Android应用程序中潜在的组件泄漏:对恶意软件检测新功能集的调查

2015 IEEE International Conference on Software Quality, Reliability and Security Pub Date : 2015-08-03 DOI:10.1109/QRS.2015.36

Li Li, Kevin Allix, Daoyuan Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein

{"title":"Android应用程序中潜在的组件泄漏:对恶意软件检测新功能集的调查","authors":"Li Li, Kevin Allix, Daoyuan Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein","doi":"10.1109/QRS.2015.36","DOIUrl":null,"url":null,"abstract":"We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.","PeriodicalId":361839,"journal":{"name":"2015 IEEE International Conference on Software Quality, Reliability and Security","volume":"93 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"29","resultStr":"{\"title\":\"Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection\",\"authors\":\"Li Li, Kevin Allix, Daoyuan Li, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein\",\"doi\":\"10.1109/QRS.2015.36\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.\",\"PeriodicalId\":361839,\"journal\":{\"name\":\"2015 IEEE International Conference on Software Quality, Reliability and Security\",\"volume\":\"93 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"29\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE International Conference on Software Quality, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/QRS.2015.36\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE International Conference on Software Quality, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS.2015.36","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 29

摘要

我们讨论了基于潜在组件泄漏(pcl)的恶意软件检测的新功能集的功能。pcl被定义为涉及Android组件间通信的敏感数据流。我们表明，pcl在Android应用程序中很常见，恶意应用程序确实比良性应用程序操纵更多的pcl。然后，我们评估了一种基于pcl的机器学习方法。实验验证显示了识别恶意软件的高性能，表明pcl可以用于区分恶意应用程序和良性应用程序。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Potential Component Leaks in Android Apps: An Investigation into a New Feature Set for Malware Detection

We discuss the capability of a new feature set for malware detection based on potential component leaks (PCLs). PCLs are defined as sensitive data-flows that involve Android inter-component communications. We show that PCLs are common in Android apps and that malicious applications indeed manipulate significantly more PCLs than benign apps. Then, we evaluate a machine learning-based approach relying on PCLs. Experimental validations show high performance for identifying malware, demonstrating that PCLs can be used for discriminating malicious apps from benign apps.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 IEEE International Conference on Software Quality, Reliability and Security

自引率

0.00%

发文量