MADS: Malicious Android Applications Detection through String Analysis
نویسندگان
چکیده
The use of mobile phones has increased in our lives because they offer nearly the same functionality as a personal computer. Besides, the number of applications available for Android-based mobile devices has increased. Google offers to programmers the opportunity to upload and sell applications in the Android Market, but malware writers upload their malicious code there. In light of this background, we present here Malicious Android applications Detection through String analysis (MADS), a new method that extracts the contained strings from the Android applications to build machine-learning classifiers and detect malware.
منابع مشابه
String Analysis of Android Applications
The desire to understand mobile applications has resulted in researchers adapting classical static analysis techniques to the mobile domain. Examination of data and control flows in Android apps is now a common practice to classify them. Important to these analyses is a fine-grained examination and understanding of strings, since in Android they are heavily used in intents, URLs, reflection, an...
متن کاملWeb-to-Application Injection Attacks on Android: Characterization and Detection
Vulnerable Android applications are traditionally exploited via malicious apps. In this paper, we study an underexplored class of Android attacks which do not require the user to install malicious apps, but merely to visit a malicious website in an Android browser. We call them web-to-app injection (or W2AI) attacks, and distinguish between different categories of W2AI sideeffects. To estimate ...
متن کاملInformation Flow Analysis of Android Applications in DroidSafe
We present DroidSafe, a static information flow analysis tool that reports potential leaks of sensitive information in Android applications. DroidSafe combines a comprehensive, accurate, and precise model of the Android runtime with static analysis design decisions that enable the DroidSafe analyses to scale to analyze this model. This combination is enabled by accurate analysis stubs, a techni...
متن کاملDroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications
Most existing malicious Android app detection approaches rely on manually selected detection heuristics, features, and models. In this paper, we describe a new, complementary system, called DroidMiner, which uses static analysis to automatically mine malicious program logic from known Android malware, abstracts this logic into a sequence of threat modalities, and then seeks out these threat mod...
متن کاملEdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework
A wealth of recent research proposes static data flow analysis for the security analysis of Android applications. One of the building blocks that these analysis systems rely upon is the computation of a precise control flow graph. The callback mechanism provided and orchestrated by the Android framework makes the correct generation of the control flow graph a challenging endeavor. From the anal...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013