Skip to content Skip to navigation

Project 2 : Analyzing, Detecting, and Containing Mobile Malware

ANALYZING

Objectives

  • Analyzing mobile malware propagation
  • A large-scale user study

Existing solutions and their limitations

  • Only on x-86 platform

Outcomes / Deliverables

  • An app to simulate mobile malware propagation
  • Real-world traces and analysis results
  • Practical applications and impact
  • Understanding strategies of malware writers
  • Facilitating targeted defenses

CONTAINING

Objectives

  • Following privilege separation framework
  • Containing malware with minimum privileges

Existing solutions and their limitations

  • Requiring Android app modifications

Outcomes / Deliverables

  • Customized Android ROM with malware containment system
  • Practical applications and impact
  • Limiting capability of malware that succeeds in evading malware detection

DETECTING

Objectives

  • Behavioral models of Android apps
  • Detecting deviations from the models

Existing solutions and their limitations

  • Mostly on x-86 platform

Outcomes / Deliverables

  • Customized Android ROM with malware detection engine
  • Behavioral models of Android app hosted on cloud
  • Practical applications and impact
  • Systematic detection of Android malware
  • Detecting zero-day attacks on Android

SIGNIFICANT RESEARCH ACHIEVEMENTS

  • We have successfully conducted a user study to monitor how malware spreads out among SMU students.  We have also constructed behavioural models of the top 50k Android apps to be used for anomaly detection.  To limit the damage of an intrusion that evades our anomaly detection, we have finished the system design of the communication mechanism of a modified Android framework for "split execution".

 

Last updated on 09 Jun 2017 .