Reference : StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of A...
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/23812
StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications
English
Zhauniarovich, Yury [> >]
Ahmad, Maqsood [> >]
Gadyatskaya, Olga mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > > ; > CSC/FSTC]
Crispo, Bruno [> >]
Massacci, Fabio [> >]
Mar-2015
Proceedings of CODASPY '15
ACM
Yes
International
Fifth ACM Conference on Data and Application Security and Privacy
March 2-4, 2015
[en] Android ; static analysis ; dynamic analysis
[en] Static analysis of Android applications can be hindered by the presence of the popular dynamic code update techniques: dynamic class loading and reflection. Recent Android malware samples do actually use these mechanisms to conceal their malicious behavior from static analyzers. These techniques defuse even the most recent static analyzers that usually operate under the "closed world" assumption (the targets of reflective calls can be resolved at analysis time; only classes reachable from the class path at analysis time are used at runtime). Our proposed solution allows existing static analyzers to remove this assumption. This is achieved by combining static and dynamic analysis of applications in order to reveal the hidden/updated behavior and extend static analysis results with this information. This paper presents design, implementation and preliminary evaluation results of our solution called StaDynA.
Interdisciplinary Centre for Security, Reliability and Trust (SnT)
Researchers ; Professionals ; Students
http://hdl.handle.net/10993/23812
10.1145/2699026.2699105
http://dl.acm.org/citation.cfm?id=2699105

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Limited access
stadyna.pdfAuthor preprint1.17 MBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.