KLEIN, Jacques ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC)
Co-auteurs externes :
yes
Langue du document :
Anglais
Titre :
MoonlightBox: Mining Android API Histories for Uncovering Release-time Inconsistencies
Date de publication/diffusion :
octobre 2018
Nom de la manifestation :
29th IEEE International Symposium on Software Reliability Engineering (ISSRE)
Lieu de la manifestation :
Memphis, Etats-Unis
Date de la manifestation :
Oct. 2018
Manifestation à portée :
International
Titre de l'ouvrage principal :
29th IEEE International Symposium on Software Reliability Engineering (ISSRE)
Pagination :
212-223
Peer reviewed :
Peer reviewed
Projet FnR :
FNR11693861 - Characterization Of Malicious Code In Mobile Apps: Towards Accurate And Explainable Malware Detection, 2017 (01/06/2018-31/12/2021) - Jacques Klein
App Brain. Number of available android applications. http://www. appbrain. com/stats/number-of-android-apps. Accessed: 2018-01-10.
Li Li, Jun Gao, Médéric Hurier, Pingfan Kong, Tegawendé F Bissyandé, Alexandre Bartel, Jacques Klein, and Yves Le Traon. Androzoo++: Collecting millions of android apps and their metadata for the research community. arXiv preprint arXiv: 1709. 05281, 2017.
Arash Alavi, Alan Quach, Hang Zhang, Bryan Marsh, Farhan Ul Haq, Zhiyun Qian, Long Lu, and Rajiv Gupta. Where is the weakest link? a study on security discrepancies between android apps and their website counterparts. In International Conference on Passive and Active Network Measurement, pages 100-112. Springer, 2017.
Kevin Allix, Tegawendé F Bissyandé, Jacques Klein, and Yves Le Traon. Are your training datasets yet relevant? In International Symposium on Engineering Secure Software and Systems, pages 51-67. Springer, 2015.
Change the last-modified time of a zip file elements. http://stackoverflow. com/questions/23499213/change-the-last-modifiedtime-of-a-zip-file-elements. Accessed: 2018-01-10.
Justin Sahs and Latifur Khan. A machine learning approach to android malware detection. In Intelligence and security informatics conference (eiSiC), 2012 european, pages 141-147. IEEE, 2012.
Sen Chen, Minhui Xue, Zhushou Tang, Lihua Xu, and Haojin Zhu. Stormdroid: A streaminglized machine learning-based system for detecting android malware. In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pages 377-388. ACM, 2016.
Annamalai Narayanan, Mahinthan Chandramohan, Lihui Chen, and Yang Liu. A multi-view context-aware approach to android malware detection and malicious code localization. arXiv preprint arXiv: 1704. 01759, 2017.
Xinli Yang, David Lo, Li Li, Xin Xia, Tegawendé F Bissyandé, and Jacques Klein. Characterizing malicious android apps by mining topicspecific data flow signatures. Information and Software Technology, 2017.
Shachar Kaufman, Saharon Rosset, Claudia Perlich, and Ori Stitelman. Leakage in data mining: Formulation, detection, and avoidance. ACM Transactions on Knowledge Discovery from Data (TKDD), 6 (4): 15, 2012.
Vitalii Avdiienko, Konstantin Kuznetsov, Alessandra Gorla, Andreas Zeller, Steven Arzt, Siegfried Rasthofer, and Eric Bodden. Mining apps for abnormal usage of sensitive data. In International Conference on Software Engineering (ICSE), 2015.
Li Li, Daoyuan Li, Tegawendé F Bissyandé, Jacques Klein, Haipeng Cai, David Lo, and Yves Le Traon. On locating malicious code in piggybacked android apps. Journal of Computer Science and Technology, 2017.
Li Li, Tegawendé F Bissyandé, and Jacques Klein. Simidroid: Identifying and explaining similarities in android apps. In The 16th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom 2017), 2017.
Alireza Sadeghi, Hamid Bagheri, Joshua Garcia, et al. A taxonomy and qualitative comparison of program analysis techniques for security assessment of android software. IEEE Transactions on Software Engineering, 2016.
Li Li, Tegawendé F Bissyandé, Mike Papadakis, Siegfried Rasthofer, Alexandre Bartel, Damien Octeau, Jacques Klein, and Yves Le Traon. Static analysis of android apps: A systematic literature review. Information and Software Technology, 2017.
Repackagerepo: A repository of repackaged android apps. https://github. com/serval-snt-uni-lu/RepackageRepo. Accessed: 2018-01-10.
Haoyu Wang, Hao Li, Li Li, Yao Guo, and Guoai Xu. Why are android apps removed from google play? a large-scale empirical study. In The 15th International Conference on Mining Software Repositories (MSR 2018), 2018.
Stuart McIlroy, Nasir Ali, and Ahmed E Hassan. Fresh apps: An empirical study of frequently-updated mobile apps in the google play store. Empirical Software Engineering, 21 (3): 1346-1370, 2016.
Jun Gao, Li Li, Pingfan Kong, Tegawendé F Bissyandé, and Jacques Klein. On vulnerability evolution in android apps. In The 40th International Conference on Software Engineering, Poster Track (ICSE 2018), 2018.
Set the application id. https://developer. android. com/studio/build/application-id. html. Accessed: 2018-01-10.
