Automatically locating malicious packages in piggybacked Android apps

Automatically locating malicious packages in piggybacked Android apps

To devise efficient approaches and tools for detecting malicious packages in the Android ecosystem, researchers are increasingly required to have a deep understanding of malware. There is thus a need to provide a framework for dissecting malware and locating malicious program fragments within app co...

Full description

Saved in:
Bibliographic Details
Main Authors: LI, Li, LI, Daoyuan, BISSYANDE, Tegawende, KLEIN, Jacques, CAI, Haipeng, LO, David, LE TRAON, Yves
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2017
Subjects:
Information Security
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/3697
https://ink.library.smu.edu.sg/context/sis_research/article/4699/viewcontent/p170_li__1_.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-4699
record_format dspace
spelling sg-smu-ink.sis_research-46992017-11-15T02:47:03Z Automatically locating malicious packages in piggybacked Android apps LI, Li LI, Daoyuan BISSYANDE, Tegawende KLEIN, Jacques CAI, Haipeng LO, David LE TRAON, Yves To devise efficient approaches and tools for detecting malicious packages in the Android ecosystem, researchers are increasingly required to have a deep understanding of malware. There is thus a need to provide a framework for dissecting malware and locating malicious program fragments within app code in order to build a comprehensive dataset of malicious samples. Towards addressing this need, we propose in this work a tool-based approach called HookRanker, which provides ranked lists of potentially malicious packages based on the way malware behaviour code is triggered. With experiments on a ground truth set of piggybacked apps, we are able to automatically locate the malicious packages from piggybacked Android apps with an accuracy of 83.6% in verifying the top five reported items. 2017-07-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3697 info:doi/10.1109/MOBILESoft.2017.6 https://ink.library.smu.edu.sg/context/sis_research/article/4699/viewcontent/p170_li__1_.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Information Security
Software Engineering
spellingShingle Information Security
Software Engineering
LI, Li
LI, Daoyuan
BISSYANDE, Tegawende
KLEIN, Jacques
CAI, Haipeng
LO, David
LE TRAON, Yves
Automatically locating malicious packages in piggybacked Android apps
description To devise efficient approaches and tools for detecting malicious packages in the Android ecosystem, researchers are increasingly required to have a deep understanding of malware. There is thus a need to provide a framework for dissecting malware and locating malicious program fragments within app code in order to build a comprehensive dataset of malicious samples. Towards addressing this need, we propose in this work a tool-based approach called HookRanker, which provides ranked lists of potentially malicious packages based on the way malware behaviour code is triggered. With experiments on a ground truth set of piggybacked apps, we are able to automatically locate the malicious packages from piggybacked Android apps with an accuracy of 83.6% in verifying the top five reported items.
format text
author LI, Li
LI, Daoyuan
BISSYANDE, Tegawende
KLEIN, Jacques
CAI, Haipeng
LO, David
LE TRAON, Yves
author_facet LI, Li
LI, Daoyuan
BISSYANDE, Tegawende
KLEIN, Jacques
CAI, Haipeng
LO, David
LE TRAON, Yves
author_sort LI, Li
title Automatically locating malicious packages in piggybacked Android apps
title_short Automatically locating malicious packages in piggybacked Android apps
title_full Automatically locating malicious packages in piggybacked Android apps
title_fullStr Automatically locating malicious packages in piggybacked Android apps
title_full_unstemmed Automatically locating malicious packages in piggybacked Android apps
title_sort automatically locating malicious packages in piggybacked android apps
publisher Institutional Knowledge at Singapore Management University
publishDate 2017
url https://ink.library.smu.edu.sg/sis_research/3697
https://ink.library.smu.edu.sg/context/sis_research/article/4699/viewcontent/p170_li__1_.pdf
_version_ 1770573674728914944

Similar Items