WebVbasedhSecurityhAnalysishToolhforhAndroidhApplicationsComputerhSciencehDepartmentPhMetropolitanhCollege

NebiyuhFelekePhTandhyhSimanjuntakPhWenjiehShiPhYutinghZhangPhLouhChitkushevhhnaberraPhtandhyPhwjshiPhdanazhPhltc@bu.edu

OnNgoingIWork

Architecture

OurITool

OtherIWebNbasedIAnalysisITools

Motivation

www.idc.com

www.kaspersky.com

EveryhfifthhAndroidVbasedhdevicehwithhKasperskyhsolutionshwashattackedhbyhmalwarehduringhreportedhperiod

www.kaspersky.com

Anubis

AIwebIportalIofIandroidIapplicationsIsecurity

ApplicationISecurityIAnalysisIbasedIonICategory

ProposedIWork

ImplicitIOpenIomponentsIinIFinanceIandIMedicalIApplications

AIframeworkItoIanalyzeItheIsecurityIofIandroidIapplicationsIthroughIstaticIanalysis

ProposeIandIimplementIaInumberIofImetricsIcomplementaryItoIthoseIinImanyIexistingIwebNbasedIanalysisItools:

IdentifyIRootIExploitIandIMaliciousIDomain

IdentifyIHiddenIFileIandICodeILoading

IdentifyIOpenIComponents

IdentifyIDangerousIPermissionsICombinationI

IdentifyIReNDelegation

IdentifyIOverIPrivilege

AnalysishToolhPage

SearchhToolhPage

ApplicationISecurityIEvolutionIAnalysis

IdentifyIandIclassifyIapplicationsIwithIsimilarfunctionalityIbasedIonIapplicationsEIdescriptionsIusingIkeywordIanalysis

InvestigateItheIassociationIbetweenIkeywordsIandotherIsecurityImetricsIsuchIasIpermissions

PerformIbothIindividualIandIcollectiveIanalysis

ReNdelegationOpenIComponentsOverNprivilegeDangerousIPermissionsICombinationHiddenIFilesMaliciousIDomainsRootIExploitCodeILoading

TypesIofIMetricsIChangedI

ProposedIWorkIdentifyImoreIsecurityImetricsIthatIcanIbeusedIforIevolutionIanalysis,IincludingIthoseusedIinIotherIexistingItools

InvestigateItheIpossibleIsecurityIevolutionpatternsIofIapplications

DistributionhofhAddedhVulnerabilities DistributionhofhDeletedhVulnerabilities

InvestigateItheIpossibleIsecurityIpatternsIofIapplicationsIwithIsimilarIfunctionality

NumberIofITypesIofIMetricsIChangedI

Per

cen

tage

IofI

Dat

aset

I

MetricsIinclude:

DetailsIofIThreeIMetricsI

TypeIofIMetricsI

Per

cen

tage

IofI

Dat

aset

I

NumberIofIAddedIVulnerabilitiesI

Per

cen

tage

IofI

Ap

plic

able

IDat

aset

I

Per

cen

tage

IofI

Ap

plic

able

IDat

aset

I

NumberIofIDeletedIVulnerabilitiesI

TotalIDownloadedIApplicationsIbasedIonICategory

IPercentageIofIRootIExploitIApplicationsIbasedIonICategory

Tota

lINu

mb

erI

Category

Tota

lIPer

cen

tage

I

Category

Tota

lIPer

cen

tage

I

PercentageIofITotalIOverIPrivilegeIApplicationsIbasedIonICategory

Category

InvestigateIpossibleIupdateIattacks,particularlyIthroughIanomalyIdetection