Banking Trojans APK Detection using Formal Methods

Nitesh Kumar, Vinay Kumar, Manish Gaur
{"title":"Banking Trojans APK Detection using Formal Methods","authors":"Nitesh Kumar, Vinay Kumar, Manish Gaur","doi":"10.1109/ISCON47742.2019.9036319","DOIUrl":null,"url":null,"abstract":"Nowadays, malware attacks are increasing for mobile devices because of the smartphones became requisite in usual activities for almost everyone. The Android operating system has grown the conventional OS for mobile devices in all places. Due to the open-source term of Android, these devices are mostly targeted by the attackers. Malware author uses various techniques to insert the bad code (instructions) into the clean application so that it performs malicious behavior. The modern signature-based anti-malware system may confuse the detection system by minor code transformations. To overcome the above issues this work analyzes the Java Bytecode instructions present in the class files extracted from the Android application files. The calculus of communicating systems (CCS) process model is generated using these Java Bytecode instructions by referring to a new process for each instruction of Java Bytecode. The malicious behavior properties are defined to verify the application files after invoking a formal verification tool for detection of Android Banking Trojans malware family. The experimental results show that our approach can detect Banking Trojans malware family with 98.91 % of accuracy.","PeriodicalId":124412,"journal":{"name":"2019 4th International Conference on Information Systems and Computer Networks (ISCON)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 4th International Conference on Information Systems and Computer Networks (ISCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCON47742.2019.9036319","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

Abstract

Nowadays, malware attacks are increasing for mobile devices because of the smartphones became requisite in usual activities for almost everyone. The Android operating system has grown the conventional OS for mobile devices in all places. Due to the open-source term of Android, these devices are mostly targeted by the attackers. Malware author uses various techniques to insert the bad code (instructions) into the clean application so that it performs malicious behavior. The modern signature-based anti-malware system may confuse the detection system by minor code transformations. To overcome the above issues this work analyzes the Java Bytecode instructions present in the class files extracted from the Android application files. The calculus of communicating systems (CCS) process model is generated using these Java Bytecode instructions by referring to a new process for each instruction of Java Bytecode. The malicious behavior properties are defined to verify the application files after invoking a formal verification tool for detection of Android Banking Trojans malware family. The experimental results show that our approach can detect Banking Trojans malware family with 98.91 % of accuracy.
使用正式方法检测银行木马APK
如今,恶意软件对移动设备的攻击越来越多,因为智能手机几乎成为每个人日常活动的必需品。Android操作系统已经成为所有地方移动设备的传统操作系统。由于Android的开源术语,这些设备大多是攻击者的目标。恶意软件作者使用各种技术将不良代码(指令)插入干净的应用程序中,使其执行恶意行为。现代基于签名的反恶意软件系统可能会因为代码的微小转换而混淆检测系统。为了克服上述问题,本文分析了从Android应用程序文件中提取的类文件中存在的Java字节码指令。通过对每条Java字节码指令引用一个新的进程,利用这些Java字节码指令生成通信系统(CCS)进程模型。定义恶意行为属性,通过调用正式的验证工具对应用程序文件进行验证,检测Android Banking trojan恶意软件家族。实验结果表明,该方法对银行木马恶意软件家族的检测准确率为98.91%。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信