Publication Type
Conference Proceeding Article
Version
publishedVersion
Publication Date
7-2017
Abstract
To devise efficient approaches and tools for detecting malicious packages in the Android ecosystem, researchers are increasingly required to have a deep understanding of malware. There is thus a need to provide a framework for dissecting malware and locating malicious program fragments within app code in order to build a comprehensive dataset of malicious samples. Towards addressing this need, we propose in this work a tool-based approach called HookRanker, which provides ranked lists of potentially malicious packages based on the way malware behaviour code is triggered. With experiments on a ground truth set of piggybacked apps, we are able to automatically locate the malicious packages from piggybacked Android apps with an accuracy of 83.6% in verifying the top five reported items.
Discipline
Information Security | Software Engineering
Research Areas
Cybersecurity
Publication
Proceedings - 2017 IEEE/ACM: 4th IEEE/ACM International Conference on Mobile Software Engineering and Systems, Buenos Aires, Argentina, 2017 May 22-23
Identifier
10.1109/MOBILESoft.2017.6
Publisher
ACM
City or Country
Buenos Aires, Argentina;
Citation
LI, Li; LI, Daoyuan; BISSYANDE, Tegawende; KLEIN, Jacques; CAI, Haipeng; LO, David; and LE TRAON, Yves.
Automatically locating malicious packages in piggybacked Android apps. (2017). Proceedings - 2017 IEEE/ACM: 4th IEEE/ACM International Conference on Mobile Software Engineering and Systems, Buenos Aires, Argentina, 2017 May 22-23.
Available at: https://ink.library.smu.edu.sg/sis_research/3697
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
http://doi.org./10.1109/MOBILESoft.2017.6