Screening smartphone applications using malware family signatures
作者: Jehyun Lee , Suyeon Lee , Heejo Lee
DOI: 10.1016/J.COSE.2015.02.003
关键词:
摘要: The sharp increase in smartphone malware has become one of the most serious security problems. Since Android platform taken dominant position popularity, number grown correspondingly and represents critical threat to users. This rise is primarily attributable occurrence variants existing malware. A set stem from can be considered as family, families cover more than half population. conventional technique for defeating use signature matching which efficient a time perspective but not very practical because its lack robustness against variants. As counter approach handling issue behavior analysis techniques have been proposed require extensive resources. In this paper, we propose an detection mechanism that uses automated family extraction matching. Key concept extract representative binary patterns evaluated members classify each into via estimation similarity signatures. offers flexible variant does legacy matching, strictly dependent on presence specific string. Furthermore, compared with previous considering detection, higher accuracy without need significant overhead data control flow analysis. Using signature, detect new known efficiently accurately by static We our 5846 real world samples belonging 48 collected April 2014 at anti-virus company; experimental results showed that; achieved greater 97% also demonstrated linear complexity target applications.
elsevier.com
acm.org
korea.ac.kr参考文章(21)
Borja Sanz, Igor Santos, Xabier Ugarte-Pedrero, Carlos Laorden, Javier Nieves, Pablo García Bringas, Anomaly Detection using String Analysis for Android Malware Detection soco-cisis-iceute. pp. 469- 478 ,(2014) , 10.1007/978-3-319-01854-6_48
Jonathan Crussell, Clint Gibler, Hao Chen, AnDarwin: Scalable Detection of Semantically Similar Android Applications european symposium on research in computer security. pp. 182- 199 ,(2013) , 10.1007/978-3-642-40203-6_11
Suyeon Lee, Jehyun Lee, Heejo Lee, Screening Smartphone Applications Using Behavioral Signatures Security and Privacy Protection in Information Processing Systems. pp. 14- 27 ,(2013) , 10.1007/978-3-642-39218-4_2
Borja Sanz, Igor Santos, Javier Nieves, Carlos Laorden, Inigo Alonso-Gonzalez, Pablo G Bringas, None, MADS: Malicious Android Applications Detection through String Analysis Network and System Security. pp. 178- 191 ,(2013) , 10.1007/978-3-642-38631-2_14
Borja Sanz, Igor Santos, Xabier Ugarte-Pedrero, Carlos Laorden, Javier Nieves, Pablo G Bringas, None, Instance-based anomaly method for Android malware detection international conference on security and cryptography. pp. 387- 394 ,(2013)
Lok Kwong Yan, Heng Yin, DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis usenix security symposium. pp. 29- 29 ,(2012)
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
William Enck, Machigar Ongtang, Patrick McDaniel, On lightweight mobile phone application certification computer and communications security. pp. 235- 245 ,(2009) , 10.1145/1653662.1653691
Jonghoon Kwon, Heejo Lee, BinGraph: Discovering mutant malware using hierarchical semantic signatures international conference on malicious and unwanted software. pp. 104- 111 ,(2012) , 10.1109/MALWARE.2012.6461015
Jusuk Lee, Kyoochang Jeong, Heejo Lee, Detecting metamorphic malwares using code graphs Proceedings of the 2010 ACM Symposium on Applied Computing - SAC '10. pp. 1970- 1977 ,(2010) , 10.1145/1774088.1774505