完整後設資料紀錄
DC 欄位語言
dc.contributor.authorLin, Ying-Daren_US
dc.contributor.authorLai, Yuan-Chengen_US
dc.contributor.authorChen, Chien-Hungen_US
dc.contributor.authorTsai, Hao-Chuanen_US
dc.date.accessioned2014-12-08T15:34:11Z-
dc.date.available2014-12-08T15:34:11Z-
dc.date.issued2013-11-01en_US
dc.identifier.issn0167-4048en_US
dc.identifier.urihttp://dx.doi.org/10.1016/j.cose.2013.08.010en_US
dc.identifier.urihttp://hdl.handle.net/11536/23460-
dc.description.abstractAndroid security has become highly desirable since adversaries can easily repackage malicious codes into various benign applications and spread these malicious repackaged applications (MRAs). Most MRA detection mechanisms on Android focus on detecting a specific family of MRAs or requiring the original benign application to compare with the malicious ones. This work proposes a new mechanism, SCSdroid (System Call Sequence Droid), which adopts the thread-grained system call sequences activated by applications. The concept is that even if MRAs can be camouflaged as benign applications, their malicious behavior would still appear in the system call sequences. SCSdroid extracts the truly malicious common subsequences from the system call sequence 6 of MRAs belonging to the same family. Therefore, these extracted common subsequences can be used to identify any evaluated application without requiring the original benign application. Experimental results show that SCSdroid falsely detected only two applications among 100 evaluated benign applications, and falsely detected only one application among 49 evaluated malicious applications. As a result, SCSdroid achieved up to 95.97% detection accuracy, i.e., 143 correct detections among 149 applications. (C) 2013 Elsevier Ltd. All rights reserved.en_US
dc.language.isoen_USen_US
dc.subjectMalicious repackaged applicationsen_US
dc.subjectDynamic analysisen_US
dc.subjectSystem callen_US
dc.subjectAndroiden_US
dc.subjectLongest common substringen_US
dc.titleIdentifying android malicious repackaged applications by thread-grained system call sequencesen_US
dc.typeArticleen_US
dc.identifier.doi10.1016/j.cose.2013.08.010en_US
dc.identifier.journalCOMPUTERS & SECURITYen_US
dc.citation.volume39en_US
dc.citation.issueen_US
dc.citation.spage340en_US
dc.citation.epage350en_US
dc.contributor.department資訊工程學系zh_TW
dc.contributor.department網路測試中心zh_TW
dc.contributor.departmentDepartment of Computer Scienceen_US
dc.contributor.departmentNetwork Benchmarking Laben_US
dc.identifier.wosnumberWOS:000329007400017-
dc.citation.woscount1-
顯示於類別:期刊論文


文件中的檔案:

  1. 000329007400017.pdf

若為 zip 檔案,請下載檔案解壓縮後,用瀏覽器開啟資料夾中的 index.html 瀏覽全文。