YANG Tianchang, CUI Haoliang, NIU Shaozhang. Dynamic Loading Vulnerability Detection for Android Applications Through Ensemble Learning[J]. Chinese Journal of Electronics, 2017, 26(5): 960-965. doi: 10.1049/cje.2017.07.001
Citation: YANG Tianchang, CUI Haoliang, NIU Shaozhang. Dynamic Loading Vulnerability Detection for Android Applications Through Ensemble Learning[J]. Chinese Journal of Electronics, 2017, 26(5): 960-965. doi: 10.1049/cje.2017.07.001

Dynamic Loading Vulnerability Detection for Android Applications Through Ensemble Learning

doi: 10.1049/cje.2017.07.001
Funds:  This work is supported by The National Natural Science Foundation of China (No.61370195, No.U1536121).
More Information
  • Corresponding author: NIU Shaozhang (corresponding author) was born in 1963, he is a professor of School of Computer Science, Beijing University of Posts and Telecommunications, Beijing, China. His research interests include steganography, digital forensics and information security. (Email:szniu@bupt.edu.cn)
  • Received Date: 2017-01-09
  • Rev Recd Date: 2017-01-26
  • Publish Date: 2017-09-10
  • Valid authentication and security protection measures are not provided for external code and resources executed by dynamic loading technology during the runtime in Android. In this paper, a new method of detecting vulnerabilities related to dynamic loading technology is proposed. Two phases are included in the detection process. Static analysis phase determines the location information of the loading point and extracts the feature vector for each loading procedure. Identification phase classifies the extracted feature vector by means of constructed multilabel classification ensemble learning algorithm. According to the examination result on 4464 Android applications, 37.8% of all applications use the dynamic loading technology, and more than 12% of total test applications are detected with related security deficiencies. Experimental result shows that the detection method can detect vulnerabilities of dynamic loading effectively and is more comprehensive.
  • loading
  • D. Maier, M. Protsenko and T. Müller, "A game of Droid and Mouse:The threat of split-personality malware on Android", Computers & Security, Vol.54, pp.2-15, 2015.
    S. Poeplau, Y. Fratantonio, A. Bianchi, et al., "Execute this! Analyzing unsafe and malicious dynamic code loading in android applications", Proceedings 2014 Network and Distributed System Security Symposium, San Diego, California, USA, pp.23-26, 2014.
    M. Grace, Y. Zhou, Q. Zhang, et al., "RiskRanker:Scalable and accurate zero-day android malware detection", MobiSys'12 Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services, Ambleside, UK, pp.281-294, 2012.
    L. Batyuk, M. Herpich, S.A. Camtepe, et al., "Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications", MALWARE'11 Proceedings of the 20116th International Conference on Malicious and Unwanted Software, pp.66-72, 2011.
    W. Enck, P. Gilbert, S. Han, et al., "TaintDroid:An information-flow tracking system for realtime privacy monitoring on smartphones", ACM Transactions on Computer Systems, Vol.32, No.2, pp.393-407, 2014.
    J. Sahs and L. Khan, "A machine learning approach to android malware detection", 2012 European Intelligence and Security Informatics Conference, Odense, Denmark, pp.141-147, 2012.
    Min Zhao, Fangbin Ge, Tao Zhang, et al., "AntiMalDroid:An efficient SVM-based malware detection framework for android", Information Computing and Applications, Vol.243, pp.158-166, 2011.
    M.C. Grace, W. Zhou, X. Jiang, et al., "Unsafe exposure analysis of mobile in-app advertisements", ACM Conference on Security and Privacy in Wireless and Mobile Networks, Tucson, Arizona, USA, pp.101-112, 2012.
    T. Kwon and Z. Su, "Automatic detection of unsafe dynamic component loadings", IEEE Transactions on Software Engineering, Vol.38, No.2, pp.293-313, 2012.
    W. Hu, D. Octeau, P.D. Mcdaniel, et al., "Duet:library integrity verification for android applications", ACM Conference on Security and Privacy in Wireless & Mobile Networks, Oxford, UK, pp.141-152, 2014.
    B. Min and V. Varadharajan, "Secure dynamic software loading and execution using cross component verification", IEEE/IFIP International Conference on Dependable Systems and Networks, Rio de Janeiro, Brazil, pp.113-124, 2015.
    T. Luo, H. Hao, W. Du, et al., "Attacks on WebView in the android system", Twenty-Seventh Computer Security Applications Conference, Orlando, USA, pp.343-352, 2011.
    W. Zheng, C. Wang, Z. Liu, et al., "A multi-label classification algorithm based on random walk model", Chinese Journal of Computers, Vol.33, No.8, pp.1418-1426, 2010.
    G. Tsoumakas and I. Katakis, "Multi-label classification:An overview", International Journal of Data Warehousing & Mining, Vol.3, No.3, pp.1-13, 2009.
    Fu Zhongliang, "Cost-sensitive ensemble learning algorithm for multi-label classification problems", Acta Automatica Sinica, Vol.40, No.6, pp.1075-1085, 2011. (in Chinese)
    Anthony Desnos, "androguard", https://github.com/androguard/androguard/, 2015-6-12.
    Technische Universität Braunschweig, "The drebin dataset", https://www.sec.cs.tu-bs.de/~danarp/drebin/index.html, 2015-3-9.
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Article Metrics

    Article views (183) PDF downloads(295) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return