Dynamic Loading Vulnerability Detection for Android Applications Through Ensemble Learning

Yang, Tianchang; Cui, Haoliang; Niu, Shaozhang

doi:10.1049/cje.2017.07.001

Cited by 3 publications

(5 citation statements)

References 13 publications

(24 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…S. Poeplau [6] used a control flow graph constructed by the API method to detect applications that have used the dynamic loading mechanism, but the detection accuracy is not satisfactory. W. Yang [19] established the detector by extracting the context related to security-sensitive events. It defines two key elements of the context: the activation condition of the event and the environment attribute of the event.…”

Section: Static Analysismentioning

confidence: 99%

“…It defines two key elements of the context: the activation condition of the event and the environment attribute of the event. W. Yang [ 20 ] found that 37.8% of 4464 test samples used dynamic loading technology by determining the location of the loading point. They proposed a static analysis method combining permissions and API features to complete this type of Malware identification.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Android Malware Detection Method Based on Permission Complement and API Calls

Jun

Tang

Yan

et al. 2022

Chinese J of Electronics

View full text Add to dashboard Cite

Section: Static Analysismentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Android Malware Detection Method Based on Permission Complement and API Calls

Jun

Tang

Yan

et al. 2022

Chinese J of Electronics

View full text Add to dashboard Cite

“…The experiments showed that the anomaly detection with dynamic analysis was capable of detecting zero-day malware with 1.16% FNR and 1.30% FPR. Yang et al [215] proposed a detection method based on Ensemble Learning. They extracted the dynamic loading feature based on static analysis, and then adopted the well-constructed multi-label ensemble learning algorithm to conduct experiments.…”

Section: ) Loading Codementioning

confidence: 99%

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

et al. 2019

View full text Add to dashboard Cite

The number of applications (apps) available for smart devices or Android based IoT (Internet of Things) has surged dramatically over the past few years. Meanwhile, the volume of ill-designed or malicious apps (malapps) has been growing explosively. To ensure the quality and security of the apps in the markets, many approaches have been proposed in recent years to discriminate malapps from benign ones. Machine learning is usually utilized in classification process. Accurately characterizing apps' behaviors, or so-called features, directly affects the detection results with machine learning algorithms. Android apps evolve very fast. The size of current apps has become increasingly large and the behaviors of apps have become increasingly complicated. The extracting effective and representative features from apps is thus an ongoing challenge. Although many types of features have been extracted in existing work, to the best of our knowledge, no work has systematically surveyed the features constructed for detecting Android malapps. In this paper, we are motivated to provide a clear and comprehensive survey of the state-of-the-art work that detects malapps by characterizing behaviors of apps with various types of features. Through the designed criteria, we collect a total of 1947 papers in which 236 papers are used for the survey with four dimensions: the features extracted, the feature selection methods employed if any, the detection methods used, and the scale of evaluation performed. Based on our in-depth survey, we highlight the issues of exploring effective features from apps, provide the taxonomy of these features and indicate the future directions.

show abstract

“…This kind of vulnerability is caused by the incomplete security verification mechanism of Apps developers. Yang et al [10] used a combination of static and dynamic methods to analyze the App's dynamic loading vulnerability. This kind of vulnerability is caused by the insecure verification on the loaded executable file.…”

Section: Related Workmentioning

confidence: 99%

“…The security issues of Apps are complex and challenging. Related research on Android security has been proposed, including static [1]- [8] and dynamic [9], [10] methods. Wei et al [11] just analyzed Android vulnerabilities which are assosiated with JavaScript.…”

Section: Introductionmentioning

confidence: 99%

Vulnerability Detection on Android Apps–Inspired by Case Study on Vulnerability Related With Web Functions

et al. 2020

View full text Add to dashboard Cite

Nowadays, people's lifestyle is more and more dependent on mobile applications (Apps), such as shopping, financial management and surfing the internet. However, developers mainly focus on the implementation of Apps and the improvement of user experience while ignoring security issues. In this paper, we perform the comprehensive study on vulnerabilities caused by misuse of APIs and form a methodology for this type of vulnerability analysis. We investigate the security of three types of Android Apps including finance, shopping and browser which are closely related to human life. And we analyze four vulnerabilities including Improper certificate validation(CWE-295:ICV), WebView bypass certificate validation vulnerability(CVE-2014-5531:WBCVV), WebView remote code execution vulnerability(CVE-2014-1939:WRCEV) and Alibaba Cloud OSS credential disclosure vulnerability(CNVD-2017-09774:ACOCDV). In order to verify the effectiveness of our analysis method in large-scale Apps on the Internet, we propose a novel scalable tool-VulArcher, which is based on heuristic method and used to discover if the above vulnerabilities exist in Apps. We download a total of 6114 of the above three types of samples in App stores, and we use VulArcher to perform the above vulnerability detection for each App. We perform manual verification by randomly selecting 100 samples of each vulnerability. We find that the accuracy rate for ACOCDV can reach 100%, the accuracy rate for WBCVV can reach 95%, and the accuracy rate for the other two vulnerabilities can reach 87%. And one of vulnerabilities detected by VulArcher has been included in

show abstract

Dynamic Loading Vulnerability Detection for Android Applications Through Ensemble Learning

Cited by 3 publications

References 13 publications

Android Malware Detection Method Based on Permission Complement and API Calls

Android Malware Detection Method Based on Permission Complement and API Calls

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

Vulnerability Detection on Android Apps–Inspired by Case Study on Vulnerability Related With Web Functions

Contact Info

Product

Resources

About