An android application sandbox system for suspicious software detection

Proceedings of the 5th IEEE International Conference on Malicious and Unwanted Software, Malware 2010

Volumn , Issue , 2010, Pages 55-62

  Bläsing, Thomas ^a   Batyuk, Leonid ^a   Schmidt, Aubrey Derrick ^a   Camtepe, Seyit Ahmet ^a   Albayrak, Sahin ^a  

^a TECHNISCHE UNIVERSITÄT BERLIN   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

ANDROID MARKETS; ANTI VIRUS; COMPUTATIONAL POWER; CONVENTIONAL TECHNIQUES; DETECTION ALGORITHM; DISTRIBUTED DETECTION; LINUX KERNEL; MALWARE ATTACKS; MOBILE SOFTWARES; NEW APPLICATIONS; OPERATING SYSTEMS; SMART-PHONES; SOFTWARE DETECTION; STATIC AND DYNAMIC ANALYSIS;

COMPUTER CRIME; COMPUTER OPERATING SYSTEMS; DYNAMIC ANALYSIS; MOBILE DEVICES; ROBOTS; VIRUSES;

STATIC ANALYSIS;

EID: 78651410113     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/MALWARE.2010.5665792     Document Type: Conference Paper

References (35)

1. M. Becher, F. Freiling, and B. Leider. On the effort to create smartphone worms in windows mobile. In Information Assurance and Security Workshop, 2007. IAW '07. IEEESMC, pages 199-206, 20-22 June 2007.
2. J. Bergeron, M. Debbabi, J. Desharnais, M. M. Erhioui, Y. Lavoie, and N. Tawbi. Static detection of malicious code in executable programs. In Proceedings of the Symposium on Requirements Engineering for Information Security (SREIS'01), 2001.
3. M. A. Bishop. The Art and Science of Computer Security. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA, 2002.
4. Bundesamt für Sicherheit in der Informationstechnik. Mobile endgeräte und mobile applikationen: Sicherheitsgefährdungen und schutzmassnahmen, 2006.
5. J. Burns. Developing secure mobile applications for android - an introduction to making secure android applications. https://www.isecpartners. com/files/iSEC-Securing-Android-Apps.pdf, 2008. [Online; accessed 01-March-2010].
6. A. Dewald, T. Holz, and F. Freiling. Adsandbox: Sandboxing javascript to fight malicious websites. In Symposium on Applied Computing (SAC) 2010, Sierre, Switzerland, march 2010.
7. M. Dornseif, T. Holz, and C. Klein. Nosebreak - attacking honeynets. In In Proceedings of the 2004 IEEE Information Assurance Workshop, 2004.
8. W. Enck, M. Ongtang, and P. McDaniel. Understanding android security. IEEE Security and Privacy, 7(1):50-57, 2009.
9. S. Forrest, S. Hofmeyr, and A. Somayaji. The evolution of system-call monitoring. In ACSAC '08: Proceedings of the 2008 Annual Computer Security Applications Conference, pages 418-430. IEEE Computer Society, 2008.
10. T. Garfinkel. Traps and pitfalls: Practical problems in in system call interposition based security tools. In Proc. Network and Distributed Systems Security Symposium, 2003.
11. D. K. Goldhammer, D. A. Wiegand, D. Becker, and M. Schmid. Goldmedia mobile life report 2012, mobile life in the 21st century, status quo and outlook. http://www.bitkom.org/60376.aspx?url=081009-bitkom-goldmedia-mobile- life-2012(1).pdf. [Online; accessed 01-May-2010].
12. L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers. Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit™ 1.2. In Proceedings of the USENIX Symposium on Internet Technologies and Systems, pages 102-112, Monterey, California, Dec. 1997.
13. D. Gopan and T. Reps. Low-level library analysis and summarization. In In CAV, pages 68-81, 2007.
14. G. Lawton. Is it finally time to worry about mobile malware? Computer, 41(5):12-14, 2008.
