Write a Blog >>
MOBILESoft 2020
Mon 13 - Wed 15 July 2020
co-located with ICSE 2020
Wed 15 Jul 2020 13:30 - 13:45 at MobileSoft - Security and Privacy Chair(s): Ivano Malavolta

Android applications rely heavily on strings for sensitive operations like reflection, access to system resources, URL connections, database access, among others. Thus, insight into application behavior can be gained through not only an analysis of what strings an application creates but also the structure of the computation used to create theses strings, and in what manner are these strings used. In this paper we introduce a static analysis of Android applications to discover strings, how they are created, and their usage. The output of our static analysis contains all of this information in the form of a graph which we call a string computation. We leverage the results to classify individual application behavior with respect to malicious or benign intent. Unlike previous work that has focused only on extraction of string values, our approach leverages the structure of the computation used to generate string values as features to perform classification of Android applications. That is, we use none of the static analysis computed string values, rather using only the graph structures of created strings to do classification of an arbitrary Android application as malware or benign.
Our results show that leveraging string computation structures as features can yield precision and recall rates as high as 97% on modern malware. We also provide baseline results using other malware detection techniques using the same corpus of applications.

Wed 15 Jul
Times are displayed in time zone: (UTC) Coordinated Universal Time change

mobilesoft-2020-paper-presentations
13:30 - 15:00: Paper Presentations - Security and Privacy at MobileSoft
Chair(s): Ivano MalavoltaVrije Universiteit Amsterdam
Virtualization chair: Ferdian Thung
mobilesoft-2020-technical-papers13:30 - 13:45
Justin Del VecchioThe State University of New York, Lukasz ZiarekSUNY Buffalo, USA, Steve KoUniversity at Buffalo, The State University of New York
mobilesoft-2020-vision13:45 - 13:55
Patrizio MigliariniUniversity of L'Aquila, Gian Luca ScocciaUniversity of L'Aquila, Marco AutiliUniversity of L'Aquila, Italy, Paola InverardiUniversity of L'Aquila
mobilesoft-2020-vision13:55 - 14:05
Geoffrey HechtUniversity of Chile, Cyprien NeverovUniversity of Chile, Alexandre BergelUniversity of Chile
mobilesoft-2020-paper-presentations14:05 - 14:20
mobilesoft-2020-plenary14:20 - 14:30
mobilesoft-2020-paper-presentations14:30 - 15:00