Detecting application update attack on mobile devices through network featur

Tenenboim-Chekina, Lena; Barad, O.; Shabtai, Asaf; Mimran, Dudu; Rokach, Lior; Shapira, Bracha; Elovici, Yuval

doi:10.1109/infcomw.2013.6970755

Cited by 14 publications

(4 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus, changes in permission requests might indicate behavioral changes in apps for Android platforms. Additionally, an attack on Android systems called the App Update Attack was studied by Tenenboim-Chekina et al [19].…”

Section: Android Permission and Privacy Informationmentioning

confidence: 99%

Supporting Privacy-Conscious App Update Decisions with User Reviews

Tian

Liu

Dai

et al. 2015

Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices

View full text Add to dashboard Cite

Smartphone app updates are critical to user security and privacy. New versions may fix important security bugs, which is why users should usually update their apps. However, occasionally apps turn malicious or radically change features in a way users dislike. Users should not necessarily always update in those circumstances, but current update processes are largely automatic. Therefore, it is important to understand user behaviors around updating apps and help them to make security-conscious choices. We conducted two related studies in this area. First, to understand users' current update decisions, we conducted an online survey of user attitudes toward updates. Based on the survey results, we then designed a notification scheme integrating user reviews, which we tested in a field study. Participants installed an Android app that simulated update notifications, enabling us to collect users' update decisions and reactions. We compared the effectiveness of our review-based update notifications with the permission-based notifications. Compared to notifications with permission descriptions only, we found our review-based update notification was more effective at alerting users of invasive or malicious app updates, especially for less trustworthy apps.

show abstract

Section: Android Permission and Privacy Informationmentioning

confidence: 99%

Supporting Privacy-Conscious App Update Decisions with User Reviews

Tian

Liu

Dai

et al. 2015

Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices

View full text Add to dashboard Cite

show abstract

“…But, this technique cannot be applied in the encrypted traffic. In 2013, Tenenboim et al [25] proposed a novel network based behavioral analysis for detecting a new group of malware with self-updating capabilities which have been found in the Google Android marketplace. Their results showed that in most of the applications the threat was detected in the first five minutes after the infection occurred.…”

Section: Relate Workmentioning

confidence: 99%

A Two-Layer Deep Learning Method for Android Malware Detection Using Network Traffic

et al. 2020

View full text Add to dashboard Cite

Because of the characteristic of openness and flexibility, Android has become the most popular mobile platform. However, it has also become the most targeted system by mobile malware. It is necessary for the users to have a fast and reliable detection method. In this paper, we proposed a two-layer methods to detect malware. The first layer is permission, intent and component information based static malware detection model. We combine the static features with fully connected neural network to detect the malware and test its effectiveness through experiment, the detection rate of the first layer is 95.22%. Then we input the result (benign apps) into the second layer. In the second layer we used a new cascading CNN and autoencoder CACNN methods to detect network traffic features of apps. The experimental results show that our methods can effectively identify malicious Android apps. The detection rate of the second layer is 99.3% in binary classification. Moreover, the new two-layer model can also detect malware by its category and malicious family. The detection rates are 98.2% and 72.13% respectively.

show abstract

“…Typical methods are being introduced through SMS phishing or social engineering techniques, intelligent detection technologies. Detecting malicious code is a difficult task because there are new malicious codes emerges as improvement in detecting technology [5,11]. (Table 1).…”

Section: Types Of Personal Information Disclosure On the Android Platmentioning

confidence: 99%