nach oben

Erschienen in:

2020 | OriginalPaper | Buchkapitel

CAVAEva: An Engineering Platform for Evaluating Commercial Anti-malware Applications on Smartphones

verfasst von : Hao Jiang, Weizhi Meng, Chunhua Su, Kim-Kwang Raymond Choo

Erschienen in: Information Security and Cryptology

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The pervasiveness of mobile devices, such as Android and iOS smartphones, and the type of data available and stored on these devices make them an attractive target for cyber-attackers. For example, mobile malware authors seek to compromise devices to collect sensitive information and data from the smartphones. To mitigate such a threat, a number of online scanning platforms exist to evaluate existing anti-malware applications. However, existing platforms have a number of limitations, such as configuration inflexibility. Also, in practice, the code protection and different structures complicate efforts to effectively evaluate different commercial anti-malware software in a configurable and unified platform. Hence in this work, we design CAVAEva, an engineering platform for commercial anti-malware application evaluation, in which users/researchers have the capability to configure the platform based on their needs and requirements. In particular, we show how to design such a platform and introduce its performance. Specifically, we present a comparative summary of seven commercial anti-malware software, and collect the feedback from a user study. Experimental results demonstrate the potential utility of our platform in evaluating commercial anti-malware software in a real-world smartphone deployment.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Privacy-Preserving and yet Robust Collaborative Filtering Recommender as a Service

Nächstes Kapitel SymSem: Symbolic Execution with Time Stamps for Deobfuscation

https://www.digitalcitizen.life/how-choose-great-security-product-thats-right-you.

Anand, S.A., Saxena, N.: Speechless: analyzing the threat to speech privacy from smartphone motion sensors. In: Proceedings of the 2018 IEEE Symposium on Security and Privacy, pp. 1000–1017 (2018)

Andriesse, D., Bos, H.: Instruction-level steganography for covert trigger-based malware. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 41–50. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08509-8_3CrossRef

Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: Proceedings of NDSS (2014)

Asonov, D., Agrawal, R.: Keyboard acoustic emanations. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 3–11 (2004)

Aviv, A.J., Gibson, K., Mossop, E., Blaze, M., Smith, J.M.: Smudge attacks on smartphone touch screens. In: Proceedings of the 4th USENIX Conference on Offensive Technologies (WOOT), pp. 1–7 (2010)

Backes, M., Nauman, M.: LUNA: quantifying and leveraging uncertainty in Android malware analysis through Bayesian machine learning. In: EuroS&P 2017, pp. 204–217 (2017)

Cai, L., Chen, H.: TouchLogger: inferring keystrokes on touch screen from smartphone motion. In: Proceedings of the 6th USENIX Conference on Hot Topics in Security (HotSec), pp. 1–6 (2011)

Chen, S., et al.: Automated poisoning attacks and defenses in malware detection systems: an adversarial machine learning approach. Comput. Secur. 73, 326–344 (2018)CrossRef

Chen, X., et al.: Android HIV: a study of repackaging malware for evading machine-learning detection. IEEE Trans. Inf. Forensics Secur. 15, 987–1001 (2019)CrossRef

10.

Chen, Z., et al.: Machine learning based mobile malware detection using highly imbalanced network traffic. Inf. Sci. 433–434, 346–364 (2018)CrossRef

11.

Do, Q., Martini, B., Choo, K.-K.R.: Exfiltrating data from Android devices. Comput. Secur. 48, 74–91 (2015)CrossRef

12.

Faruki, P., Bharmal, A., Laxmi, V., Gaur, M.S., Conti, M., Rajarajan, M.: Evaluation of Android anti-malware techniques against Dalvik bytecode obfuscation. In: Proceedings of TrustCom, pp. 414–421 (2014)

13.

Faruki, P., et al.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 17(2), 998–1022 (2015)CrossRef

14.

Garuba, M., Liu, C., Washington, A.N.: A comparative analysis of anti-malware software, patch management, and host-based firewalls in preventing malware infections on client computers. In: Proceedings of ITNG, pp. 628–632 (2008)

15.

Han, J., Owusu, E., Nguyen, L., Perrig, A., Zhang, J.: ACComplice: location inference using accelerometers on smartphones. In: Proceedings of the 4th International Conference on Communication Systems and Networks (COMSNETS), New York, NY, USA, pp. 1–9 (2012)

16.

Hurier, M., Allix, K., Bissyandé, T.F., Klein, J., Le Traon, Y.: On the lack of consensus in anti-virus decisions: metrics and insights on building ground truths of Android malware. In: Caballero, J., Zurutuza, U., Rodríguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 142–162. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40667-1_8CrossRef

17.

