How Discover a Malware using Model Checking

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security Pub Date : 2017-04-02 DOI:10.1145/3052973.3055157

F. Martinelli, F. Mercaldo, Vittoria Nardone, A. Santone

引用次数: 4

Abstract

Android operating system is constantly overwhelmed by new sophisticated threats and new zero-day attacks. While aggressive malware, for instance malicious behaviors able to cipher data files or lock the GUI, are not worried to circumvention users by infection (that can try to disinfect the device), there exist malware with the aim to perform malicious actions stealthy, i.e., trying to not manifest their presence to the users. This kind of malware is less recognizable, because users are not aware of their presence. In this paper we propose FormalDroid, a tool able to detect silent malicious beaviours and to localize the malicious payload in Android application. Evaluating real-world malware samples we obtain an accuracy equal to 0.94.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

如何使用模型检查发现恶意软件

Android操作系统不断被新的复杂威胁和新的零日攻击所淹没。虽然攻击性恶意软件，例如能够加密数据文件或锁定GUI的恶意行为，并不担心通过感染绕过用户(可以尝试消毒设备)，但存在恶意软件，其目的是执行恶意操作隐身，即试图不向用户显示它们的存在。这种恶意软件不太容易识别，因为用户不会意识到它们的存在。在本文中，我们提出了FormalDroid，一个能够检测静默恶意行为并在Android应用程序中定位恶意负载的工具。评估真实世界的恶意软件样本，我们得到的准确率等于0.94。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

自引率

0.00%

发文量

期刊最新文献

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security How Discover a Malware using Model Checking Localization of Spoofing Devices using a Large-scale Air Traffic Surveillance System CoverUp: Privacy Through "Forced" Participation in Anonymous Communication Networks Session details: Password & Auth 1