Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/node/59606' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/node/59606' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Model checking and machine learning techniques for HummingBad mobile malware detection and mitigation | IIT - CNR - Istituto di Informatica e Telematica
IIT Home Page CNR Home Page

Model checking and machine learning techniques for HummingBad mobile malware detection and mitigation

Android currently represents the most widespread operating system focused on mobile devices. It is not surprising that the majority of malware is created to perpetrate attacks targeting mobile devices equipped with this operating systems. In the mobile malware landscape, there exists a plethora of malware families exhibiting different malicious behaviors. One of the recent threat in this landscape is represented by the HummingBad malware, able to perpetrate multiple attacks for obtain root credentials and to silently install applications on the infected device. From these considerations, in this paper we discuss two different methodologies aimed to detect malicious samples targeting Android environment. In detail the first approach is based on machine learning technique, while the second one is a model checking based approach. Moreover, the model checking approach is able to localize the malicious behaviour of the application under analysis code, in terms of package, class and method. We evaluate the effectiveness of both the designed methods on real-world samples belonging to the HummingBad malware family, one of the most recent and aggressive behaviour embed into malicious Android applications.

Simulation Modeling Practice and Theory, 2020

Autori esterni: Vittoria Nardone (Università degli Studi del Sannio, Benevento), Antonella Santone (Università degli Studi del Molise, Campobasso), Gigliola Vaglini (Università degli Studi di Pisa, Pisa)
Autori IIT:

Tipo: Contributo in rivista ISI
Area di disciplina: Computer Science & Engineering

File: ITASEC___HummingBad.pdf

Attività: Metodi formali per la sicurezza di sistemi ICT
Sicurezza di dispositivi mobili