Title :
Security Toolbox for Detecting Novel and Sophisticated Android Malware
Author :
Holland, Benjamin ; Deering, Tom ; Kothari, Suresh ; Mathews, Jon ; Ranade, Nikhil
Author_Institution :
Dept. of Electr. & Comput. Eng., Iowa State Univ., Ames, IA, USA
Abstract :
This paper presents a demo of our Security Toolbox to detect novel malware in Android apps. This Toolbox is developed through our recent research project funded by the DARPA Automated Program Analysis for Cybersecurity (APAC) project. The adversarial challenge ("Red") teams in the DARPA APAC program are tasked with designing sophisticated malware to test the bounds of malware detection technology being developed by the research and development ("Blue") teams. Our research group, a Blue team in the DARPA APAC program, proposed a "human-in-the-loop program analysis" approach to detect malware given the source or Java bytecode for an Android app. Our malware detection apparatus consists of two components: a general-purpose program analysis platform called Atlas, and a Security Toolbox built on the Atlas platform. This paper describes the major design goals, the Toolbox components to achieve the goals, and the workflow for auditing Android apps. The accompanying video illustrates features of the Toolbox through a live audit.
Keywords :
Java; invasive software; program diagnostics; research and development; smart phones; source code (software); APAC program; Android apps; Atlas platform; DARPA automated program analysis for cybersecurity; Java bytecode; blue teams; general-purpose program analysis platform; human-in-the-loop program analysis approach; live audit; malware detection apparatus; research and development teams; security toolbox; source bytecode; Androids; Humanoid robots; Malware; Semantics; Software; XML; Android; malware; mobile security; program analysis;
Conference_Titel :
Software Engineering (ICSE), 2015 IEEE/ACM 37th IEEE International Conference on
Conference_Location :
Florence
DOI :
10.1109/ICSE.2015.235