Li Li, Tegawendé F Bissyandé, Damien Octeau, and Jacques Klein. Droidra: Taming reflection to support whole-program analysis of android apps. In The 2016 International Symposium on Software Testing and Analysis (ISSTA), 2016.
Patrick Lam, Eric Bodden, Ondrej Lhoták, and Laurie Hendren. The soot framework for java program analysis: A retrospective. In CETUS, 2011.
Tyler McDonnell, Baishakhi Ray, and Miryung Kim. An empirical study of api stability and adoption in the android ecosystem. In 29th IEEE International Conference on Software Maintenance (ICSM), pages 70-79. IEEE, 2013.
Last modified timestamp on all files in apk default to fri, nov 30 1979 00: 00: 00. https://issuetracker. google. com/issues/37116029. Accessed: 2018-01-10.
Yajin Zhou and Xuxian Jiang. Dissecting android malware: Characterization and evolution. In Security and Privacy (SP), 2012 IEEE Symposium on, pages 95-109. IEEE, 2012.
Vitalii Avdiienko, Konstantin Kuznetsov, Alessandra Gorla, Andreas Zeller, Steven Arzt, Siegfried Rasthofer, and Eric Bodden. Mining apps for abnormal usage of sensitive data. 2014.
Stephen M Blackburn, Amer Diwan, Matthias Hauswirth, Peter F Sweeney, José Nelson Amaral, Tim Brecht, Lubomir Bulej, Cliff Click, Lieven Eeckhout, Sebastian Fischmeister, et al. The truth, the whole truth, and nothing but the truth: A pragmatic guide to assessing empirical evaluations. ACM Transactions on Programming Languages and Systems (TOPLAS), 38 (4): 15, 2016.
Sid-Ahmed-Ali Touati, Julien Worms, and Sébastien Briais. The speedup-test: A statistical methodology for programme speedup analysis and computation. Concurrency and computation: practice and experience, 25 (10): 1410-1426, 2013.
Vreda Pieterse, Vreda Pieterse, and David Flater. The ghost in the machine: don't let it haunt your software performance measurements. US Department of Commerce, National Institute of Standards and Technology, 2014.
Li Li, Tegawendé F Bissyandé, Yves Le Traon, and Jacques Klein. Accessing inaccessible android apis: An empirical study. In The 32nd International Conference on Software Maintenance and Evolution (ICSME 2016), 2016.
Li Li, Jun Gao, Tegawendé F Bissyandé, Lei Ma, Xin Xia, and Jacques Klein. Characterising deprecated android apis. In The 15th International Conference on Mining Software Repositories (MSR 2018), 2018.
Li Li, Tegawendé F Bissyandé, Haoyu Wang, and Jacques Klein. Cid: Automating the detection of api-related compatibility issues in android apps. In The ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2018), 2018.
Dong-Jie Wu, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, and Kuo-Ping Wu. Droidmat: Android malware detection through manifest and api calls tracing. In Information Security (Asia JCIS), 2012 Seventh Asia Joint Conference on, pages 62-69. IEEE, 2012.
John Demme, Matthew Maycock, Jared Schmitz, Adrian Tang, Adam Waksman, Simha Sethumadhavan, and Salvatore Stolfo. On the feasibility of online malware detection with performance counters. In ACM SIGARCH Computer Architecture News, volume 41, pages 559-570. ACM, 2013.
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, Konrad Rieck, and CERT Siemens. Drebin: Effective and explainable detection of android malware in your pocket. In NDSS, 2014.
Ke Tian, Danfeng (Daphne) Yao, Barbara G. Ryder, and Gang Tan. Analysis of code heterogeneity for high-precision classification of repackaged malware. In MoST@S&P (W), 2016.
Li Li, Daoyuan Li, Tegawendé F Bissyandé, Jacques Klein, Yves Le Traon, David Lo, and Lorenzo Cavallaro. Understanding android app piggybacking: A systematic study of malicious code grafting. IEEE Transactions on Information ForenSiCs & Security (TIFS), 2017.
Clint Gibler, Ryan Stevens, Jonathan Crussell, Hao Chen, Hui Zang, and Heesook Choi. Adrob: Examining the landscape and impact of android application plagiarism. In Proceeding of the 11th annual international conference on Mobile systems, applications, and services, pages 431-444. ACM, 2013.
Olga Gadyatskaya, Andra-Lidia Lezza, and Yury Zhauniarovich. Evaluation of Resource-based App Repackaging Detection in Android. In Proceedings of the 21st Nordic Conference on Secure IT Systems, NordSec 2016, pages 135-151, 2016.
Fang Lyu, Yapin Lin, Junfeng Yang, and Junhai Zhou. Suidroid: An efficient hardening-resilient approach to android app clone detection. In Trustcom/BigDataSE/I SPA, 2016 IEEE, pages 511-518. IEEE, 2016.
Kai Chen, Peng Liu, and Yingjun Zhang. Achieving accuracy and scalability simultaneously in detecting application clones on android markets. In International Conference on Software Engineering (ICSE), 2014.
Haoyu Wang, Yao Guo, Ziang Ma, and Xiangqun Chen. Wukong: A scalable and accurate two-phase approach to android app clone detection. In International Symposium on Software Testing and Analysis (ISSTA), 2015.
