Design and implementation of an android host-based intrusion prevention system

ACM International Conference Proceeding Series

Volumn 2014-December, Issue December, 2014, Pages 226-235

  Sun, Mingshen ^a   Zheng, Min ^a   Lui, John C S ^a   Jiang, Xuxian ^a  

^a CHINESE UNIVERSITY OF HONG KONG   (Hong Kong)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER CRIME; INTRUSION DETECTION; MALWARE; MERCURY (METAL); PERSONAL COMPUTING; SECURITY OF DATA; SECURITY SYSTEMS;

ANDROID MALWARE; ANDROID SYSTEMS; DESIGN AND IMPLEMENTATIONS; HOST-BASED INTRUSION PREVENTION SYSTEMS; INTRUSION PREVENTION; MOBILE MARKETS; PRIVACY LEAKAGES; RUN-TIME INFORMATION;

ANDROID (OPERATING SYSTEM);

EID: 84954568667     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2664243.2664245     Document Type: Conference Paper

References (65)

1. 360 one click root. http://shuaji.360.cn/root/index.html.
2. Android Malware Genome Project. http://malgenomeproject.org.
3. APKfuscator. https://github.com/strazzere/APKfuscator.
4. Apktool. https://code.google.com/p/android-apktool/.
5. App Shield. http://www.wandoujia.com/apps/com.gmail.exathink.appshield.
6. Aurora Softworks quadrant standard edition. https://play.google.com/store/apps/details?id=com. aurorasoftworks.quadrant.ui.standard.
7. cyanogenmod. http://www.cyanogenmo d.org.
8. DroidBox. https://code.google.com/p/droidbox/.
9. Jinshan mobile duba. http://m.duba.net/.
10. Lbe secrity guard. http://www.lbesec.com/.
11. mobile malware mini dump. http://contagiominidump.blogspot.com/.
12. monkey. http://developer.android.com/tools/help/monkey.html.
13. Qihoo 360 mobile guard. http://sho uji.360.cn/.
14. smali/baksmali. https://code.google.com/p/smali/.
15. K. W. Y. Au, Y. F. Zhou, Z. Huang, and D. Lie. Pscout: Analyzing the android permission specification. In CCS, 2012.
16. S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A.-R. Sadeghi, and B. Shastry. Towards taming privilege-escalation attacks on android. In NDSS, 2012.
17. S. Bugiel, S. Heuser, and A.-R. Sadeghi. Flexible and fine-grained mandatory access control on android for diverse security and privacy policies. In USENIX Security, 2013.
18. I. Burguera , U. Zurutuza, and S. Nadjm-Tehrani. CrowDroid: Behavior-based malware detection system for android. In Proc. of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, 2011.
19. S. Chakradeo, B. Reaves, P. Traynor, and W. Enck. MAST: Triage for market-scale mobile malware analysis. In ACM WiSec, 2013.
20. E. Chin, A. P. Felt, K. Greenwood, and D. Wagner. Analyzing inter-application communication in android. In MobiSys, 2011.
21. B. Davis and H. Chen. RetroSkeleton: Retrofitting android apps. In MobiSys, 2013.
22. M. Dietz, S. Sh ekhar, Y. Pisetsky, A. Shu, and D. S. Wallach. QUIRE: Lightweight provenance for smart phone operating systems. In USENIX Security, 2011.
23. M. Egele, C. Kruegel, E. Kirda, and G. Vigna. PiOS: Detecting privacy leaks in ios applications. In NDSS, 2011.
24. W. Enck P. Gilbert B.-G. Chun L. P. Cox J. Jung P. McDaniel A. N Sheth. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. OSDI 2010.
25. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A study of android application security. In USENIX Security, 2011.
26. F-Secure. Threat report h2 2013.
27. A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android permissions demystified. In CCS, 2011.
28. A. P. Felt, H. J. Wang, A. Moshchuk, S. Hanna, and E. Chin. Permission re-delegation: Attacks and defenses. In USENIX Security, 2011.
29. J. Forristal. Android: One root to own them all. In Blackhat USA 2013, 2013.
30. Google. Platform versions. http://developer.android.com/about/dashboards/index.html.
31. M. Grace, Y. Zhou, Z. Wang, and X. Jiang. Systematic detection of capability leaks in stock android smartphones. In NDSS, 2012.
32. M. Grace, Y. Zhou, Q. Zhang, S. Zou, and X. Jiang. RiskRanker: Scalable and accurate zero-day android malware detection. In MobiSys, 2012.
33. M. C. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi. Unsafe exposure analysis of mobile in-app advertisements. In WiSec, 2012.
34. N. Harbour. Win at reversing: Api tracing and sandboxing through inline hooking. In DEFCON, 2009.
