The application collusion attack is a new form of threat that is becoming widespread in mobile environment. This technique requires that two or more apps cooperate in some way with the aim to perform a malicious action that they are unable to perform independently. In this paper we present a method exploiting the model checking technique aimed to detect whether two or more apps are performing a collusion attack. We also propose a heuristic function able to reduce the number of the analyzed apps and to localize the collusion. The preliminary investigation has brought very promising results.
Colluding Android Apps Detection via Model Checking
Casolare R.;Mercaldo F.;Nardone V.;Santone A.
2020-01-01
Abstract
The application collusion attack is a new form of threat that is becoming widespread in mobile environment. This technique requires that two or more apps cooperate in some way with the aim to perform a malicious action that they are unable to perform independently. In this paper we present a method exploiting the model checking technique aimed to detect whether two or more apps are performing a collusion attack. We also propose a heuristic function able to reduce the number of the analyzed apps and to localize the collusion. The preliminary investigation has brought very promising results.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
