Detection Of Malware Collusion With Static Dependence Analysis On Inter-App Communication

Abstract

Inter-Component Communication (ICC) enables useful interactions between mobile apps. It has been long believed that inter-app ICCs can be abused by malware writers to launch collusion attacks. In this project, we designed and developed two techniques for analyzing the security threats associated with inter-app ICC communications and conducted two large-scale experiments (MapReduce one with 11,996 apps and MySQL database one with over 110K apps). Our contributions are two-fold, methodology development and empirical analysis. We invented two complementary methods for efficiently screening Android app pairs against data leak and privilege escalation threats that are due to intentional collusions or vulnerable apps being exploited.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 08, 2016
Accession Number
AD1022648

Entities

People

  • Barbara Ryder
  • Danfeng Yao

Organizations

  • Virginia Tech

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Algorithms
  • Case Studies
  • Computer Programming
  • Computer Programs
  • Computers
  • Data Mining
  • Data Transmission
  • Database Management Systems
  • Databases
  • Information Science
  • Mobile Operating Systems
  • Relational Database Management Systems
  • Relational Databases
  • Risk Analysis
  • Social Media

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Criminal Law
  • Strategic Security Studies

Technology Areas

  • Cyber