Dissecting Android malware: Characterization and evolution

Proceedings - IEEE Symposium on Security and Privacy

Volumn , Issue , 2012, Pages 95-109

  Zhou, Yajin ^a   Jiang, Xuxian ^a  

^a North Carolina State University   (United States)

Author keywords

Android malware; smartphone security

Indexed keywords

ANDROID (OPERATING SYSTEM); MOBILE SECURITY; SMARTPHONES;

ANDROID MALWARE; ANDROID PLATFORMS; DEFENSE CAPABILITY; EFFECTIVE SOLUTION; MOBILE MALWARE; POPULAR PLATFORM; PRESSUNG; RAPID GROWTH; SMART PHONES; SMARTPHONE SECURITIES;

ANDROID MALWARE;

EID: 84878368035     PISSN: 10816011     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SP.2012.16     Document Type: Conference Paper

References (58)

1. (2011) Smartphone Shipments Tripled Since '08. Dumb Phones Are Flat. http://tech.fortune.cnn.com/2011/11/01/smartphone-shipments-tripled-since-08- dumb-phones-areflat.
2. Number of the Week: at Least 34% of Android Malware Is Stealing Your Data. http://www.kaspersky.com/about/news/virus/2011/Number-of-the-Week-at- Least-34-of-Android-Malware-Is-Stealing-Your-Data.
3. Malicious Mobile Threats Report 2010/2011. http://www.juniper.net/us/en/ company/press-center/press-releases/2011/pr-2011-05-10-09-00.html.
4. Security Alert: AnserverBot, New Sophisticated Android Bot Found in Alternative Android Markets. http://www.csc.ncsu.edu/faculty/jiang/AnserverBot/.
5. Security Alert: New Stealthy Android Spyware - Plankton - Found in Official Android Market. http://www.csc.ncsu.edu/faculty/jiang/Plankton/.
6. Lookout Mobile Security. https://www.mylookout.com/.
7. NetQin Mobile Security. http://www.netqin.com/en/.
8. AVG Mobilation. http://free.avg.com/us-en/antivirus-for-android.tpl-crp.
9. Symantec. http://www.symantec.com/.
10. Fortinet. http://www.fortinet.com/.
11. TrendMicro. http://www.virustotal.com/.
12. Security Alerts. http://www.csc.ncsu.edu/faculty/jiang/.
13. One Year Of Android Malware (Full List). http://paulsparrows.wordpress. com/2011/08/11/one-year-of-android-malware-full-list/.
14. Security Alert: New DroidKungFu Variant - AGAIN! - Found in Alternative Android Markets. http://www.csc.ncsu.edu/faculty/jiang/DroidKungFu3/.
15. Android.Bgserv Found on Fake Google Security Patch. http://www.symantec. com/connect/blogs/androidbgserv-found-fake-google-security-patch.
16. WAPS. http://www.waps.cn/.
17. GGTracker Technical Tear Down. http://blog.mylookout.com/wp-content/ uploads/2011/06/GGTracker-TeardownLookout-Mobile-Security.pdf.
18. Malicious QR Codes Pushing Android Malware. https://www.securelist.com/ en/blog/208193145/Its-time-for-malicious-QR-codes.
19. First SpyEye Attack on Android Mobile Platform now in the Wild. https://www.trusteer.com/blog/first-spyeye-attack-android-mobile-platform-now- wild.
20. ZeuS-in-the-Mobile - Facts and Theories. http://www.securelist.com/en/ analysis/204792194/ZeuS-in-the-Mobile-Facts-and-Theories.
21. QR code. http://en.wikipedia.org/wiki/QR-code.
22. Using QR tags to Attack SmartPhones (Attaging). http://kaoticoneutral. blogspot.com/2011/09/using-qr-tags-to-attack-smartphones-10.html.
23. Asroot. http://milw0rm.com/sploits/android-root-20090816.tar.gz.
24. android trickery. http://c-skills.blogspot.com/2010/07/android-trickery. html.
25. Droid2. http://c-skills.blogspot.com/2010/08/droid2.html.
26. Zimperlich sources. http://c-skills.blogspot.com/2011/02/zimperlich- sources.html.
27. adb trickery #2. http://c-skills.blogspot.com/2011/01/adb-trickery-again. html.
28. yummy yummy, GingerBreak! http://c-skills.blogspot.com/2011/04/yummy- yummy-gingerbreak.html.
29. Revolutionary - zergRush local root 2.2/2.3. http://forum.xdadevelopers. com/showthread.php?t=1296916.
30. Security Alert: New Sophisticated Android Malware Droid-KungFu Found in Alternative Chinese App Markets. http://www.csc.ncsu.edu/faculty/jiang/ DroidKungFu.html.
31. LeNa (Legacy Native) Teardown. http://blog.mylookout. com/wp-content/uploads/2011/10/LeNa-Legacy-Native-Teardown-Lookout-Mobile- Security1.pdf.
32. DroidKungFu Utilizes an Update Attack. http://www.f-secure.com/weblog/ archives/00002259.html.
33. An Analysis of the AnserverBot Trojan. http://www.csc.ncsu.edu/faculty/ jiang/pubs/AnserverBot-Analysis.pdf.
34. W. Enck, P. Gilbert, B.-g. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, "TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones," in Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, 2010.
35. M. Egele, C. Kruegel, E. Kirda, and G. Vigna, "PiOS: Detecting Privacy Leaks in iOS Applications," in Proceedings of the 18th Annual Symposium on Network and Distributed System Security, 2011.
