AnaDroid: Malware Analysis of Android with User-supplied Predicates
作者: Shuying Liang , Matthew Might , David Van Horn
DOI: 10.1016/J.ENTCS.2015.02.002
关键词:
摘要: Abstract Today's mobile platforms provide only coarse-grained permissions to users with regard how third-party applications use sensitive private data. Unfortunately, it is easy disguise malware within the boundaries of legitimately-granted permissions. For instance, granting access “contacts” and “internet” may be necessary for a text-messaging application function, even though user does not want contacts transmitted over internet. To understand fine-grained permissions, we need statically analyze their behavior. Even then, detection faces three hurdles: (1) analyses prohibitively expensive, (2) automated can find behaviors that they are designed find, (3) maliciousness any given behavior application-dependent subject human judgment. remedy these issues, propose semantic-based program analysis, in loop as an alternative approach detection. In particular, our analysis allows analyst-crafted semantic predicates search filter results. Human-oriented systematically, quickly concisely characterize applications. We describe tool provides analysts library ability dynamically trade speed precision. It also inspect details every suspicious state (abstract) execution order make ruling whether or truly malicious respect intent application. addition, permission profiling reports generated aid identifying common behaviors.
core.ac.uk
elsevier.com
neu.edu 
sci-hub.se 参考文章(16)
Shashi Shekhar, Michael Dietz, Anhei Shu, Dan S. Wallach, Yuliy Pisetsky, Quire: lightweight provenance for smart phone operating systems usenix security symposium. pp. 23- 23 ,(2011)
Aske Simon Christensen, Michael I. Schwartzbach, Anders Møller, Precise analysis of string expressions static analysis symposium. pp. 1- 18 ,(2003) , 10.5555/1760267.1760269
Giulia Costantini, Pietro Ferrara, Agostino Cortesi, Static analysis of string values formal methods. ,vol. 6991, pp. 505- 521 ,(2011) , 10.1007/978-3-642-24559-6_34
Alexander Moshchuk, Adrienne Porter Felt, Helen J. Wang, Erika Chin, Steven Hanna, Permission re-delegation: attacks and defenses usenix security symposium. pp. 22- 22 ,(2011)
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, Guofei Jiang, CHEX Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12. pp. 229- 240 ,(2012) , 10.1145/2382196.2382223
David Van Horn, Matthew Might, Abstracting abstract machines Proceedings of the 15th ACM SIGPLAN international conference on Functional programming - ICFP '10. ,vol. 45, pp. 51- 62 ,(2010) , 10.1145/1863543.1863553
Matthew Might, Olin Shivers, Improving flow analyses via ΓCFA: abstract garbage collection and counting international conference on functional programming. ,vol. 41, pp. 13- 25 ,(2006) , 10.1145/1159803.1159807
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner, Android permissions demystified Proceedings of the 18th ACM conference on Computer and communications security - CCS '11. pp. 627- 638 ,(2011) , 10.1145/2046707.2046779
A. Sabelfeld, A.C. Myers, Language-based information-flow security IEEE Journal on Selected Areas in Communications. ,vol. 21, pp. 5- 19 ,(2003) , 10.1109/JSAC.2002.806121