Smartdroid: An automatic system for revealing ui-based trigger conditions in android applications

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2012, Pages 93-104

  Zheng, Cong ^a   Zhu, Shixiong ^a   Dai, Shuaifu ^a   Gu, Guofei ^a,b   Gong, Xiaorui ^a   Han, Xinhui ^a   Zou, Wei ^a  

^a PEKING UNIVERSITY   (China)

^b TEXAS A AND M UNIVERSITY   (United States)

Author keywords

Android; Sensitive behavior; Smartphone security; UI based trigger condition

Indexed keywords

ANDROID; AUTOMATIC SYSTEMS; DYNAMIC ANALYSIS TOOLS; FUNCTION CALLS; INTERACTION PATH; MALWARES; PROTOTYPE SYSTEM; SENSITIVE BEHAVIOR; STATIC AND DYNAMIC ANALYSIS; TRIGGER CONDITIONS;

MOBILE DEVICES; SMARTPHONES; STATIC ANALYSIS; USER INTERFACES;

ROBOTS;

EID: 84869757378     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2381934.2381950     Document Type: Conference Paper

References (31)

1. Android market growth. http://android-developers.blogspot.com/2011/12/ closer-look-at-10-billion-downloads.html.
2. Android snapshot. http://pastebin.com/bCieGJVV.
3. Antiy corp. ltd. http://www.antiy.com/cn/about/index.htm.
4. Apktool. http://code.google.com/p/android-apktool/.
5. Bouncer. http://googlemobile.blogspot.com/2012/02/android-and-security. html.
6. Contagio. http://contagiominidump.blogspot.co.il/search/label/Russian.
7. The horoscope app. https://play.google.com/store/apps/details?id=fr. telemaque.horoscope.
8. Introducing google play. http://googleblog.blogspot.com/2012/03/ introducing-google-play-all-your.html.
9. Jni. http://developer.android.com/guide/practices/jni.html.
10. Operaupdater. http://www.18digi.com/news/7361/tencent-security- laboratory,-december-11-mobile-phone-viruses/.
11. Sensitive apis. http://www.android-permissions.org/.
12. A. K. Benjamin Davis, Ben Sanders and H. Chen. I-arm-droid: A rewriting framework for in-app reference monitors for android applications. In Proceedings of the Mobile Security Technologies 2012, MOST '12. IEEE, 2012.
13. I. Burguera, U. Zurutuza, and S. Nadjm-Tehrani. Crowdroid: behavior-based malware detection system for android. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, SPSM '11, pages 15-26, New York, NY, USA, 2011. ACM.
14. P. P. Chan, L. C. Hui, and S. M. Yiu. Droidchecker: analyzing android applications for capability leak. In Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks, WISEC '12, pages 125-136, New York, NY, USA, 2012. ACM.
15. E. Chin, A. P. Felt, K. Greenwood, and D. Wagner. Analyzing inter-application communication in android. In Proceedings of the 9th international conference on Mobile systems, applications, and services, MobiSys '11, pages 239-252, New York, NY, USA, 2011. ACM.
16. S. Dienst and T. Berger. Mining interactions of android applications static analysis of dalvik bytecode. Technical report, Department of Computer Science, University of Leipzig, Germany, May 2011. Technical Note.
17. W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX conference on Operating systems design and implementation, OSDI'10, pages 1-6, Berkeley, CA, USA, 2010. USENIX Association.
18. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A study of android application security. In Proceedings of the 20th USENIX conference on Security, SEC'11, pages 21-21, Berkeley, CA, USA, 2011. USENIX Association.
19. A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android permissions demystified. In Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pages 627-638, New York, NY, USA, 2011. ACM.
20. A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner. A survey of mobile malware in the wild. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, SPSM '11, pages 3-14, New York, NY, USA, 2011. ACM.
21. C. Gibler, J. Crussell, J. Erickson, and H. Chen. Androidleaks: Automatically detecting potential privacy leaks in android applications on a large scale. In Proceedings of the 5th International Conference on Trust & Trustworthy Computing, TRUST '12, pages 291-307, Vienna, Austria, 2012.
22. P. Gilbert, B.-G. Chun, L. P. Cox, and J. Jung. Vision: automated security validation of mobile apps at app markets. In Proceedings of the second international workshop on Mobile cloud computing and services, MCS '11, pages 21-26, New York, NY, USA, 2011. ACM.
23. C. Hu and I. Neamtiu. Automating gui testing for android applications. In Proceedings of the 6th International Workshop on Automation of Software Test, AST '11, pages 77-83, New York, NY, USA, 2011. ACM.
24. E. Manuel, K. Christopher, K. Engin, and V. Giovanni. Pios: Detecting privacy leaks in ios applications. In Proceedings of the 19th Network and Distributed System Security Symposium, NDSS '11, 2011.
25. G. Michael, Z. Yajin, W. Zhi, and J. Xuxian. Systematic detection of capability leaks in stock android smartphones. In Proceedings of the 19th Network and Distributed System Security Symposium, NDSS '12, 2012.
26. J. Midtgaard and T. P. Jensen. Control-flow analysis of function calls and returns by abstract interpretation. In Proceedings of the 14th ACM SIGPLAN international conference on Functional programming, ICFP '09, pages 287-298, New York, NY, USA, 2009. ACM.
27. A. Saswat, N. Mayur, Y. Hongseok, and J. H. Mary. Automated concolic testing of smartphone apps. In Proceedings of the ACM Symposium on Foundations of Software Engineering, FSE '12, March 2012.
28. A. Shabtai, U. Kanonov, Y. Elovici, C. Glezer, and Y. Weiss. "andromaly": a behavioral malware detection framework for android devices. J. Intell. Inf. Syst., 38(1):161-190, Feb. 2012.
29. B. Thomas, B. Leonid, S. Aubrey-Derrick, and A. C. Seyit. An android application sandbox system for suspicious software detection. In Malicious and Unwanted Software (MALWARE), 2010 5th International Conference on, Malware '10, pages 55-62, 2012.
30. X. J. Yajin Zhou. Dissecting android malware: Characterization and evolution. Security and Privacy, IEEE Symposium on, 0:95-109, 2012.
31. W. Zhou, Y. Zhou, X. Jiang, and P. Ning. Detecting repackaged smartphone applications in third-party android marketplaces. In Proceedings of the second ACM conference on Data and Application Security and Privacy, CODASPY '12, pages 317-326, New York, NY, USA, 2012. ACM.