Jiang, L., Meng, W., Wang, Y., Su, C., Li, J.: Exploring energy consumption of juice filming charging attack on smartphones: a pilot study. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds.) NSS 2017. LNCS, vol. 10394, pp. 199–213. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-64701-2_15CrossRef

18.

Kune, D.F., Kim, Y.: Timing attacks on PIN input devices. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS), pp. 678–680. ACM, New York (2010)

19.

Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine-learning-based Android malware detection. IEEE Trans. Ind. Inform. 14(7), 3216–3225 (2018)CrossRef

20.

Lin, C.-C., Li, H., Zhou, X., Wang, X.: Screenmilker: how to milk your Android screen for secrets. In: Proceedings of Annual Network and Distributed System Security Symposium (NDSS), pp. 1–10 (2014)

21.

Liu, J., Zhong, L., Wickramasuriya, J., Vasudevan, V.: uWave: accelerometer-based personalized gesture recognition and its applications. Pervasive Mob. Comput. 5(6), 657–675 (2009)CrossRef

22.

Lau, B., Jang, Y., Song, C.: Mactans: injecting malware into iOS devices via malicious chargers. Blackhat USA (2013)

23.

Marquardt, P., Verma, A., Carter, H., Traynor, P.: (sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), pp. 551–562. ACM, New York (2011)

24.

Matplotlib: Python plotting. https://matplotlib.org/

25.

MonkeyRunner: A monkeyrunner class that contains static utility methods. https://developer.android.com/studio/test/monkeyrunner/MonkeyRunner

26.

Morales, J.A., Sandhu, R.S., Xu, S.: Evaluating detection and treatment effectiveness of commercial anti-malware programs. In: Proceedings of MALWARE, pp. 31–38 (2010)

27.

Mcafee: McAfee Mobile Threat Report Q1, 2018. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-mobile-threat-report-2018.pdf

28.

Meng, Y., Wong, D.S., Schlegel, R., Kwok, L.: Touch gestures based biometric authentication scheme for touchscreen mobile phones. In: Kutyłowski, M., Yung, M. (eds.) Inscrypt 2012. LNCS, vol. 7763, pp. 331–350. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38519-3_21CrossRef

29.

Meng, Y., Li, W., Kwok, L.-F.: Enhancing click-draw based graphical passwords using multi-touch on mobile phones. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 55–68. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39218-4_5 CrossRef

30.

Meng, W., Li, W., Kwok, L.F.: EFM: enhancing the performance of signature-based network intrusion detection systems using enhanced filter mechanism. Comput. Secur. 43, 189–204 (2014)CrossRef

31.

Meng, W., Wong, D.S., Furnell, S., Zhou, J.: Surveying the development of biometric user authentication on mobile phones. IEEE Commun. Surv. Tutor. 17, 1268–1293 (2015)CrossRef

32.

Meng, W., Lee, W.H., Murali, S.R., Krishnan, S.P.T.: Charging me and I know your secrets! Towards juice filming attacks on smartphones. In: Proceedings of the Cyber-Physical System Security Workshop (CPSS), in conjunction with AsiaCCS 2015. ACM (2015)

33.

Meng, W., Lee, W.H., Murali, S.R., Krishnan, S.P.T.: JuiceCaster: towards automatic juice filming attacks on smartphones. J. Netw. Comput. Appl. 68, 201–212 (2016)CrossRef

34.

Meng, W., Fei, F., Li, W., Au, M.H.: Harvesting smartphone privacy through enhanced juice filming charging attacks. In: Nguyen, P., Zhou, J. (eds.) ISC 2017. Lecture Notes in Computer Science, vol. 10599, pp. 291–308. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69659-1_16CrossRef

35.

Meng, W., Lee, W.H., Liu, Z., Su, C., Li, Y.: Evaluating the impact of juice filming charging attack in practical environments. In: Kim, H., Kim, D.-C. (eds.) ICISC 2017. LNCS, vol. 10779, pp. 327–338. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78556-1_18CrossRef

36.

Meng, W., Jiang, L., Wang, Y., Li, J., Zhang, J., Xiang, Y.: JFCGuard: detecting juice filming charging attack via processor usage analysis on smartphones. Comput. Secur. 76, 252–264 (2018)CrossRef

37.

Milosevic, N., Dehghantanha, A., Choo, K.K.R.: Machine learning aided Android malware classification. Comput. Electr. Eng. 61, 266–274 (2017)CrossRef

38.

