CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes
作者: Patrick Carter , Collin Mulliner , Martina Lindorfer , William Robertson , Engin Kirda
DOI: 10.1007/978-3-662-54970-4_13
关键词: Computer science 、 Mobile computing 、 Human–computer interaction 、 User interface 、 Code coverage 、 Current user 、 Android application 、 Android (operating system) 、 Mobile malware 、 Market share
摘要: Mobile computing has experienced enormous growth in market share and computational power recent years. As a result, mobile malware is becoming more sophisticated prevalent, leading to research into dynamic sandboxes as widespread approach for detecting malicious applications. However, the event-driven nature of Android applications renders critical capability automatically generate deterministic intelligent user interactions drive analysis subjects improve code coverage. In this paper, we present CuriousDroid, an automated system exercising application interfaces intelligent, user-like manner. CuriousDroid operates by decomposing on-the-fly creating context-based model that tailored current layout. We integrated with Andrubis, well-known sandbox, conducted large-scale evaluation 38,872 taken from different data sets. Our demonstrates significant improvements both end-to-end sample classification well increases raw number elicited behaviors at runtime.
springer.com
sci-hub.st 参考文章(19)
Wontae Choi, George Necula, Koushik Sen, Guided GUI testing of android apps with minimal restart and approximate learning conference on object oriented programming systems languages and applications. ,vol. 48, pp. 623- 640 ,(2013) , 10.1145/2509136.2509552
William Enck, Machigar Ongtang, Patrick McDaniel, Understanding Android Security ieee symposium on security and privacy. ,vol. 7, pp. 50- 57 ,(2009) , 10.1109/MSP.2009.26
Michael Spreitzenbarth, Felix Freiling, Florian Echtler, Thomas Schreck, Johannes Hoffmann, Mobile-sandbox: having a deeper look into android applications acm symposium on applied computing. pp. 1808- 1815 ,(2013) , 10.1145/2480362.2480701
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner, Android permissions demystified Proceedings of the 18th ACM conference on Computer and communications security - CCS '11. pp. 627- 638 ,(2011) , 10.1145/2046707.2046779
Yajin Zhou, Xuxian Jiang, Dissecting Android Malware: Characterization and Evolution ieee symposium on security and privacy. pp. 95- 109 ,(2012) , 10.1109/SP.2012.16
Adrienne Porter Felt, Matthew Finifter, Erika Chin, Steve Hanna, David Wagner, A survey of mobile malware in the wild Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 3- 14 ,(2011) , 10.1145/2046614.2046618
Tanzirul Azim, Iulian Neamtiu, Targeted and depth-first exploration for systematic testing of android apps conference on object oriented programming systems languages and applications. ,vol. 48, pp. 641- 660 ,(2013) , 10.1145/2509136.2509549
Vaibhav Rastogi, Yan Chen, William Enck, AppsPlayground Proceedings of the third ACM conference on Data and application security and privacy - CODASPY '13. pp. 209- 220 ,(2013) , 10.1145/2435349.2435379
Sebastian Neuner, Victor van der Veen, Martina Lindorfer, Markus Huber, Georg Merzdovnik, Martin Mulazzani, Edgar Weippl, None, Enter Sandbox: Android Sandbox Comparison arXiv: Cryptography and Security. ,(2014)
Martina Lindorfer, Matthias Neugschwandtner, Lukas Weichselbaum, Yanick Fratantonio, Victor van der Veen, Christian Platzer, ANDRUBIS -- 1,000,000 Apps Later: A View on Current Android Malware Behaviors 2014 Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS). pp. 3- 17 ,(2014) , 10.1109/BADGERS.2014.7