ICSE 2015 – Security Toolbox for Detecting Novel and Sophisticated Android Malware

Abstract:

This paper presents a demo of our Security Toolbox to detect novel malware in Android apps. This Toolbox is developed through our recent research project funded by the DARPA Automated Program Analysis for Cybersecurity (APAC) project. The adversarial challenge (“Red”) teams in the DARPA APAC program are tasked with designing sophisticated malware to test the bounds of malware detection technology being developed by the research and development (“Blue”) teams. Our research group, a Blue team in the DARPA APAC program, proposed a “human-in-the-loop program analysis” approach to detect malware given the source or Java bytecode for an Android app. Our malware detection apparatus consists of two components: a general-purpose program analysis platform called Atlas, and a Security Toolbox built on the Atlas platform. This paper describes the major design goals, the Toolbox components to achieve the goals, and the workflow for auditing Android apps. The accompanying video illustrates features of the Toolbox through a live audit.

Venue: 37th International Conference on Software Engineering (ICSE 2015), Firenze, Italy, May 16-24, 2015.

Authors: Benjamin Holland, Tom Deering, Suresh Kothari, Jon Mathews, Nikhil Ranade

Paper (PDF): SecurityToolbox-ICSE2015.pdf

Bibtex:

@INPROCEEDINGS{7203055,
author={B. Holland and T. Deering and S. Kothari and J. Mathews and N. Ranade},
booktitle={2015 IEEE/ACM 37th IEEE International Conference on Software Engineering},
title={Security Toolbox for Detecting Novel and Sophisticated Android Malware},
year={2015},
volume={2},
pages={733-736},
keywords={Java;invasive software;program diagnostics;research and development;smart phones;source code (software);APAC program;Android apps;Atlas platform;DARPA automated program analysis for cybersecurity;Java bytecode;blue teams;general-purpose program analysis platform;human-in-the-loop program analysis approach;live audit;malware detection apparatus;research and development teams;security toolbox;source bytecode;Androids;Humanoid robots;Malware;Semantics;Software;XML;Android;malware;mobile security;program analysis},
doi={10.1109/ICSE.2015.235},
ISSN={0270-5257},
month={May},}

Categories: Papers

Leave a Reply