demonstration

How Discover a Malware using Model Checking

Authors:

Fabio Martinelli,

Francesco Mercaldo,

Vittoria Nardone,

Antonella SantoneAuthors Info & Claims

ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Pages 902 - 904

https://doi.org/10.1145/3052973.3055157

Published: 02 April 2017 Publication History

Get Access

Abstract

Android operating system is constantly overwhelmed by new sophisticated threats and new zero-day attacks. While aggressive malware, for instance malicious behaviors able to cipher data files or lock the GUI, are not worried to circumvention users by infection (that can try to disinfect the device), there exist malware with the aim to perform malicious actions stealthy, i.e., trying to not manifest their presence to the users. This kind of malware is less recognizable, because users are not aware of their presence. In this paper we propose FormalDroid, a tool able to detect silent malicious beaviours and to localize the malicious payload in Android application. Evaluating real-world malware samples we obtain an accuracy equal to 0.94.

References

[1]

F. Mercaldo, V. Nardone, A. Santone, and C. A. Visaggio, "Ransomware steals your phone. formal methods rescue it," in International Conference on Formal Techniques for Distributed Objects, Components, and Systems, pp. 212--221, Springer, 2016.

Google Scholar

[2]

V. Rastogi, Y. Chen, and X. Jiang, "Droidchameleon: evaluating android anti-malware against transformation attacks," in Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pp. 329--334, ACM, 2013.

Digital Library

Google Scholar

[3]

R. Milner, Communication and concurrency. PHI Series in computer science, Prentice Hall, 1989.

Digital Library

Google Scholar

[4]

C. Stirling, "An introduction to modal and temporal logics for ccs," in Concurrency: Theory, Language, And Architecture (A. Yonezawa and T. Ito, eds.), LNCS, pp. 2--20, Springer, 1989.

Digital Library

Google Scholar

[5]

R. Cleaveland and S. Sims, "The ncsu concurrency workbench," in CAV (R. Alur and T. A. Henzinger, eds.), vol. 1102 of Lecture Notes in Computer Science, Springer, 1996.

Digital Library

Google Scholar

[6]

L. Deshotels, V. Notani, and A. Lakhotia, "Droidlegacy: Automated familial classification of android malware," in Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014, PPREW'14, (New York, NY, USA), pp. 3:1--3:12, ACM, 2014.

Digital Library

Google Scholar

[7]

G. Suarez-Tangil, J. E. Tapiador, P. Peris-Lopez, and J. Blasco, "Dendroid: A text mining approach to analyzing and classifying code structures in android malware families," Expert Syst. Appl., vol. 41, pp. 1104--1117, Mar. 2014.

Digital Library

Google Scholar

[8]

Y. Feng, S. Anand, I. Dillig, and A. Aiken, "Apposcopy: Semantics-based detection of android malware through static analysis."

Google Scholar

[9]

G. Canfora, F. Mercaldo, and C. A. Visaggio, "An hmm and structural entropy based detector for android malware," Comput. Secur., vol. 61, pp. 1--18, Aug. 2016.

Digital Library

Google Scholar

[10]

S. Alam, R. Riley, I. Sogukpinar, and N. Carkaci, "Droidclone: Detecting android malware variants by exposing code clones," in 2016 Sixth International Conference on Digital Information and Communication Technology and its Applications (DICTAP), pp. 79--84, July 2016.

Google Scholar

[11]

D. Arp, M. Spreitzenbarth, M. Huebner, H. Gascon, and K. Rieck, "Drebin: Efficient and explainable detection of android malware in your pocket," in Proceedings of 21th NDSS, IEEE, 2014.

Google Scholar

[12]

M. Zheng, P. P. Lee, and J. C. Lui, "Adam: an automatic and extensible platform to stress test android anti-virus systems," in International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 82--101, Springer, 2012.

Digital Library

Google Scholar

Cited By

View all

Kumar NKumar VGaur M(2019)Banking Trojans APK Detection using Formal Methods2019 4th International Conference on Information Systems and Computer Networks (ISCON)10.1109/ISCON47742.2019.9036319(606-609)Online publication date: Nov-2019
https://doi.org/10.1109/ISCON47742.2019.9036319
Cimitile AMartinelli FMercaldo FNardone VSantone A(2017)Formal Methods Meet Mobile Code Obfuscation Identification of Code Reordering Technique2017 IEEE 26th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)10.1109/WETICE.2017.23(263-268)Online publication date: Jun-2017
https://doi.org/10.1109/WETICE.2017.23

Index Terms

How Discover a Malware using Model Checking
1. Security and privacy
  1. Formal methods and theory of security
    1. Formal security models

Recommendations

Smart malware detection on Android

Nowadays, because of its increased popularity, Android is target to a growing number of attacks and malicious applications, with the purpose of stealing private information and consuming credit by subscribing to premium services. Most of the current ...
Exploiting Model Checking for Mobile Botnet Detection
Abstract
Android malware is increasing from the point of view of the complexity and the harmful actions. As a matter fact, malware writers are developing sophisticated techniques to infect mobile devices very closed to their counterpart for personal ...
The Next Malware Battleground: Recovery After Unknown Infection

Malware has become a natural aspect of Internet computing due to the imperfectness of systems that identify malware and prevent their installation. Our ability to control the volume of unwanted and malicious traffic on the Internet—the spam messages, ...

Comments

Information & Contributors

Information

Published In

ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

April 2017

952 pages

ISBN:9781450349444

DOI:10.1145/3052973

General Chairs:
Ramesh Karri
New York University, New York, USA
,
Ozgur Sinanoglu
New York University Abu Dhabi, UAE
,
Program Chairs:
Ahmad-Reza Sadeghi
Technische Universität Darmstadt, Germany
,
Xun Yi
RMIT University, Australia

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 April 2017

Check for updates

Author Tags

Qualifiers

Demonstration

Conference

ASIA CCS '17

Sponsor:

SIGSAC

ASIA CCS '17: ACM Asia Conference on Computer and Communications Security

April 2 - 6, 2017

Abu Dhabi, United Arab Emirates

Acceptance Rates

ASIA CCS '17 Paper Acceptance Rate 67 of 359 submissions, 19%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
232
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)1

Reflects downloads up to 02 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Kumar NKumar VGaur M(2019)Banking Trojans APK Detection using Formal Methods2019 4th International Conference on Information Systems and Computer Networks (ISCON)10.1109/ISCON47742.2019.9036319(606-609)Online publication date: Nov-2019
https://doi.org/10.1109/ISCON47742.2019.9036319
Cimitile AMartinelli FMercaldo FNardone VSantone A(2017)Formal Methods Meet Mobile Code Obfuscation Identification of Code Reordering Technique2017 IEEE 26th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)10.1109/WETICE.2017.23(263-268)Online publication date: Jun-2017
https://doi.org/10.1109/WETICE.2017.23

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Smart malware detection on Android

Exploiting Model Checking for Mobile Botnet Detection

The Next Malware Battleground: Recovery After Unknown Infection

Comments

Information

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations