Identifying Mobile Repackaged Applications through Formal Methods
نویسندگان
چکیده
Smartphones and tablets are rapidly become indispensable in every day activities. Android has become the most popular operating system for mobile environments in the world. These devices, owing to the open nature of Android, are continuously exposed to attacks, mostly to data exfiltration and monetary fraud. There are many techniques to embed the bad code, i.e. the instructions able to perform a malicious behaviour, into a legitimate application: the most diffused one is the so-called repackaged, that consists of reverse engineer the application in order to embed the malicious code and then (re)distribute them in the official and/or third party markets. In this paper we propose a technique to localize malicious payload of GinMaster family, one of the most representative repackaged trojan in Android environment. We obtain encouraging results, achieving an accuracy equal to 0.9.
منابع مشابه
Detection of repackaged mobile applications through a collaborative approach
Repackaged applications are based on genuine applications, but they subtlety include some modifications. In particular, trojanized applications are one of the most dangerous threats for smartphones. Malware code may be hidden inside applications to access private data, or to leak user credit. In this paper, we propose a contract-based approach to detect such repackaged applications, where a con...
متن کاملSemeo: a Semantic Equivalence Analysis Framework for Obfuscated Android Applications
Software repackaging is a common approach for creating malware. In this approach, malware authors inject malicious payloads into legitimate applications; then, to render security analysis more difficult, they obfuscate most or all of the code. This forces analysts to spend a large amount of effort filtering out benign obfuscated methods in order to locate potentially malicious methods for furth...
متن کاملExploitation and Detection of a Malicious Mobile Application
Mobile devices are increasingly being embraced by both organizations and individuals in today’s society. Specifically, Android devices have been the prominent mobile device OS for several years. This continued amalgamation creates an environment that is an attractive attack target. The heightened integration of these devices prompts an investigation into the viability of maintaining non-comprom...
متن کاملA Formal Petri Net Based Model for Antivirus Update Agent System
In this paper, a formal model for antivirus update agent system is presented based on mobile agent technology and predicate/transition Petri nets. The mobile agent system contains two mobile agents called DCA and UNA. It sends out agents to update antivirus on client computers in a network. Each agent takes on a specified responsibility. First, DCA roams through the network and check the last d...
متن کاملA Formal Petri Net Based Model for Antivirus Update Agent System
In this paper, a formal model for antivirus update agent system is presented based on mobile agent technology and predicate/transition Petri nets. The mobile agent system contains two mobile agents called DCA and UNA. It sends out agents to update antivirus on client computers in a network. Each agent takes on a specified responsibility. First, DCA roams through the network and check the last d...
متن کامل