On the Need of Precise Inter-App ICC Classification for Detecting Android Malware Collusions*

نویسندگان

  • Karim O. Elish
  • Barbara G. Ryder
چکیده

Malware collusion is a new threat against Android application security. It refers to the scenario where two or more applications interact with each other to perform malicious tasks. Most existing solutions assume the attack model of a standalone malicious application, and thus cannot detect collusion. The objective of this position paper is to point out the need for practical solutions for detecting malware collusion. We show experimental evidence on the technical challenges associated with classifying benign Android inter-component communication (ICC) flows from colluding ones. We statically construct ICC Maps to capture pairwise communicating ICC channels of 2,644 real benign apps. We find that existing permission-based collusion-detection policies trigger a large number of false alerts in benign apps pairs.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Using An Instrumentation based Approach to Detect Inter-Component Leaks in Android Apps

The success of the Android OS in its user base as well as in its developer base can partly be attributed to its communication model, named Inter-Component Communication (ICC), which promotes the development of loosely-coupled applications. By dividing applications into components that can exchange data within a single application and across several applications, Android encourages software reus...

متن کامل

Android Inter-App Communication Threats, Solutions, and Challenges

Researchers and commercial companies have made a lot of efforts on detecting malware in Android platform. However, a recent malware threat, App collusion, makes malware detection challenging. In App collusion, two or more Apps collaborate to perform malicious actions by communicating with each other, which makes single App analysis insufficient. In this paper, we first introduce Android securit...

متن کامل

Android inter-app communication threats and detection techniques

With the digital breakthrough, smart phones have become very essential component for many routine tasks like shopping, paying bills, transferring money, instant messaging, emails etc. Mobile devices are very attractive attack surface for cyber thieves as they hold personal details (accounts, locations, contacts, photos) and have potential capabilities for eavesdropping (with cameras/microphone,...

متن کامل

Detecting Privacy Leaks in Android Apps

The number of Android apps have grown explosively in recent years and the number of apps leaking private data have also grown. It is necessary to make sure all the apps are not leaking private data before putting them to the app markets and thereby a privacy leaks detection tool is needed. We propose a static taint analysis approach which leverages the control-flow graph (CFG) of apps to detect...

متن کامل

Android Collusive Data Leaks with Flow-sensitive DIALDroid Dataset

We present DIALDroid, a scalable and accurate tool for analyzing inter-app Inter-Component Communication (ICC) among Android apps, which outperforms current state-of-theart ICC analysis tools. Using DIALDroid, we performed the first large-scale detection of collusive and vulnerable apps based on inter-app ICC data flows among 110,150 real-world apps and identified key security insights.

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2015