5,421 research outputs found

    Eight years of rider measurement in the Android malware ecosystem: evolution and lessons learned

    Full text link
    Despite the growing threat posed by Android malware, the research community is still lacking a comprehensive view of common behaviors and trends exposed by malware families active on the platform. Without such view, the researchers incur the risk of developing systems that only detect outdated threats, missing the most recent ones. In this paper, we conduct the largest measurement of Android malware behavior to date, analyzing over 1.2 million malware samples that belong to 1.2K families over a period of eight years (from 2010 to 2017). We aim at understanding how the behavior of Android malware has evolved over time, focusing on repackaging malware. In this type of threats different innocuous apps are piggybacked with a malicious payload (rider), allowing inexpensive malware manufacturing. One of the main challenges posed when studying repackaged malware is slicing the app to split benign components apart from the malicious ones. To address this problem, we use differential analysis to isolate software components that are irrelevant to the campaign and study the behavior of malicious riders alone. Our analysis framework relies on collective repositories and recent advances on the systematization of intelligence extracted from multiple anti-virus vendors. We find that since its infancy in 2010, the Android malware ecosystem has changed significantly, both in the type of malicious activity performed by the malicious samples and in the level of obfuscation used by malware to avoid detection. We then show that our framework can aid analysts who attempt to study unknown malware families. Finally, we discuss what our findings mean for Android malware detection research, highlighting areas that need further attention by the research community.Accepted manuscrip

    Intellectual Property and Intra-Community Trade

    Get PDF
    This Article will use recently decided intellectual property cases and other recent developments in European Community competition law to critically discuss the European Community\u27s traditional and strict pro-free trade approach in intellectual property cases. It will focus in particular on issues relating to the territorial nature of intellectual property rights. Part I of this Article examines the Court\u27s free trade approach in free movement cases involving patent rights. Part II explores patent rights in the context of technology Licensing Agreements, in particular in light of recent antitrust developments concerning vertical restraints. Part III discusses trademark issues. It first considers free movement rules and concludes with a brief discussion of trademark Licensing Agreements and antitrust law

    Implementation of Application Packaging Technology in Healthcare Industry

    Get PDF
    Application packaging bundles applications for operating systems into a single file called a distribution unit (.msi), which makes the administrator work easier to deploy and install them on user\u27s computers. This project was about repackaging Adobe Reader and after successful repackaging of the application, the customization of Adobe was done with the help of Adobe Customization Wizard. By applying Software Development Life Cycle (SDLC) methodology based on the requirement the packagers were able to create detailed analysis on Adobe Reader to support each step involved in managing a desktop application from deployment through retirement. The main objective of this project was to analyze the data to make the required and necessary customizations to the Adobe Reader to save time and effort. Application packaging can be important component for efficiently managing the increased volume of software on desktop and notebook systems. By streamlining software installation, uninstallation, repair, and patching, application packaging can help reduce costs associated with each phase of the application deployment and support life cycle

    CloneSpot: Fast detection of Android repackages

    Get PDF
    Repackaging of applications is one of the key attack vectors for mobile malware. This is particularly easy and popular in Android Markets, where applications can be downloaded, decompiled, modified and re-uploaded at a very low cost. Detecting clones and victims is often a hard task, especially in markets with several million of applications to analyze, such as Google Play Store. This work proposes CloneSpot, a novel methodology to efficiently detect Repackaged versions of Android apps using Min-Hashing techniques applied to applications’ meta-data publicly available at Google Play. We validate our approach by analyzing 1.3 Million of applications collected from Google Play in September 2017, from which around 420K are detected as potential repackaged or victim versions of other applications.The authors would like to acknowledge the support of the national project TEXEO (TEC2016-80339-R), funded by the Ministerio de Economia y Competitividad of SPAIN and the EU-funded project SMOOTH (Grant no. H2020-786741). In addition, Ignacio Martin would like to acknowledge the support of the Spanish Ministry of Education by means of the FPU grant he holds (FPU15/03518)

    A deliberative model for self-adaptation middleware using architectural dependency

    Get PDF
    A crucial prerequisite to externalized adaptation is an understanding of how components are interconnected, or more particularly how and why they depend on one another. Such dependencies can be used to provide an architectural model, which provides a reference point for externalized adaptation. In this paper, it is described how dependencies are used as a basis to systems' self-understanding and subsequent architectural reconfigurations. The approach is based on the combination of: instrumentation services, a dependency meta-model and a system controller. In particular, the latter uses self-healing repair rules (or conflict resolution strategies), based on extensible beliefs, desires and intention (EBDI) model, to reflect reconfiguration changes back to a target application under examination
    • …
    corecore