嘿，恶意软件，我可以找到你!

2016 IEEE 25th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE) Pub Date : 2016-06-01 DOI:10.1109/WETICE.2016.67

F. Mercaldo, Vittoria Nardone, A. Santone, C. A. Visaggio

{"title":"嘿，恶意软件，我可以找到你!","authors":"F. Mercaldo, Vittoria Nardone, A. Santone, C. A. Visaggio","doi":"10.1109/WETICE.2016.67","DOIUrl":null,"url":null,"abstract":"Android smartphones are the most widespread in the world. This is the reason why attackers write code more and more aggressive in order to steal data and other important information stored in the phone. One of the most representative malware that implements the typical trojan behaviour in Android environment is the so-called Fake Installer. In this paper we use formal methods, in particular model checking, in order to identify Fake Installer malware. We specify a set of formulae and then we check these on a designed application model, built in CCS, to recognize whether an application is a malware belonging to Fake Installer family or a legitimate sample. We experiment our methodology on 1125 real world samples obtaining very promising results.","PeriodicalId":319817,"journal":{"name":"2016 IEEE 25th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"36","resultStr":"{\"title\":\"Hey Malware, I Can Find You!\",\"authors\":\"F. Mercaldo, Vittoria Nardone, A. Santone, C. A. Visaggio\",\"doi\":\"10.1109/WETICE.2016.67\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Android smartphones are the most widespread in the world. This is the reason why attackers write code more and more aggressive in order to steal data and other important information stored in the phone. One of the most representative malware that implements the typical trojan behaviour in Android environment is the so-called Fake Installer. In this paper we use formal methods, in particular model checking, in order to identify Fake Installer malware. We specify a set of formulae and then we check these on a designed application model, built in CCS, to recognize whether an application is a malware belonging to Fake Installer family or a legitimate sample. We experiment our methodology on 1125 real world samples obtaining very promising results.\",\"PeriodicalId\":319817,\"journal\":{\"name\":\"2016 IEEE 25th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"36\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE 25th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WETICE.2016.67\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 25th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WETICE.2016.67","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 36

摘要

安卓智能手机是世界上使用最广泛的。这就是为什么攻击者为了窃取存储在手机中的数据和其他重要信息而编写越来越有攻击性的代码的原因。在Android环境中实现典型特洛伊木马行为的最具代表性的恶意软件之一是所谓的假安装程序。在本文中，我们使用形式化的方法，特别是模型检查，以识别假冒安装程序恶意软件。我们指定一组公式，然后在CCS中内置的设计应用程序模型上检查这些公式，以识别应用程序是属于Fake Installer家族的恶意软件还是合法样本。我们在1125个真实世界的样本上实验了我们的方法，获得了非常有希望的结果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Hey Malware, I Can Find You!

Android smartphones are the most widespread in the world. This is the reason why attackers write code more and more aggressive in order to steal data and other important information stored in the phone. One of the most representative malware that implements the typical trojan behaviour in Android environment is the so-called Fake Installer. In this paper we use formal methods, in particular model checking, in order to identify Fake Installer malware. We specify a set of formulae and then we check these on a designed application model, built in CCS, to recognize whether an application is a malware belonging to Fake Installer family or a legitimate sample. We experiment our methodology on 1125 real world samples obtaining very promising results.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 IEEE 25th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)

自引率

0.00%

发文量