Android authorship attribution through string analysis
作者: Vaibhavi Kalgutkar , Natalia Stakhanova , Paul Cook , Alina Matyukhina
关键词:
摘要: With the rising popularity of Android mobile devices, amount malicious applications targeting platform has been increasing tremendously. To mitigate risk apps, there is a need for an automated system to detect these applications. Current detection techniques rely on signatures well-documented malware, and hence may not be able new malware samples. Instead generating samples themselves, in this work, we propose develop lightweight that can generate writers by leveraging string components present their binaries. Using author signatures, effectively wide range existing, as well any new, generated particular authors. The proposed achieved 98%, 96%, 71% accuracy over datasets 1559 benign, 262 malicious, 96 obfuscated applications, respectively. string-based approach compared only 50% obtained with existing Ding Samadzadeh's system.
sci-hub.se 参考文章(24)
Stefanos Gritzalis, Georgia Frantzeskou, Efstathios Stamatatos, Blake Stephen Howald, Carole E. Chaski, Identifying Authorship by Byte-Level N-Grams: The Source Code Author Profile (SCAP) Method. International Journal of Digital Evidence. ,vol. 6, ,(2007)
Lok Kwong Yan, Heng Yin, DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis usenix security symposium. pp. 29- 29 ,(2012)
Yanick Fratantonio, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna, CLAPP: characterizing loops in Android applications foundations of software engineering. pp. 687- 697 ,(2015) , 10.1145/2786805.2786873
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619
Robert Layton, Paul Watters, Richard Dazeley, Automatically determining phishing campaigns using the USCAP methodology 2010 eCrime Researchers Summit. pp. 1- 8 ,(2010) , 10.1109/ECRIME.2010.5706698
Dong-Jie Wu, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, Kuo-Ping Wu, DroidMat: Android Malware Detection through Manifest and API Calls Tracing information security. pp. 62- 69 ,(2012) , 10.1109/ASIAJCIS.2012.18
Ivan Krsul, Eugene H. Spafford, Refereed paper: Authorship analysis: identifying the author of a program Computers & Security. ,vol. 16, pp. 233- 257 ,(1997) , 10.1016/S0167-4048(97)00005-9
I Gordon Michael, Kim Deokhwan, H Perkins Jeff, Gilham Limei, Nguyen Nguyen, C Rinard Martin, None, Information-Flow Analysis of Android Applications in DroidSafe network and distributed system security symposium. ,(2015) , 10.14722/NDSS.2015.23089
Haibiao Ding, Mansur H. Samadzadeh, Extraction of Java program fingerprints for software authorship identification Journal of Systems and Software. ,vol. 72, pp. 49- 57 ,(2004) , 10.1016/S0164-1212(03)00049-9
William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, Anmol N. Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones ACM Transactions on Computer Systems. ,vol. 32, pp. 5- ,(2014) , 10.1145/2619091