Filters








360 Hits in 2.9 sec

Automated generation of colluding apps for experimental research

Jorge Blasco, Thomas M. Chen
2017 Journal in Computer Virology and Hacking Techniques  
Research in detecting and protecting against app collusion requires a variety of colluding apps for experimentation.  ...  In this paper we propose a system called Application Collusion Engine (ACE) to automatically generate combinations of colluding and noncolluding Android apps to help researchers fairly evaluate different  ...  Acknowledgements This work was supported by the UK Engineering and Physical Sciences Research Council (EPSRC) through grant EP/L022699/1.  ... 
doi:10.1007/s11416-017-0296-4 fatcat:hbxspcstsbhj3oacjywmg352v4

Towards Automated Android App Collusion Detection [article]

Irina Mariuca Asavoae, Jorge Blasco, Thomas M. Chen, Harsha Kumara Kalutarage, Igor Muttik, Hoang Nga Nguyen, Markus Roggenbach, Siraj Ahmed Shaikh
2016 arXiv   pre-print
In this paper we provide a concise definition of collusion and report on a number of automated detection approaches, developed in co-operation with Intel Security.  ...  Android OS supports multiple communication methods between apps. This opens the possibility to carry out threats in a collaborative fashion, c.f. the Soundcomber example from 2011.  ...  Acknowledgement This work has been funded by EPSRC and we are excited to work on this challenging piece of research 1 .  ... 
arXiv:1603.02308v1 fatcat:mie7nrhsszgf7hyxlpogmlbjzm

Towards a threat assessment framework for apps collusion

Harsha Kumara Kalutarage, Hoang Nga Nguyen, Siraj Ahmed Shaikh
2017 Telecommunications Systems  
The permissions based security model of Android does not address this threat as it is rather limited to mitigating risks of individual apps.  ...  The proposed method is useful in finding the collusion candidate of interest which is critical given the high volume of Android apps available.  ...  Dataset vs global trend Experimental setup and results Algorithm 1 was automated using R 6 and Bash scripts.  ... 
doi:10.1007/s11235-017-0296-1 pmid:32009772 pmcid:PMC6961490 fatcat:irfq73sn7zadlcg3f2xvhith74

Detecting Malicious Collusion Between Mobile Software Applications: The Android TM Case [chapter]

Irina Măriuca Asăvoae, Jorge Blasco, Thomas M. Chen, Harsha Kumara Kalutarage, Igor Muttik, Hoang Nga Nguyen, Markus Roggenbach, Siraj Ahmed Shaikh
2017 Data Analytics and Decision Support for Cybersecurity  
The authors would like to thank the anonymous reviewers for their helpful comments, and Erwin R. Catesbeiana (Jr) for pointing out the importance of intention in malware analysis.  ...  Acknowledgment This work has been supported by UK Engineering and Physical Sciences Research Council (EPSRC) grant EP/L022699/1.  ...  Experimental setup and validation Algorithm 1 was automated using R 5 and Bash scripts.  ... 
doi:10.1007/978-3-319-59439-2_3 fatcat:fd6dz47f7bbtpm5nz4bdu6q5ou

Detecting Colluding Inter-App Communication in Mobile Environment

Rosangela Casolare, Fabio Martinelli, Francesco Mercaldo, Antonella Santone
2020 Applied Sciences  
properties automatically generated for detecting colluding applications.  ...  a bank transfer to the full management of home automation.  ...  the detection of colluding inter-app communication is presented; Section 4 presents the experimental analysis results to demonstrate the effectiveness of the proposed approach; the current literature  ... 
doi:10.3390/app10238351 fatcat:k5hhaa5tbzfpjj6myg6bw635dq

Using IM-Visor to stop untrusted IME apps from stealing sensitive keystrokes

Chen Tian, Yazhe Wang, Peng Liu, Qihui Zhou, Chengyi Zhang
2018 Cybersecurity  
Third-party IME (Input Method Editor) apps are often the preference means of interaction for Android users' input.  ...  Otherwise, IM-Visor replays non-sensitive keystroke touch events for IME apps or replays non-keystroke touch events for other apps.  ...  Yazhe Wang's work was supported by the National Key Research and Development Program of China NO.2017YFB0801900 and Youth Innovation Promotion Association of CAS.  ... 
doi:10.1186/s42400-018-0007-6 fatcat:umjyl2knvbhjddhor3yo7y5mzi

Android inter-app communication threats and detection techniques

Shweta Bhandari, Wafa Ben Jaballah, Vineeta Jain, Vijay Laxmi, Akka Zemmari, Manoj Singh Gaur, Mohamed Mosbah, Mauro Conti
2017 Computers & security  
We cover the existing threat analysis, scenarios, and a detailed comparison of tools for intra and inter-app analysis.  ...  Academic researchers and commercial anti-malware companies are putting great effort to detect such malicious apps.  ...  colluding apps.  ... 
doi:10.1016/j.cose.2017.07.002 fatcat:owzn5l7bvrcitix4mlfiabdhee

