Mobile application impersonation detection using dynamic user interface extraction

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 9878 LNCS, Issue , 2016, Pages 217-237

  Malisa, Luka ^a   Kostiainen, Kari ^a   Och, Michael ^a   Capkun, Srdjan ^a  

^a ETH ZURICH   (Switzerland)

Author keywords

Impersonation; Mobile; Phishing; Repackaging; Visual

Indexed keywords

EXTRACTION; SECURITY OF DATA; SECURITY SYSTEMS;

IMPERSONATION; MOBILE; PHISHING; REPACKAGING; VISUAL;

USER INTERFACES;

EID: 84990032597     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-319-45744-4_11     Document Type: Conference Paper

References (41)

1. Android malware genome project. http://www.malgenomeproject.org
2. Amalfitano, D., Fasolino, A.R., Tramontana, P., De Carmine, S., Memon, A.M.: Using gui ripping for automated testing of android applications. In: International Conference on Automated Software Engineering (ASE) (2012)
3. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.: Drebin: effective and explainable detection of android malware in your pocket. In: Network and Distributed System Security (NDSS)
4. Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Le Traon, Y., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In: ACM SIGPLAN Notices, vol. 49, pp. 259-269. ACM (2014)
5. Azim, T., Neamtiu, I.: Targeted and depth-first exploration for systematic testing of android apps. In: ACM Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA) (2013)
6. Barrera, D., Kayacik, H.G., van Oorschot, P.C., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 73-84. ACM (2010)
7. Bianchi, A., Corbetta, J., Invernizzi, L., Fratantonio, Y., Kruegel, C., Vigna, G.: What the app. is that? deception and countermeasures in the android user interface. In: Symposium on Security and Privacy (SP) (2015)
8. Buchner, J.: https://pypi.python.org/pypi/ImageHash
9. Chen, K., Wang, P., Lee, Y., Wang, X., Zhang, N., Huang, H., Zou, W., Liu, P.: Finding unknown malice in 10 seconds: mass vetting for new threats at the google-play scale. In: USENIX Security Symposium (2015)
10. Datar, M., Immorlica, N., Indyk, P., Mirrokni, V.S.: Locality-sensitive hashing scheme based on p-stable distributions. In: Annual symposium on Computational Geometry (CG) (2004)
11. Datar, M., Immorlica, N., Indyk, P., Mirrokni, V.S.: Locality-sensitive hashing scheme based on p-stable distributions. In: Proceedings of the Twentieth Annual Symposium on Computational Geometry, pp. 253-262. ACM (2004)
12. Feng, Y., Anand, S., Dillig, I., Aiken, A.: Apposcopy: semantics-based detection of android malware through static analysis. In: Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering
13. Gilbert, P., Chun, B.-G., Cox, L.P., Jung, J.: Vision: automated security validation of mobile apps at app. markets. In: Proceedings of the Second International Workshop on Mobile Cloud Computing and Services, pp. 21-26. ACM (2011)
14. Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: Riskranker: scalable and accurate zero-day android malware detection. In: Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services
15. Griffin, K., Schneider, S., Hu, X., Chiueh, T.: Automatic generation of string signatures for malware detection. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 101-120. Springer, Heidelberg (2009)
16. Hanna, S., Huang, L., Wu, E., Li, S., Chen, C., Song, D.: Juxtapp: A scalable system for detecting code reuse among android applications. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol. 7591, pp. 62-81. Springer, Heidelberg (2013)
17. Kropp, M., Morales, P.: Automated gui testing on the android platform. In: International Conference on Testing Software and Systems (ICTSS) (2010)
18. Lin, Y.-D., Lai, Y.-C., Chen, C.-H., Tsai, H.-C.: Identifying android malicious repackaged applications by thread-grained system call sequences. Comput. Secur. 39, 340-350 (2013)
