Formal Methods Meet Mobile Code Obfuscation Identification of Code Reordering Technique
作者: Aniello Cimitile , Fabio Martinelli , Francesco Mercaldo , Vittoria Nardone , Antonella Santone
关键词:
摘要: Android represents the most widespread mobile environment. This increasing diffusion is reason why attackers are attracted to develop malware targeting this platform. Malware writers usually use code obfuscation techniques in order evade current antimalware detection and generate new variants. These make programs harder understand they change signature of application making ineffective extraction work. We propose a method based on formal methods able identify whether obfuscated. In preliminary work we one technique: reordering. test our real-world dataset composed by trusted ransomware samples, obtaining encouraging results.
sci-hub.se 参考文章(27)
Fu Song, Tayssir Touili, Model-Checking for Android Malware Detection asian symposium on programming languages and systems. pp. 216- 235 ,(2014) , 10.1007/978-3-319-12736-1_12
Jonathan Crussell, Clint Gibler, Hao Chen, Attack of the Clones: Detecting Cloned Applications on Android Markets Computer Security – ESORICS 2012. pp. 37- 54 ,(2012) , 10.1007/978-3-642-33167-1_3
Robin Milner, Communication and Concurrency ,(1989)
Rance Cleaveland, Steve Sims, The NCSU Concurrency Workbench computer aided verification. pp. 394- 397 ,(1996) , 10.1007/3-540-61474-5_87
Min Zheng, Patrick P. C. Lee, John C. S. Lui, ADAM: an automatic and extensible platform to stress test android anti-virus systems international conference on detection of intrusions and malware and vulnerability assessment. pp. 82- 101 ,(2012) , 10.1007/978-3-642-37300-8_5
Luca Tesei, Antonella Santone, Nicoletta De Francesco, Roberto Barbuti, A Notion of Non-Interference for Timed Automata Fundamenta Informaticae. ,vol. 51, pp. 1- 11 ,(2002)
Fu Song, Tayssir Touili, PoMMaDe: pushdown model-checking for malware detection foundations of software engineering. pp. 607- 610 ,(2013) , 10.1145/2491411.2494599
Roberto Barbuti, Nicoletta De Francesco, Antonella Santone, Gigliola Vaglini, Reduced Models for Efficient CCS Verification formal methods. ,vol. 26, pp. 319- 350 ,(2005) , 10.1007/S10703-005-1634-6
Gerardo Canfora, Francesco Mercaldo, Corrado Aaron Visaggio, A Classifier of Malicious Android Applications availability, reliability and security. pp. 607- 614 ,(2013) , 10.1109/ARES.2013.80
Vaibhav Rastogi, Yan Chen, Xuxian Jiang, Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks IEEE Transactions on Information Forensics and Security. ,vol. 9, pp. 99- 108 ,(2014) , 10.1109/TIFS.2013.2290431