期刊
IEEE TRANSACTIONS ON MOBILE COMPUTING
卷 19, 期 1, 页码 90-102出版社
IEEE COMPUTER SOC
DOI: 10.1109/TMC.2018.2889495
关键词
Security; Malware; Feature extraction; Mobile computing; Sensitivity; Complexity theory; Standards; Android ICC; inter-app analysis; malware collusion; static analysis; risk assessment
Malware collusion is a technique utilized by attackers to evade standard detection. It is a new threat where two or more applications, appearing benign, communicate to perform a malicious task. Most proposed approaches aim at detecting stand-alone malicious applications. We point out the need for analyzing data flows across multiple Android apps, a problem referred to as end-to-end flow analysis. In this work, we present a flow analysis for app pairs that computes the risk level associated with their potential communications. Our approach statically analyzes the sensitivity and context of each inter-app flow based on inter-component communication (ICC) between communicating apps, and defines fine-grained security policies for inter-app ICC risk classification. We perform an empirical study on 7,251 apps from the Google Play store to identify the apps that communicate with each other via ICC channels. Our results report four times fewer warnings on our dataset of 197 real app pairs communicating via explicit external ICCs than the state-of-the-art permission-based collusion detection.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据