摘要: Smartphone sales have recently experienced explosive growth. Their popularity also encourages malware authors to penetrate various mobile marketplaces with malicious applications (or apps). These apps hide in the sheer number of other normal apps, which makes their detection challenging. Existing anti-virus software are inadequate reactive nature by relying on known samples for signature extraction. In this paper, we propose a proactive scheme spot zero-day Android malware. Without and signatures, our is motivated assess potential security risks posed these untrusted apps. Specifically, developed an automated system called RiskRanker scalably analyze whether particular app exhibits dangerous behavior (e.g., launching root exploit or sending background SMS messages). The output then used produce prioritized list reduced that merit further investigation. When applied examine 118,318 total collected from markets over September October 2011, takes less than four days process all them effectively reports 3281 risky Among reported successfully uncovered 718 (in 29 families) 322 11 families). results demonstrate efficacy scalability police stripes.
acm.org
sci-hub.se 参考文章(28)
Yajin Zhou, Xinwen Zhang, Xuxian Jiang, Vincent W. Freeh, Taming information-stealing smartphone applications (on Android) trust and trustworthy computing. pp. 93- 107 ,(2011) , 10.1007/978-3-642-21599-5_7
Damien Octeau, William Enck, Patrick McDaniel, Swarat Chaudhuri, A study of android application security usenix security symposium. pp. 21- 21 ,(2011)
Zhi Wang, Xuxian Jiang, Weidong Cui, Xinyuan Wang, Mike Grace, ReFormat: automatic reverse engineering of encrypted messages european symposium on research in computer security. pp. 200- 215 ,(2009) , 10.1007/978-3-642-04444-1_13
Manuel Egele, Christopher Kruegel, Engin Kirda, Giovanni Vigna, PiOS : Detecting privacy leaks in iOS applications network and distributed system security symposium. ,(2011)
Vitaly Shmatikov, George Danezis, Yan Chen, Proceedings of the 18th ACM conference on Computer and communications security computer and communications security. ,(2011)
Shashi Shekhar, Michael Dietz, Anhei Shu, Dan S. Wallach, Yuliy Pisetsky, Quire: lightweight provenance for smart phone operating systems usenix security symposium. pp. 23- 23 ,(2011)
Alexander Moshchuk, Adrienne Porter Felt, Helen J. Wang, Erika Chin, Steven Hanna, Permission re-delegation: attacks and defenses usenix security symposium. pp. 22- 22 ,(2011)
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Wu Zhou, Yajin Zhou, Xuxian Jiang, Peng Ning, Detecting repackaged smartphone applications in third-party android marketplaces Proceedings of the second ACM conference on Data and Application Security and Privacy - CODASKY '12. pp. 317- 326 ,(2012) , 10.1145/2133601.2133640
Erika Chin, Adrienne Porter Felt, Kate Greenwood, David Wagner, Analyzing inter-application communication in Android Proceedings of the 9th international conference on Mobile systems, applications, and services - MobiSys '11. pp. 239- 252 ,(2011) , 10.1145/1999995.2000018