IIT Home Page CNR Home Page

Model Checking for Mobile Android Malware Evolution

Software engineering researchers have largely demonstrated that newer versions of software make use of previous versions. No exception to this rule for the so-called malicious software, that frequently evolves in order to evade the detection by antimalware. As matter of fact, mobile malicious programs, such as trojans, are frequently related to previous malware through evolutionary relationships. Discovering those relationships and constructing a phylogenetic model is expected to be helpful for analyzing new malware and for establishing a principled naming scheme. In this paper we propose a model checking based method to infer mobile malware phylogenetic trees. We demonstrate, implementing our approach in the droidSapiens tool, that mobile malware families come from an ancestor and they influence own descendant, basing on the payload that they exhibit.

Formal Methods in Software Engineering, ICSE, International Conference on Software Engineering, Buenos Aires, Argentina, 2017

External authors: Aniello Cimitile (Dipartimento di Ingegneria, Università degli Studi del Sannio), Vittoria Nardone (Dipartimento di Ingegneria, Università degli Studi del Sannio), Antonella Santone (Dipartimento di Ingegneria, Università degli Studi del Sannio), Gigliola Vaglini (Dipartimento di Ingegneria dell'Informazione, Università di Pisa)
IIT authors:

Type: Contributo in atti di convegno
Field of reference: Computer Science & Engineering

File: model-checking-mobile.pdf

Activity: Sicurezza di dispositivi mobili