Typically, when a platform is widely disseminated, malicious writers focus their attention in order to perpetrate attacks on the widespread environment. This is the reason why nowadays there exists a series of attacks targeting the Android operating system, the most common platform available for mobile devices. In this paper we present a tool implementing a model checking-based approach to identify Android malware. Furthermore, the tool is also useful to localize the malicious behaviour of the application under analysis code. We evaluate the effectiveness of the tool on real-world samples belonging to the HummingBad malware family, one of the most recent and aggressive Android threats.

Model Checking to Detect the Hummingbad Malware

Mercaldo F.;Nardone V.;Santone A.
;
2019-01-01

Abstract

Typically, when a platform is widely disseminated, malicious writers focus their attention in order to perpetrate attacks on the widespread environment. This is the reason why nowadays there exists a series of attacks targeting the Android operating system, the most common platform available for mobile devices. In this paper we present a tool implementing a model checking-based approach to identify Android malware. Furthermore, the tool is also useful to localize the malicious behaviour of the application under analysis code. We evaluate the effectiveness of the tool on real-world samples belonging to the HummingBad malware family, one of the most recent and aggressive Android threats.
2019
978-3-030-32257-1
978-3-030-32258-8
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11695/90571
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? 0
social impact