Detecting Targeted Smartphone Malware with Behavior-Triggering Stochastic Models
作者: Guillermo Suarez-Tangil , Mauro Conti , Juan E. Tapiador , Pedro Peris-Lopez
DOI: 10.1007/978-3-319-11203-9_11
关键词: Human–computer interaction 、 Stochastic modelling 、 User profile 、 Situation awareness 、 Computer security 、 Scheme (programming language) 、 Computer science 、 Malware 、 Context (language use) 、 Cloning (programming) 、 Cloud computing
摘要: Malware for current smartphone platforms is becoming increasingly sophisticated. The presence of advanced networking and sensing functions in the device giving rise to a new generation targeted malware characterized by more situational awareness, which decisions are made on basis factors such as location, user profile, or other apps. This complicates behavioral detection, analyst must reproduce very specific activation conditions order trigger malicious payloads. In this paper, we propose system that addresses problem relying stochastic models usage context events derived from real traces. By incorporating particularities given user, our scheme provides solution detecting targeting user. Our results show properties these follow power-law distribution: fact facilitates an efficient automatic testing patterns tailored individual users, when done conjunction with cloud infrastructure supporting cloning parallel testing. We report empirical various representative case studies, demonstrating effectiveness approach detect complex patterns.
springer.com
core.ac.uk
sci-hub.st 参考文章(31)
J. R. Norris, Markov Chains Cambridge University Press. ,(1997) , 10.1017/CBO9780511810633
Функ Кристиан, Гарнаева Мария Александровна, Kaspersky security Bulletin 2013 Вопросы кибербезопасности. ,(2014)
Christoph Kirsch, Gernot Heiser, Proceedings of the sixth conference on Computer systems european conference on computer systems. ,(2011)
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Aaron Clauset, Cosma Rohilla Shalizi, M. E. J. Newman, Power-Law Distributions in Empirical Data Siam Review. ,vol. 51, pp. 661- 703 ,(2009) , 10.1137/070710111
Ragib Hasan, Nitesh Saxena, Tzipora Haleviz, Shams Zawoad, Dustin Rinehart, Sensing-enabled channels for hard-to-detect command and control of mobile devices computer and communications security. pp. 469- 480 ,(2013) , 10.1145/2484313.2484373
Aravind Machiry, Rohan Tahiliani, Mayur Naik, Dynodroid: an input generation system for Android apps foundations of software engineering. pp. 224- 234 ,(2013) , 10.1145/2491411.2491450
M. Conti, B. Crispo, E. Fernandes, Y. Zhauniarovich, CRêPE: A System for Enforcing Fine-Grained Context-Related Policies on Android IEEE Transactions on Information Forensics and Security. ,vol. 7, pp. 1426- 1438 ,(2012) , 10.1109/TIFS.2012.2204249
Guillermo Suarez-Tangil, Juan E. Tapiador, Flavio Lombardi, Roberto Di Pietro, Thwarting Obfuscated Malware via Differential Fault Analysis IEEE Computer. ,vol. 47, pp. 24- 31 ,(2014) , 10.1109/MC.2014.169
Byung-Gon Chun, Sunghwan Ihm, Petros Maniatis, Mayur Naik, Ashwin Patti, CloneCloud Proceedings of the sixth conference on Computer systems - EuroSys '11. pp. 301- 314 ,(2011) , 10.1145/1966445.1966473