IIT Home Page CNR Home Page

Identifying Mobile Repackaged Applications through Formal Methods

Smartphones and tablets are rapidly become indispensable in every day activities. Android has become the most popular operating system for mobile environments in the world. These devices, owing to the open nature of Android, are continuously exposed to attacks, mostly to data exfiltration and monetary fraud. There are many techniques to embed the bad code, i.e. the instructions able to perform a malicious behaviour, into a legitimate application: the most diffused one is the so-called repackaged, that consists of reverse engineer the application in order to embed the malicious code and then (re)distribute them in the official and/or third party markets. In this paper we propose a technique to localize malicious payload of GinMaster family, one of the most representative repackaged trojan in Android environment. We obtain encouraging results, achieving an accuracy equal to 0.9.

1st International Workshop on FORmal methods for Security Engineering (ForSE 2017), in conjunction with the 3rd International Conference on Information Systems Security and Privacy (ICISSP 2017) , Porto, Portugal, 2017

External authors: Vittoria Nardone (Dipartimento di Ingegneria, Università degli Studi del Sannio), Antonella Santone (Dipartimento di Ingegneria, Università degli Studi del Sannio), Corrado Aaron Visaggio (Dipartimento di Ingegneria, Università degli Studi del Sannio)
IIT authors:

Type: Contributo in atti di convegno
Field of reference: Computer Science & Engineering

File: identifying-mobile-repackaged.pdf

Activity: Sicurezza di dispositivi mobili