35. IDC. Apple cedes market share in smartphone operating system market as android surges and windows phone gains. http://www.idc.com/getdoc.jsp?containerId=prUS24257413.
36. L. Lu, Z. Li, Z. Wu, W. Lee, and G. Jiang. CHEX: Statically vetting android apps for component hijacking vulnerabilities. In CCS, 2012.
37. T. Luo, H. Hao, W. Du, Y. Wang, and H. Yin. Attacks on webview in the android system. In ACSAC, 2011.
38. W. Luo, S. Xu, and X. Jian g. Real-time detection and prevention of android sms permission abuses. In Proc. of the first international workshop on Security in embedded systems and smartphones, 2013.
39. McAfee Labs. McAfee threats report: Sec ond quarter 2013. Technical report, McAfee Labs, 2013.
40. C. Mulliner. Android DDI: Introduction to dynamic dalvik instrumentation. In The 11th Annual HITB Security Conference in ASIA, 2013.
41. C. Mulliner, J. Oberheide, W. Robertson, and E. Kirda. Patchdroid: Scalable third-party security patches for android devices. In ACSAC, 2013.
42. N. Nethercote and J. Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. ACM Sigplan Notices.
43. J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. Internet Society, 2005.
44. P. Olson. Your smartphone is hackers' next big target. http://edition.cnn.com/2013/08/26/opinion/olson-mobile-hackers, August 2013.
45. A. Police. App Ops: Android 4.3's hidden app permission manager, control permissions for individual apps.
46. N. Provos. Improving host security with system call policies. In USENIX Security, 2003.
47. V. Rastogi, Y. Chen, and W. Enck. AppsPlayground: Automatic security analysis of smartphone applications. In CODASPY, 2013.
48. V. Rastogi, Y. Chen, and X. Jiang. DroidChameleon: Evaluating android anti-malware against transformation attacks. In ASIACCS, 2013.
49. G. Russello, A. B. Jimenez, H. Naderi, and W. van der Mark. Firedroid: Hardening security in almost-stock android. In ACSAC, 2013.
50. T. Strazzere. Dex education: Practicing safe dex. In Blackhat USA 2012, 2012.
51. T. Wang, K. Lu, L. Lu, S. Chung, and W. Lee. Jekyll on iOS: When benign apps become evil. In USENIX Security, 2013.
52. L.Wu, M. Grace, Y. Zhou, C. Wu, and X. Jiang. The impact of vendor customizations on android security. In CCS, 2013.
53. xda-developers. PDroid. http://forum.xda-developers.com/showthread.php?t=1357056.
54. R. Xu, H. Sä?di, and R. Anderson. Aurasium: Practical policy enforcement for android applications. In USENIX Security, 2012.
55. L. K. Yan and H. Yin. DroidScope: Seamlessly reconstructing the os and dalvik semantic views for dynamic android malware analysis. In USENIX Security, 2012.
56. Z. Yang, M. Yang, Y. Zhang, G. Gu, P. Ning, and X. S. Wang. AppIntent: Analyzing sensitive data transmission in android for privacy leakage detection. In CCS, 2013.
57. Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. Wang, and B. Zang. Vetting undesirable behaviors in android apps with permission use analysis. In CCS, 2013.
58. C. Zheng, S. Zhu, S. D ai, G. Gu, X. Gong, X. Han, and W. Zou. Smartdroid: An automatic system for revealing ui-based trigger conditions in android applications. In Proc. of the second ACM workshop on Security and privacy in smartphones and mo bile devices, 2012.
59. M. Zheng, P. P. C. Lee, and J. C. S. Lui. ADAM: An automatic and extensible platform to stress test android anti-virus systems. In DIMVA, 2013.
60. M. Zheng, M. Sun, and J. Lui. DroidRay: A security evaluation system for customized android firmwares. In ASIACCS, 2014.
61. M. Zheng, M. Sun, and J. C. S. Lui. DroidAnalytics: A signature based analytic system to collect, extract, analyze and associate android malware. In TrustCom, 2013.
62. W. Zhou, Y. Zhou, X. Jiang, and P. Ning. Detect ing repackaged smartphone applications in third-party android marketplaces. In Proc. of the second ACM conference on Data and Application Security and Privacy, 2012.
63. Y. Zhou and X. Jiang. Dissecting and roid malware: Characterization and evolution. In IEEE Symposium on Security and Privacy, 2012.
64. Y. Zhou and X. Jiang. Detecting passive content leaks and pollution in android applications. In NDSS, 2013.
65. Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In NDSS, 2012.