Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Filters
























9 Hits in 4.2 sec

Understanding Android App Piggybacking: A Systematic Study of Malicious Code Grafting

Li Li, Daoyuan Li, Tegawende F. Bissyande, Jacques Klein, Yves Le Traon, David Lo, Lorenzo Cavallaro
2017 IEEE Transactions on Information Forensics and Security  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.0 MB)
https://web.archive.org/web/20200310171944/https://kclpure.kcl.ac.uk/ws/files/112356762/Understanding_Android_App_Piggybacking_LI_2017_GREEN_AAM.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

We fill this gap by 1) systematically building a large set of piggybacked and benign apps pairs, which we release to the community, 2) empirically studying the characteristics of malicious piggybacked  ...  The Android packaging model offers ample opportunities for malware writers to piggyback malicious code in popular apps, which can then be easily spread to a large user base.  ...  CONCLUSION We have investigated Android piggybacked apps to provide the research community with a comprehensive characterisation of piggybacking.  ... 
doi:10.1109/tifs.2017.2656460 fatcat:wvz6dssszbgf3hvzao6xc6at7a
Citation

Li Li, Daoyuan Li, Tegawende F. Bissyande, Jacques Klein, Yves Le Traon, David Lo, Lorenzo Cavallaro. "Understanding Android App Piggybacking: A Systematic Study of Malicious Code Grafting." IEEE Transactions on Information Forensics and Security 12.6 (2017) 1269-1284

Automatically Locating Malicious Packages in Piggybacked Android Apps

Li Li, Daoyuan Li, Tegawende F. Bissyande, Jacques Klein, Haipeng Cai, David Lo, Yves Le Traon
2017 2017 IEEE/ACM 4th International Conference on Mobile Software Engineering and Systems (MOBILESoft)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (220.8 kB)
https://web.archive.org/web/20171019042115/http://ink.library.smu.edu.sg:80/cgi/viewcontent.cgi?article=4699&context=sis_research

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

With experiments on a ground truth set of piggybacked apps, we are able to automatically locate the malicious packages from piggybacked Android apps with an accuracy of 83.6% in verifying the top five  ...  There is thus a need to provide a framework for dissecting malware and locating malicious program fragments within app code in order to build a comprehensive dataset of malicious samples.  ...  The challenges in Android malware detection are mainly due to the lack of accurate understanding of what constitutes a malicious code.  ... 
doi:10.1109/mobilesoft.2017.6 dblp:conf/icse/LiLBKCLT17 fatcat:7h3lip7fczfyfawwetz6tzf6g4
Citation

Li Li, Daoyuan Li, Tegawende F. Bissyande, Jacques Klein, Haipeng Cai, David Lo, Yves Le Traon. "Automatically Locating Malicious Packages in Piggybacked Android Apps." 2017 IEEE/ACM 4th International Conference on Mobile Software Engineering and Systems (MOBILESoft) (2017) 170-174

On Locating Malicious Code in Piggybacked Android Apps

Li Li, Daoyuan Li, Tegawendé F. Bissyandé, Jacques Klein, Haipeng Cai, David Lo, Yves Le Traon
2017 Journal of Computer Science and Technology  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (652.6 kB)
https://web.archive.org/web/20190429011904/http://orbilu.uni.lu/bitstream/10993/33426/2/li2017locating.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL. The file type is application/pdf.

With experiments on a ground truth of piggybacked apps, we are able to automatically locate the malicious packages from piggybacked Android apps with an accuracy@5 of 83.6% for such packages that are triggered  ...  There is thus a need to provide a framework for dissecting malware and locating malicious program fragments within app code in order to build a comprehensive dataset of malicious samples.  ...  The challenges in Android malware detection are mainly due to a lack of accurate understanding of what constitutes a malicious code.  ... 
doi:10.1007/s11390-017-1786-z fatcat:3q5qom3zgnfdbkmdydzljy3ayi
Citation

Li Li, Daoyuan Li, Tegawendé F. Bissyandé, Jacques Klein, Haipeng Cai, David Lo, Yves Le Traon. "On Locating Malicious Code in Piggybacked Android Apps." Journal of Computer Science and Technology 32.6 (2017) 1108-1124

Mining AndroZoo: A Retrospect

Li Li
2017 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (184.1 kB)
https://web.archive.org/web/20180720134407/http://orbilu.uni.lu/bitstream/10993/31868/1/MiningAndroZoo-3.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL. The file type is application/pdf.

This paper presents a retrospect of an Android app collection named AndroZoo and some research works conducted on top of the collection.  ...  AndroZoo is a growing collection of Android apps from various markets including the official Google Play. At the moment, over five million Android apps have been collected.  ...  the benign carrier code via a single method call, making it possible to automatically locate grafted malicious payloads from piggybacked malicious apps. 13) Piggybacking hooks are generally placed within  ... 
doi:10.1109/icsme.2017.49 dblp:conf/icsm/Li17 fatcat:nsi57zsvivcgndoatsnqxlh5fm
Citation

Li Li. "Mining AndroZoo: A Retrospect." 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME) (2017) 675-680

AndroZoo++: Collecting Millions of Android Apps and Their Metadata for the Research Community [article]

