loading
Papers

Research.Publish.Connect.

Paper

Authors: Valérie Viet Triem Tong 1 ; Aurélien Trulla 1 ; Mourad Leslous 1 and Jean-François Lalande 2

Affiliations: 1 CentraleSupelec, France ; 2 INSA Centre Val de Loire, France

ISBN: 978-989-758-259-2

Keyword(s): Android, Malware, System Flow Graph.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Security and Privacy in Mobile Systems

Abstract: The detection of new Android malware is far from being a relaxing job. Indeed, each day new Android malware appear in the market and it remains difficult to quickly identify them. Unfortunately users still pay the lack of real efficient tools able to detect zero day malware that have no known signature. The difficulty is that most of the existing approaches rely on static analysis coupled with the ability of malware to hide their malicious code. Thus, we believe that it should be easier to study what malware do instead of what they contain. In this article, we propose to unmask Android malware hidden among benign applications using the observed information flows at the OS level. For achieving such a goal, we introduce a simple characterization of all the accountable information flows of a standard benign application. With such a model for benign apps, we lead some experiments evidencing that malware present some deviations from the expected normal behavior. Experiments show t hat our model recognizes most of the 3206 tested benign applications and spots most of the tested sophisticated malware (ransomware, rootkits, bootkit). (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.91.106.44

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Viet Triem Tong, V.; Trulla, A.; Leslous, M. and Lalande, J. (2017). Information Flows at OS Level Unmask Sophisticated Android Malware.In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2017) ISBN 978-989-758-259-2, pages 578-585. DOI: 10.5220/0006476705780585

@conference{secrypt17,
author={Valérie Viet Triem Tong. and Aurélien Trulla. and Mourad Leslous. and Jean{-}Fran\c{C}ois Lalande.},
title={Information Flows at OS Level Unmask Sophisticated Android Malware},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2017)},
year={2017},
pages={578-585},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006476705780585},
isbn={978-989-758-259-2},
}

TY - CONF

JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2017)
TI - Information Flows at OS Level Unmask Sophisticated Android Malware
SN - 978-989-758-259-2
AU - Viet Triem Tong, V.
AU - Trulla, A.
AU - Leslous, M.
AU - Lalande, J.
PY - 2017
SP - 578
EP - 585
DO - 10.5220/0006476705780585

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.