Corpus ID: 2504550

Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets

@inproceedings{Zhou2012HeyYG,
  title={Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets},
  author={Yajin Zhou and Zhi Wang and Wu Zhou and Xuxian Jiang},
  booktitle={NDSS},
  year={2012}
}
In this paper, we present a systematic study for the detection of malicious applications (or apps) on popular Android Markets. [...] Key Method Then we apply a heuristics-based filtering scheme to identify certain inherent behaviors of unknown malicious families. We implemented both schemes in a system called DroidRanger. The experiments with 204, 040 apps collected from five different Android Markets in May-June 2011 reveal 211 malicious ones: 32 from the official Android Market (0.02% infection rate) and 179…Expand
Detecting money-stealing apps in alternative Android markets
TLDR
This work proposes "Money-Guard", a systematic approach to detect stealthy moneystealing applications in popular Android markets that relies on detecting two key behavioral heuristics that seem to be common across many money-stealing Android malware: hardcoded exfiltration and notification suppression. Expand
MalPat: Mining Patterns of Malicious and Benign Android Apps via Permission-Related APIs
TLDR
An automated malware detection system, MalPat, is implemented to fight against malware and assist Android app marketplaces to address unknown malicious apps. Expand
RiskRanker: scalable and accurate zero-day android malware detection
TLDR
An automated system called RiskRanker is developed to scalably analyze whether a particular app exhibits dangerous behavior and is used to produce a prioritized list of reduced apps that merit further investigation, demonstrating the efficacy and scalability of riskRanker to police Android markets of all stripes. Expand
Understanding the Market-Level and Network-Level Behaviors of the Android Malware Ecosystem
TLDR
An empirical study on analyzing the market-level and network-level behaviors of the Android malware ecosystem, focusing on whether there are interesting characteristics of those market accounts that distribute malware and specific networks that are mainly utilized by Android malware authors. Expand
Real-Time Detection of Malicious Behavior in Android Apps
TLDR
This work proposes a dynamic behavior inspection and analysis framework for malicious behavior detection in Android apps, and shows that the app behavior classification can reach an accuracy of 99.0%, identifying 71.8% instances of malware samples by running each app for only 18 minutes. Expand
Profiling user-trigger dependence for Android malware detection
TLDR
The thesis in this mobile app classification work is to advocate the approach of benign property enforcement, i.e., extracting unique behavioral properties from benign programs and designing corresponding classification policies. Expand
Dynamic Analysis of Android Malware
TLDR
The TraceDroid Analysis Platform is presented, a scalable, automated framework for dynamic analysis of Android applications to detect suspicious, possibly malicious apps using a comprehensive method tracing scheme dubbed traceDroid that is almost 50% faster than Android's original profiler implementation while revealing much more detail about the app’s execution. Expand
Reviving Android Malware with DroidRide: And How Not To
  • Min Huang, Kai Bu, Hanlin Wang, Kaiwen Zhu
  • Computer Science
  • 2016 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC)
  • 2016
TLDR
DroidRide, a framework toward making Android malware less catchable to detectors and more active on phones, and feasible design enhancements of malware detectors and Android OS are suggested. Expand
Monet: A User-Oriented Behavior-Based Malware Variants Detection System for Android
TLDR
This paper shows that runtime behaviors of malware’s core functionalities are in fact similar within a malware family, and proposes a framework to combine “runtime behavior” with “static structures” to detect malware variants. Expand
Evaluating Malware Mitigation by Android Market Operators
TLDR
It is found that Google Play seems to be the only market that effectively removes malware, though it contains a cluster of apps flagged as adware and malware over long time periods, which points to different incentives for app markets, anti-virus vendors and users. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 47 REFERENCES
Behavioral detection of malware on mobile handsets
TLDR
A novel behavioral detection framework is proposed to detect mobile worms, viruses and Trojans, instead of the signature-based solutions currently available for use in mobile devices and indicates that behavioral detection can identify current mobile viruses and worms with more than 96% accuracy. Expand
Crowdroid: behavior-based malware detection system for Android
TLDR
The method is shown to be an effective means of isolating the malware and alerting the users of a downloaded malware, showing the potential for avoiding the spreading of a detected malware to a larger community. Expand
A Study of Android Application Security
TLDR
A horizontal study of popular free Android applications uncovered pervasive use/misuse of personal/ phone identifiers, and deep penetration of advertising and analytics networks, but did not find evidence of malware or exploitable vulnerabilities in the studied applications. Expand
Detecting repackaged smartphone applications in third-party android marketplaces
TLDR
An app similarity measurement system called DroidMOSS is implemented that applies a fuzzy hashing technique to effectively localize and detect the changes from app-repackaging behavior, which shows a worrisome fact that 5% to 13% of apps hosted on six popular Android-based third-party marketplaces are repackaged. Expand
A survey of mobile malware in the wild
TLDR
The incentives behind 46 pieces of iOS, Android, and Symbian malware that spread in the wild from 2009 to 2011 are analyzed and the effectiveness of techniques for preventing and identifying mobile malware is evaluated. Expand
Analyzing inter-application communication in Android
TLDR
This work examines Android application interaction and identifies security risks in application components and provides a tool, ComDroid, that detects application communication vulnerabilities and found 34 exploitable vulnerabilities. Expand
These aren't the droids you're looking for: retrofitting android to protect data from imperious applications
TLDR
Two privacy controls for Android smartphones that empower users to run permission-hungry applications while protecting private data from being exfiltrated are examined, finding that they can successfully reduce the effective permissions of the application without causing side effects for 66% of the tested applications. Expand
PiOS: Detecting Privacy Leaks in iOS Applications
TLDR
To protect its users from malicious applications, Apple has introduced a vetting process, which should ensure that all applications conform to Apple’s (privacy) rules before they can be offered via the App Store, but this vetting process is not welldocumented. Expand
Android permissions demystified
TLDR
Stowaway, a tool that detects overprivilege in compiled Android applications, is built and finds that about one-third of applications are overprivileged. Expand
Taming Information-Stealing Smartphone Applications (on Android)
TLDR
A system called TISSA is developed that implements a new privacy mode in smartphones that can empower users to flexibly control in a fine-grained manner what kinds of personal information will be accessible to an application. Expand
...
1
2
3
4
5
...