"Automatically locating malicious packages in piggybacked Android apps" by Li LI

Article

Automatically locating malicious packages in piggybacked Android apps

Proceedings - 2017 IEEE/ACM: 4th IEEE/ACM International Conference on Mobile Software Engineering and Systems, Buenos Aires, Argentina, 2017 May 22-23

Li LI
Daoyuan LI
Tegawende BISSYANDE
Jacques KLEIN
Haipeng CAI
David LO, Singapore Management University
Yves LE TRAON

Download Find in your library

Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

7-2017

Abstract

To devise efficient approaches and tools for detecting malicious packages in the Android ecosystem, researchers are increasingly required to have a deep understanding of malware. There is thus a need to provide a framework for dissecting malware and locating malicious program fragments within app code in order to build a comprehensive dataset of malicious samples. Towards addressing this need, we propose in this work a tool-based approach called HookRanker, which provides ranked lists of potentially malicious packages based on the way malware behaviour code is triggered. With experiments on a ground truth set of piggybacked apps, we are able to automatically locate the malicious packages from piggybacked Android apps with an accuracy of 83.6% in verifying the top five reported items.

Discipline

Identifier

10.1109/MOBILESoft.2017.6

Publisher

ACM

City or Country

Buenos Aires, Argentina;

Creative Commons License

Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International

Additional URL

http://doi.org./10.1109/MOBILESoft.2017.6

Citation Information

Li LI, Daoyuan LI, Tegawende BISSYANDE, Jacques KLEIN, et al.. "Automatically locating malicious packages in piggybacked Android apps" Proceedings - 2017 IEEE/ACM: 4th IEEE/ACM International Conference on Mobile Software Engineering and Systems, Buenos Aires, Argentina, 2017 May 22-23 (2017)
Available at: http://works.bepress.com/david_lo/198/