Designing System-Level Defenses against Cellphone Malware

Xie, Liang; Zhang, Xinwen; Chaugule, Ashwin; Jaeger, Trent; Zhu, Sencun

doi:10.1109/srds.2009.21

Cited by 44 publications

(23 citation statements)

References 16 publications

(16 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Xie et al [52] propose access-control defense to limit the accesses of malware to critical system resources. VirusMeter [35] identifies malware that causes excessive battery power consumption on mobile devices.…”

Section: Related Workmentioning

confidence: 99%

“…As of October 2011, Tencent Mobile Security Laboratory [48] identified around 13,000 and 6,000 mobile phone viruses in the Symbian and Android platforms respectively. Given the threat of smartphone malware, researchers (e.g., [10,11,13,35,42,44,46,52]) have proposed various smartphone malware detection systems, and anti-virus software companies also develop commercial security solutions to detect smartphone malware. However, new pieces of smartphone malware keep evolving and attacking various distributions of smartphone platforms [36].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

ADAM: An Automatic and Extensible Platform to Stress Test Android Anti-virus Systems

Zheng

Lee

Lui

2013

Detection of Intrusions and Malware, and Vulnerability Assessment

112

View full text Add to dashboard Cite

Abstract. With the rising threat of smartphone malware, both academic community and commercial anti-virus companies proposed many methodologies and products to defend against smartphone malware. Thus, how to assess the effectiveness of these defense mechanisms against existing and unknown malware becomes important. We propose ADAM, an automated and extensible system that can evaluate, via large-scale stress tests, the effectiveness of anti-virus systems against a variety of malware samples for the Android platform. Specifically, ADAM can automatically transform an original malware sample to different variants via repackaging and obfuscation techniques in order to evaluate the robustness of different anti-virus systems against malware mutation. The transformation and evaluation processes of ADAM are fully automatic, generic, and extensible for different types of malware, anti-virus systems, and malware transformation techniques. We demonstrate the efficacy of ADAM using 222 Android malware samples that we collected in the wild. Using ADAM, we generate different variants based on our collected malware samples, and evaluate the detection of these variants against commercial anti-virus systems.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

ADAM: An Automatic and Extensible Platform to Stress Test Android Anti-virus Systems

Zheng

Lee

Lui

2013

Detection of Intrusions and Malware, and Vulnerability Assessment

112

View full text Add to dashboard Cite

show abstract

“…Xie et al [33] proposed a two-level defense, which consists of an access-control based scheme and a GTT-based scheme to contain the propagation of MMS-based worms.…”

Section: Worm Containment Modelsmentioning

confidence: 99%

Containing smartphone worm propagation with an influence maximization algorithm

Peng¹,

Wu²,

Wang³

et al. 2014

Computer Networks

View full text Add to dashboard Cite

“…The use of a graphical Turing test was already introduced by Xie et al [5] to prevent malicious codes diffusion. They take as an example the case of a MMS-based malware.…”

Section: Related Workmentioning

confidence: 99%

A security mechanism to increase confidence in m-transactions

Pequegnot¹,

Cart-Lamy²,

Thomas³

et al. 2011

2011 6th International Conference on Risks and Security of Internet and Systems (CRiSIS)

View full text Add to dashboard Cite

International audienceCurrently, NFC phones are coming in the handheld market, providing facilities to perform m-transactions. Obviously, this type of operation requires special security precautions. Indeed, a malicious code could intercept and hijack the system, even if there is a smart card. For example, the amount of the payment displayed in the terminal can be hijacked by an attacker to fool the user, or user's credential can be stolen thanks to a keylogger (and thus malicious codes can perform unwanted m-transactions automatically). This paper describes a security mechanism based on a graphical Turing test to prevent m-transactions submission by malwares. Firstly it introduces current m-transactions solutions. Then it explains the security mechanism that we propose to tackle the problem of untrusted handheld devices. It also underlines a proof of concept we implemented, to test its feasibility on a SIM card. Finally, it gives information on performances corresponding to the implementation that we made

show abstract

Designing System-Level Defenses against Cellphone Malware

Cited by 44 publications

References 16 publications

ADAM: An Automatic and Extensible Platform to Stress Test Android Anti-virus Systems

ADAM: An Automatic and Extensible Platform to Stress Test Android Anti-virus Systems

Containing smartphone worm propagation with an influence maximization algorithm

A security mechanism to increase confidence in m-transactions

Contact Info

Product

Resources

About