Alterdroid : Differential Fault Analysis of Obfuscated Smartphone Malware
作者: Guillermo Suarez-Tangil , Juan Tapiador , Flavio Lombardi , Roberto Di Pietro
关键词:
摘要: Malware for smartphones has rocketed over the last years. Market operators face challenge of keeping their stores free from malicious apps, a task that become increasingly complex as malware developers are progressively using advanced techniques to defeat detection tools. One such technique commonly observed in recent samples consists hiding and obfuscating modules containing functionality places static analysis tools overlook (e.g., within data objects). In this paper, we describe Alterdroid , dynamic approach detecting hidden or obfuscated components distributed parts an app package. The key idea analyzing behavioral differences between original number automatically generated versions it, where modifications ( faults ) have been carefully injected. Observable terms activities appear vanish modified recorded, resulting differential signature is analyzed through pattern-matching process driven by rules relate different types functionalities with patterns found signature. A thorough justification description proposed model provided. extensive experimental results obtained testing relevant apps support quality viability our proposal.
computer.org
sci-hub.se 参考文章(42)
Guillermo Suarez-Tangil, Mauro Conti, Juan E. Tapiador, Pedro Peris-Lopez, Detecting Targeted Smartphone Malware with Behavior-Triggering Stochastic Models european symposium on research in computer security. ,vol. 8712, pp. 183- 201 ,(2014) , 10.1007/978-3-319-11203-9_11
Martina Lindorfer, Stamatis Volanis, Alessandro Sisto, Matthias Neugschwandtner, Elias Athanasopoulos, Federico Maggi, Christian Platzer, Stefano Zanero, Sotiris Ioannidis, AndRadar: Fast Discovery of Android Applications in Alternative Markets international conference on detection of intrusions and malware, and vulnerability assessment. pp. 51- 71 ,(2014) , 10.1007/978-3-319-08509-8_4
Heqing Huang, Sencun Zhu, Peng Liu, Dinghao Wu, A Framework for Evaluating Mobile App Repackaging Detection Algorithms Trust and Trustworthy Computing. pp. 169- 186 ,(2013) , 10.1007/978-3-642-38908-5_13
Jared DeMott, Ari Takanen, Charlie Miller, Fuzzing for Software Security Testing and Quality Assurance ,(2008)
Guillermo Suarez-Tangil, Juan E. Tapiador, Pedro Peris-Lopez, Stegomalware: Playing Hide and Seek with Malicious Components in Smartphone Apps international conference on information security and cryptology. pp. 496- 515 ,(2014) , 10.1007/978-3-319-16745-9_27
Tsutomu Kumazawa, Tetsuo Tamai, Counter example-based error localization of behavior models nasa formal methods. pp. 222- 236 ,(2011) , 10.1007/978-3-642-20398-5_17
V. I. Levenshtein, Binary codes capable of correcting deletions, insertions, and reversals Soviet physics. Doklady. ,vol. 10, pp. 707- 710 ,(1966)
Lok Kwong Yan, Heng Yin, DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis usenix security symposium. pp. 29- 29 ,(2012)
Jorge Blasco Alís, Information leakage and steganography: detecting and blocking covert channels ,(2012)
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971