Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Recent Advances in Computational Intelligence in Defense and Security Kapitel lesen Erstes Kapitel lesen

2016 | OriginalPaper | Buchkapitel

DroidAnalyst: Synergic App Framework for Static and Dynamic App Analysis

verfasst von : Parvez Faruki, Shweta Bhandari, Vijay Laxmi, Manoj Gaur, Mauro Conti

Erschienen in: Recent Advances in Computational Intelligence in Defense and Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Evolution of mobile devices, availability of additional resources coupled with enhanced functionality has leveraged smartphone to substitute the conventional computing devices. Mobile device users have adopted smartphones for online payments, sending emails, social networking, and stores the user sensitive information. The ever increasing mobile devices has attracted malware authors and cybercriminals to target mobile platforms. Android, the most popular open source mobile OS is being targeted by the malware writers. In particular, less monitored third party markets are being used as infection and propagation sources. Given the threats posed by the increasing number of malicious apps, security researchers must be able to analyze the malware quickly and efficiently; this may not be feasible with the manual analysis. Hence, automated analysis techniques for app vetting and malware detection are necessary. In this chapter, we present DroidAnalyst, a novel automated app vetting and malware analysis framework that integrates the synergy of static and dynamic analysis to improve accuracy and efficiency of analysis. DroidAnalyst generates a unified analysis model that combines the strengths of the complementary approaches with multiple detection methods, to increase the app code analysis. We have evaluated our proposed solution DroidAnalyst against a reasonable dataset consisting real-world benign and malware apps.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Text Mining in Social Media for Security Threats
Nächstes Kapitel Design and Development of Intelligent Military Training Systems and Wargames
Fußnoten
Literatur
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
Bläsing, T., Batyuk, L., Schmidt, A.-D., Çamtepe, S.A., Albayrak, S.: An android application sandbox system for suspicious software detection. In: MALWARE, pp. 55–62 (2010)
15.
16.
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM’11, pp. 15–26, New York. ACM (2011)
17.
Conti, M., Dragoni, N., Gottardo, S.: Mithys: mind the hand you shake - protecting mobile devices from SSL usage vulnerabilities. CoRR, abs/1306.6729 (2013)
18.
Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, pp. 238–252. ACM (1977)
19.
Desnos, A., Lantz, P.: Droidbox: an android application sandbox for dynamic analysis (2011)
20.
Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M., Conti, M., Rajarajan, M.: Android security: a survey of issues, malware penetration, and defenses. Commun. Surv. Tutor. IEEE 17(2), 998–1022, Secondquarter (2015)
21.
Faruki, P., Bharmal, A., Laxmi, V., Gaur, M.S., Conti, M., Rajarajan, M.: Evaluation of android anti-malware techniques against dalvik bytecode obfuscation. In: 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2014, Beijing, China, 24–26 September 2014, pp. 414–421 (2014)
22.
Faruki, P., Ganmoor, V., Laxmi, V., Gaur, M.S., Bharmal, A.: Androsimilar: robust statistical feature signature for android malware detection. In: Proceedings of the 6th International Conference on Security of Information and Networks, SIN’13, pp. 152–159, New York. ACM (2013)
23.
Faruki, P., Ganmoor, V., Vijay, L., Gaur, M., Conti, M.: Android platform invariant sandbox for analyzing malware and resource hogger apps. In: Proceedings of the 10th IEEE International Conference on Security and Privacy in Communication Networks (SecureComm 2014), Beijing China, 26–28 September 2014. Securecomm (2014)
24.
Faruki, P., Laxmi, V., Bharmal, A., Gaur, M., Ganmoor, V.: Androsimilar: robust signature for detecting variants of android malware. J. Inf. Secur. Appl. (2014)
25.
Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In : Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS’11, pp. 627–638, New York. ACM (2011)
26.
Fernandes, E., Crispo, B., Conti, M.: FM 99.9, radio virus: exploiting FM radio broadcasts for malware deployment. IEEE Trans. Inf. Forensics Secur. 8(6), 1027–1037 (2013)CrossRef
27.
Fritz, C., Arzt, S., Rasthofer, S., Bodden, E., Bartel, A., Klein, J., le Traon, Y., Octeau, D., McDaniel, P.: Highly precise taint analysis for android applications. Technical Report EC SPRIDE, TU Darmstadt (2013)
28.
Grace, M.C., Zhou, W., Jiang, X., Sadeghi, A.-R.: Unsafe exposure analysis of mobile in-app advertisements. In: Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, WISEC’12, pp. 101–112, New York. ACM (2012)
29.
Grace, M.C., Zhou, Y., Wang, Z., Jiang, X.: Systematic detection of capability leaks in stock android smartphones. In: NDSS. The Internet Society (2012)
30.
Kelley, P.G., Consolvo, S., Cranor, L.F., Jung, J., Sadeh, N.M., Wetherall, D.: A conundrum of permissions: installing applications on an android smartphone. In: Blythe, J., Dietrich, S., Camp, L.J. (eds.) Financial Cryptography Workshops, Lecture Notes in Computer Science, vol. 7398, pp. 68–79. Springer (2012)
