Exploring reverse engineering symptoms in Android apps
作者: Hugo Gonzalez , Andi A Kadir , Natalia Stakhanova , Abdullah J Alzahrani , Ali A Ghorbani
关键词:
摘要: The appearance of the Android platform and its popularity has resulted in a sharp rise number reported vulnerabilities consequently mobile threats. Leveraging openness app markets lack security testing, malware authors commonly plagiarize applications (e.g., through code reuse repackaging) boosting amount on infection rate. In this study, we present AndroidSOO, lightweight approach for detection repackaging symptoms apps. work, introduce explore novel easily extractable attribute called String Offset Order. Extractable from string identifiers list .dex file, method is able to pinpoint reverse engineered apps without need complex further analysis. We performed extensive evaluation Order metric assess capabilities datasets made available by three recent studies: Malware Genome Project, DroidAnalytics Drebin. also large-scale study over 5,000 extracted Google Play market 80 000 samples Virus Total service.
acm.org
sci-hub.se 参考文章(21)
Jonathan Crussell, Clint Gibler, Hao Chen, AnDarwin: Scalable Detection of Semantically Similar Android Applications european symposium on research in computer security. pp. 182- 199 ,(2013) , 10.1007/978-3-642-40203-6_11
Jonathan Crussell, Clint Gibler, Hao Chen, Attack of the Clones: Detecting Cloned Applications on Android Markets Computer Security – ESORICS 2012. pp. 37- 54 ,(2012) , 10.1007/978-3-642-33167-1_3
Rahul Potharaju, Andrew Newell, Cristina Nita-Rotaru, Xiangyu Zhang, Plagiarizing smartphone applications: attack strategies and defense techniques international conference on engineering secure software and systems. pp. 106- 120 ,(2012) , 10.1007/978-3-642-28166-2_11
Min Zheng, Patrick P. C. Lee, John C. S. Lui, ADAM: an automatic and extensible platform to stress test android anti-virus systems international conference on detection of intrusions and malware and vulnerability assessment. pp. 82- 101 ,(2012) , 10.1007/978-3-642-37300-8_5
Steve Hanna, Ling Huang, Edward Wu, Saung Li, Charles Chen, Dawn Song, Juxtapp: a scalable system for detecting code reuse among android applications international conference on detection of intrusions and malware and vulnerability assessment. pp. 62- 81 ,(2012) , 10.1007/978-3-642-37300-8_4
Lok Kwong Yan, Heng Yin, DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis usenix security symposium. pp. 29- 29 ,(2012)
Wu Zhou, Yajin Zhou, Xuxian Jiang, Peng Ning, Detecting repackaged smartphone applications in third-party android marketplaces Proceedings of the second ACM conference on Data and Application Security and Privacy - CODASKY '12. pp. 317- 326 ,(2012) , 10.1145/2133601.2133640
Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang, Binyu Zang, Vetting undesirable behaviors in android apps with permission use analysis computer and communications security. pp. 611- 622 ,(2013) , 10.1145/2508859.2516689
David Barrera, H. G üne ş Kayacik, Paul C. van Oorschot, Anil Somayaji, A methodology for empirical analysis of permission-based security models and its application to android Proceedings of the 17th ACM conference on Computer and communications security - CCS '10. pp. 73- 84 ,(2010) , 10.1145/1866307.1866317
Min Zheng, Mingshen Sun, John C.S. Lui, Droid Analytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. pp. 163- 171 ,(2013) , 10.1109/TRUSTCOM.2013.25