1,742 research outputs found
A family of droids -- Android malware detection via behavioral modeling: static vs dynamic analysis
Following the increasing popularity of mobile ecosystems, cybercriminals have increasingly targeted them, designing and distributing malicious apps that steal information or cause harm to the device's owner. Aiming to counter them, detection techniques based on either static or dynamic analysis that model Android malware, have been proposed. While the pros and cons of these analysis techniques are known, they are usually compared in the context of their limitations e.g., static analysis is not able to capture runtime behaviors, full code coverage is usually not achieved during dynamic analysis, etc. Whereas, in this paper, we analyze the performance of static and dynamic analysis methods in the detection of Android malware and attempt to compare them in terms of their detection performance, using the same modeling approach. To this end, we build on MaMaDroid, a state-of-the-art detection system that relies on static analysis to create a behavioral model from the sequences of abstracted API calls. Then, aiming to apply the same technique in a dynamic analysis setting, we modify CHIMP, a platform recently proposed to crowdsource human inputs for app testing, in order to extract API calls' sequences from the traces produced while executing the app on a CHIMP virtual device. We call this system AuntieDroid and instantiate it by using both automated (Monkey) and user-generated inputs. We find that combining both static and dynamic analysis yields the best performance, with F-measure reaching 0.92. We also show that static analysis is at least as effective as dynamic analysis, depending on how apps are stimulated during execution, and, finally, investigate the reasons for inconsistent misclassifications across methods.Accepted manuscrip
Towards Secure and Safe Appified Automated Vehicles
The advancement in Autonomous Vehicles (AVs) has created an enormous market
for the development of self-driving functionalities,raising the question of how
it will transform the traditional vehicle development process. One adventurous
proposal is to open the AV platform to third-party developers, so that AV
functionalities can be developed in a crowd-sourcing way, which could provide
tangible benefits to both automakers and end users. Some pioneering companies
in the automotive industry have made the move to open the platform so that
developers are allowed to test their code on the road. Such openness, however,
brings serious security and safety issues by allowing untrusted code to run on
the vehicle. In this paper, we introduce the concept of an Appified AV platform
that opens the development framework to third-party developers. To further
address the safety challenges, we propose an enhanced appified AV design schema
called AVGuard, which focuses primarily on mitigating the threats brought about
by untrusted code, leveraging theory in the vehicle evaluation field, and
conducting program analysis techniques in the cybersecurity area. Our study
provides guidelines and suggested practice for the future design of open AV
platforms
- …