| Applied Sciences | |
| Detecting Colluding Inter-App Communication in Mobile Environment | |
| Rosangela Casolare1 Antonella Santone2 Fabio Martinelli3 Francesco Mercaldo3 | |
| [1] Department of Biosciences and Territory, University of Molise, 86090 Pesche, Italy;Department of Medicine and Health Sciences “Vincenzo Tiberio”, University of Molise, 86100 Campobasso, Italy;Institute for Informatics and Telematics, National Research Council of Italy, 56124 Pisa, Italy; | |
| 关键词: colluding; malware; model checking; formal methods; security; Android; | |
| DOI : 10.3390/app10238351 | |
| 来源: DOAJ | |
【 摘 要 】
The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications is a critical and challenging task, especially considering that the user is often totally unaware of the behavior of the applications installed on their device. In this paper, we propose a method to detect inter-app communication i.e., a colluding communication between different applications with data support to silently exfiltrate sensitive and private information. We based the proposed method on model checking, by representing Android applications in terms of automata and by proposing a set of logic properties to reduce the number of comparisons and a set of logic properties automatically generated for detecting colluding applications. We evaluated the proposed method on a set of 1092 Android applications, including different colluding attacks, by obtaining an accuracy of 1, showing the effectiveness of the proposed method.
【 授权许可】
Unknown
878987797
028-85220240