15. J. Levine, J. Grizzard, and H. Owen. A methodology to detect and characterize kernel level rootkit exploits involving redirection of the system call table. In IWIA '04: Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04), page 107. IEEE Computer Society, 2004.
16. R. Love. Linux System Programming. O'Reilly, 2007.
17. A. Moser, C. Kruegel, and E. Kirda. Limits of static analysis for malware detection. In Proceedings of the 23rd Annual Computer Security Application Conference (ACSAC), pages 421-430, 2007.
18. C. Mulliner. Exploiting pocketpc, 2005. Talk on WhatTheHack 2005, http://wiki.whatthehack.org/images/c/c0/Collinmulliner-wth2005-exploiting- pocketpc.pdf.
19. C. Mulliner. Advanced attacks against pocketpc phones. 2006.
20. C. Mulliner. Exploiting symbian: Symbian exploitation and shellcode development. http://mulliner.org/symbian/feed/CollinMulliner-Exploiting-Symbian- BlackHat-Japan-2008.pdf, 2008. Talk on BlackHat Japan 2008, visited 15.6.2009.
21. C. Mulliner and G. Vigna. Vulnerability analysis of mms user agents. In ACSAC '06: Proceedings of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference, pages 77-88, Washington, DC, USA, 2006. IEEE Computer Society.
22. D. Mutz, W. K. Robertson, G. Vigna, and R. A. Kemmerer. Exploiting execution context for the detection of anomalous system calls. In RAID, pages 1-20, 2007.
23. J. Oberheide, E. Cooke, and F. Jahanian. Cloudav: N-version antivirus in the network cloud. In Proceedings of the 17th USENIX Security Symposium (Security'08), San Jose, CA, July 2008.
24. R. Racic, D. Ma, and H. Chen. Exploiting mms vulnerabilities to stealthily exhaust mobile phone's battery. In Proceedings of the Second IEEE Communications Society / CreateNet International Conference on Security and Privacy in Communication Networks (SecureComm), Baltimore, MD, Aug. 2006.
25. T. Raffetseder, C. Kruegel, and E. Kirda. Detecting system emulators.
26. A. Rubini. Kernel system calls. http://www.ar.linux.it/docs/ksys/ksys. html. [Online; accessed 01-March-2010].
27. A. Schmidt and S. Albayrak. Malicious software for smartphones. Technical Report TUB-DAI 02/08-01, Technische Universität Berlin, DAI-Labor, Feb. 2008. http://www.dai-labor.de.
28. A.-D. Schmidt and S. Albayrak. Malicious software for smartphones. Technical Report TUB-DAI 02/08-01, Technische Universität Berlin - DAI-Labor, Feb. 2008.
29. A.-D. Schmidt, R. Bye, H.-G. Schmidt, J. Clausen, O. Kiraz, K. Yüksel, A. Camtepe, and S. Albayrak. Static analysis of executables for collaborative malware detection on android. In IEEE International Congress on Communication (ICC) 2009 - Communication and Information Systems Security Symposium, 2009.
30. A.-D. Schmidt, J. H. Clausen, S. A. Camtepe, and S. Albayrak. Detecting symbian os malware through static function call analysis. In Proceedings of the 4th IEEE International Conference on Malicious and Unwanted Software (Malware 2009), pages 15-22. IEEE, 2009.
31. A.-D. Schmidt, H.-G. Schmidt, L. Batyuk, J. H. Clausen, S. A. Camtepe, S. Albayrak, and C. Yildizli. Smartphone malware evolution revisited: Android next target? In Proceedings of the 4th IEEE International Conference on Malicious and Unwanted Software (Malware 2009), pages 1-7. IEEE, 2009.
32. A. Shabtai, Y. Fledel, and Y. Elovici. Securing android-powered mobile devices using selinux. IEEE Security and Privacy, 99(PrePrints), 2009.
33. P. Szor. Virus Research and Defense. Addison Wesley, 2005.
34. C. Willems, T. Holz, and F. Freiling. Toward automated dynamic malware analysis using cwsandbox. IEEE Security and Privacy, 5(2):32-39, 2007.
35. D. D. Zovi. Kernel rootkits.