作者: Jean-Francois Lalande , Wojciech Mazurczyk , Marcin Urbanski , Luca Caviglione , Mauro Gaggero
DOI: 10.1109/TIFS.2015.2510825
关键词:
摘要: Modern malware uses advanced techniques to hide from static and dynamic analysis tools. To achieve stealthiness when attacking a mobile device, an effective approach is the use of covert channel built by two colluding applications exchange data locally. Since this process tightly coupled with used hiding method, its detection challenging task, also worsened very low transmission rates. As consequence, it important investigate how reveal presence malicious software using general indicators, such as energy consumed device. In perspective, paper aims spot covertly exchanging methods based on artificial intelligence tools, neural networks decision trees. verify their effectiveness, seven channels have been implemented tested over measurement framework Android devices. Experimental results show feasibility effectiveness proposed detect hidden between applications.