The company you keep: Mobile malware infection rates and inexpensive risk indicators

WWW 2014 - Proceedings of the 23rd International Conference on World Wide Web

Volumn , Issue , 2014, Pages 39-49

  Truong, Hien Thi Thu ^a   Lagerspetz, Eemil ^a,b   Nurmi, Petteri ^a,b   Oliner, Adam J ^d   Tarkoma, Sasu ^a,b   Asokan, N ^a,c   Bhattacharya, Sourav ^a,b  

^a UNIVERSITY OF HELSINKI   (Finland)

^b HELSINKI INSTITUTE FOR INFORMATION TECHNOLOGY   (Finland)

^c AALTO UNIVERSITY   (Finland)

^d UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

Android; Infection rate; Malware detection; Mobile malware

Indexed keywords

ANDROID (OPERATING SYSTEM); MALWARE;

ANDROID; APPLICATION STORES; INDEPENDENT SOURCES; INDIRECT MEASUREMENTS; INFECTION RATES; MALWARE DETECTION; MOBILE MALWARE; MONITORING AND ANALYSIS;

MOBILE SECURITY;

EID: 84907413882     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2566486.2568046     Document Type: Conference Paper

References (30)

1. D. Barrera, J. Clark, D. McCarney, and P. C. van Oorschot. Understanding and improving app installation security mechanisms through empirical analysis of android. In Proc. the second ACM workshop on Security and privacy in smartphones and mobile devices, SPSM'12, pages 81-92. ACM, 2012.
2. I. Burguera, U. Zurutuza, and S. Nadjm-Tehrani. Crowdroid: behavior-based malware detection system for android. In Proc. the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pages 15-26. ACM, 2011.
3. M. Chandramohan and H. B. K. Tan. Detection of mobile malware in the wild. Computer, 45(9):65-71, 2012.
4. P. H. Chia, Y. Yamamoto, and N. Asokan. Is this app safe?: a large scale study on application permissions and risk signals. In Proc. the 21st international conference on World Wide Web, WWW '12, pages 311-320. ACM, 2012.
5. Damballa Labs. Damballa threat report - first half 2011. Technical report, 2011. https://www.damballa.com/downloads/r-pubs/Damballa-Threat- Report-First-Half-2011.pdf.
6. A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner. A survey of mobile malware in the wild. In Proc. the 1st ACM workshop on Security and privacy in smartphones and mobile devices, SPSM'11, pages 3-14. ACM, 2011.
7. J. Hoffmann, S. Neumann, and T. Holz. Mobile malware detection based on energy fingerprints - a dead end? In RAID, 2013.
8. H. Kim, J. Smith, and K. G. Shin. Detecting energy-greedy anomalies and mobile malware variants. In Proc. the 6th international conference on Mobile systems, applications, and services, MobiSys '08, pages 239-252. ACM, 2008.
9. K. Kostiainen, E. Reshetova, J.-E. Ekberg, and N. Asokan. Old, new, borrowed, blue: a perspective on the evolution of mobile platform security architectures. In First ACM Conference on Data and Application Security and Privacy, pages 13-24. ACM, 2011.
10. B. Krebs. Mobile Malcoders Pay to Google Play, Mar. 2013. http://krebsonsecurity.com/2013/03/mobile-malcoders-pay-to-google-play/.
11. C. Lever, M. Antonakakis, B. Reeves, P. Traynor, and W. Lee. The core of the matter: Analyzing malicious traffic in cellular carriers. In Proc. the 2013 Network and Distributed Systems Security Conference (NDSS 2013). Internet Society, 2013.
12. Lookout Mobile. 2013 mobile threat predictions, Dec 2012. https://blog.lookout.com/blog/2012/12/13/2013-mobile-threat-predictions/.
13. Lookout Mobile. Lookout tours the current world of mobile threats. Lookout blog, June 2013. https://blog.lookout.com/blog/2013/06/05/world-current-of-mobile-threats/.
14. R. McGarvey. Threat of the week: Mobile malware, menace or myth? CreditUnion Times, Apr. 2013.
15. NQMobile. Mobile malware up 163% in 2012, getting even smarter in 2013. PRNEwsWire, 2013. http://ir.nq.com/phoenix.zhtml?c=243152&p=irol-newsArticle&id=1806588.
16. A. J. Oliner, A. P. Iyer, I. Stoica, E. Lagerspetz, and S. Tarkoma. Carat: Collaborative energy diagnosis for mobile devices. In Proc. 11th ACM Conference on Embedded Networked Sensor Systems, Nov 2013.
17. L. Page. Update from the CEO, Mar. 2013. http://googleblog.blogspot.fi/2013/03/update-from-ceo.html.
18. A. Pathak, A. Jindal, Y. C. Hu, and S. Midkiff. What is keeping my phone awake? Characterizing and detecting no-sleep energy bugs in smartphone apps. In Mobisys, 2012.
19. S. M. Patterson. Contrary to what you've heard, Android is almost impenetrable to malware, Oct 2013. http://qz.com/131436/contrary-to-what-youve-heard-android-is-almost-impenetrable-to-malware/.
20. V. Paxson. Bro: a system for detecting network intruders in real-time. In Computer Networks, volume 31, 1999.
21. G. Portokalidis, P. Homburg, K. Anagnostakis, and H. Bos. Paranoid android: versatile protection for smartphones. In Proc. the 26th Annual Computer Security Applications Conference, ACSAC '10, pages 347-356, New York, NY, USA, 2010. ACM.
22. M. M. Sebring and R. A. Whitehurst. Expert systems in intrusion detection: a case study. In National Computer Security Conference, 1988.
23. M. Spreitzenbarth, F. Echtler, T. Schrek, F. C. Freiling, and J. Hoffman. MobileSandbox: looking deeper into android applications. In Proc. the 28th ACM Symposium on Applied Computing (SAC), 2013.
24. C. Sumner and R. Wald. Predicting susceptibility to social bots on twitter. BlackHat US presentation. https://media.blackhat.com/us-13/US-13-Sumner-Predicting- Susceptibility-to-Social-Bots-on-Twitter-Slides.pdf.
25. Trend Labs. Trojanized security tool serves as backdoor app, Mar 2011. http://blog.trendmicro.com/trendlabs-security-intelligence/trojanized-security-tool-serves-as-backdoor-app/.
26. H. T. T. Truong, E. Lagerspetz, P. Nurmi, A. J. Oliner, S. Tarkoma, N. Asokan, and S. Bhattacharya. The Company You Keep: Mobile Malware Infection Rates and Inexpensive Risk Indicators. CoRR, abs/1312.3245, 2013. http://arxiv.org/abs/1312.3245.
27. C. Wagner, S. Mitter, C. Körner, and M. Strohmaier. When social bots attack: Modeling susceptibility of users in online social networks. In 2nd workshop on Making Sense of Microposts at WWW2012, 2012.
28. L. Yang, V. Ganapathy, and L. Iftode. Enhancing mobile malware detection with social collaboration. In Privacy, Security, Risk and Trust (PASSAT), IEEE Third International Conference on Social Computing (SocialCom), pages 572-576, 2011.
29. Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In 2012 IEEE Symposium on Security and Privacy (SP), pages 95-109, 2012.
30. Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In Proc. the 2012 Network and Distributed Systems Security Conference (NDSS 2012), Feb. 2012.