Abstract
The exploding of Android malware makes security analysis more important and urgently calls for automation in its analysis. Often automation analysis includes static and dynamic methods. And an important work of the dynamic analysis is gathering accurate behavior information of Android apps. However, traditional methods, which are used to inject random events to exercise the user interface, can not capture the behavior triggered by the event. To overcome the above shortcomings, this paper designs a framework of the Android malware detection based on cloud and focuses on how to design an Event Trigger to trigger more behaviors. This method can enlarge the dynamic analysis scope to find more information of malicious behaviors.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Gartner, Inc.: Gartner Says Emerging Markets Drove Worldwide Smartphone Sales to 19 Percent Growth in First Quarter of 2015. http://www.gartner.com/newsroom/id/3061917
Kaspersky, Lab.: Number-of-the-week-list-of-malicious-Android-apps-hits-10-million (2014). http://www.kaspersky.com/about/news/virus/2014/Number-of-the-week-list-of-malicious-Android-apps-hits-10-millon
Enck, W.: Defending users against smartphone apps: techniques and future directions. In: Jajodia, S., Mazumdar, C. (eds.) ICISS 2011. LNCS, vol. 7093, pp. 49–70. Springer, Heidelberg (2011). doi:10.1007/978-3-642-25560-1_3
Application Exerciser Monkey. http://developer.android.com/tools/help/monkey
Schmeelk, S., Yang J., Aho, A.: Android malware static analysis techniques. In: 10th Annual Cyber and Information Security Research Conference, pp. 1–2. ACM, New York (2015)
Batyuk, L., Herpich, M.: Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications. In: Malicious and Unwanted Software (MALWARE), pp. 66–72. IEEE, Fajardo (2011)
Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Proceedings of the 23rd Annual Computer Security Applications Conference (2007)
Willems, C., Freiling, F.C.: Reverse code engineering—state of the art and countermeasures. it-Inf. Technol. 53–63 (2011)
Enck, W., Gilbert, P., Chun, B.-G., Cox, L. P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI), October 2010
Dynamic analysis of Android apps. https://github.com/pjlantz/droidbox
Rastogi, V., Chen, Y., Enck, W.: Appsplayground: automatic security analysis of smartphone applications. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, CODASPY 2013. ACM, New York (2013)
Gianazza, A., Maggi, F., Fattori, A., Cavallaro, L., Zanero, S.: PuppetDroid: a user-centric UI exerciser for automatic dynamic analysis of similar android applications. CoRR, vol. abs/1402.4826, 2014
Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., van der Veen, V., Platzer, C.: Andrubis-1,000,000 apps later: a view on current Android malware behaviors. In: Proceedings of the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS (2014)
Spreitzenbarth, M., Schreck, T., Echtler, F., Arp, D., Hoffmann, J.: Mobile-Sandbox: combining static and dynamic analysis with machine-learning techniques. Int. J. Inf. Secur. 14(2), 141–153 (2015). Springer, Berlin
Zheng, M., Sun, M., Lui, J.C.S.: DroidTrace: a ptrace based Android dynamic analysis system with forward execution capability. In: Wireless Communications and Mobile Computing Conference (IWCMC), pp. 128–133. IEEE Press, Nicosia (2014)
Wang, H., Hao, F., Zhu, C., Rodrigues, J.J.P.C., Yang, L.T.: An android multimedia framework based on Gstreamer. In: Rodrigues, J.J.P.C., Zhou, L., Chen, M., Kailas, A. (eds.) GreeNets 2011. LNICSSITE, vol. 51, pp. 51–62. Springer, Heidelberg (2012). doi:10.1007/978-3-642-33368-2_5
Zuo, L., Shu, L., Dong, S., Zhu, C., Han, G.: A multi-queue interlacing peak scheduling method based on tasks classification in cloud computing. IEEE Syst. J. (2016)
Zuo, L., Shu, L., Dong, S., Zhu, C., Zhou, Z.: Dynamic weighted load evaluation model based on self-adaptive threshold in cloud computing. ACM Mob. Netw. Appl. 1–15 (2016)
Zuo, L., Shu, L., Dong, S., Zhu, C., Hara, T.: A multi-objective optimization scheduling method based on the ant colony algorithm in cloud computing. IEEE Access 3, 2687–2699 (2015)
HPE Helion Eucalyptus. https://github.com/eucalyptus
Acknowledgments
This paper was supported by the National Natural Science Foundation of China (Nos. 61170276, 61373135) and the Key University Science Research Project of Jiangsu Province (Grant No. 12KJA520003).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Hu, T., Ning, Z., Sun, Z. (2017). A Design of the Event Trigger for Android Application. In: Lee, JH., Pack, S. (eds) Quality, Reliability, Security and Robustness in Heterogeneous Networks. QShine 2016. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 199. Springer, Cham. https://doi.org/10.1007/978-3-319-60717-7_42
Download citation
DOI: https://doi.org/10.1007/978-3-319-60717-7_42
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-60716-0
Online ISBN: 978-3-319-60717-7
eBook Packages: Computer ScienceComputer Science (R0)