Exposing software security and availability risks for commercial mobile devices

Proceedings - Annual Reliability and Maintainability Symposium

Volumn , Issue , 2013, Pages

  Johnson, Ryan ^a   Wang, Zhaohui ^a   Stavrou, Angelos ^a   Voas, Jeff ^b  

^a Krasnow Institute for Advanced Study   (United States)

^b NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY   (United States)

Author keywords

Android; Dynamic analysis; Execution coverage; Software reliability

Indexed keywords

ANDROID; DATA EXFILTRATION; EXECUTION COVERAGE; HAND HELD DEVICE; HARDWARE SECURITY; MOBILE APPLICATIONS; ON-LINE APPLICATIONS; SOFTWARE SECURITY;

DYNAMIC ANALYSIS; MAINTAINABILITY; PERSONAL COMPUTERS; ROBOTS; SOFTWARE RELIABILITY;

MOBILE DEVICES;

EID: 84879359136     PISSN: 0149144X     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/RAMS.2013.6517735     Document Type: Conference Paper

References (16)

1. M. I. Sharif, A. Lanzi, J. T. Giffin, and W. Lee, "Impeding Malware Analysis Using Conditional Code Obfuscation," in Network and Distributed System Security Symposium (NDSS), 2008.
2. B. Chess and G. McGraw. Static analysis for security. IEEE Security and Privacy, 2(6):76-79, 2004.
3. A. Moser, C. Kruegel, and E. Kirda. Limits of Static Analysis for Malware Detection. In ACSAC, pages 421-430. IEEE Computer Society, 2007.
4. J. Wilhelm and T. Chiueh. A Forced Sampled Execution Approach to Kernel Rootkit Identification. In Proceedings of the Symposium on Recent Advances in Intrusion Detection, 2007.
5. Liang Xu, Fangqi Sun, and Zhendong Su. Constructing precise control flow graphs from binaries. Technical report CSE-2009-27, Department of Computer Science, UC Davis, 2009.
6. S. Lu, P. Zhou, W. Liu, Y. Zhou, and J. Torrellas. PathEx-pander: Architectural Support for Increasing the Path Coverage of Dynamic Bug Detection. In Proceedings of the 39th Annual IEEE/ACM International Symposium on Micro-architecture (MICRO), 2006.
7. D. Brumley, C. Hartwig, Z. Liang, J. Newsome, D. Song, and H. Yin. Automatically identifying trigger-based behavior in malware. Botnet Detection, 2008.
8. A. Moser, C. Kruegel, and E. Kirda. Exploring multiple execution paths for malware analysis. In Proceedings of the 2007 IEEE Symposium on Security and Privacy(Oakland'07), May 2007.
9. A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android permissions demystified. In Proceedings of the 18th ACM conference on Computer and Communications Security, CCS 11, pages 627-638, New York, NY, USA, 2011.
10. smali-An assembler/disassembler for Android's dex format. http://code.google.com/p/smali/.
11. Bytecode for the Dalvik VM. http://source.android.com/tech/dalvik/ dalvikbytecode. html.
12. W. Enck, P. Gilbert, B. gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: An informationflow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th Usenix Symposium on Operating Systems Design and Implementation, pages 393-408, August 2010.
13. M. Neugschwandtner, P. M. Comparetti, and C. Platzer. Detecting malware's failover C&C strategies with squeeze. In Proceedings of the Annual Computer Security Applications Conference (ACSAC), pages 21-30, 2011.
14. Application Fundamentals|Android Developers. http://developer.android. com/guide/topics/fundamentals.h tm.
15. Takamasa Isohara, Keisuke Takemori, Ayumu Kubota: Kernel-based Behavior Analysis for Android Malware Detection. CIS 2011, pp.1011-1015.
16. Yajin Zhou, Xuxian Jiang, Dissecting Android Malware: Characterization and Evolution. IEEE Symposium on Security and Privacy, 2012, pp.95-109.