Full metadata record
DC FieldValueLanguage
dc.contributor.authorWang, Chiweien_US
dc.contributor.authorShieh, Shiuhpyng Winstonen_US
dc.date.accessioned2015-07-21T08:28:54Z-
dc.date.available2015-07-21T08:28:54Z-
dc.date.issued2015-01-01en_US
dc.identifier.issn1016-2364en_US
dc.identifier.urihttp://hdl.handle.net/11536/124237-
dc.description.abstractTaint analysis for Android malware has received much attention in recent research. Existing taint techniques operate either at Java object level or at deeper instruction level. Object-level tracking is suitable for malware written in Java byte-code, but not for native ones. Instruction-level tracking captures the finest data flow. However, it leads to obscure semantic reconstruction and low performance. In this paper, we present DROIT, a taint tracker which dynamically alternates between object-level and instruction-level tracking on demands. DROIT tracks data flow at Java object level in general. When its Dalvik VM exits the byte-code execution, DROIT automatically switches to instruction-level tracking, and vice versa. The trigger-based DROIT can alternate between the two levels in an efficient manner, and can provide dual-level whole image of the data flow, rather than fragments. Tracking at the dual levels also eases the semantic reconstruction significantly. The experiment with Android information-stealing trojans showed that DROIT can handle Java-based malware, those composed in native code, and those alternating between the two levels (e.g., DroidKungFu), respectively.en_US
dc.language.isoen_USen_US
dc.subjectmobile securityen_US
dc.subjectmalware analysisen_US
dc.subjecttaint analysisen_US
dc.subjectinformation flow trackingen_US
dc.subjectbinary translationen_US
dc.subjectAndroid operating systemen_US
dc.subjectDalvik virtual machineen_US
dc.titleDROIT: Dynamic Alternation of Dual-Level Tainting for Malware Analysisen_US
dc.typeArticleen_US
dc.identifier.journalJOURNAL OF INFORMATION SCIENCE AND ENGINEERINGen_US
dc.citation.volume31en_US
dc.citation.spage111en_US
dc.citation.epage129en_US
dc.contributor.department資訊工程學系zh_TW
dc.contributor.departmentDepartment of Computer Scienceen_US
dc.identifier.wosnumberWOS:000348091300006en_US
dc.citation.woscount0en_US
Appears in Collections:Articles