Enhanced Android App-Repackaging Attack on In-Vehicle Network

Lee, Yousik; Woo, Samuel; Lee, Jung-Ho; Song, Yunkeun; Moon, Heeseok; Lee, Dong Hoon

doi:10.1155/2019/5650245

Cited by 19 publications

(12 citation statements)

References 12 publications

(15 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since the measurement is not a one-time, but a longterm process, two measures need to be taken in practice. (1) To prevent the service from being recycled, we use the Android foreground service to keep monitoring the application. e foreground service is hard to be killed by the system when the system memory is insufficient.…”

Section: Trusted Applicationsmentioning

confidence: 99%

“…Mobile devices serve as the main IoT control center and the communication portal for mobile edge computing. Especially, existing works reveal that Android devices face many practical risks [1][2][3]. For example, in the scene of the Internet of Vehicles, if the vehicle control application of the Android device is tampered with, the vehicle will become unavailable and the privacy information may also be leaked.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Novel Trusted Software Base for Commercial Android Devices Using Secure TF Card

Zhou

Zhao

2022

Security and Communication Networks

View full text Add to dashboard Cite

With the help of edge computing, the Internet of Things (IoT) provides users with efficient data transmission and processing capabilities. As a main control device of the IoT and the communication portal of edge computing, user terminals represented by Android devices have potential security risks in IoT. Trusted computing is a universal method to construct trusted environment for computing platforms. However, due to the strict space, cost, and power limitations, commercial Android devices would not be applicable to implement a dedicated onboard chip or the software Trusted Platform Module (TPM) by modifying its firmware. We have designed a practical Trusted Software Base (TSB) for mobile devices to enhance their security. By using the secure TF card as the hardware to provide secure storage and cryptographic capabilities, we implement the trusted boot and trust extension for applications on a commercial device to verify the feasibility of the TSB to ensure a trusted environment for users. Our implementation does not require any modification to the firmware or any additional hardware other than the secure TF card. Experimental evaluation shows that our method can provide trusted computing capability for commercial Android devices with low performance overheads.

show abstract

Section: Trusted Applicationsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Novel Trusted Software Base for Commercial Android Devices Using Secure TF Card

Zhou

Zhao

2022

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Because CAN was designed only for closed network environments, it does not provide basic information protection features (e.g., confidentiality, authentication, and access control) [9]. There is the need to put into place added layers of security to avoid malicious usage of wireless ELM 327 devices.…”

Section: Additional Measuresmentioning

confidence: 99%

“…The absence of added security to the functionality of wireless OBD II readers has led to reported cases of malicious access to key vehicle functionality and could lead to possible cases of theft of physical belongings as well as user information. [3], [4], [9]. These added layers of security include but are not limited to deployment of firewall on the OBD II port, application authentication on wireless dongles, priority management on multiple connected devices.…”

Section: Additional Measuresmentioning

confidence: 99%

Smart automobile self-diagnosis data evaluation system

Akhibi¹

2022

EJCSIT

View full text Add to dashboard Cite

The optimal performance of an automobile requires that underlining problems are checked at intervals by qualified technicians. Many a time, the checks are not carried out routinely until a fault in the vehicle raises its ugly head, this can cause disruptions of all kinds and disrupt the schedule of the owner. Over time, with the advent of technological advancement, there has been an increase in the usage of fault monitoring sensors in keeping track of the performance and maintenance requirements of automobiles. As the trend in technological advancement continues, diagnosis and evaluation techniques are now focused on a more active and user-centric system. In this paper, we would be analyzing current diagnosis and evaluation systems and looking into the research for self-diagnosing and evaluation for automotive systems

show abstract

“…The NTSC report published in 2020 2 reported that 27% of organizations globally were impacted by malware attacks sent via Android mobile devices. In recent times, we have seen malware producers employ techniques such as obfuscation , Chua and Balachandran [2018], Bacci et al [2018] and repackaging Song et al [2017], Lee et al [2019], , mostly through the change of static features Zhu et al [2018], Sun et al [2017], Hu et al [2014] to avoid detection. Realizing the trend in the growth of mobile-based malware attacks, there have been numerous Artificial Intelligence (AI)-based defense techniques proposed Vasan et al [2020], Luo and Lo [2017], , Makandar and Patrot [2018], Hsiao et al [2019], Singh et al [2019].…”

Section: Introductionmentioning

confidence: 99%

Task-Aware Meta Learning-based Siamese Neural Network for Classifying Obfuscated Malware

Zhu¹,

Jang-Jaccard²,

Singh³

et al. 2021

Preprint

View full text Add to dashboard Cite

Malware authors apply different obfuscation techniques on the generic feature of malware (i.e., unique malware signature) to create new variants to avoid detection. Existing Siamese Neural Network (SNN) based malware detection methods fail to correctly classify different malware families when similar generic features are shared across multiple malware variants resulting in high false-positive rates. To address this issue, we propose a novel Task-Aware Meta Learning-based Siamese Neural Network resilient against obfuscated malware while able to detect malware trained with one or a few training samples. Using entropy features of each malware signature alongside image features as task inputs, our task-aware meta leaner generates the parameters for the feature layers to more accurately adjust the feature embedding for different malware families. In addition, our model utilizes metalearning with the extracted features of a pre-trained network (e.g., VGG-16) to avoid the bias typically associated with a model trained with a limited number of training samples. Our proposed approach is highly effective in recognizing unique malware signatures, thus correctly classifying malware samples that belong to the same malware family even in the presence of obfuscation technique applied to malware. Our experimental results, validated with N-way on N-shot learning, show that our model is highly effective in classification accuracy exceeding the rate >91% compared to other similar methods.

show abstract

Enhanced Android App-Repackaging Attack on In-Vehicle Network

Cited by 19 publications

References 12 publications

A Novel Trusted Software Base for Commercial Android Devices Using Secure TF Card

A Novel Trusted Software Base for Commercial Android Devices Using Secure TF Card

Smart automobile self-diagnosis data evaluation system

Task-Aware Meta Learning-based Siamese Neural Network for Classifying Obfuscated Malware

Contact Info

Product

Resources

About