Filters








800 Hits in 5.7 sec

Detection of app collusion potential using logic programming

Jorge Blasco, Thomas M. Chen, Igor Muttik, Markus Roggenbach
2018 Journal of Network and Computer Applications  
While the possibility of app collusion was first warned in 2011, it has been unclear if collusion is used by malware in the wild due to a lack of suitable detection methods and tools.  ...  This paper describes how we found the first collusion in the wild. We also present a strategy for detecting collusions and its implementation in Prolog that allowed us to make this discovery.  ...  Characterizing Collusion Potential with Logic Rules Our approach to detect collusion potential utilizes logic programming in Prolog.  ... 
doi:10.1016/j.jnca.2017.12.008 fatcat:7zmwyo4sm5akteahj6uecp7uhu

Detection of App Collusion Potential Using Logic Programming [article]

Jorge Blasco, Thomas M. Chen, Igor Muttik, Markus Roggenbach
2017 arXiv   pre-print
Our tool allowed us to detect a large set of real apps that used collusion as a synchronization method to maximize the effects of a payload that was injected into all of them via the same SDK.  ...  Then we identify sets of apps that might be colluding by using rules in first order logic codified in Prolog.  ...  Contributions In this paper, we present a methodology to detect the potential for app collusion by using logic programming.  ... 
arXiv:1706.02387v1 fatcat:om6m3an4ybdlhmnr7tyhec4ehm

Towards Automated Android App Collusion Detection [article]

Irina Mariuca Asavoae, Jorge Blasco, Thomas M. Chen, Harsha Kumara Kalutarage, Igor Muttik, Hoang Nga Nguyen, Markus Roggenbach, Siraj Ahmed Shaikh
2016 arXiv   pre-print
In this paper we provide a concise definition of collusion and report on a number of automated detection approaches, developed in co-operation with Intel Security.  ...  Android OS supports multiple communication methods between apps. This opens the possibility to carry out threats in a collaborative fashion, c.f. the Soundcomber example from 2011.  ...  Acknowledgement This work has been funded by EPSRC and we are excited to work on this challenging piece of research 1 .  ... 
arXiv:1603.02308v1 fatcat:mie7nrhsszgf7hyxlpogmlbjzm

Detecting Malicious Collusion Between Mobile Software Applications: The Android TM Case [chapter]

Irina Măriuca Asăvoae, Jorge Blasco, Thomas M. Chen, Harsha Kumara Kalutarage, Igor Muttik, Hoang Nga Nguyen, Markus Roggenbach, Siraj Ahmed Shaikh
2017 Data Analytics and Decision Support for Cybersecurity  
Catesbeiana (Jr) for pointing out the importance of intention in malware analysis.  ...  These methods extract features through static analysis and use first order logic and machine learning to assess whether an analysed app set has collusion potential.  ...  We develop two methods based on a lightweight analysis to detect if a set of apps has any collusion potential.  ... 
doi:10.1007/978-3-319-59439-2_3 fatcat:fd6dz47f7bbtpm5nz4bdu6q5ou

Android inter-app communication threats and detection techniques

Shweta Bhandari, Wafa Ben Jaballah, Vineeta Jain, Vijay Laxmi, Akka Zemmari, Manoj Singh Gaur, Mohamed Mosbah, Mauro Conti
2017 Computers & security  
To the best of our knowledge this is the first survey on app collusion and state-of-the-art detection tools in Android.  ...  Despite of all the security mechanisms provided by Android, apps can carry out malicious actions through collusion. In collusion malicious functionality is divided across multiple apps.  ...  ICC Map cannot be used for apps collusion detection but it helps to identify pair or group of communicating apps.  ... 
doi:10.1016/j.cose.2017.07.002 fatcat:owzn5l7bvrcitix4mlfiabdhee

Cross-App Interference Threats in Smart Homes: Categorization, Detection and Handling [article]

Haotian Chi, Qiang Zeng, Xiaojiang Du, Jiaping Yu
2021 arXiv   pre-print
Our work, however, reveals that even IoT apps that follow the principle of least privilege, when they interplay, can cause unique types of threats, named Cross-App Interference (CAI) threats.  ...  A number of Internet of Things (IoTs) platforms have emerged to enable various IoT apps developed by third-party developers to automate smart homes.  ...  Therefore, explicit collusion logics and inter-app communication supported by the mobile system architecture are necessities for apps to collude.  ... 
arXiv:1808.02125v5 fatcat:um5pjkptlfhm5bafv5a77avp5m

Detecting Colluding Inter-App Communication in Mobile Environment

Rosangela Casolare, Fabio Martinelli, Francesco Mercaldo, Antonella Santone
2020 Applied Sciences  
We based the proposed method on model checking, by representing Android applications in terms of automata and by proposing a set of logic properties to reduce the number of comparisons and a set of logic  ...  In this paper, we propose a method to detect inter-app communication i.e., a colluding communication between different applications with data support to silently exfiltrate sensitive and private information  ...  Our tool works by using formal methods to detect the presence of collusion.  ... 
doi:10.3390/app10238351 fatcat:k5hhaa5tbzfpjj6myg6bw635dq

Review of Works Content Analyzer for Information Leakage Detection and Prevention in Android Smart Devices

