Elish et al., 2015 - Google Patents
Profiling user-trigger dependence for Android malware detectionElish et al., 2015
View HTML- Document ID
- 17620930541956598205
- Author
- Elish K
- Shu X
- Yao D
- Ryder B
- Jiang X
- Publication year
- Publication venue
- Computers & Security
External Links
Snippet
As mobile computing becomes an integral part of the modern user experience, malicious applications have infiltrated open marketplaces for mobile platforms. Malware apps stealthily launch operations to retrieve sensitive user or device data or abuse system resources. We …
- 238000001514 detection method 0 title description 32
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Elish et al. | Profiling user-trigger dependence for Android malware detection | |
| Chen et al. | Tokenscope: Automatically detecting inconsistent behaviors of cryptocurrency tokens in ethereum | |
| Suarez-Tangil et al. | Droidsieve: Fast and accurate classification of obfuscated android malware | |
| Narayanan et al. | A multi-view context-aware approach to Android malware detection and malicious code localization | |
| Fass et al. | Doublex: Statically detecting vulnerable data flows in browser extensions at scale | |
| Yang et al. | Appcontext: Differentiating malicious and benign mobile app behaviors using context | |
| Feng et al. | Apposcopy: Semantics-based detection of android malware through static analysis | |
| Avdiienko et al. | Mining apps for abnormal usage of sensitive data | |
| Canfora et al. | Leila: formal tool for identifying mobile malicious behaviour | |
| Jang et al. | Andro-AutoPsy: Anti-malware system based on similarity matching of malware and malware creator-centric information | |
| Xu et al. | Permlyzer: Analyzing permission usage in android applications | |
| US9798981B2 (en) | Determining malware based on signal tokens | |
| Soh et al. | Detecting clones in android applications through analyzing user interfaces | |
| Ou et al. | S3Feature: A static sensitive subgraph-based feature for android malware detection | |
| US8739283B1 (en) | Automatic generation of malware clean pattern | |
| Tian et al. | Analysis of code heterogeneity for high-precision classification of repackaged malware | |
| Aslan et al. | Using a subtractive center behavioral model to detect malware | |
| Damopoulos et al. | Exposing mobile malware from the inside (or what is your mobile app really doing?) | |
| Faruki et al. | Droidanalyst: Synergic app framework for static and dynamic app analysis | |
| Apvrille et al. | Identifying unknown android malware with feature extractions and classification techniques | |
| Elish et al. | A static assurance analysis of android applications | |
| Yang et al. | Droidward: an effective dynamic analysis method for vetting android applications | |
| Nisslmueller | LOLBin detection through unsupervised learning: An approach based on explicit featurization of the command line and parent-child relationships | |
| Muralee et al. | {ARGUS}: A Framework for Staged Static Taint Analysis of {GitHub} Workflows and Actions | |
| Meng et al. | DroidEcho: an in-depth dissection of malicious behaviors in Android applications |