31.
Kildall, G.A.: A unified approach to global program optimization. In: Proceedings of the 1st annual ACM SIGACT-SIGPLAN symposium on Principles of programming languages, pp. 194–206. ACM (1973)
32.
Kim, J., Yoon, Y., Yi, K., Shin, J., Center, S.: ScanDal: static analyzer for detecting privacy leaks in android applications. In: Proceedings of the Workshop on Mobile Security Technologies (MoST), in Conjunction with the IEEE Symposium on Security and Privacy (2012)
33.
34.
Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., van der Veen, V., Platzer, C.: Andrubis—1,000,000 apps later: a view on current android malware behaviors. In: Proceedings of the the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS) (2014)
35.
36.
37.
Neuner, S., Van der Veen, V., Lindorfer, M., Huber, M., Merzdovnik, G., Mulazzani, M., Weippl, E.: Enter sandbox: android sandbox comparison. In: Proceedings of the IEEE Mobile Security Technologies Workshop (MoST), vol. 5. IEEE (2014)
38.
Peng, H., Long, F., Ding, C.: Feature selection based on mutual information criteria of max-dependency, max-relevance, and min-redundancy. IEEE Trans. Pattern Anal. Mach. Intell. 27(8), 1226–1238 (2005)CrossRef
39.
Petsas, T., Voyatzis, G., Athanasopoulos, E., Polychronakis, M., Ioannidis, S.: Rage against the virtual machine: hindering dynamic analysis of android malware. In: Proceedings of the Seventh European Workshop on System Security, p. 5. ACM (2014)
40.
41.
Rasthofer, S., Arzt, S., Miltenberger, M., Bodden, E.: Harvesting runtime data in android applications for identifying malware and enhancing code analysis. Technical Report TUD-CS-2015-0031, EC SPRIDE, February (2015)
42.
Reina, A., Fattori, A., Cavallaro, L.: A system call-centric analysis and stimulation technique to automatically reconstruct android malware behaviors. In: Proceedings of the 6th European Workshop on System Security (EUROSEC 2013), Prague, Czech Republic (2013)
43.
Rocha, B.P.S., Conti, M., Etalle, S., Crispo, B.: Hybrid static-runtime information flow and declassification enforcement. IEEE Trans. Inf. Forensics Secur. 99(8) (2013)
44.
Roussev, V.: Building a better similarity trap with statistically improbable features. In: 42nd Hawaii International Conference on System Sciences, 2009. HICSS’09, pp. 1–10. IEEE (2009)
45.
Roussev, V.: An evaluation of forensic similarity hashes. Dig. Investig. 8, S34–S41 (2011). AugCrossRef
46.
Roussev, V.: Data fingerprinting with similarity hashes. Adv. Dig. Forensics (2011)
47.
Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Bringas, P.G., Álvarez, G.: Puma: permission usage to detect malware in android. In: International Joint Conference CISIS12-ICEUTE’ 12-SOCO’12 Special Sessions, pp. 289–298. Springer (2013)
48.
Spreitzenbarth, M., Freiling, F.: Android Malware on the Rise. Technical report (2012)
49.
Spreitzenbarth, M., Freiling, F., Echtler, F., Schreck, T., Hoffmann, J.: Mobile-sandbox: having a deeper look into android applications. In: Proceedings of the 28th Annual ACM Symposium on Applied Computing, SAC’13, pp. 1808–1815, New York. ACM (2013)
50.
Vidas, T., Christin, N.: Evading android runtime analysis via sandbox detection. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS’14, pp. 447–458, New York. ACM (2014)
51.
Weichselbaum, L., Neugschwandtner, M., Lindorfer, M., Fratantonio, Y., van der Veen, V., Platzer, C.: Andrubis: Android Malware Under The Magnifying Glass. Technical Report TR-ISECLAB-0414-001, Vienna University of Technology (2014)
52.
William, E., Peter, G., Byunggon, C., Landon, C.: TaintDroid: an information flow tracking system for realtime privacy monitoring on smartphones. In: USENIX Symposium on Operating Systems Design and Implementation, USENIX (2011)
53.
Yan, L.K., Yin, H.: Droidscope: seamlessly reconstructing the OS and dalvik semantic views for dynamic android malware analysis. In: Proceedings of the 21st USENIX Security Symposium (2012)
54.
Zheng, C., Zhu, S., Dai, S., Gu, G., Gong, X., Han, X., Zou, W.: Smartdroid: an automatic system for revealing UI-based trigger conditions in android applications. In: Proceedings of the Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM’12, pp. 93–104, New York. ACM (2012)
55.
Zheng, M., Lee, P.P.C., Lui, J.C.S.: ADAM: an automatic and extensible platform to stress test android anti-virus systems. In: DIMVA, pp. 82–101 (2012)
56.
Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: Proceedings of the 33rd IEEE Symposium on Security and Privacy, Oakland 2012. IEEE (2012)
57.
Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In: NDSS. The Internet Society (2012)
Metadaten
Titel
DroidAnalyst: Synergic App Framework for Static and Dynamic App Analysis
verfasst von
Parvez Faruki
Shweta Bhandari
Vijay Laxmi
Manoj Gaur
Mauro Conti
Copyright-Jahr
2016
Buch
Recent Advances in Computational Intelligence in Defense and Security

Print ISBN: 978-3-319-26448-6

Electronic ISBN: 978-3-319-26450-9

Copyright-Jahr: 2016

DOI
https://doi.org/10.1007/978-3-319-26450-9_20

Premium Partner

    Bildnachweise