of raw scientific vessel underway data |
Friday 31 October 2025, 14:00-15:00