Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android

Rastogi, Vaibhav; Qu, Zhengyang; McClurg, Jedidiah; Cao, Yinzhi; Chen, Yan

doi:10.1007/978-3-319-28865-9_14

Cited by 24 publications

(11 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since Drebin has been designed to run directly on the mobile device, its most obvious limitation is the lack of a dynamic analysis. Unfortunately, static analysis has clear limitations, as it is not possible to analyze malicious code that is downloaded or decrypted at runtime, or code that is thoroughly obfuscated [17], [23], [24], [31], [35], [36], [47]. For this reason, considering such attacks would be irrelevant for the scope of our work.…”

Section: Limitations and Open Issuesmentioning

confidence: 99%

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection

Demontis

Melis

Biggio

et al. 2019

IEEE Trans. Dependable and Secure Comput.

221

275

View full text Add to dashboard Cite

Abstract-To cope with the increasing variability and sophistication of modern attacks, machine learning has been widely adopted as a statistically-sound tool for malware detection. However, its security against well-crafted attacks has not only been recently questioned, but it has been shown that machine learning exhibits inherent vulnerabilities that can be exploited to evade detection at test time. In other words, machine learning itself can be the weakest link in a security system. In this paper, we rely upon a previously-proposed attack framework to categorize potential attack scenarios against learning-based malware detection tools, by modeling attackers with different skills and capabilities. We then define and implement a set of corresponding evasion attacks to thoroughly assess the security of Drebin, an Android malware detector. The main contribution of this work is the proposal of a simple and scalable secure-learning paradigm that mitigates the impact of evasion attacks, while only slightly worsening the detection rate in the absence of attack. We finally argue that our secure-learning approach can also be readily applied to other malware detection tasks.

show abstract

Section: Limitations and Open Issuesmentioning

confidence: 99%

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection

Demontis

Melis

Biggio

et al. 2019

IEEE Trans. Dependable and Secure Comput.

221

275

View full text Add to dashboard Cite

show abstract

“…Different from the iOS platform where Apple reviews every app for the privacy data access, Android transfers the responsibility to the end users for permission checking [47]. Many researchers have carried out dynamic analysis of suspicious permissions and run-time behaviors on the Android platform [48], [49]. In the static analysis, textbased features, such as app descriptions [14], [16], [31], privacy policy [11], [12], API documents [50], app reviews [51], and source code as text [52], from app markets, are commonly-adopted for predicting the actual app permission usage [53], [54].…”

Section: Related Workmentioning

confidence: 99%

AC-Net: Assessing the Consistency of Description and Permission in Android Apps

et al. 2019

View full text Add to dashboard Cite

With Android applications (apps) becoming increasingly popular, there exist huge risks lurking in the app marketplaces as most malicious software attempt to collect users' private information without their awareness. Although these apps request users' authorization for permissions, the users can still face privacy leakage issues due to their limited knowledge in distinguishing permissions. Thus, accurate and automatic permission checking is necessary and important for users' privacy protection. According to previous studies, analyzing app descriptions is a helpful way to examine whether some permissions are required for apps. Different from those studies, we consider app permissions from a more fine-grained perspective and aim at predicting the multiple correspondent permissions to one sentence of app description. In this paper, we propose an end-to-end framework for assessing the consistency between descriptions and permissions, named Assessing Consistency based on neural Network (AC-Net). For evaluation, a new dataset involving the description-to-permission correspondences of 1415 popular Android apps was built. The experiments demonstrate that AC-Net significantly outperforms the state-of-the-art method by over 24.5% in accurately predicting permissions from descriptions. INDEX TERMS Android security, app descriptions, app permissions, consistency assessment, text classification, deep learning.

show abstract

“…[38] proposed a privacy leakage monitoring system to repackage the software and insert the monitoring logic codes. Similar systems are AppGuard [39] and Uranine [18]. But detection results of the dynamic analysis possibly lagged behind leakage events [40].…”

Section: Related Workmentioning

confidence: 99%

“…It could detect efficiently with high code coverage, but is not applicable to the analysis of apps with multi-thread methods. (2) Dynamic analysis, on the contrary, could avoid the shortcomings of static analysis when monitoring the running state of software [11,15,16,17,18]. It compensates for static analysis in detection accuracy, but costs much more code coverage, and often lags behind leakage events during the detection.…”

Section: Introductionmentioning

confidence: 99%

A Fog Computing Solution for Context-Based Privacy Leakage Detection for Android Healthcare Devices

Huang

Jiang

et al. 2019

Sensors

View full text Add to dashboard Cite

Intelligent medical service system integrates wireless internet of things (WIoT), including medical sensors, wireless communications, and middleware techniques, so as to collect and analyze patients’ data to examine their physical conditions by many personal health devices (PHDs) in real time. However, large amount of malicious codes on the Android system can compromise consumers’ privacy, and further threat the hospital management or even the patients’ health. Furthermore, this sensor-rich system keeps generating large amounts of data and saturates the middleware system. To address these challenges, we propose a fog computing security and privacy protection solution. Specifically, first, we design the security and privacy protection framework based on the fog computing to improve tele-health and tele-medicine infrastructure. Then, we propose a context-based privacy leakage detection method based on the combination of dynamic and static information. Experimental results show that the proposed method can achieve higher detection accuracy and lower energy consumption compared with other state-of-art methods.

show abstract

Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android

Cited by 24 publications

References 34 publications

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection

AC-Net: Assessing the Consistency of Description and Permission in Android Apps

A Fog Computing Solution for Context-Based Privacy Leakage Detection for Android Healthcare Devices

Contact Info

Product

Resources

About