Android behind the scenes: revealing hidden malware with AndroMEDA

Marsan, Robert

Permalink

https://hdl.handle.net/2142/44185 Copy

Description

Title

Android behind the scenes: revealing hidden malware with AndroMEDA

Author(s)

Marsan, Robert

Issue Date

2013-05-24T21:53:39Z

Director of Research (if dissertation) or Advisor (if thesis)

Campbell, Roy H.

Department of Study

Computer Science

Discipline

Computer Science

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

M.S.

Degree Level

Thesis

Keyword(s)

• mobile
• android
• security
• malware

Abstract

With the unprecedented growth in the diversity of digital distribution platforms, there has been an increasing concern about privacy of the content being produced by the different types of applications users are installing across a variety of mobile platforms. The mobile devices average users own generally have inbuilt hardware interfaces capable of gathering different types of rich information including temperature, accelerometer, as well as personal identifiable information such as phone numbers, personal communication messages, and location information. Some digital dis- tribution platforms, like Google’s Play Store (GPStore), created a permission-based security model in which users are prompted with a list of permissions they must accept in order to download and install an application. In recent years many researchers have presented attacks compromising the previous security model using different types of techniques including malicious applications such as malware and trojans. To better understand mobile malware, we introduce the concept of the User-App Agreement (UAA) — a concep- tual framework for a user consenting to and trusting specific actions an app may perform. Using UAA we examine the Android Permission system with Android Census — a comprehensive app metadata database. We conclude the main shortcoming lies in the Permission system’s lack of addressing context and use, presenting an opportunity for Info Theft Malware — malicious software that profits off of users’ personal information. Finally, we present Android Malware Evaluation Detection and Analysis (AndroMEDA), an Android Security Extension which forms a novel feedback loop, providing users with a method for understanding the context and use of actions an app performs, thus allowing them to identify suspicious behavior that violates users’ trust.

Graduation Semester

2013-05

Permalink

http://hdl.handle.net/2142/44185

Copyright and License Information

Copyright 2013 by Robert Joseph Marsan. All rights reserved.

Owning Collections