Mobile Software Assurance Informed through Knowledge Graph Construction: The OWASP Threat of Insecure Data Storage

Many organizations, to save costs, are moving to the Bring Your Own Mobile Device (BYOD) model and adopting applications built by third-parties at an unprecedented rate. Our research examines software assurance methodologies specifically focusing on security analysis coverage of the program analysis for mobile malware detection, mitigation, and prevention. This research focuses on secure software development of Android applications by developing knowledge graphs for threats reported by the Open Web Application Security Project (OWASP). OWASP maintains lists of the top ten security threats to web and mobile applications. We develop knowledge graphs based on the two most recent top ten threat years and show how the knowledge graph relationships can be discovered in mobile application source code. We analyze 200+ healthcare applications from GitHub to gain an understanding of their software assurance of their developed software for one of the OWASP top ten mobile threats, the threat of “Insecure Data Storage.” We find that many of the applications are storing personally identifying information (PII) in potentially vulnerable places leaving users exposed to higher risks for the loss of their sensitive data

Android Permission Classifier: a deep learning algorithmic framework based on protection and threat levels

Recent works demonstrated that Android is the fastest growing mobile OS with the highest number of users worldwide. Android's popularity is facilitated by factors such as ease of use, open‐source, and cheap to purchase compared to mobile OS like iOS. The widespread of Android has brought an exponential increase in the complexity and number of malicious applications targeting Android. Malware deploys different attack vectors to exploit Android vulnerability and attack the OS. One way to thwart malware attacks on Android is the use of Android security patches, antivirus software, and layer security. However, the fact that the permission request dynamic is different from other attack vectors, makes it difficult to identify which permission request is malicious or not especially when constructing permission request profiles for Android users. The aforementioned challenge is tackled by our research. This article proposed a framework called Android Permission Classifier for the classification of Android malware permission requests based on threat levels. This article is the first to classify Android permission based on their protection and threat levels. With the framework, out of the 113 permissions extracted, 23 were classified as more dangerous. Our model shows classification accuracy of 97% and an FPR value of 0.2% with high diversity capacity when compared with the performance of those of other similar existing metho

Malware detection using static analysis in android: A review of FeCO (features, classification, and obfuscation)

Android is a free open-source operating system (OS), which allows an in-depth understanding of its architecture. Therefore, many manufacturers are utilizing this OS to produce mobile devices (smartphones, smartwatch, and smart glasses) in different brands, including Google Pixel, Motorola, Samsung, and Sony. Notably, the employment of OS leads to a rapid increase in the number of Android users. However, unethical authors tend to develop malware in the devices for wealth, fame, or private purposes. Although practitioners conduct intrusion detection analyses, such as static analysis, there is an inadequate number of review articles discussing the research efforts on this type of analysis. Therefore, this study discusses the articles published from 2009 until 2019 and analyses the steps in the static analysis (reverse engineer, features, and classification) with taxonomy. Following that, the research issue in static analysis is also highlighted. Overall, this study serves as the guidance for novice security practitioners and expert researchers in the proposal of novel research to detect malware through static analysis

The Android Malware Static Analysis: Techniques, Limitations, and Open Challenges

3rd International Conference on Computer Science and Engineering (UBMK) -- SEP 20-23, 2018 -- Sarajevo, BOSNIA & HERCEGWOS: 000459847400113This paper aims to explain static analysis techniques in detail, and to highlight the weaknesses and challenges which face it. To this end, more than 80 static analysis based framework have been studied, and in their light, the process of detecting malicious applications has been divided into four phases that were explained in a schematic manner. Also, the features that is used in static analysis were discussed in detail by dividing it into four categories namely, Manifest-based features, code-based features, semantic features and app's metadata-based features. Also, the challenges facing methods based on static analysis were discussed in detail. Finally, a case study was conducted to test the strength of some known commercial antivirus and one of the stat-of-art academic static analysis frameworks against obfuscation techniques used by developers of malicious applications. The results showed a significant impact on the performance of the most tested antiviruses and frameworks, which is reflecting the urgent need for more accurately tools.BMBB, Istanbul Teknik Univ, Gazi Univ, ATILIM Univ, Int Univ Sarajevo, Kocaeli Univ, TURKiYE BiLiSiM VAKF