Abstract
Recently, the use of smart phones has greatly increased because of the development of cheap high-performance hardware. The biggest threat to a smart phone user is the loss of his/her personal information by an attacker. To protect a user’s information from these threats, an attack detection application for the Android OS is proposed and developed, in which the detection system is comprised of two phases: the mobile detection system pre-phase and post-phase. The pre-phase includes the steps performed before an attack occurs for the comparison and analysis step of the post-phase, and the post-phase includes the steps performed to detect malware using an attack tree with level assignments from the post-phase. Three classes, interception, modification, and system damage, are defined to classify attacks to determine the attacker’s purpose. When an attack occurs, the application can recognize what kind of route the mobile attack goes through by comparing and analyzing the attack tree from the pre-phase and current attack data in the post-phase. Attack trees are used to easily extract attack scenarios and determine when an attack is occurring. We expect that using the proposed application will protect a user’s personal information on a mobile system.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Skogberg B (2010) Android application development. Dissertation, Malmö University, Sweden
Canfora G, Medvet E, Mercaldo F, Visaggio CA (2015) Detecting android malware using sequences of system calls. In: Proceedings of the 3rd international workshop on software development lifecycle for mobile. ACM, pp 13–20
Zhou Y, Jiang X (2012) Dissecting android malware: characterization and evolution. In: 2012 I.E. symposium on security and privacy (SP) pp 95–109
Berthome P, Fecherolle T, Guilloteau N, Lalande JF (2012) Repackaging android applications for auditing access to private data. In: 2012 I.E. seventh international conference on availability, reliability and security (ARES) pp 388–396
Yan LK, Yin H (2012) DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic android malware analysis. In: USENIX security symposium pp 569–584
Guo M, Wang JA (2009) An ontology-based approach to model common vulnerabilities and exposures in information security. In: 2009 ASEE Southeast section conference
Kirda E, Kruegel C (2005) Protecting users against phishing attacks with antiphish. In: 2005 I.E. 29th annual international on computer software and applications conference (COMPSAC) vol. 1, pp 517–524
Weaver G, Furr A, Norton R (2016) Deception of phishing: studying the techniques of social engineering by analyzing modern-day phishing attacks on Universities. Thesis, Auburn University
Elham S, Arastouie (2011) Backdoor detection system using artificial neural network and genetic algorithm. In: 2011 international conference on computational and information sciences (ICCIS), pp 817–820
Joo JW, Moon SY, Singh S, Park JH (2016) S-detector: an enhanced security model for detecting smishing attack for mobile computing. Telecommun Syst 66:29–38
Acknowledgments
This work was supported by the Defense Acquisition Program Administration and Agency for Defense Development under the contract UD160066BD.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Kim, D., Shin, D., Shin, D. et al. Attack Detection Application with Attack Tree for Mobile System using Log Analysis. Mobile Netw Appl 24, 184–192 (2019). https://doi.org/10.1007/s11036-018-1012-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-018-1012-4