Dexteroid: Detecting malicious behaviors in Android apps using reverse-engineered life cycle models. Issue 59 (June 2016)
- Record Type:
- Journal Article
- Title:
- Dexteroid: Detecting malicious behaviors in Android apps using reverse-engineered life cycle models. Issue 59 (June 2016)
- Main Title:
- Dexteroid: Detecting malicious behaviors in Android apps using reverse-engineered life cycle models
- Authors:
- Junaid, Mohsin
Liu, Donggang
Kung, David - Abstract:
- Abstract: The amount of Android malware has increased greatly during the last few years. Static analysis is widely used in detecting such malware by analyzing the code without execution. The effectiveness of current tools relies on the app model as well as the malware detection algorithm which analyzes the app model. If the model and/or the algorithm is inadequate, then sophisticated attacks that are triggered by specific sequences of events will not be detected. This paper presents a static analysis framework called Dexteroid, which uses reverse-engineered life cycle models to accurately capture the behaviors of Android components. Dexteroid systematically derives event sequences from the models, and uses them to detect attacks launched by specific ordering of events. A prototype implementation of Dexteroid detects two types of attacks: (1) leakage of private information, and (2) sending SMS to premium-rate numbers. A series of experiments are conducted on 1526 Google Play apps, 1259 Genome Malware apps, and a suite of benchmark apps called DroidBench and the results are compared with a state-of-the-art static analysis tool called FlowDroid. The evaluation results show that the proposed framework is effective and efficient in terms of precision, recall, and execution time.
- Is Part Of:
- Computers & security. Issue 59(2016)
- Journal:
- Computers & security
- Issue:
- Issue 59(2016)
- Issue Display:
- Volume 59, Issue 59 (2016)
- Year:
- 2016
- Volume:
- 59
- Issue:
- 59
- Issue Sort Value:
- 2016-0059-0059-0000
- Page Start:
- 92
- Page End:
- 117
- Publication Date:
- 2016-06
- Subjects:
- Static analysis -- Mobile app security -- Android -- Malware -- Privacy -- Life cycle models
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2016.01.008 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 2569.xml