36. E. Chin, A. P. Felt, K. Greenwood, and D. Wagner, "Analyzing Inter-Application Communication in Android," in 9th Annual International Conference on Mobile Systems, Applications, and Services, 2011.
37. A. P. Felt, H. J. Wang, A. Moshchuk, S. Hanna, and E. Chin, "Permission Re-Delegation: Attacks and Defenses," in Proceedings of the 20th USENIX Security Symposium, 2011.
38. M. Grace, Y. Zhou, Z. Wang, and X. Jiang, "Systematic Detection of Capability Leaks in Stock Android Smartphones," in Proceedings of the 19th Annual Symposium on Network and Distributed System Security, 2012.
39. N. Hardy, "The Confused Deputy: (or why capabilities might have been invented)," ACM SIGOPS Operating Systems Review, vol. 22, October 1998.
40. M. Dietz, S. Shekhar, Y. Pisetsky, A. Shu, and D. S. Wallach, "QUIRE: Lightweight Provenance for Smart Phone Operating Systems," in Proceedings of the 20th USENIX Security Symposium, 2011.
41. S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A.-R. Sadeghi, and B. Shastry, "Towards Taming Privilege-Escalation Attacks on Android," in Proceedings of the 19th Annual Symposium on Network and Distributed System Security, 2012.
42. A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner, "Android Permissions Demystied," in Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011.
43. S. Schrittwieser, P. Frhwirt, P. Kieseberg, M. Leithner, M. Mulazzani, M. Huber, and E. Weippl, "Guess Who's Texting You? Evaluating the Security of Smartphone Messaging Applications," in Proceedings of the 19th Annual Symposium on Network and Distributed System Security, 2012.
44. P. Traynor, M. Lin, M. Ongtang, V. Rao, T. Jaeger, P. McDaniel, and T. L. Porta, "On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core," in Proceedings of the 16th ACM Conference on Computer and Communications Security, 2009.
45. M. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi, "Unsafe Exposure Analysis of Mobile In-App Advertisements," in Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2012.
46. M. Nauman, S. Khan, and X. Zhang, "Apex: Extending Android Permission Model and Enforcement with User-Defined Runtime Constraints," in Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, 2010.
47. A. R. Beresford, A. Rice, N. Skehin, and R. Sohan, "Mock-Droid: Trading Privacy for Application Functionality on Smartphones," in Proceedings of the 12th International Workshop on Mobile Computing System and Applications, 2011.
48. Y. Zhou, X. Zhang, X. Jiang, and V. W. Freeh, "Taming Information-Stealing Smartphone Applications (on Android)," in Proceeding of the 4th International Conference on Trust and Trustworthy Computing, 2011.
49. P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall, "These Aren't the Droids You're Looking For: Retrofitting Android to Protect Data from Imperious Applications," in Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011.
50. M. Ongtang, S. McLaughlin, W. Enck, and P. McDaniel, "Semantically Rich Application-Centric Security in Android," in Proceedings of the 25th Annual Computer Security Applications Conference.
51. W. Enck, M. Ongtang, and P. McDaniel, "On Lightweight Mobile Phone Application Certification," in Proceedings of the 16th ACM Conference on Computer and Communications Security, 2009.
52. M. Lange, S. Liebergeld, A. Lackorzynski, A. Warg, and M. Peter, "L4Android: A Generic Operating System Framework for Secure Smartphones," in Proceedings of the 1st Workshop on Security and Privacy in Smartphones and Mobile Devices, 2011.
53. J. Andrus, C. Dall, A. Van't Hof, O. Laadan, and J. Nieh, "Cells: A Virtual Mobile Smartphone Architecture," in Proceedings of the 23rd ACM Symposium on Operating Systems Principles, 2011.
54. A. Porter Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, "A Survey of Mobile Malware In The Wild," in Proceedings of the 1st Workshop on Security and Privacy in Smartphones and Mobile Devices, 2011.
55. M. Becher, F. C. Freiling, J. Hoffmann, T. Holz, S. Uellenbeck, and C. Wolf, "Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices," in Proceedings of the 32nd IEEE Symposium on Security and Privacy, 2011.
56. Y. Zhou, Z. Wang, W. Zhou, and X. Jiang, "Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets," in Proceedings of the 19th Annual Symposium on Network and Distributed System Security, 2012.
57. W. Zhou, Y. Zhou, X. Jiang, and P. Ning, "DroidMOSS: Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces," in Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy, 2012.
58. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri, "A Study of Android Application Security," in Proceedings of the 20th USENIX Security Symposium, 2011.