DroidEcho: an in-depth dissection of malicious behaviors in Android applications

Loading...
Thumbnail Image
File version

Version of Record (VoR)

Author(s)
Meng, G
Feng, R
Bai, G
Chen, K
Liu, Y
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Date
2018
Size
File type(s)
Location
Abstract

A precise representation for attacks can benefit the detection of malware in both accuracy and efficiency. However, it is still far from expectation to describe attacks precisely on the Android platform. In addition, new features on Android, such as communication mechanisms, introduce new challenges and difficulties for attack detection. In this paper, we propose abstract attack models to precisely capture the semantics of various Android attacks, which include the corresponding targets, involved behaviors as well as their execution dependency. Meanwhile, we construct a novel graph-based model called the inter-component communication graph (ICCG) to describe the internal control flows and inter-component communications of applications. The models take into account more communication channel with a maximized preservation of their program logics. With the guidance of the attack models, we propose a static searching approach to detect attacks hidden in ICCG. To reduce false positive rate, we introduce an additional dynamic confirmation step to check whether the detected attacks are false alarms. Experiments show that DroidEcho can detect attacks in both benchmark and real-world applications effectively and efficiently with a precision of 89.5%.

Journal Title

Cybersecurity

Conference Title
Book Title
Edition
Volume

1

Issue

1

Thesis Type
Degree Program
School
Publisher link
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement

© The Author(s). 2018 Open Access This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

Item Access Status
Note
Access the data
Related item(s)
Subject

Nanotechnology

Persistent link to this record
Citation

Meng, G; Feng, R; Bai, G; Chen, K; Liu, Y, DroidEcho: an in-depth dissection of malicious behaviors in Android applications, Cybersecurity, 2018, 1 (1), pp. 4

Collections