首页> 外文会议>Algorithms and architectures for parallel processing >Characterization of Android Applications with Root Exploit by Using Static Feature Analysis
【24h】

Characterization of Android Applications with Root Exploit by Using Static Feature Analysis

机译:通过使用静态特征分析对具有根漏洞的Android应用程序进行表征

获取原文
获取原文并翻译 | 示例

摘要

Recently, more and more rootkit tools are provided by some well-known vendors in the mainstream Android markets. Many people are willing to root their phones to uninstall pre-installed applications, flash third-party ROMs and so on. As it is reported, a significant proportion of Android phones are rooted at least one time. However, applications with root exploit bring critical security threat to users. When the phone is rooted, the permission system, which enforces access control to those privacy-related resources in Android phones, could be bypassed. Thus, the phone will be an easy point for malware to launch attacks. What's more, even the phone is unrooted, permission escalation attacks also can be carried out. Remarkably, an amount of sophisticated Android malware embeds root exploit payloads. Hence, root exploit always suggests high security risk. It is a pressing concern for researchers to characterize and detect applications with root exploit. In this paper, a novel method to extract key features of apps with root exploit is proposed. Contrary to existing works, contrasting the static features between applications with and without root exploit comprehensively are considered at the first time. We complete and evaluate the methodology on two clean apps and two malware dataset, comprising 52, 1859, 463 and 797 applications respectively. Our empirical results suggest the peculiar features can be obtained, which can capture the key differences between applications with and without root exploit to characterize Android root exploit applications.
机译:最近,主流Android市场中的一些知名供应商提供了越来越多的rootkit工具。许多人愿意植根他们的手机来卸载预装的应用程序,闪存第三方ROM等。据报道,很大比例的Android手机至少植根一次。但是,具有root漏洞利用的应用程序给用户带来了严重的安全威胁。当手机扎根时,可以绕过对Android手机中与隐私相关的资源实施访问控制的权限系统。因此,电话将很容易受到恶意软件的攻击。而且,即使手机是无根的,也可以进行权限提升攻击。值得注意的是,大量复杂的Android恶意软件嵌入了根漏洞有效负载。因此,根漏洞利用始终表明存在很高的安全风险。对于研究人员而言,利用根漏洞利用程序来表征和检测应用程序已成为迫切关注的问题。本文提出了一种利用根漏洞提取应用程序关键特征的新方法。与现有工作相反,第一次考虑全面比较具有和不具有root漏洞利用的应用程序之间的静态功能。我们在两个干净的应用程序和两个恶意软件数据集(分别包含52个,1859年,463个和797个应用程序)上完成并评估了该方法。我们的经验结果表明,可以获得独特的功能,这些功能可以捕获具有和不具有根漏洞的应用程序之间的关键区别,以表征Android根漏洞应用程序。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号