Towards a threat assessment framework for apps collusion.
作者: Harsha Kumara Kalutarage , Hoang Nga Nguyen , Siraj Ahmed Shaikh
DOI: 10.1007/S11235-017-0296-1
关键词:
摘要: App collusion refers to two or more apps working together achieve a malicious goal that they otherwise would not be able individually. The permissions based security model of Android does address this threat as it is rather limited mitigating risks individual apps. This paper presents technique for quantifying the threat, essentially first step towards assessing risk. proposed method useful in finding candidate interest which critical given high volume available. We present our empirical analysis using classified corpus over 29,000 provided by Intel SecurityTM.
coventry.ac.uk
springer.com
core.ac.uk
sci-hub.se 参考文章(44)
Fu Song, Tayssir Touili, Model-Checking for Android Malware Detection asian symposium on programming languages and systems. pp. 216- 235 ,(2014) , 10.1007/978-3-319-12736-1_12
Philippe Beaucamps, Isabelle Gnaedig, Jean-Yves Marion, Abstraction-Based Malware Analysis Using Rewriting and Model Checking Computer Security – ESORICS 2012. ,vol. 7459, pp. 806- 823 ,(2012) , 10.1007/978-3-642-33167-1_46
Harsha K. Kalutarage, Siraj A. Shaikh, Indika P. Wickramasinghe, Qin Zhou, Anne E. James, Detecting stealthy attacks Computers & Electrical Engineering. ,vol. 47, pp. 327- 344 ,(2015) , 10.1016/J.COMPELECENG.2015.07.007
K. Krishnamoorthy, Handbook of statistical distributions with applications ,(2006)
D.M.J. Tax, One-class classification TU Delft, Delft University of Technology. ,(2001)
Hubert Ritzdorf, Analyzing Covert Channels on Mobile Devices ETH Zürich, Department of Computer Science. ,(2012) , 10.3929/ETHZ-A-007305126
Damien Octeau, Yves Le Traon, Eric Bodden, Alexandre Bartel, Patrick McDaniel, Jacques Klein, Somesh Jha, Effective inter-component communication mapping in Android with Epicc: an essential step towards holistic security analysis usenix security symposium. pp. 543- 558 ,(2013)
Ki-Hyeon Kim, Mi-Jung Choi, Android malware detection using multivariate time-series technique asia pacific network operations and management symposium. pp. 198- 202 ,(2015) , 10.1109/APNOMS.2015.7275426
Claudio Marforio, Srdjan Capkun, Aurélien Francillon, Application Collusion Attack on the Permission-Based Security Model and its Implications for Modern Smartphone Systems CTIT technical reports series. ,vol. 724, ,(2010) , 10.3929/ETHZ-A-006936208
Gerardo Canfora, Andrea De Lorenzo, Eric Medvet, Francesco Mercaldo, Corrado Aaron Visaggio, Effectiveness of Opcode ngrams for Detection of Multi Family Android Malware availability, reliability and security. pp. 333- 340 ,(2015) , 10.1109/ARES.2015.57