DroidEcho: an in-depth dissection of malicious behaviors in Android applications

Cybersecurity - 2018
Shangqing Liu1, Ruitao Feng2, Guangdong Bai3, Kai Chen1, Yang Liu2
1SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China
2Nanyang Technological University, Singapore, Singapore
3Singapore Institute of Technology, Singapore, Singapore

Tóm tắt

Từ khóa


Tài liệu tham khảo

Arzt, S, Bodden E (2016) StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework In: Proceedings of the 38th International Conference on Software Engineering, 725–735.

Arzt, S, Rasthofer S, Fritz C, Bodden E, Bartel A, Klein J, Le Traon Y, Octeau D, McDaniel P (2014) FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, 259–269, Edinburgh.

Arzt, S, Rasthofer S, Fritz C, Bodden E, Bartel A, Klein J, Le Traon Y, Octeau D, McDaniel P (2014) Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’14, 259–269.. ACM, New York.

Au, KWY, Zhou Y, Huang Z, Lie D (2012) PScout: Analyzing the Android Permission Specification In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS ’12, 217–228.. ACM, New York.

Bosu, A, Liu F, Yao DD, Wang G (2017) Collusive Data Leak and More: Large-scale Threat Analysis of Inter-app Communications In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 71–85, Abu Dhabi.

Chen, KZ, Johnson NM, D’Silva V, Dai S, MacNamara K, Magrino TR, Wu EX, Rinard M, Song DX (2013) Contextual Policy Enforcement in Android Applications with Permission Event Graphs In: 20th Annual Network and Distributed System Security Symposium, NDSS ’13, San Diego. http://internetsociety.org/doc/contextual-policy-enforcement-android-applications-permission-event-graphs .

Chen, QA, Qian Z, Mao ZM (2014) Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks In: Proceedings of the 23rd USENIX Conference on Security Symposium, SEC’14, 1037–1052.. USENIX Association, Berkeley.

Enck, W, Gilbert P, Chun B-G, Cox LP, Jung J, McDaniel P, Sheth AN (2010) TaintDroid: An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI’10, 393–407.. USENIX Association, Berkeley.

Enck, W, Octeau D, McDaniel P, Chaudhuri S (2011) A Study of Android Application Security In: Proceedings of the 20th USENIX Conference on Security, SEC’11, 21–21.. USENIX Association, Berkeley.

Enck, W, Ongtang M, McDaniel PD (2009) Understanding Android Security. IEEE Secur Priv 7(1):50–57.

F-Secure Lab (2013) Mobile Threat Report, January - March 2013. Technical report.

Feng, Y, Anand S, Dillig I, Aiken A2014. Apposcopy: Semantics-Based Detection of Android Malware Through Static Analysis. ACM, New Year. https://doi.org/10.1145/2635868.2635869 .

Grace, MC, Zhou Y, Wang Z, Jiang X (2012) Systematic Detection of Capability Leaks in Stock Android Smartphones In: 19th Annual Network & Distributed System Security Symposium. http://dblp.uni-trier.de/rec/bib/conf/ndss/GraceZWJ12 .

Gunadi, H, Tiu A (2013) Efficient runtime monitoring with metric temporal logic: A case study in the android operating system. CoRR abs/1311.2362. http://arxiv.org/abs/1311.2362.

Hao, S, Li D, Halfond WGJ, Govindan R (2013) Estimating Mobile Application Energy Consumption Using Program Analysis In: Proceedings of the 2013 International Conference on Software Engineering, ICSE ’13, 92–101.. IEEE Press, Piscataway.

Hilgers, C, Macht H, Müller T, Spreitzenbarth M (2014) Post-Mortem Memory Analysis of Cold-Booted Android Devices In: Proceedings of the 2014 Eighth International Conference on IT Security Incident Management & IT Forensics, IMF ’14, 62–75.. IEEE Computer Society, Washington.

Lhoták, O, Hendren L (2003) Scaling Java Points-to Analysis Using SPARK In: Proceedings of the 12th International Conference on Compiler Construction, CC’03, 153–169.. Springer-Verlag, Berlin.

Li, L, Bartel A, Bissyandé TF, Klein J, Traon YL, Arzt S, Rasthofer S, Bodden E, Octeau D, McDaniel PD (2015) IccTA: Detecting Inter-Component Privacy Leaks in Android Apps In: 37th IEEE/ACM International Conference on Software Engineering, ICSE 2015, Florence, Italy, May 16-24, 2015, Volume 1, 280–291.

Luo, W, Xu S, Jiang X (2013) Real-time Detection and Prevention of Android SMS Permission Abuses In: Proceedings of the First International Workshop on Security in Embedded Systems and Smartphones, SESP ’13.. ACM, New York.

Mariconti, E, Onwuzurike L, Andriotis P, Cristofaro ED, Ross GJ, Stringhini G (2016) Mamadroid: Detecting android malware by building markov chains of behavioral models. CoRR abs/1612:04433.

Octeau, D, McDaniel P, Jha S, Bartel A, Bodden E, Klein J, Traon YL (2013) Effective Inter-Component Communication Mapping in Android: An Essential Step Towards Holistic Security Analysis In: Proceedings of the 22Nd USENIX Conference on Security, SEC’13, 543–558.. USENIX Association, Berkeley.

Oliner, AJ, Iyer A, Lagerspetz E, Tarkoma S (2012) Collaborative Energy Debugging for Mobile Devices In: the 8th Workshop on Hot Topics in System Dependability.. USENIX, Berkeley.

