File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Conference Paper: Revisiting the description-to-behavior fidelity in android applications

TitleRevisiting the description-to-behavior fidelity in android applications
Authors
Issue Date2016
Citation
2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering, SANER 2016, 2016, v. 1, p. 415-426 How to Cite?
AbstractSince more than 96% of mobile malware targets on Android platform, various techniques based on static code analysis or dynamic behavior analysis have been proposed to detect malicious applications. As malware is becoming more complicated and stealthy, recent research proposed a promising detection approach that looks for the inconsistency between an application's permissions and its description. In this paper, we revisit this approach and find that using description and permission will lead to many false positives. Therefore, we propose employing app's privacy policy and its bytecode to enhance description and permission for malware detection. It is non-trivial to automatically analyze privacy policy and perform the cross-verification among these four kinds of software artifacts including, privacy policy, bytecode, description, and permissions. We propose a novel data flow model for analyzing privacy policy, and develop a novel system, named TAPVerifier, for carrying out investigation of individual software artifacts and conducting the cross-verification. The experimental results show that TAPVerifier can analyze privacy policy with a high accuracy and recall rate. More importantly, integrating privacy policy and code level information removes 8.1%-65.5% false positives of existing systems based on description and permission.
Persistent Identifierhttp://hdl.handle.net/10722/303506
ISI Accession Number ID

 

DC FieldValueLanguage
dc.contributor.authorYu, Le-
dc.contributor.authorLuo, Xiapu-
dc.contributor.authorQian, Chenxiong-
dc.contributor.authorWang, Shuai-
dc.date.accessioned2021-09-15T08:25:27Z-
dc.date.available2021-09-15T08:25:27Z-
dc.date.issued2016-
dc.identifier.citation2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering, SANER 2016, 2016, v. 1, p. 415-426-
dc.identifier.urihttp://hdl.handle.net/10722/303506-
dc.description.abstractSince more than 96% of mobile malware targets on Android platform, various techniques based on static code analysis or dynamic behavior analysis have been proposed to detect malicious applications. As malware is becoming more complicated and stealthy, recent research proposed a promising detection approach that looks for the inconsistency between an application's permissions and its description. In this paper, we revisit this approach and find that using description and permission will lead to many false positives. Therefore, we propose employing app's privacy policy and its bytecode to enhance description and permission for malware detection. It is non-trivial to automatically analyze privacy policy and perform the cross-verification among these four kinds of software artifacts including, privacy policy, bytecode, description, and permissions. We propose a novel data flow model for analyzing privacy policy, and develop a novel system, named TAPVerifier, for carrying out investigation of individual software artifacts and conducting the cross-verification. The experimental results show that TAPVerifier can analyze privacy policy with a high accuracy and recall rate. More importantly, integrating privacy policy and code level information removes 8.1%-65.5% false positives of existing systems based on description and permission.-
dc.languageeng-
dc.relation.ispartof2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering, SANER 2016-
dc.titleRevisiting the description-to-behavior fidelity in android applications-
dc.typeConference_Paper-
dc.description.naturelink_to_subscribed_fulltext-
dc.identifier.doi10.1109/SANER.2016.67-
dc.identifier.scopuseid_2-s2.0-85007338718-
dc.identifier.volume1-
dc.identifier.spage415-
dc.identifier.epage426-
dc.identifier.isiWOS:000382672700038-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats