Accession Number:

AD1022648

Title:

Detection Of Malware Collusion With Static Dependence Analysis On Inter-App Communication

Descriptive Note:

Technical Report,01 Mar 2015,01 Sep 2016

Corporate Author:

Virginia Polytechnic Institute and State University Blacksburg United States

Personal Author(s):

Report Date:

2016-12-08

Pagination or Media Count:

51.0

Abstract:

Inter-Component Communication ICC enables useful interactions between mobile apps. It has been long believed that inter-app ICCs can be abused by malware writers to launch collusion attacks. In this project, we designed and developed two techniques for analyzing the security threats associated with inter-app ICC communications and conducted two large-scale experiments MapReduce one with 11,996 apps and MySQL database one with over 110K apps. Our contributions are two-fold, methodology development and empirical analysis. We invented two complementary methods for efficiently screening Android app pairs against data leak and privilege escalation threats that are due to intentional collusions or vulnerable apps being exploited.

Subject Categories:

  • Computer Systems Management and Standards
  • Computer Programming and Software

Distribution Statement:

APPROVED FOR PUBLIC RELEASE