Top

Cluster Computing

Published in:

24-11-2017

Enhancing the accuracy of static analysis for detecting sensitive data leakage in Android by using dynamic analysis

Authors: Ly Hoang Tuan, Nguyen Tan Cam, Van-Hau Pham

Published in: Cluster Computing | Special Issue 1/2019

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

One approach of Android security is the analysis for detecting potential information leaks. The current technical analyses (as static analysis, dynamic analysis, hybrid of static and dynamic analysis) only focus on action within a single application, while the coordinated action of several applications for the malicious purpose is becoming popular. This study proposes a hybrid approach that combines static and dynamic analysis to detect information leak as a result of the coordinated action of multiple applications. In this text, we call it inter-application malware. The analysis takes place in two stages. The first stage uses static analysis to indicate the chains of sensitive actions on multiple applications. The second stage validates whether the chain of sensitive actions indeed leaks user’s data by using the dynamic analysis. In fact, the applications in question are forced to execute after the chains of sensitive actions detected in the first stage. The sensitive actions are monitored and analyzed to determine which actions are the causes of information leakage. And we have implemented an analysis tool, named eDSDroid. We have evaluated our tool on the famous Toyapps test case. The test result shows the correctness and effectiveness of our tool.

previous article Collaborative data analytics for smart buildings: opportunities and models

next article W-Scheduler: whale optimization for task scheduling in cloud computing

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

ApkTool. https://ibotpeaches.github.io/Apktool/

Sanz, B., Santos, I., Ugarte-Pedrero, X., Laorden, C., Nieves, J., Bringas, PG.: Instance-Based Anomaly Method for Android Malware Detection. In: SECRYPT, pp. 387–394. SciTe Press (2013)

Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R.: XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks. Technische Universitt Darmstadt Technical Report of Center for Advanced Security Research Darmstadt (2011)

CERT Division of the Software Engineering Institute (SEI), DidFail: Android Taint Flow Analysis. https://www.cert.org/secure-coding/tools/didfail.cfm

Zheng, C., Zhu, S., Dai, S., Gu, G., Gong, X., Han, X., Zou, W.: SmartDroid: an automatic system for revealing UI-based trigger conditions in android applications, In Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices (SPSM ’12), pp. 93–94 (2012)

Octeau, D., et al.: Effective inter-component communication mapping in Android with Epicc: an essential step towards hoslistic security analysis. USENIX Security (2013)

Bodden, E.: FlowDroid taint analysis, secure software engineering. In: European Center for Security and Privacy by Design. http://sseblog.ec-spride.de/tools/FlowDroid/

Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, MobiSys, vol. 11, p. 239252 (2011)

Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 627–638. ACM (2011)

10.

Tchakounte, F., Dayang, P.: System call analysis of malwares on android. Int. J. Sci. Technol. 2(9) (2013)

11.

Fuchs, A.P., Chaudhuri, A., Foster, J.S.: ScanDroid: automated security certification of Android applications. Technical Report. University of Maryland (2009)

12.

Paul, I.: F-Secure says 99 percent of new mobile malware targets Android, but don’t worry too much. http://www.greenbot.com/article/2148521/99-percent-of-new-mobile-malware-is-on-android-but-good-luck-catching-it.html. Accessed September 2 (2014)

13.

Hoffmann, J., Neumann, S., Holz, T.: Mobile malware detection based on energy fingerprints—a dead end? In: 16th International Symposium, pp. 348–368. RAID (2013)

14.

Graa, M., Cuppens-Boulahia, N., Cuppens, F., Cavalli, A.: Detecting control flow in smartphones: combining static and dynamic analyses. In: Proceedings of the 4th International Conference on Cyberspace Safety and Security (2013)

15.

Arzt, S., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps, PLDI (2014)

16.

Schmidt, A.-D., Bye, R., Schmidt, H.-G., Clausen, J., Kiraz, O., Yuksel, K.A., Camtepe, S.A., Albayrak, S.: Static analysis of executables for collaborative malware detection on android. In: Communications, 2009. ICC’09. IEEE International Conference, pp. 1, 5, 14–18 (2009)

17.

Nair, S.K., Simpson, P.N.D., Crispo, B., Tanenbaum, A.S.: A virtual machine based information flow control system for policy enforcement. Electronic Notes Theor. Comput. Sci. 197, 316 (2008)CrossRef

18.

van der Veen, V., Rossow, C., Bos, H.: TraceDroid: a fast and complete android method tracer, hack in the box (HITB October 2013), Malaysia (2013)

19.

Enck, W., Gilbert, P., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI10, p. 16 (2010)

20.

Feng, Y., Anand, S., Dillig, I., Aiken, A.: Apposcopy: semantics-based detection of Android malware through static analysis. In: Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering ACM, pp. 576–587 (2014)

Title: Enhancing the accuracy of static analysis for detecting sensitive data leakage in Android by using dynamic analysis
Authors: Ly Hoang Tuan
Nguyen Tan Cam
Van-Hau Pham
Publication date: 24-11-2017
Publisher: Springer US
Published in: Cluster Computing / Issue Special Issue 1/2019
Print ISSN: 1386-7857
Electronic ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-017-1364-8

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Special Issue 1/2019

Research trend analysis on convergence and joint research of Korea using scientific papers

IoT based fall detection and ambient assisted system for the elderly

Anonymous and formally verified dual signature based online e-voting protocol

Intelligent early warning model of early-stage overflow based on dynamic clustering

A novel scheme for safeguarding confidentiality in public clouds for service users of cloud computing

Online handwritten signature verification based on the most stable feature and partition

Premium Partner