Reducing the window of opportunity for Android malware Gotta catch 'em all
作者: Axelle Apvrille , Tim Strazzere
DOI: 10.1007/S11416-012-0162-3
关键词:
摘要: Spotting malicious samples in the wild has always been difficult, and Android malware is no exception. Actually, fact applications are (usually) not directly accessible from market places hardens task even more. For instance, Google enforces its own communication protocol to browse download market. Thus, an efficient crawler must reverse implement this protocol, issue appropriate search requests take necessary steps so as be banned. From end-users' side, having difficulties spotting mobile results most remaining unnoticed up 3 months before a security researcher finally stumbles on it. To reduce window of opportunity, paper presents heuristics engine that statically pre-processes prioritizes samples. The uses 39 different flags nature such Java API calls, presence embedded executables, code size, URLs? Each flag assigned weight, based statistics we computed techniques authors commonly use their code. outputs risk score which highlights likely malicious. tested over set clean ones. show strong difference average for both sets distribution, proving spot malware.
springer.com
sci-hub.se 参考文章(9)
Felix C. Freiling, Ali Ikinci, Thorsten Holz, Monkey-Spider: Detecting Malicious Websites with Low-Interaction Honeyclients Sicherheit. pp. 407- 421 ,(2008)
Aubrey-Derrick Schmidt, Hans-Gunther Schmidt, Leonid Batyuk, Jan Hendrik Clausen, Seyit Ahmet Camtepe, Sahin Albayrak, Can Yildizli, Smartphone malware evolution revisited: Android next target? international conference on malicious and unwanted software. pp. 1- 7 ,(2009) , 10.1109/MALWARE.2009.5403026
Thomas Bläsing, Leonid Batyuk, Aubrey-Derrick Schmidt, Seyit Ahmet Camtepe, Sahin Albayrak, An Android Application Sandbox system for suspicious software detection international conference on malicious and unwanted software. pp. 55- 62 ,(2010) , 10.1109/MALWARE.2010.5665792
Chad Verbowski, Roussi Roussev, Xuxian Jiang, Yi-Min Wang, Shuo Chen, Doug Beck, Samuel T. King, Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities. network and distributed system security symposium. pp. 12- ,(2006)
Justin Ma, Lawrence K. Saul, Stefan Savage, Geoffrey M. Voelker, Beyond blacklists Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '09. pp. 1245- 1254 ,(2009) , 10.1145/1557019.1557153
Peter Teufl, Stefan Kraxberger, Clemens Orthacker, Günther Lackner, Michael Gissing, Alexander Marsalek, Johannes Leibetseder, Oliver Prevenhueber, Android Market Analysis with Activation Patterns security and privacy in mobile information and communication systems. pp. 1- 12 ,(2011) , 10.1007/978-3-642-30244-2_1
Michael Wolff, Chris Anderson, The web is dead. Long live the Internet Wired Magazine. ,(2010)
Xuxian Jiang, Yajin Zhou, Wu Zhou, Zhi Wang, Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets network and distributed system security symposium. ,(2012)
LONG LIVE THE INTERNET Harvard University Press. ,(2012) , 10.4159/HARVARD.9780674063112.C18