Apposcopy: Semantics-based detection of android malware through static analysis

Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering

Volumn 16-21-November-2014, Issue , 2014, Pages 576-587

  Feng, Yu ^a   Anand, Saswat ^b   Dillig, Isil ^a   Aiken, Alex ^b  

^a UNIVERSITY OF TEXAS AT AUSTIN   (United States)

^b STANFORD UNIVERSITY   (United States)

Author keywords

Android; Inter component call graph; Taint analysis

Indexed keywords

ALGORITHMS; APPLICATION PROGRAMS; COMPUTER CRIME; DATA FLOW ANALYSIS; FLOW GRAPHS; MALWARE; SEMANTICS; SOFTWARE ENGINEERING; STATIC ANALYSIS;

ANDROID; ANDROID APPLICATIONS; CALL GRAPHS; MALWARE FAMILIES; PROGRAM REPRESENTATIONS; SIGNATURE-MATCHING; TAINT ANALYSIS; USER INFORMATION;

ANDROID (OPERATING SYSTEM);

EID: 84986888961     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2635868.2635869     Document Type: Conference Paper

References (40)

1. Android malware genome project. http://www.malgenomeproject.org/.
2. ProGuard. http://proguard.sourceforge.net/.
3. Q2 IT evolution threat report. http://www.securelist.com/en/analysis/204792299/IT-Threat-Evolution-Q2-2013.
4. US homeland security report. http://info.publicintelligence.net/DHS-FBI-AndroidThreats.pdf.
5. VirusTotal. https://www.virustotal.com/en/.
6. Y. Aafer, W. Du, and H. Yin. DroidAPIMiner: Mining API-level features for robust malware detection in Android. In SecureComm, 2013.
7. L. O. Andersen. Program analysis and specialization for the C programming language. PhD thesis, University of Cophenhagen, 1994.
8. D. Arp, M. Spreitzenbarth, M. Hübner, H. Gascon, K. Rieck, and C. Siemens. Drebin: Effective and explainable detection of android malware in your pocket. 2014.
9. A. Bose, X. Hu, K. G. Shin, and T. Park. Behavioral detection of malware on mobile handsets. In MobiSys, pages 225-238, 2008.
10. S. Chakradeo, B. Reaves, P. Traynor, and W. Enck. Mast: triage for market-scale mobile malware analysis. In WISEC, pages 13-24, 2013.
11. K. Z. Chen, N. M. Johnson, V. D'Silva, S. Dai, K. MacNamara, T. Magrino, E. X. Wu, M. Rinard, and D. X. Song. Contextual policy enforcement in Android applications with permission event graphs. In NDSS, 2013.
12. E. Chin, A. P. Felt, K. Greenwood, and D. Wagner. Analyzing inter-application communication in Android. In MobiSys, pages 239-252, 2011.
13. M. Christodorescu, S. Jha, S. A. Seshia, D. X. Song, and R. E. Bryant. Semantics-aware malware detection. In Security and Privacy, pages 32-46, 2005.
14. J. Crussell, C. Gibler, and H. Chen. Attack of the clones: Detecting cloned applications on Android markets. In ESORICS, pages 37-54. 2012.
15. J. Crussell, C. Gibler, and H. Chen. Scalable semantics-based detection of similar Android applications. In ESORICS, 2013.
16. M. Egele, C. Kruegel, E. Kirda, and G. Vigna. Pios: Detecting privacy leaks in ios applications. In NDSS, 2011.
17. W. Enck, P. Gilbert, B. gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. Sheth. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI, pages 393-407, 2010.
18. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A study of android application security. In USENIX Security Symposium, 2011.
19. W. Enck, M. Ongtang, and P. D. McDaniel. On lightweight mobile phone application certification. In ACM Conference on Computer and Communications Security, pages 235-245, 2009.
20. C. Fritz, S. Arzt, S. Rasthofer, E. Bodden, A. Bartel, J. Klein, Y. le Traon, D. Octeau, and P. McDaniel. Highly precise taint analysis for android application. Technical report, EC SPRIDE Technical Report, 2013.
