DARKDROID: Exposing the Dark Side of Android Marketplaces

Abstract

Our DarkDroid project aims to protect Android devices from their many security threats. In DarkDoid, we developed novel approaches to Android security issues based on both static and dynamic analysis techniques to pinpoint a variety of malicious behaviors, including logic bombs, dynamically-loaded code, GUI-based deception attacks, DOS-related attacks, and evasive apps that use the complexity of the Android framework to disguise automatic analysis systems. Moreover, our approaches can detect apps containing both intentional and unintentional vulnerabilities, such as unsafe code loading mechanisms and misuse of crypto APIs. We also studied and discovered several weaknesses in Androids framework and permission system; and we explored the behavior and possibility of sandboxing an understudied, yet critical security aspect -- native code components in Android apps.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2016
Accession Number
AD1011052

Entities

People

  • Christopher Kruegel
  • Engin Kirda
  • Giovanni Vigna
  • William Robertson

Organizations

  • University of California, Santa Barbara

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Computer Program Documentation
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computers
  • Department Of Defense
  • Detection
  • Graphical User Interface
  • Mobile Devices
  • Mobile Operating Systems
  • Mobile Phones
  • Operating Systems
  • Security
  • Transient Response Analysis
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Distributed Systems and Data Platform Development