Li Li, Jun Gao, Médéric Hurier, Pingfan Kong, Tegawendé F. Bissyandé, Alexandre Bartel, Jacques Klein, Yves Le Traon
2017 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (388.9 kB)
https://web.archive.org/web/20200825134600/https://arxiv.org/pdf/1709.05281v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

We present a growing collection of Android apps collected from several sources, including the official Google Play app market and a growing collection of various metadata of those collected apps aiming  ...  Our objective of collecting this dataset is to contribute to ongoing research efforts, as well as to enable new potential research topics on Android Apps.  ...  Conclusion We have presented the AndroZoo dataset of millions of Android apps collected from various data sources and their metadata collected via various means.  ... 
arXiv:1709.05281v1 fatcat:fizz6iwbuvbehgckc5iexj3x2a
Citation

Li Li, Jun Gao, Médéric Hurier, Pingfan Kong, Tegawendé F. Bissyandé, Alexandre Bartel, Jacques Klein, Yves Le Traon. "AndroZoo++: Collecting Millions of Android Apps and Their Metadata for the Research Community." arXiv (2017)

SimiDroid: Identifying and Explaining Similarities in Android Apps

Li Li, Tegawende F. Bissyande, Jacques Klein
2017 2017 IEEE Trustcom/BigDataSE/ICESS  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (336.1 kB)
https://web.archive.org/web/20190217214639/http://orbilu.uni.lu/bitstream/10993/31644/1/li2017simidroid.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL. The file type is application/pdf.

This paper describes the design of SimiDroid, a framework for multi-level comparison of Android apps.  ...  In particular, we demonstrate the need and usefulness of such a framework based on different case studies implementing different analyzing scenarios for revealing various insights on how repackaged apps  ...  counterpart piggybacked malware (i.e., a malware built by grafting a malicious payload to the original benign app).  ... 
doi:10.1109/trustcom/bigdatase/icess.2017.230 dblp:conf/trustcom/0029BK17 fatcat:e4i6qnst6na7hjd3lv4noz3d2a
Citation

Li Li, Tegawende F. Bissyande, Jacques Klein. "SimiDroid: Identifying and Explaining Similarities in Android Apps." 2017 IEEE Trustcom/BigDataSE/ICESS (2017) 136-143

Mining sandboxes: Are we there yet?

Lingfeng Bao, Tien-Duy B. Le, David Lo
2018 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (321.0 kB)
https://web.archive.org/web/20200318114528/https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=5113&context=sis_research

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

To investigate effectiveness of mining sandboxes in detecting malicious behaviors, we make use of pairs of malware and benign app it infects.  ...  We build a sandbox based on sensitive APIs called by the benign app and check if it can identify malicious behaviors in the corresponding malware.  ...  The malicious apps used in our study are piggybacked apps, which are built by unpacking benign apps and grafting some malicious code to them.  ... 
doi:10.1109/saner.2018.8330231 dblp:conf/wcre/BaoLL18 fatcat:4hlopqdnnresjjdyjl3qqug3ou
Citation

Lingfeng Bao, Tien-Duy B. Le, David Lo. "Mining sandboxes: Are we there yet?." 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER) (2018) 445-455

The Dangers of Rooting: Data Leakage Detection in Android Applications

Luca Casati, Andrea Visconti
2018 Mobile Information Systems  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (266.3 kB)
https://web.archive.org/web/20180724044903/https://air.unimi.it/retrieve/handle/2434/549415/959566/19_Journal_Mobile.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL. The file type is application/pdf.

Notice that such a token, and a number of other sensitive information, can be stolen by malicious users through a man-in-the-middle (MITM) attack.  ...  , showing that 51.6% of the tested applications suffer at least of an issue and (ii) show how an attacker might retrieve a user access token stored inside the device thus exposing users to a possible identity  ...  .: Understanding 294 android app piggybacking: A systematic study of malicious code grafting. IEEE Transactions 295 on Information Forensics and Security 12(6), 1269-1284 (2017) 296 26.  ... 
doi:10.1155/2018/6020461 fatcat:dj24i2noxbb3rhpdwf62lnsgwu
DOAJ
Citation

Luca Casati, Andrea Visconti. "The Dangers of Rooting: Data Leakage Detection in Android Applications." Mobile Information Systems (2018) 1-9

Maat: Automatically Analyzing VirusTotal for Accurate Labeling and Effective Malware Detection [article]

Aleieldin Salem, Sebastian Banescu, Alexander Pretschner
2020 arXiv   pre-print

Preserved Fulltext

Web Archive Capture PDF (1.3 MB)
https://web.archive.org/web/20200713192441/https://arxiv.org/pdf/2007.00510v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

more scanners deem an app malicious, it is considered malicious).  ...  The malware analysis and detection research community relies on the online platform VirusTotal to label Android apps based on the scan results of around 60 antiviral scanners.  ...  So, the reference app initially labeled and released as part of the Piggybacking dataset as a benign app is, in fact, another version of a malicious app of the type Adware.  ... 
arXiv:2007.00510v1 fatcat:c2hbb4az5jai7gzqcdfaddkofq
Open Access
Citation

Aleieldin Salem, Sebastian Banescu, Alexander Pretschner. "Maat: Automatically Analyzing VirusTotal for Accurate Labeling and Effective Malware Detection." arXiv (2020)