Behavioral Analysis of Android Applications Using Automated Instrumentation

2013 IEEE Seventh International Conference on Software Security and Reliability Companion Pub Date : 2013-06-18 DOI:10.1109/SERE-C.2013.35

Mohammad Karami, Mohamed Elsabagh, Parnian Najafiborazjani, A. Stavrou

{"title":"Behavioral Analysis of Android Applications Using Automated Instrumentation","authors":"Mohammad Karami, Mohamed Elsabagh, Parnian Najafiborazjani, A. Stavrou","doi":"10.1109/SERE-C.2013.35","DOIUrl":null,"url":null,"abstract":"Google's Android operating system has become one the most popular operating system for hand-held devices. Dueto its ubiquitous use, open source nature and wide-spread popularity, it has become the target of recent mobile malware. In this paper, we present our efforts on effective security inspection mechanisms for identification of malicious applications for Android mobile applications. To achieve that, we developed a comprehensive software inspection framework. Moreover, to identify potential software reliability flaws and to triggermalware, we develop a transparent instrumentation system for automating user interactions with an Android application that does not require source code. Additionally, for run-time behavior analysis of an application, we monitor the I/O system calls generated the by application under monitoring to the underlying Linux kernel. As a case study, we present two Android malware samples found in the wild to experimentally evaluate the applicability of our proposed system for uncovering potential malicious activities.","PeriodicalId":150535,"journal":{"name":"2013 IEEE Seventh International Conference on Software Security and Reliability Companion","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"40","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE Seventh International Conference on Software Security and Reliability Companion","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE-C.2013.35","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 40

Abstract

Google's Android operating system has become one the most popular operating system for hand-held devices. Dueto its ubiquitous use, open source nature and wide-spread popularity, it has become the target of recent mobile malware. In this paper, we present our efforts on effective security inspection mechanisms for identification of malicious applications for Android mobile applications. To achieve that, we developed a comprehensive software inspection framework. Moreover, to identify potential software reliability flaws and to triggermalware, we develop a transparent instrumentation system for automating user interactions with an Android application that does not require source code. Additionally, for run-time behavior analysis of an application, we monitor the I/O system calls generated the by application under monitoring to the underlying Linux kernel. As a case study, we present two Android malware samples found in the wild to experimentally evaluate the applicability of our proposed system for uncovering potential malicious activities.

查看原文本刊更多论文

使用自动化仪器的Android应用程序行为分析

谷歌的安卓操作系统已经成为手持设备上最受欢迎的操作系统之一。由于其无处不在的使用，开源的性质和广泛的普及，它已成为最近移动恶意软件的目标。在本文中，我们介绍了我们在识别Android移动应用程序恶意应用程序的有效安全检查机制方面所做的努力。为了实现这一点，我们开发了一个全面的软件检查框架。此外，为了识别潜在的软件可靠性缺陷并触发恶意软件，我们开发了一个透明的仪器系统，用于自动化用户与不需要源代码的Android应用程序的交互。此外，对于应用程序的运行时行为分析，我们监视被监视的应用程序对底层Linux内核生成的I/O系统调用。作为案例研究，我们展示了两个在野外发现的Android恶意软件样本，以实验评估我们提出的系统在发现潜在恶意活动方面的适用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 IEEE Seventh International Conference on Software Security and Reliability Companion

自引率

0.00%

发文量