19. Malisa, L., Kostiainen, K., Capkun, S.: Detecting mobile application spoofing attacks by leveraging user visual similarity perception. Cryptology ePrint Archive, Report 2015/709 (2015). http://eprint.iacr.org
20. Memon, A., Banerjee, I., Nagarajan, A.: Gui ripping: reverse engineering of graphical user interfaces for testing. In: Working Conference on Reverse Engineering (WCRE) (2003)
21. Mutti, S., Fratantonio, Y., Bianchi, A., Invernizzi, L., Corbetta, J., Kirat, D., Kruegel, C., Vigna, G.: Baredroid: large-scale analysis of android apps on real devices. In: Proceedings of the 31st Annual Computer Security Applications Conference, pp. 71-80. ACM (2015)
22. Nguyen, B.N., Robbins, B., Banerjee, I., Memon, A.: Guitar an innovative tool for automated testing of gui-driven software. Autom. Softw. Eng. 21(1), 65-105 (2014)
23. Oberheide, J., Miller, C.: Dissecting the android bouncer. In: SummerCon (2012)
24. Rastogi, V., Chen, Y., Enck, W.: Appsplayground: automatic security analysis of smartphone applications. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 209-220. ACM (2013)
25. Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: andromaly: A behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161-190 (2012)
26. Stefanko, L.: Android Banking Trojan, March 2016. http://www.welivesecurity.com/2016/03/09/android-trojan-targets-online-banking-users
27. Sun, M., Li, M., Lui, J.: Droideagle: seamless detection of visually similar android apps. In: Conference on Security and Privacy in Wireless and Mobile Networks (Wisec) (2015)
28. Symantec. Will Your Next TV Manual Ask You to Run a Scan Instead of Adjusting the Antenna? April 2015. http://goo.gl/xh58UN
29. Tang, Z., Dai, Y., Zhang, X.: Perceptual hashing for color images using invariant moments. Appl. Math 6(2S), 643S-650S (2012)
30. Tikir, M.M., Hollingsworth, J.K.: Efficient instrumentation for code coverage testing. In: ACM International Symposium on Software Testing and Analysis (ISSTA) (2002)
31. Vidas, T., Tan, J., Nahata, J., Tan, C.L., Christin, N., Tague, P.: A5: automated analysis of adversarial android applications. In: Proceedings of the 4th ACMWorkshop on Security and Privacy in Smartphones & Mobile Devices
32. Yan, L.K., Yin, H.: Droidscope: seamlessly reconstructing the os and dalvik semantic views for dynamic android malware analysis. In: Presented as part of the 21st USENIX Security Symposium (USENIX Security 2012), pp. 569-584 (2012)
33. Yang, W., Prasad, M.R., Xie, T.: A grey-box approach for automated GUI-model generation of mobile applications. In: Cortellessa, V., Varró, D. (eds.) FASE 2013 (ETAPS 2013). LNCS, vol. 7793, pp. 250-265. Springer, Heidelberg (2013)
34. Zadgaonkar, H.: Robotium Automated Testing for Android. Packt Publishing, Birmingham (2013)
35. Zauner, C.: Implementation and benchmarking of perceptual image hash functions (2010)
36. Zhang, F., Huang, H., Zhu, S., Wu, D., Liu, P.: Viewdroid: towards obfuscationresilient mobile application repackaging detection. In: ACM Conference on Security and Privacy in Wireless and Mobile Networks (Wisec) (2014)
37. Zhang, Q., Reeves, D.S.: Metaaware: identifying metamorphic malware. In: Twenty-Third Annual Computer Security Applications Conference, ACSAC 2007, pp. 411-420. IEEE (2007)
38. Zhou, W., Zhou, Y., Grace, M., Jiang, X., Zou, S.: Fast, scalable detection of piggybacked mobile applications. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 185-196. ACM (2013)
39. Zhou, W., Zhou, Y., Jiang, X., Ning, P.: Detecting repackaged smartphone applications in third-party android marketplaces. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy
40. Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: IEEE Symposium on Security and Privacy (S&P), May 2012
41. Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In: NDSS (2012)