Min, B., Varadharajan, V.: Design, implementation and evaluation of a novel anti-virus parasitic malware. In: Proceedings of SAC 2015, pp. 2127–2133 (2015)

39.

Miluzzo, E., Varshavsky, A., Balakrishnan, S., Choudhury, R.R.: TapPrints: your finger taps have fingerprints. In: Proceedings of MobiSys, New York, NY, USA, pp. 323–336 (2012)

40.

Nguyen, G., Nguyen, B.M., Tran, D., Hluchy, L.: A heuristics approach to mine behavioural data logs in mobile malware detection system. Data Knowl. Eng. 115, 129–151 (2018)CrossRef

41.

Owusu, E., Han, J., Das, S., Perrig, A., Zhang, J.: ACCessory: password inference using accelerometers on smartphones. In: Proceedings of the 12th Workshop on Mobile Computing Systems & Applications (HotMobile), pp. 1–6. ACM, New York (2012)

42.

Peng, S., Yu, S., Yang, A.: Smartphone malware and its propagation modeling: a survey. IEEE Commun. Surv. Tutor. 16(2), 925–941 (2014)CrossRef

43.

Raguram, R., White, A.M., Goswami, D., Monrose, F., Frahm, J.-M.: iSpy: automatic reconstruction of typed input from compromising reflections. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS), pp. 527–536. ACM, New York (2011)

44.

Rastogi, V., Chen, Y., Jiang, X.: DroidChameleon: evaluating Android anti-malware against transformation attacks. In: Proceedings of AsiaCCS, pp. 329–334 (2013)

45.

Rudd, E.M., Rozsa, A., Ganther, M., Boult, T.E.: A survey of stealth malware attacks, mitigation measures, and steps toward autonomous open world solutions. IEEE Commun. Surv. Tutor. 19(2), 1145–1172 (2017)CrossRef

46.

Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, pp. 17–33 (2011)

47.

Sen, S., Aydogan, E., Aysan, A.I.: Coevolution of mobile malware and anti-malware. IEEE Trans. Inf. Forensics Secur. 13(10), 2563–2574 (2018)CrossRef

48.

Spolaor, R., Abudahi, L., Moonsamy, V., Conti, M., Poovendran, R.: No free charge theorem: a covert channel via USB charging cable on mobile devices. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 83–102. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61204-1_5CrossRef

49.

SQLite. https://www.sqlite.org/

50.

Talal, M., et al.: Comprehensive review and analysis of anti-malware apps for smartphones. Telecommun. Syst. 72(2), 285–337 (2019)CrossRef

51.

Vuagnoux, M., Pasini, S.: Compromising electromagnetic emanations of wired and wireless keyboards. In: Proceedings of the 18th Conference on USENIX Security Symposium, pp. 1–16 (2009)

52.

VirusTotal: Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community. https://www.virustotal.com/#/home/upload

53.

Wressnegger, C., Freeman, K., Yamaguchi, F., Rieck, K.: Automatically inferring malware signatures for anti-virus assisted attacks. In: Proceedings of AsiaCCS, pp. 587–598 (2017)

54.

Xing, L., Pan, X., Wang, R., Yuan, K., Wang, X.: Upgrading your Android, elevating my malware: privilege escalation through mobile OS updating. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, pp. 393–408 (2014)

55.

Xu, N., Zhang, F., Luo, Y., Jia, W., Xuan, D., Teng, J.: Stealthy video capturer: a new video-based spyware in 3G smartphones. In: Proceedings of the 2nd ACM Conference on Wireless Network Security (WiSec), pp. 69–78 (2009)

56.

Ye, Y., Li, T., Adjeroh, D.A., Iyengar, S.S.: A survey on malware detection using data mining techniques. ACM Comput. Surv. 50(3), 41:1–41:40 (2017)CrossRef

57.

Zhuang, L., Zhou, F., Tygar, J.D.: Keyboard acoustic emanations revisited. ACM Trans. Inf. Syst. Secur. 13(1), 1–26 (2009)CrossRef

Titel: CAVAEva: An Engineering Platform for Evaluating Commercial Anti-malware Applications on Smartphones
verfasst von: Hao Jiang
Weizhi Meng
Chunhua Su
Kim-Kwang Raymond Choo
Verlag: Springer International Publishing
Buch: Information Security and Cryptology
Print ISBN: 978-3-030-42920-1

Electronic ISBN: 978-3-030-42921-8

Copyright-Jahr: 2020
DOI: https://doi.org/10.1007/978-3-030-42921-8_12

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner