Malicious Behavior Monitoring for Android Applications
نویسندگان
چکیده
Android, as a modern popular open source mobile platform, makes its security issues more prominent, especially in user privacy leakage. In this paper, we proposed a twostep model which combines static and dynamic analysis approaches. During the static analysis, permission combination matrix is used to determine whether an application has potential risks. For those suspicious applications, based on the reverse engineering, embed monitoring Smali code for those sensitive APIs such as sending SMS, accessing user location, device ID, phone number, etc. From experiments, it shows that almost 26% applications in Android market have privacy leakage risks. And our proposed method is feasible and effective for monitoring these kind of malicious behavior.
منابع مشابه
Targeted Dynamic Analysis for Android Malware
Targeted Dynamic Analysis for Android Malware Michelle Wong Master of Applied Science Graduate Department of Electrical and Computer Engineering University of Toronto 2015 The identification and analysis of Android malware involves either static or dynamic program analysis of the malware binary. While static analysis has good code coverage, it is not as precise due to the lack of run-time infor...
متن کاملریسک سنج: ابزاری برای سنجش دقیق میزان ریسک امنیتی برنامهها در دستگاههای همراه
Nowadays smartphones and tablets are widely used due to their various capabilities and features for end users. In these devices, accessing a wide range of services and sensitive information including private personal data, contact list, geolocation, sending and receiving messages, accessing social networks and etc. are provided via numerous application programs. These types of accessibilities, ...
متن کاملDroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android
Smart mobile devices process and store a vast amount of securityand privacy sensitive data. To protect this data from malicious applications mobile operating systems, such as Android, adopt finegrained access control architectures. However, related work has shown that these access control architectures are susceptible to applicationlayer privilege escalation attacks. Both automated static and d...
متن کاملIdentifying android malicious repackaged applications by thread-grained system call sequences
Android security has become highly desirable since adversaries can easily repackage malicious codes into various benign applications and spread these malicious repackaged applications (MRAs). Most MRA detection mechanisms on Android focus on detecting a specific family of MRAs or requiring the original benign application to compare with the malicious ones. This work proposes a new mechanism, SC...
متن کاملApplying Behavioral Detection on Android-Based Devices
We present Andromaly a behavioral-based detection framework for Android-powered mobile devices. The proposed framework realizes a Host-based Intrusion Detection System (HIDS) that continuously monitors various features and events obtained from the mobile device, and then applies Machine Learning methods to classify the collected data as normal (benign) or abnormal (malicious). Since no maliciou...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- I. J. Network Security
دوره 18 شماره
صفحات -
تاریخ انتشار 2016