Static Detection of Dangerous Behaviors in Android Apps
This paper presents a scheme to detect dangerous behaviors in An droid apps.In order to identify different kinds of dangerous behaviors, we de signed two analysis engines.On the one hand, taint analysis engine mainly de tects privacy leak by tracking how users sensitive data is used by an app; On the other hand, constant analysis engine focuses on the constant information in an app to identify other dangerous behaviors such as SP services ordering, phone bill consuming, and so on.We have implemented these two engines in a system called ApkRiskAnalyzer which identifies the dangerous behaviors by simulating the running process of an Android app statically.Furthermore, we analyzed 1260 malicious apps and found out dangerous behaviors in 1246 (98.9%) apps.Then we downloaded 630 normal apps from Google Play and identified dangerous behaviors in 575(91.3%) apps.These results demonstrate the effectiveness of ApkRiskAnalyzer.
Android security malware detection dangerous behavior static analysis
Shaoyin Cheng Shengmei Luo Zifeng Li Wei Wang Yan Wu Fan Jiang
Information Technology Security Evaluation Center,University of Science and Technology of China,Hefe ZTE Corporation,Nanjing,210012,P.R.China;Department of Computer Science,Tsinghua University,Beijing, ZTE Corporation,Nanjing,210012,P.R.China
国际会议
The 5th International Symposium on Cyberspace Safety and Security ( CSS2013)(第五届国际网络空间安全和安保研讨会)
张家界
英文
363-376
2013-11-13(万方平台首次上网日期,不代表论文的发表时间)