Specialized Binary Analysis for Vetting Android APPS Using GUI Logic

reportActive / Technical Report | Accession Number: AD1008347 | Open PDF

Abstract:

This project develops a suite of specialized analysis techniques for vetting Android applications to confirm the presence or rule out the absence of malice. The definition of malice of interest is an inconsistency between the action taken by the app and the user expectation of what the app is doing. These techniques enable security analysts to quickly vet any given Android app even if the source code is unavailable. These techniques make it possible to vet a large number of Android apps in a timely and cost-effective manner.

Author(s):
Memon, Atif
Author Organization(s):
University of Maryland College Park United States
Descriptive Note:
Technical Report,01 Nov 2013,31 Dec 2015
Pagination:
0043

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:
Approved For Public Release
Distribution Statement:
Approved For Public Release;

RECORD

Collection: TR
Identifying Numbers
Report Number(s):
AFRL-RI-RS-TR-2016-111
Contract/Grant Number(s):
FA8750-14-2-0039
Task Number(s):
MA
Project Number(s):
APAC
Monitor Series:
AFRL-RI-RS-TR-2016-111
 Subject Terms
Joint Capability Areas:
JCA_5_Command and Control; JCA_5.2_Understand; JCA_5.3_Planning; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_1.2.5_Lessons Learned; JCA_5.5.2_Task; JCA_5.5_Direct; JCA_1.2.3_Educating; JCA_5.2.2_Develop Knowledge and Situational Awareness; JCA_1.2.1_Training; JCA_1.3.1_Personnel and Family Support
Modernization Areas:
Cyber
Communities of Interest:
Engineered Resilient Systems
Descriptor(s):
computer programs, operating systems, computer security, detection, Graphical user interface, mobile application software, computer program documentation, malware, application software
Keyword(s):
Malware Detection for Android applications, Binary Analysis, gui (Graphical user interface), gui logic, Descriptor Based Analysis, App Artifact Synthesis, Static Analysis, Levels of Inconsistency
Report Date:
2016 Apr 01
Creation Date:
2017 Jan 27