Reference : On Locating Malicious Code in Piggybacked Android Apps
Scientific journals : Article
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/33426
On Locating Malicious Code in Piggybacked Android Apps
English
Li, Li mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Li, Daoyuan mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Bissyande, Tegawendé François D Assise mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Klein, Jacques mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC) >]
Cai, Haipeng [Washington State University > School of Electrical Engineering and Computer Science]
Lo, David [Singapore Management University > School of Information Systems]
Le Traon, Yves mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Nov-2017
Journal of Computer Science & Technology
Springer Science & Business Media B.V.
Yes (verified by ORBilu)
International
1000-9000
[en] Android ; piggybacked app ; malicious code
[en] To devise efficient approaches and tools for detecting malicious packages in the Android ecosystem, researchers are increasingly required to have a deep understanding of malware. There is thus a need to provide a framework for dissecting malware and locating malicious program fragments within app code in order to build a comprehensive dataset of malicious samples. Towards addressing this need, we propose in this work a tool-based approach called HookRanker, which provides ranked lists of potentially malicious packages based on the way malware behaviour code is triggered. With experiments on a ground truth of piggybacked apps, we are able to automatically locate the malicious packages from piggybacked Android apps with an accuracy@5 of 83.6% for such packages that are triggered through method invocations and an accuracy@5 of 82.2% for such packages that are triggered independently.
Researchers ; Professionals ; Students ; General public ; Others
http://hdl.handle.net/10993/33426
10.1007/s11390-017-1786-z

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Limited access
2017-6-5-7513.pdfPublisher postprint637.31 kBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.