WebVbasedhSecurityhAnalysishToolhforhAndroidhApplicationsComputerhSciencehDepartmentPhMetropolitanhCollege
NebiyuhFelekePhTandhyhSimanjuntakPhWenjiehShiPhYutinghZhangPhLouhChitkushevhhnaberraPhtandhyPhwjshiPhdanazhPhltc@bu.edu
OnNgoingIWork
Architecture
OurITool
OtherIWebNbasedIAnalysisITools
Motivation
www.idc.com
www.kaspersky.com
EveryhfifthhAndroidVbasedhdevicehwithhKasperskyhsolutionshwashattackedhbyhmalwarehduringhreportedhperiod
www.kaspersky.com
Anubis
AIwebIportalIofIandroidIapplicationsIsecurity
ApplicationISecurityIAnalysisIbasedIonICategory
ProposedIWork
ImplicitIOpenIomponentsIinIFinanceIandIMedicalIApplications
AIframeworkItoIanalyzeItheIsecurityIofIandroidIapplicationsIthroughIstaticIanalysis
ProposeIandIimplementIaInumberIofImetricsIcomplementaryItoIthoseIinImanyIexistingIwebNbasedIanalysisItools:
IdentifyIRootIExploitIandIMaliciousIDomain
IdentifyIHiddenIFileIandICodeILoading
IdentifyIOpenIComponents
IdentifyIDangerousIPermissionsICombinationI
IdentifyIReNDelegation
IdentifyIOverIPrivilege
AnalysishToolhPage
SearchhToolhPage
ApplicationISecurityIEvolutionIAnalysis
IdentifyIandIclassifyIapplicationsIwithIsimilarfunctionalityIbasedIonIapplicationsEIdescriptionsIusingIkeywordIanalysis
InvestigateItheIassociationIbetweenIkeywordsIandotherIsecurityImetricsIsuchIasIpermissions
PerformIbothIindividualIandIcollectiveIanalysis
ReNdelegationOpenIComponentsOverNprivilegeDangerousIPermissionsICombinationHiddenIFilesMaliciousIDomainsRootIExploitCodeILoading
TypesIofIMetricsIChangedI
ProposedIWorkIdentifyImoreIsecurityImetricsIthatIcanIbeusedIforIevolutionIanalysis,IincludingIthoseusedIinIotherIexistingItools
InvestigateItheIpossibleIsecurityIevolutionpatternsIofIapplications
DistributionhofhAddedhVulnerabilities DistributionhofhDeletedhVulnerabilities
InvestigateItheIpossibleIsecurityIpatternsIofIapplicationsIwithIsimilarIfunctionality
NumberIofITypesIofIMetricsIChangedI
Per
cen
tage
IofI
Dat
aset
I
MetricsIinclude:
DetailsIofIThreeIMetricsI
TypeIofIMetricsI
Per
cen
tage
IofI
Dat
aset
I
NumberIofIAddedIVulnerabilitiesI
Per
cen
tage
IofI
Ap
plic
able
IDat
aset
I
Per
cen
tage
IofI
Ap
plic
able
IDat
aset
I
NumberIofIDeletedIVulnerabilitiesI
TotalIDownloadedIApplicationsIbasedIonICategory
IPercentageIofIRootIExploitIApplicationsIbasedIonICategory
Tota
lINu
mb
erI
Category
Tota
lIPer
cen
tage
I
Category
Tota
lIPer
cen
tage
I
PercentageIofITotalIOverIPrivilegeIApplicationsIbasedIonICategory
Category
InvestigateIpossibleIupdateIattacks,particularlyIthroughIanomalyIdetection
Top Related