COVERT: Compositional Analysis of Android Inter-App Permission Leakage

Hamid Bagheri, Alireza Sadeghi, Joshua Garcia, Sam Malek
2015 IEEE Transactions on Software Engineering  
Android's enforcement of the permissions is at the level of individual apps, allowing multiple malicious apps to collude and combine their permissions or to trick vulnerable apps to perform actions on  ...  In this paper, we present COVERT, a tool for compositional analysis of Android inter-app vulnerabilities.  ...  the US Department of Homeland Security, and CCF-1252644 from the US National Science Foundation.  ... 
doi:10.1109/tse.2015.2419611 fatcat:7r76unj3vfdxdb2hkx3hcimx7e

D-BRIDEMAID: A Distributed Framework for Collaborative and Dynamic Analysis of Android Malware

Antonio La Marra, Fabio Martinelli, Francesco Mercaldo, Andrea Saracino, Mina Sheikhalishahi
2020 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
This work focuses on the definition of the collaborative protocol, the reputation based incentive system and the models to compute revenue for users and security of apps.  ...  app evaluation, involving real users willing to test the security features of an app on their device.  ...  The data monitored for this analysis are sent to a remote server able to generate profiles of each monitored mobile device.  ... 
doi:10.22667/jowua.2020.09.30.001 dblp:journals/jowua/MarraMMSS20 fatcat:dsyv7gnw5fbebmz7jz32kbgeti

Checking Intent-based Communication in Android with Intent Space Analysis

Yiming Jing, Gail-Joon Ahn, Adam Doupé, Jeong Hyun Yi
2016 Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security - ASIA CCS '16  
While its importance has been proven by plenty of security extensions that protect it with policy-driven mandatory access control, an overlooked problem is the verification of the security policies.  ...  Intent space analysis formulates the intent forwarding functionalities of security extensions as transformations on a geometric intent space.  ...  Acknowledgements This work was partially supported by the grants from Global Research Laboratory Project through National Research Foundation (NRF-2014K1A1A2043029) and the Center for Cybersecurity and  ... 
doi:10.1145/2897845.2897904 dblp:conf/ccs/JingADY16 fatcat:iddv2k7owjgd3hbwnj24wrxd3q

Koi: A Location-Privacy Platform for Smartphone Apps

Saikat Guha, Mudit Jain, Venkata N. Padmanabhan
2012 Symposium on Networked Systems Design and Implementation  
is easier for applications to build upon.  ...  We verify the non-tracking properties of Koi using a theorem prover, illustrate how privacy guarantees can easily be added to a wide range of location-based applications, and show that our public deployment  ...  Location APIs in Prior Research. There is a rich body of research on location APIs. For programming ease, Brown et al.  ... 
dblp:conf/nsdi/GuhaJP12 fatcat:7iguou7l55b6be2l3i5ioen5vu

Automated Multi-Layered Bytecode Generation for Preventing Sensitive Information Leaks from Android Applications

Geochang Jeon, Minseong Choi, Sunjun Lee, Jeong Hyun Yi, Haehyun Cho
2021 IEEE Access  
We, thus, propose a novel, automated static anti-analysis tool, called AmpDroid, for preventing sensitive information leaks.  ...  Hence, it is of great importance to reduce the risk of such sensitive information leaks.  ...  (2) We propose an automated anti-analysis system, named AmpDroid, that generates multi-layered bytecode for preventing the ReMaCi attack.  ... 
doi:10.1109/access.2021.3107601 fatcat:moufnteu6fabrpc5xqpv36sfoe

Blackmarket-driven Collusion on Online Media: A Survey [article]

Hridoy Sankar Dutta, Tanmoy Chakraborty
2020 arXiv   pre-print
We believe that collusive entity detection is a newly emerging topic in anomaly detection and cyber-security research in general and the current survey will provide readers with an easy-to-access and comprehensive  ...  list of methods, tools and resources proposed so far for detecting and analyzing collusive entities on online media.  ...  for creating fully working android apps that are ready to be installed in a device. e primary aim of this work is to create substantial colluding app sets for experimentation as representative datasets  ... 
arXiv:2008.13102v1 fatcat:vi6yiw5u7rbtvezi6fg32vcmwi

Blackmarket-Driven Collusion on Online Media: A Survey

Hridoy Sankar Dutta, Tanmoy Chakraborty
2021 ACM/IMS Transactions on Data Science  
We believe that collusive entity detection is a newly emerging topic in anomaly detection and cyber-security research in general, and the current survey will provide readers with an easy-to-access and  ...  comprehensive list of methods, tools, and resources proposed so far for detecting and analyzing collusive entities on online media.  ...  The primary aim of this work is to create substantial colluding app sets for experimentation, as representative datasets do not presently exist for colluding apps. Kalutarage et al.  ... 
doi:10.1145/3517931 fatcat:7fvgujegh5hohdiemsok6kzviq

A taxonomy of privilege escalation attacks in Android applications

Mohammed Rangwala, Ping Zhang, Xukai Zou, Feng Li
2014 International Journal of Security and Networks (IJSN)  
Privilege escalation attacks have been shown to be malicious and with the wide spread and growing use of the system, the platform for these attacks is also growing wider.  ...  ; 3) a classification and comparison of different frameworks and security extensions proposed in recent research. .  ...  In October 2012, Google said that there were about 700,000 applications available for downloading onto Android devices matching the number of applications on Apple's App Store for iOS devices (Bloomberg  ... 
doi:10.1504/ijsn.2014.059327 fatcat:pmxhn3vzxfh33mlvcg23ugiyiu
« Previous Showing results 1 — 15 out of 360 results