Comprehension-Driven Program Analysis (CPA) for Malware Detection in Android Phones

Kothari, Suraj

Comprehension-Driven Program Analysis (CPA) for Malware Detection in Android Phones

Active / Technical Report | Accession Number: ADA621995 |

Open PDF

Abstract:

The DARPA APAC program gave us an opportunity to make three important technological advances a A graph database program analysis platform and a graph schema for representing program semantics that together facilitate both automation and human comprehension. b Malware analysis techniques and its incorporation in a security toolbox to provide a man-machine analysis system to detect novel, sophisticated Android malware. c An innovative library summarization technique and its incorporation in the FlowMiner tool that mines expressive, compact information flow summaries from a library for accurate and scalable partial program analysis. The challenge apps were very useful in evolving our technologies and understanding its limitations. Details of technological advances, our experiences and observations are outline in this report.

Author(s):

Kothari, Suraj

Author Organization(s):

IOWA STATE UNIV AMES

Descriptive Note:

Final rept. Feb 2012-Jun 2015

Pagination:

0033

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

AFRL-RI-RS-TR-2015-186

Contract/Grant Number(s):

FA8750-12-2-0126

Task Number(s):

97

Project Number(s):

APAC

Monitor Series:

TR-2015-186, AFRL-RI-RS

Subject Terms

Joint Capability Areas:

JCA_5_Command and Control; JCA_5.3_Planning; JCA_5.2_Understand; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_1.2.3_Educating; JCA_4.6_Engineering; JCA_1.2.5_Lessons Learned; JCA_1.2.7_Experimentation; JCA_4.3_Maintain; JCA_5.2.2_Develop Knowledge and Situational Awareness; JCA_5.5.2_Task; JCA_5.5_Direct

Communities of Interest:

Engineered Resilient Systems

Descriptor(s):

*COMPUTER NETWORK SECURITY, *COMPUTER VIRUSES, *DATA MINING, *MOBILE COMPUTING, AUTOMATION, COMPUTER PROGRAMS, INFORMATION EXCHANGE, MAN MACHINE SYSTEMS, NETWORK FLOWS, OPERATING SYSTEMS(COMPUTERS), PARALLEL PROCESSING, PATTERN RECOGNITION, REASONING, RELATIONAL DATA BASES, SCALING FACTOR, SEMANTICS, SYSTEMS ANALYSIS, TARGET CLASSIFICATION, TARGET DETECTION

Field(s)/Group(s):

Computer Programming and Software, Computer Systems Management and Standards, Human Factors Engineering and Man Machine Systems

Keyword(s):

ANDROID OPERATING SYSTEMS, ANDROID MALWARE, GRAPH PARADIGM FOR SOFTWARE ANALYSIS, MAN MACHINE SYSTEMS TO REASON ABOUT LARGE SOFTWARE, AUTOMATED SUMMARIZATION OF SOFTWARE LIBRARIES, PE61101E, WUAFRLAPAC9776

Report Date:

2015 Jul 01

Creation Date:

2015 Oct 21