Detection Of Malware Collusion With Static Dependence Analysis On Inter-App Communication
Technical Report,01 Mar 2015,01 Sep 2016
Virginia Polytechnic Institute and State University Blacksburg United States
Pagination or Media Count:
Inter-Component Communication ICC enables useful interactions between mobile apps. It has been long believed that inter-app ICCs can be abused by malware writers to launch collusion attacks. In this project, we designed and developed two techniques for analyzing the security threats associated with inter-app ICC communications and conducted two large-scale experiments MapReduce one with 11,996 apps and MySQL database one with over 110K apps. Our contributions are two-fold, methodology development and empirical analysis. We invented two complementary methods for efficiently screening Android app pairs against data leak and privilege escalation threats that are due to intentional collusions or vulnerable apps being exploited.
- Computer Systems Management and Standards
- Computer Programming and Software