Android collusion attack detection model

被引:0
作者
Yang H. [1 ]
Wang Z. [1 ]
机构
[1] School of Computer Science and Technology, Civil Aviation University of China, Tianjin
来源
Tongxin Xuebao/Journal on Communications | 2018年 / 39卷 / 06期
关键词
Android security; Collusion attack; Component communication; Finite state machine; Security policy rule set;
D O I
10.11959/j.issn.1000-436x.2018095
中图分类号
学科分类号
摘要
In order to solve the problem of poor efficiency and low accuracy of Android collusion detection, an Android collusion attack model based on component communication was proposed. Firstly, the feature vector set was extracted from the known applications and the feature vector set was generated. Secondly, the security policy rule set was generated through training and classifying the privilege feature set. Then, the component communication finite state machine according to the component and communication mode feature vector set was generated, and security policy rule set was optimized. Finally, a new state machine was generated by extracting the unknown application’s feature vector set, and the optimized security policy rule set was matched to detect privilege collusion attacks. The experimental results show that the proposed model has better detective efficiency and higher accuracy © 2018, Editorial Board of Journal on Communications. All right reserved.
引用
收藏
页码:27 / 36
页数:9
相关论文
共 24 条
[1]  
McaAfee Research Institute, McAfee labs threats report, pp. 1-53, (2016)
[2]  
Felt A.P., Wang H.J., Moshchuk A., Et al., Permission re-delegation: attacks and defenses, USENIX Security Symposium, pp. 30-31, (2011)
[3]  
Wu L., Du X., Zhang H., An effective access control scheme for preventing permission leak in Android, 2015 International Computing, Networking and Communications Conference, pp. 57-61, (2015)
[4]  
Blasco J., Chen T.M., Automated generation of colluding apps for experimental research, Journal of Computer Virology and Hacking Techniques, 36, 17, pp. 1-12, (2017)
[5]  
Arzt S., Rasthofer S., Fritz C., Et al., Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps, ACM Sigplan Notices, 49, 6, pp. 259-269, (2014)
[6]  
Asavoae I.M., Nguyen H.N., Roggenbach M., Et al., Utilising semantics for collusion detection in Android applications, International Workshop on Formal Methods for Industrial Critical Systems, pp. 142-149, (2016)
[7]  
Bosu A., Liu F., Yao D., Et al., Collusive data leak and more: Large-scale threat analysis of inter-app communications, 2017 ACM Conference on Computer and Communications Security, pp. 71-85, (2017)
[8]  
Wei F., Roy S., Ou X., Amandroid: a precise and general inter-component data flow analysis framework for security vetting of android apps, 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1329-1341, (2014)
[9]  
Li L., Bartel A., Bissyande T.F., Et al., ApkCombiner: combining multiple android appsto support inter-app analysis, IFIP International Information Security Conference, pp. 513-527, (2015)
[10]  
Schlegel R., Zhang K., Zhou X., Et al., Soundcomber: a stealthy and context-aware sound trojan for smartphones, The 2015 Network and Distributed System Security Conference, pp. 17-33, (2011)
123