Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/en/node/59506' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/en/node/59506' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Call Graph and Model Checking for Fine-Grained Android Malicious Behaviour Detection | IIT - CNR - Istituto di Informatica e Telematica
IIT Home Page CNR Home Page

Call Graph and Model Checking for Fine-Grained Android Malicious Behaviour Detection

The increasing diffusion of mobile devices, widely used for critical tasks such as the transmission of sensitive and private information, corresponds to an increasing need for methods to detect malicious actions that can undermine our data. As demonstrated in the literature, the signature-based approach provided by antimalware is not able to defend users from new threats. In this paper, we propose an approach based on the adoption of model checking to detect malicious families in the Android environment. We consider two different automata representing Android applications, based respectively on Control Flow Graphs and Call Graphs. The adopted graph data structure allows to detect potentially malicious behaviour and also localize the code where the malicious action happens. We experiment the effectiveness of the proposed method evaluating more than 3000 real-world Android samples (with 2552 malware belonging to 21 malicious family), by reaching an accuracy ranging from 0.97 to 1 in malicious family detection.

ORCID: https://orcid.org/0000-0001-7060-6233


Applied Sciences, 2020

External authors: Antonella Santone (Università del Molise)
IIT authors:

Type: Contributo in rivista non ISI
Field of reference: Computer Science & Engineering

File: abstract_Call_Graph_and_Model_Checking_for_Fine_Grained_Android_Malicious_Behaviour_Detection.pdf

Activity: Sicurezza di dispositivi mobili