The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The prevalence of Android platform has attracted adversaries to craft malicious payloads for illegal profit. Such malicious artifacts are frequently reused and embedded in benign, paid apps to lure victims that the apps have been cracked for free. To discover these fraudulent apps, administrators of app markets desire an automated scanning process to maintain the health of app ecosystem. However,...
In recent years, medicine has seen how technology was going day by day more present to become necessary. At the same time, security became a critical aspect, since private patient medical data are handled. In this field in which gather mobile technologies with medicine, security has great importance. Therefore, it is essential to conduct security audits to mobile applications which deal with private...
Detecting zero-day sophisticated malware is like searching for a needle in the haystack, not knowing what the needle looks like. This paper describes Android Malicious Flow Visualization Toolbox that empowers a human analyst to detect such malware. Detecting sophisticated malware requires systematic exploration of the code to identify potentially malignant code, conceiving plausible malware hypotheses,...
Android supports seamless user experience by maintaining activities from different apps in the same activity stack. While such close inter-app communication is essential in the Android framework, the powerful inter-app communication contains vulnerabilities that can inject malicious activities into a victim app's activity stack to hijack user interaction flows. In this paper, we demonstrate activity...
Countless various malware families provide huge variety of functionalities which allow them to do many malicious activities. This conditions led to development of many different analysis methods. In this paper, we focused on reverse engineering, which is elementary part of static analysis. We evaluate current Java bytecode decompilers. We evaluate the output from current Java bytecode decompilers...
The growing popularity of Android and the increasing amount of sensitive data stored in mobile devices have lead to the dissemination of Android ransomware. Ransomware is a class of malware that makes data inaccessible by blocking access to the device or, more frequently, by encrypting the data; to recover the data, the user has to pay a ransom to the attacker. A solution for this problem is to backup...
Mobile devices are becoming targets for hackers and malicious users due to the multifold increase in its capabilities and usage. Security threats are more prominent in mobile payment and mobile banking applications (MBAs). As these MBAs, store, transmit and access sensitive and confidential information, so utmost priority should be given to secure MBAs. In this paper, we have analyzed MBAs of several...
Mobile devices such as smartphones are becoming the majority among computing devices. Currently, millions of persons use such devices to store and process personal data. Unfortunately, smartphones running Android are increasingly being targeted by hackers and infected with malware. Anti-malware software is being used to address this situation, but it may be subverted by the same malware it aims to...
Smartphone» have become a prime target for cyber criminals. Android being the market leader is the major target of malicious attackers. Covert techniques used by the malware make them hard to detect with signature based methods. In this paper, we present AndroPIn — a novel Android based malware detection tool using Permissions and Intents. The proposed framework overcomes the limitation of stealthy...
Android has a large share in the mobile apps market which makes it attractive for both malicious and good developers. Online apps markets, despite their vetting procedures, still admit malicious apps that could be downloaded mistakenly by mobile users. Detecting Android malwares has been studied by many researchers using different approaches and techniques. The vast majority of them though were focused...
With the proliferation of Android-based devices, malicious apps have increasingly found their way to user devices. Many solutions for Android malware detection rely on machine learning; although effective, these are vulnerable to attacks from adversaries who wish to subvert these algorithms and allow malicious apps to evade detection. In this work, we present a statistical analysis of the impact of...
Smartphones are increasingly used in everyday life. They execute complex software and store sensitive and private data of users. At the same time, malware targeting mobile devices is growing. There are various Android malware detection methods in the literature, most of which are based on permissions. However, the permission-based methods are usually subverted by some bypass techniques such as over-claim...
This paper presents a retrospect of an Android app collection named AndroZoo and some research works conducted on top of the collection. AndroZoo is a growing collection of Android apps from various markets including the official Google Play. At the moment, over five million Android apps have been collected. Based on AndroZoo, we have explored several directions that mine Android apps for resolving...
We describe a set of artifacts for dynamic analysis of Android apps, including a dataset used in a dynamic characterization study, source code used for performing the study, an Android inter-app benchmark suite, and definition of Android behavioral metrics.
Currently, mobile botnet attacks have shifted from computers to smartphones due to its functionality, ease to exploit, and based on financial intention. Mostly, it attacks Android due to its popularity and high usage among end users. Every day, more and more malicious mobile applications (apps) with the botnet capability have been developed to exploit end users' smartphones. Therefore, this paper...
Long short-term memory recurrent neural network (LSTM-RNN) have witnessed as a powerful approach for capturing long-range temporal dependencies in sequences of arbitrary length. This paper seeks to model a large set of Android permissions particularly the permissions from Normal, Dangerous, Signature and Signature Or System categories within a large number of Android application package (APK) files...
There are over a billion devices running the Android operating system. It is being used globally in personal, public, private and government organizations. Device and application availability, often overlooked in research, is a huge component to globally maintaining healthy applications and personal communications. Published research into Android application availability threats and vulnerabilities...
Android has become the most widely used mobile operating system (OS) in recent years. There is much research on methods for detecting malicious Android applications. Dynamic analysis methods detect such applications by evaluating their behaviour during execution. However, such mechanisms may be ineffective as malware is often able to disable antimalware software. This paper presents the design of...
This paper describes the various malware datasets that we have obtained permissions to host at the University of Arizona as part of a National Science Foundation funded project. It also describes some other malware datasets that we are in the process of obtaining permissions to host at the University of Arizona. We have also discussed some preliminary work we have carried out on malware analysis using...
Side-channel attacks revealing the sensitive user data through the motion sensors (such as accelerometer, gyroscope, and orientation sensors) emerged as a new trend in the smartphone security. In this respect, recent studies have examined feasibility of inferring user's tap input by utilizing the motion sensor readings and propounded that some user secrets can be deduced by adopting the different...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.