MeadDroid: detecting monetary theft attacks in android by DVM monitoring
作者: Lingguang Lei , Yuewu Wang , Jiwu Jing , Zhongwen Zhang , Xingjie Yu
DOI: 10.1007/978-3-642-37682-5_7
关键词:
摘要: Monetary theft attacks are one of the most popular attack forms towards Android system in recent years. In this paper, we present MeadDroid, a lightweight real-time detection atop Android, to hold back type attacks. An FSM monetary is constructed, based on analysis real-world Employing an FSM-based approach, with information obtained from dynamically monitoring API calls and tracking processing flow UI (User Interface) inputs, MeadDroid can detect effectively incurs only small performance overhead. addition, realized as extension Dalvik VM, transparent user, thus provide good user experience. Based prototype system, experiments conducted 195 applications. 11 applications found accuracy almost 100% through comparing results charge bill phone number used experiments. The overhead CPU-bound micro-benchmark 8.97%. Experimental demonstrate that has terms effectiveness efficiency.
springer.com
sci-hub.st 参考文章(17)
Damien Octeau, William Enck, Patrick McDaniel, Swarat Chaudhuri, A study of android application security usenix security symposium. pp. 21- 21 ,(2011)
Sahin Albayrak, Seyit Camtepe, Jan Clausen, Aubrey-Derrick Schmidt, Kamer Ail Yuksel, Hans-Gunterh Schmidt, Kiraz Osman, Enhancing security of linux-based android devices School of Electrical Engineering & Computer Science; Information Security Institute; Science & Engineering Faculty. ,(2008)
Francesco Di Cerbo, Andrea Girardello, Florian Michahelles, Svetlana Voronkova, Detection of malicious applications on Android OS international workshop on computational forensics. pp. 138- 149 ,(2010) , 10.1007/978-3-642-19376-7_12
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Wook Shin, Sanghoon Kwak, Shinsaku Kiyomoto, K Fukushima, Toshiaki Tanaka, A Small But Non-negligible Flaw in the Android Permission Scheme ieee international symposium on policies for distributed systems and networks. pp. 107- 110 ,(2010) , 10.1109/POLICY.2010.11
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619
Erika Chin, Adrienne Porter Felt, Kate Greenwood, David Wagner, Analyzing inter-application communication in Android Proceedings of the 9th international conference on Mobile systems, applications, and services - MobiSys '11. pp. 239- 252 ,(2011) , 10.1145/1999995.2000018
Thomas Bläsing, Leonid Batyuk, Aubrey-Derrick Schmidt, Seyit Ahmet Camtepe, Sahin Albayrak, An Android Application Sandbox system for suspicious software detection international conference on malicious and unwanted software. pp. 55- 62 ,(2010) , 10.1109/MALWARE.2010.5665792
William Enck, Machigar Ongtang, Patrick McDaniel, On lightweight mobile phone application certification computer and communications security. pp. 235- 245 ,(2009) , 10.1145/1653662.1653691
Wook Shin, Shinsaku Kiyomoto, Kazuhide Fukushima, Toshiaki Tanaka, Towards Formal Analysis of the Permission-Based Security Model for Android international conference on wireless and mobile communications. pp. 87- 92 ,(2009) , 10.1109/ICWMC.2009.21