Detecting mobile malware threats to homeland security through static analysis

Journal of Network and Computer Applications

Volumn 38, Issue 1, 2014, Pages 43-53

  Seo, Seung Hyun ^a   Gupta, Aditi ^a   Sallam, Asmaa Mohamed ^a   Bertino, Elisa ^a   Yim, Kangbin ^b  

^a Purdue University   (United States)

^b Soonchunhyang University   (South Korea)

Author keywords

Android OS; Homeland security; Mobile malware; Smartphone

Indexed keywords

ANDROID (OPERATING SYSTEM); COMPUTER CRIME; MALWARE; NATIONAL SECURITY; PERSONAL COMPUTING; SECURITY SYSTEMS; SMARTPHONES; STATIC ANALYSIS; TRACKING (POSITION);

ANDROID APPS; ANDROID OSSA; ATTACK SCENARIOS; FLIGHT TRACKING; MOBILE MALWARE; REMOTE SERVERS;

MOBILE SECURITY;

EID: 84897594353     PISSN: 10848045     EISSN: 10958592     Source Type: Journal    
DOI: 10.1016/j.jnca.2013.05.008     Document Type: Article

References (37)

1. ADRD, 〈http://www.f-secure.com/weblog/archives/00002100.html/〉.
2. Albright D, Brannan P, Walrond C. Stuxnet Malware and Natanz: update of ISIS December 22, 2010 Report.
3. Android Malware Genome Project, 〈http://www.malgenomeproject.org/ 〉.
4. 260,000 Android users infected with malware, infosecurity; March 2011. 〈http://www.infosecurity-magazine.com/view/16526〉.
5. Burguera I, Zurutuza U, Nadjm-Tehrani S. Crowdroid: behavior-based malware detection system for android, SPSM'11, ACM; 2011.
6. Busybox, 〈http://www.busybox.net/about.html/〉.
7. Chin E, Felt AP, Greenwood K, Wagner D. Analyzing inter-application communication in Android, MobiSys'11; 2011. p. 239-52.
8. Cyber terror against NH, 〈http://www.koreatimes.co.kr/www/news/ opinon/2012/09/202-86425.html/〉.
9. Dedexer, 〈http://dedxer.sourceforge.net/〉.
10. DroidKungFu, 〈http://www.smrtguard.com/resource/droid-kung-fu/ 〉.
11. Enck W, Ongtang M, McDaniel P. On lightweight mobile phone application certification. In: Proceedings of the 16th ACM conference on computer and communications security, CCS'09; 2009.
12. Enck W, Gilbert P, Chun B-G, Cox LP, Jung J, Mc-Daniel P, et al. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. USENIX OSDI; 2010.
13. Enck W, Octeau D, McDaniel P, Chaudhuri S. A study of android application security, SEC'11, USENIX security symposium; August 2011. p. 21-37.
14. Felt AP, Chin E, Hanna S, Song D, Wagner D. Android permissions demystified, CCS'11, ACM; 2011. p. 627-38.
15. Felt AP, Finifter M, Chin E, Wagner D. A survey of mobile malware in the wild. In: ACM workshop on security and privacy in mobile devices (SPSM), ACM; 17 October, 2011. p. 3-14.
16. Fisher D. GingerMaster malware seen using root exploit for Android Gingerbread. threatpost; August 2011.
17. FlightAware, 〈http://www.flightaware.com/〉.
18. FlightTrader, 〈http://www.flightradar24.com/〉.
19. Foncy, 〈http://code.google.com/p/androguard/wiki/ AndroidMalwareAnalysis/〉.
20. Grace M, Zhou Y, Wang Z, Jiang X. Systematic detection of capability leaks in stock android smartphones, NDSS'12; 2012.
21. Grace MC, Zhou W, Jiang X, Sadeghi AR. Unsafe exposure analysis of mobile in-app advertisements. In: WiSec'12. ACM; 2012. p. 101-12.
22. Grace M, Zhou Y, Zhang Q, Zou S, Jiang X. RiskRanker: scalable and accurate zero-day android malware detection. In: MobiSys'12; 2012.
23. HippoSMS, 〈http://www.csc.ncsu.edu/faculty/jiang/HippoSMS/〉.
24. Homeland Security News Wire, Smartphones makes military networks vulnerable; March 2011.
25. JackeeyWallpaper, 〈http://www.intomobile.com/2010/07/29/downloaded- jackeey-wallpaper-for-android-your-personal-information-is-now-on-some-chinese- server/〉.
26. Lange M, Liebergeld S, Lackorzynski A, Warg A, Peter M. L4Android: a generic operating system framework for secure smartphones. In: SPSM'11: ACM; 2011.
27. Malicious Banking App Found in the Android Marketplace; January 2010. 〈http://www.phonearena.com/news/Malicious-banking-app-found-in-the-Android- Marketplace-id8744/〉.
28. McAfee, Threats report: second quarter 2011; 2011.
29. Pjapps, 〈http://www.symantec.com/security-response/writeup.jsp? docid=2011-022303-3344-99/〉.
30. PlaneFinder, 〈http://planefinder.net/〉.
31. RootSmart, 〈http://www.csc.ncsu.edu/faculty/jiang/RootSmart/〉.
32. SCADA, 〈http://en.wikipedia.org/wiki/SCADA/〉.
33. Schrittwieser Sebastian, Fruhwirt Peter, Kieseberg Peter, Leithner Manuel, Mulazzani Martin, Huber Markus, et al. Guess who's texting you? Evaluating the security of smartphone messaging applications: NDSS; 2012.
34. Zhou Y, Jiang X. Dissecting android malware: characterization and evolution. In: IEEE Symposium on Security and Privacy; May 2012. p. 95-109.
35. Zhou Wu, Zhou Yajin, Jiang Xuxian, Ning Peng. DroidMOSS: detecting repackaged smartphone applications in third-party android marketplaces. In: CODASPY; 2012.
36. Zhou Yajin, Wang Zhi, Zhou Wu, Jiang Xuxian. Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In: NDSS; 2012.
37. Zitmo, 〈http://www.securelist.com/en/blog/208193760/New-ZitMo-for- Android-and-Blackberry〉.