21. A. P. Fuchs, A. Chaudhuri, and J. S. Foster. SCanDroid: Automated Security Certification of Android Applications. Technical Report CS-TR-4991, Department of Computer Science, University of Maryland, College Park, November 2009.
22. H. Gascon, F. Yamaguchi, D. Arp, and K. Rieck. Structural detection of android malware using embedded call graphs. In AISec, pages 45-54, 2013.
23. C. Gibler, J. Crussell, J. Erickson, and H. Chen. AndroidLeaks: Automatically detecting potential privacy leaks in Android applications on a large scale. In TRUST, pages 291-307, 2012.
24. M. C. Grace, Y. Zhou, Q. Zhang, S. Zou, and X. Jiang. RiskRanker: scalable and accurate zero-day Android malware detection. In MobiSys, pages 281-294, 2012.
25. K. Griffin, S. Schneider, X. Hu, and T. cker Chiueh. Automatic generation of string signatures for malware detection. In RAID, pages 101-120, 2009.
26. J. Hoffmann, M. Ussath, T. Holz, and M. Spreitzenbarth. Slicing droids: program slicing for smali code. In SAC, pages 1844-1851, 2013.
27. X. Jiang. Security alert: New Android malware - GoldDream - found in alternative app markets. http://www.csc.ncsu.edu/faculty/jiang/GoldDream/, 2011.
28. G. Kastrinis and Y. Smaragdakis. Hybrid context-sensitivity for points- to analysis. In PLDI, pages 423-434, 2013.
29. L. Lu, Z. Li, Z. Wu, W. Lee, and G. Jiang. Chex: statically vetting android apps for component hijacking vulnerabilities. In ACM Conference on Computer and Communications Security, pages 229-240, 2012.
30. M. Might, Y. Smaragdakis, and D. V. Horn. Resolving and exploiting the k-cfa paradox: illuminating functional vs. object-oriented program analysis. In PLDI, pages 305-315, 2010.
31. A. Milanova, A. Rountev, and B. G. Ryder. Parameterized object sensitivity for points- to analysis for Java. TOSEM, 14(1):1-41, 2005.
32. D. Octeau, P. McDaniel, S. Jha, A. Bartel, E. Bodden, J. Klein, and Y. L. Traon. Effective inter-component communication mapping in Android with Epicc: An essential step towards holistic security analysis. In USENIX Security Symposium, 2013.
33. H. Peng, C. S. Gates, B. P. Sarma, N. Li, Y. Qi, R. Potharaju, C. Nita-Rotaru, and I. Molloy. Using probabilistic generative models for ranking risks of android apps. In ACM Conference on Computer and Communications Security, pages 241-252, 2012.
34. V. Rastogi, Y. Chen, and X. Jiang. DroidChameleon: evaluating Android anti-malware against transformation attacks. In ASIACCS, pages 329-334. ACM, 2013.
35. R. Vallée-Rai, P. Co, E. Gagnon, L. J. Hendren, P. Lam, and V. Sundaresan. Soot - a Java bytecode optimization framework. In CASCON, page 13, 1999.
36. J. Whaley, D. Avots, M. Carbin, and M. S. Lam. Using datalog with binary decision diagrams for program analysis. In APLAS, pages 97-118, 2005.
37. Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. S. Wang, and B. Zang. Vetting undesirable behaviors in android apps with permission use analysis. In ACM Conference on Computer and Communications Security, pages 611-622, 2013.
38. W. Zhou, Y. Zhou, M. C. Grace, X. Jiang, and S. Zou. Fast, scalable detection of "piggybacked" mobile applications. In CODASPY, pages 185-196, 2013.
39. W. Zhou, Y. Zhou, X. Jiang, and P. Ning. Detecting repackaged smartphone applications in third-party Android marketplaces. In CODASPY, pages 317-326, 2012.
40. Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In NDSS, 2012.