T. Okebule, Afe Babalola University, Ado-Ekiti, Nigeria, Oluwaseyi A. Adeyemo, K. A. Olatunji, A. S. Awe, Afe Babalola University, Ado-Ekiti, Nigeria
2022 ABUAD International Journal of Natural and Applied Sciences  
This study presents a literature review of works on content Analyzers for information leakage detection and prevention on android-based devices.  ...  The review will help to combine different concept to minimize false positives that will in turn lead to increase in code coverage towards detecting the maximum number of data leaks.  ...  The approach presented a model-checking based approach for inter-app collusion detection. The authors presented compositional app analysis to identify set of conspiring apps inved in the collusion.  ... 
doi:10.53982/aijnas.2022.0201.02-j fatcat:xltm3eyeczcibl37m52l5v23za

Analysis of Android Inter-App Security Vulnerabilities Using COVERT

Alireza Sadeghi, Hamid Bagheri, Sam Malek
2015 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering  
of multiple apps, such as collusion attacks and privilege escalation chaining, shown to be quite common in the apps on the market.  ...  The state-of-the-art in securing mobile software systems are substantially intended to detect and mitigate vulnerabilities in a single app, but fail to identify vulnerabilities that arise due to the interaction  ...  the US Department of Homeland Security, and CCF-1252644 from the US National Science Foundation.  ... 
doi:10.1109/icse.2015.233 dblp:conf/icse/SadeghiBM15 fatcat:6s2yopkhp5hs3cerwk74tsnbju

Resilient decentralized Android application repackaging detection using logic bombs

Qiang Zeng, Lannan Luo, Zhiyun Qian, Xiaojiang Du, Zhoujun Li
2018 Proceedings of the 2018 International Symposium on Code Generation and Optimization - CGO 2018  
The main challenge is how to protect repackaging detection code from attacks. We propose a creative use of logic bombs, which are regularly used in malware, to conquer the challenge.  ...  We instead consider building the detection capability into apps, such that user devices are made use of to detect repackaging in a decentralized fashion.  ...  Second, user devices are made use of to detect repackaging. This should not be a problem if we regard repackaging detection as helping users check potentially harmful apps. Limitations.  ... 
doi:10.1145/3168820 dblp:conf/cgo/0001LQDL18 fatcat:nnh23yi6dffktbkxs7s73x452y

DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications [chapter]

Chao Yang, Zhaoyan Xu, Guofei Gu, Vinod Yegneswaran, Phillip Porras
2014 Lecture Notes in Computer Science  
DroidMiner is a new malicious Android app detection system that uses static analysis to automatically mine malicious program logic from known Android malware.  ...  Using this set of real-world apps, DroidMiner achieves a 95.3% detection rate, with a 0.4% false positive rate.  ...  DroidMiner detects malware by analyzing the program logic of sensitive Android and Java framework API functions and sensitive Android resources.  ... 
doi:10.1007/978-3-319-11203-9_10 fatcat:kmo5cyvvgjfk3axizuirx2eole

Leveraging Product Characteristics for Online Collusive Detection in Big Data Transactions

Suyuan Luo, Shaohua Wan
2019 IEEE Access  
By collusion, fraudsters can acquire high reputation scores and it will attract more potential buyers.  ...  A real-world dataset is used to verify the effectiveness of the indicators in the detection model, which is put forward to recognize the fraud transactions from the legitimate ones.  ...  It should be useful to other types of online collusion in developing detection models.  ... 
doi:10.1109/access.2019.2891907 fatcat:772enoovbrfrbiqkmg6okk3xam

SandScout

Luke Deshotels, Razvan Deaconescu, Mihai Chiroiu, Lucas Davi, William Enck, Ahmad-Reza Sadeghi
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
We propose the SandScout framework to extract, decompile, formally model, and analyze iOS sandbox profiles as logic-based programs.  ...  Recent literature on iOS security has focused on the malicious potential of third-party applications, demonstrating how developers can bypass application vetting and codelevel protections.  ...  Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the funding agencies.  ... 
doi:10.1145/2976749.2978336 dblp:conf/ccs/DeshotelsDCDES16 fatcat:u6bcwcwcavbqbituckjahcz6si

The influence of digital platforms and algorithms on legal regulation of competition

Marina Kozlova, Dmitriy Kozhemyakin, Olga Sergacheva, Alexandr Bortenev, S. Cindori, A.M.M. Mostafa, E.Yu. Malushko, T.V. Deryugina, A.A. Mokhov
2021 SHS Web of Conferences  
It is concluded that the owners of the software must be held accountable for any actions of the algorithm, as no program can act of its free will, they are controlled by the creator or the right holder  ...  The third approach suggests further control using new legal standards that differ from the current ones.  ...  For instance, algorithmization can be used for the elucidation of the price level and detection of demand. This process facilitates collusions and forming of cartels.  ... 
doi:10.1051/shsconf/202110901020 fatcat:lezgewknjvhgzjwl5i75o7iaie

DroidForce: Enforcing Complex, Data-centric, System-wide Policies in Android

Siegfried Rasthofer, Steven Arzt, Enrico Lovat, Eric Bodden
2014 2014 Ninth International Conference on Availability, Reliability and Security  
Smartphones are nowadays used to store and process many kinds of privacy-sensitive data such as contacts, photos, and e-mails.  ...  However, they are often capable of enforcing only a very limited set of policies, like preventing data leaks only within single components or monitoring access only to specific sensitive system resources  ...  Notice that the conditions are expressed using the past variant of temporal logic operators.  ... 
doi:10.1109/ares.2014.13 dblp:conf/IEEEares/RasthoferALB14 fatcat:ry2tsbwxcrd4vlgyn7swhhqq5i
« Previous Showing results 1 — 15 out of 800 results