Orthacker, C, Teufl P, Kraxberger S, Lackner G, Gissing M, Marsalek A, Leibetseder J, Prevenhueber O (2011) Android Security Permissions - Can We Trust Them? In: Security and Privacy in Mobile Information and Communication Systems, 40–51.. Springer Berlin Heidelberg, Berlin.

Pathak, A, Hu YC, Zhang MBootstrapping Energy Debugging on Smartphones: A First Look at Energy Bugs in Mobile Devices In: Proceedings of the 10th ACM Workshop on Hot Topics in Networks, HotNets-X, 5:1–5:6.. ACM, New York. https://doi.org/10.1145/2070562.2070567 .

Pathak, A, Hu YC, Zhang M (2012) Where is the energy spent inside my app? Fine-grained Energy Accounting on Smartphones with Eprof In: Proceedings of the 7th ACM European Conference on Computer Systems, EuroSys ’12, 29–42.. ACM, New York. https://doi.org/10.1145/2168836.2168841 .

Prince, BNew Android Malware Targets Banking Apps, Phone Information: Fireeye. http://www.securityweek.com/new-android-malware-targets-banking-apps-phone-information-fireeye . Accessed 05 Oct 2017.

ProGuard (2017). http://developer.android.com/tools/help/proguard.html . Accessed 03 Dec 2017.

Qu, Z, Rastogi V, Zhang X, Chen Y, Zhu T, Chen Z (2014) AutoCog: Measuring the Description-to-permission Fidelity in Android Applications In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 1354–1365.

Rastogi, V, Chen Y, Jiang X (2013) DroidChameleon: Evaluating Android Anti-malware Against Transformation Attacks In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS ’13, 329–334.. ACM, New York.

Reps, TW, Horwitz S, Sagiv S (1995) Precise Interprocedural Dataflow Analysis via Graph Reachability In: Conference Record of POPL’95: 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, San Francisco. https://doi.org/10.1145/199448.199462 .

Schlegel, R, Zhang K, Zhou X, Intwala M, Kapadia A, Wang X (2011) Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones In: 18th Annual Network and Distributed System Security Symposium.

Shabtai, A, Fledel Y, Kanonov U, Elovici Y, Dolev S, Glezer C (2010) Google Android: A Comprehensive Security Assessment. IEEE Secur Priv 8(2):35–44.

Symantec Inc. (2017) Internet Security Threat Report. Technical report.

Vallée-Rai, R, Co P, Gagnon E, Hendren L, Lam P, Sundaresan V (1999) Soot - a Java Bytecode Optimization Framework In: Proceedings of the 1999 Conference of the Centre for Advanced Studies on Collaborative Research, CASCON ’99, 13.. IBM Press. http://dl.acm.org/citation.cfm?id=781995.782008 .

Vekris, P, Jhala R, Lerner S, Agarwal Y (2012) Towards Verifying Android Apps for the Absence of No-Sleep Energy Bugs In: Proceedings of the 2012 USENIX Conference on Power-Aware Computing and Systems, HotPower’12, 3–3.. USENIX Association, Berkeley.

Wei, F, Roy S, Ou X, Robby (2014) Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 1329–1341.

Wong, MY, Lie D (2016) IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware In: 23rd Annual Network & Distributed System Security Symposium.

Xing, L, Pan X, Wang R, Yuan K, Wang X (2014) Upgrading Your Android, Elevating My Malware: Privilege Escalation Through Mobile OS Updating In: IEEE Security & Privacy.

Xu, K, Li Y, Deng RH (2016) ICCDetector: ICC-Based Malware Detection on Android. IEEE Trans Inf Forensics Secur 11(6):1252–1264.

Xuxian, J, Yajin Z (2013) Android Malware. SpringerBriefs in Computer Science.

Yan, LK, Yin H (2012) DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis In: USENIX Security, 29–29.. USENIX Association, Berkeley.

Yang, C, Xu Z, Gu G, Yegneswaran V, Porras PA (2014) DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications In: 19th European Symposium on Research in Computer Security, 163–182.. Springer International Publishing.

Yang, W, Xiao X, Andow B, Li S, Xie T, Enck W (2015) AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context. Proceedings of the 37th International Conference on Software Engineering. pp. 303–313.

Yang, Z, Yang M, Zhang Y, Gu G, Ning P, Wang XS (2013) AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection In: Proceedings of the 2013 ACM SIGSAC conference on Computer and Communications Security, CCS ’13, 1043–1054.. ACM, New York.

Zhang, M, Duan Y, Yin H, Zhao Z (2014) Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs In: Proceedings of the 21th ACM Conference on Computer and Communications Security, CCS ’14, Scottsdale.

Zhang, M, Yin H (2014) Efficient, Context-aware Privacy Leakage Confinement for Android Applications Without Firmware Modding In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS’14), Kyoto.

Zhang, Y, Yang M, Xu B, Yang Z, Gu G, Ning P, Wang XS, Zang B (2013) Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS ’13, 611–622.. ACM, New York. https://doi.org/10.1145/2508859.2516689 .

Zhou, Y, Jiang X (2011) An Analysis of the AnserverBot Trojan. Technical report. http://www.csc.ncsu.edu/faculty/jiang/pubs/AnserverBot_Analysis.pdf .

Zhou, Y, Jiang X (2012) Dissecting Android Malware: Characterization and Evolution In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP ’12, 95–109.. IEEE Computer Society, Washington.

Thông tin
Thông tin xuất bản

Cybersecurity

Thông tin tác giả