Reference : TriggerZoo: A Dataset of Android Applications Automatically Infected with Logic Bombs
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/50528
TriggerZoo: A Dataset of Android Applications Automatically Infected with Logic Bombs
English
Samhi, Jordan mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
Bissyande, Tegawendé François D Assise mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
Klein, Jacques mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
23-May-2022
19th International Conference on Mining Software Repositories, Data Showcase, (MSR 2022)
Yes
No
International
Luxembourg
Luxembourg
19th International Conference on Mining Software Repositories, Data Showcase, (MSR 2022)
From 23/05/2022 to 24/05/2022
Pittsburgh
USA
[en] Dataset ; Android Security ; Logic bomb
[en] Many Android apps analyzers rely, among other techniques, on dynamic analysis to monitor their runtime behavior and detect potential security threats. However, malicious developers use subtle, though efficient, techniques to bypass dynamic analyzers. Logic bombs are examples of popular techniques where the malicious code is triggered only under specific circumstances, challenging comprehensive dynamic analyses. The research community has proposed various approaches and tools to detect logic bombs. Unfortunately, rigorous assessment and fair comparison of state-of-the-art techniques are impossible due to the lack of ground truth. In this paper, we present TriggerZoo, a new dataset of 406 Android apps containing logic bombs and benign trigger-based behavior that we release only to the research community using authenticated API. These apps are real-world apps from Google Play that have been automatically infected by our tool AndroBomb. The injected pieces of code implementing the logic bombs cover a large pallet of realistic logic bomb types that we have manually characterized from a set of real logic bombs. Researchers can exploit this dataset as ground truth to assess their approaches and provide comparisons against other tools.
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Trustworthy Software Engineering (TruX)
Fonds National de la Recherche - FnR
Researchers
http://hdl.handle.net/10993/50528
FnR ; FNR14596679 > Jordan Samhi > DIANA > Dissecting Android Applications Using Static Analysis > 01/03/2020 > 31/10/2023 > 2020

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
paper.pdfAuthor preprint528.84 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.