BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Talks.cam//talks.cam.ac.uk// X-WR-CALNAME:Talks.cam BEGIN:VEVENT SUMMARY:Catch Me If You Scan: A Longitudinal Analysis of Stalkerware Evasi on Tactics - Anahitha Vijay (University of Cambridge) DTSTART:20251031T140000Z DTEND:20251031T150000Z UID:TALK236605@talks.cam.ac.uk CONTACT:Alexandre Pauwels DESCRIPTION:Stalkerware–mobile software that enables covert surveillance \, especially in intimate partner relationships–persists as a significan t threat on the Android ecosystem despite platform-level policy and securi ty enhancements. We present the first multi-application longitudinal analy sis of the stalkerware ecosystem. We analyse 82 APKs from four prominent s talkerware brands sourced from official\, third-party\, and modded marketp laces\, mapping their technical evolution against key policy and OS update s from 2012 to 2025. We find a strategic dichotomy in developer behaviour based on distribution channels. Applications distributed on third-party ch annels\, away from Google Play\, consistently target older\, less-secure A PIs to preserve invasive functionality\, effectively ignoring platform pol icies. In contrast\, developers on the Google Play platform respond reluct antly\, often employing malicious compliance (e.g.\, obfuscated notificati ons) or strategic re-architecting (e.g.\, ‘split-app’ models) to circu mvent rules while maintaining a market presence. Our findings suggest that platform policies displace rather than eliminate abusive functionality. B y systematically documenting how stalkerware developers navigate and subve rt platform governance\, we provide a nuanced understanding of their adapt ive capabilities\, offering critical insights for developing more robust\, future-proof detection and mitigation strategies. LOCATION:Webinar &\; FW11\, Computer Laboratory\, William Gates Buildin g. END:VEVENT END:VCALENDAR