:::

詳目顯示

回上一頁
題名:以汙染傳遞為基礎之行動軟體威脅行為偵測
書刊名:電子商務學報
作者:陳嘉玫 引用關係林哲銘歐雅惠 引用關係賴谷鑫 引用關係
作者(外文):Chen, Chia-meiLin, Je-mingOu, Ya-huiLai, Gu-hsin
出版日期:2015
卷期:17:3
頁次:頁375-391
主題關鍵詞:靜態分析逆向工程汙染傳播法惡意軟體偵測Static analysisReverse engineeringTaint propagationMalware detection
原始連結:連回原系統網址new window
相關次數:
  • 被引用次數被引用次數:期刊(0) 博士論文(0) 專書(0) 專書論文(0)
  • 排除自我引用排除自我引用:0
  • 共同引用共同引用:2
  • 點閱點閱:10
隨著科技的進步,各企業組織提供客戶與員工無所不在的運算,線上服務也增加行動版,以提升競爭力與效率。為了方便使用與隨時連線,個人資料也因此儲存於行動裝置中,造成隱私資料洩漏之風險。動態分析需要隔離環境做分析,且分析時間較久,分析速度可能無法趕上惡意程式成長速度。此外,在分析過程中是否能成功觸發惡意行為,一直是動態分析的難題。本研究以靜態分析方式,以汙染傳播法追蹤程式碼資料流,利用惡意程式家族中歸納出威脅模式,再將追蹤之資料流與威脅模式進行比對,並回報符合之資料傳遞行為。實驗資料乃採用19個行動惡意程式家族進行測試。實驗結果證明本研究可以有效的偵測Android APP的惡意程式,正確率高達91.6%。
Businesses provide mobile applications for ubiquitous computing. Personal information often is stored in mobile devices for convenience, which implies a potential information leakage risk for users as well. Dynamic analysis requires a controlled environment to observe the execution behaviors and it is time-consuming and computational intensive work. Some malicious behaviors are triggered in certain conditions or input sequences, which makes the detection more challenging. In this study, static analysis based detection method is proposed and defines threat patterns based on the literature review and malware families. The proposed taint propagation algorithm tracks the sensitive data flows and the detection system verifies if the sensitive information is released by the target software. The experiment adopted 19 mobile malware families and the results indicated that the proposed detection method can detect malicious behaviors efficiently with the true positive rate of 91/6%.
期刊論文
1.陳嘉玫、江玟璟、歐雅惠(20140900)。開放資料應用於行動惡意程式分析研究。電子商務研究,12(3),319-335。new window  延伸查詢new window
2.Apvrille, A.、Strazzere, T.(2012)。Reducing the window of opportunity for Android malware Gotta catch'em all。Journal in Computer Virology,8(1/2),61-71。  new window
3.Kang, Y.、Park, C.、Wu, C.(2007)。Reverse-engineering 1-n associations from Java bytecode using alias analysis。Journal of Information and Software Technology,49(2),81-98。  new window
4.Shabtai, A.、Kanonov, U.、Elovici, Y.(2010)。Intrusion detection for mobile devices using the knowledge-based, temporal abstraction method。Journal of Systems and Software,83(8),1524-1537。  new window
5.Shabtai, A.、Kanonov, U.、Elovici, Y.、Glezer, C.、Weiss, Y.(2012)。"Andromaly": A behavioral malware detection framework for android devices。Journal of Intelligent Information Systems,38(1),161-190。  new window
會議論文
1.劉清雲、施汎勳(2014)。行動應用程式檢測與鑑識。臺灣駭客年會。臺灣,臺北市。  延伸查詢new window
2.Dai, S.(2010)。Behavior-based malware detection on mobile phone。Chengdu。  new window
3.Grace, M.、Zhou, Y.、Zhang, Q.、Zou, S.、Jiang, X.(2012)。RiskRanker: Scalable and accurate zero-day android malware detection。Ambleside, UK。  new window
4.Kim, H.、Smith, J.、Shin, K. G.(2008)。Detecting energy-greedy anomalies and mobile malware variants。Colorado。  new window
5.Nauman, M.、Khan, S.、Zhang, X.(2010)。Apex: Extending Android permission model and enforcement with user-defined runtime constraints。Beijing。  new window
6.Schmidt, A. D.、Schmidt, H. G.、Batyuk, L.、Clausen, J. H.、Camtepe, S. A.、Albayrak, S.、Yildizli, C.(2009)。Smartphone malware evolution revisited: Android next target?。Montreal, Canada。  new window
7.Wu, D. J.、Mao, C. H.、Wei, T. E.、Lee, H. M.、Wu, K. P.(2012)。DroidMat: Android malware detection through manifest and API calls tracing。Tokyo。  new window
8.Zhou, Y.、Jiang, X.(2012)。Dissecting Android malware: Characterization and evolution。California。  new window
研究報告
1.Arsene, L.(2012)。Android mobile malware report - 2012。  new window
2.F-Secure(2012)。Mobile threat report - Q4 2012。  new window
3.McAfee(2013)。McAfee threats report: First quarter 2013。  new window
圖書
1.Chess, B.、West, J.(2007)。Secure programming with static analysis (e-book)。MA:Addison-Wesley Professional。  new window
其他
1.AndroLib(2014)。Number of new applications in Android market by month,http://www.androlib.com/appstats.aspx, 2014/05/15。  new window
2.Spreitzenbarth, M.(2012)。Forensic blog: Mobile phone forensics and mobile malware,http://forensics.spreitzenbarth.de/2012/02/12/detailed-analysis-of-android-bmaster/, 2013/10/15。  new window
3.Symantec(2012)。Security response,http://www.symantec.com/security_response/, 2013/10/15。  new window
 
 
 
 
第一頁 上一頁 下一頁 最後一頁 top
QR Code
QRCODE