Más contenido relacionado Similar a Web-based Security Analysis Tool for Android Applications (20) Web-based Security Analysis Tool for Android Applications1. WebVbasedhSecurityhAnalysishToolh
forhAndroidhApplications
ComputerhSciencehDepartmentPhMetropolitanhCollege
NebiyuhFelekePhTandhyhSimanjuntakPhWenjiehShiPhYutinghZhangPhLouhChitkushevhh
naberraPhtandhyPhwjshiPhdanazhPhltc@bu.edu
Architecture
OnNgoingIWork
OurITool
EveryhfifthhAndroidVbasedhdevicehwithhKasperskyhsolutionshwash
attackedhbyhmalwarehduringhreportedhperiod
OtherIWebNbasedIAnalysisITools
Motivation
www.idc.com
www.kaspersky.com
www.kaspersky.com
Anubis
AIwebIportalIofIandroidIapplicationsIsecurity
ApplicationISecurityIAnalysisIbasedIonICategory
ImplicitIOpenIomponentsIinIFinanceIandIMedicalIApplications
PercentageIofITotalIOverIPrivilegeIApplicationsIbasedIonICategory
ProposedIWork
AIframeworkItoIanalyzeItheIsecurityIofIandroidIapplicationsIthroughIstaticIanalysis
ProposeIandIimplementIaInumberIofImetricsIcomplementaryItoIthoseIinImanyIexistingIwebNbasedIanalysisItools:
IdentifyIOverIPrivilege
IdentifyIReNDelegation
IdentifyIDangerousIPermissionsICombinationI
IdentifyIOpenIComponents
IdentifyIHiddenIFileIandICodeILoading
IdentifyIRootIExploitIandIMaliciousIDomain
AnalysishToolhPage
SearchhToolhPage
ApplicationISecurityIEvolutionIAnalysis
IdentifyIandIclassifyIapplicationsIwithIsimilar
functionalityIbasedIonIapplicationsEIdescriptionsIusingI
keywordIanalysis
InvestigateItheIassociationIbetweenIkeywordsIand
otherIsecurityImetricsIsuchIasIpermissions
PerformIbothIindividualIandIcollectiveIanalysis
ReNdelegation
OpenIComponents
OverNprivilege
DangerousIPermissionsICombination
HiddenIFiles
MaliciousIDomains
RootIExploit
CodeILoading
TypesIofIMetricsIChangedI
DistributionhofhAddedhVulnerabilities DistributionhofhDeletedhVulnerabilities
ProposedIWork
IdentifyImoreIsecurityImetricsIthatIcanIbe
usedIforIevolutionIanalysis,IincludingIthose
usedIinIotherIexistingItools
InvestigateItheIpossibleIsecurityIevolution
patternsIofIapplications
InvestigateItheIpossibleIsecurityIpatternsIofI
applicationsIwithIsimilarIfunctionality
NumberIofITypesIofIMetricsIChangedI
PercentageIofIDatasetI
MetricsIinclude:
DetailsIofIThreeIMetricsI
TypeIofIMetricsI
PercentageIofIDatasetI
NumberIofIAddedIVulnerabilitiesI
PercentageIofIApplicableIDatasetI
PercentageIofIApplicableIDatasetI
NumberIofIDeletedIVulnerabilitiesI
TotalIDownloadedIApplicationsIbasedIonICategory
IPercentageIofIRootIExploitIApplicationsIbasedIonICategory
TotalINumberI
Category
TotalIPercentageI
Category
TotalIPercentageI
Category
InvestigateIpossibleIupdateIattacks,
particularlyIthroughIanomalyIdetection