Rasthofer, Siegfried ; Arzt, Steven ; Bodden, Eric (2014)
A machine-learning approach for classifying and categorizing android sources and sinks.
In: 2014 Network and Distributed System Security Symposium (NDSS)
Artikel, Bibliographie
Kurzbeschreibung (Abstract)
Today’s smartphone users face a security dilemma: many apps they install operate on privacy-sensitive data, although they might originate from developers whose trustworthiness is hard to judge. Researchers have addressed the problem with more and more sophisticated static and dynamic analysis tools as an aid to assess how apps use private user data. Those tools, however, rely on the manual configuration of lists of sources of sensitive data as well as sinks which might leak data to untrusted observers. Such lists are hard to come by.
We thus propose SUSI, a novel machine-learning guided approach for identifying sources and sinks directly from the code of any Android API. Given a training set of hand-annotated sources and sinks, SUSI identifies other sources and sinks in the entire API. To provide more fine-grained information, SUSI further categorizes the sources (e.g., unique identifier, location information, etc.) and sinks (e.g., network, file, etc.).
For Android 4.2, SUSI identifies hundreds of sources and sinks with over 92% accuracy, many of which are missed by current information-flow tracking tools. An evaluation of about 11,000 malware samples confirms that many of these sources and sinks are indeed used. We furthermore show that SUSI can reliably classify sources and sinks even in new, previously unseen Android versions and components like Google Glass or the Chromecast API.
| Typ des Eintrags: | Artikel |
|---|---|
| Erschienen: | 2014 |
| Autor(en): | Rasthofer, Siegfried ; Arzt, Steven ; Bodden, Eric |
| Art des Eintrags: | Bibliographie |
| Titel: | A machine-learning approach for classifying and categorizing android sources and sinks |
| Sprache: | Englisch |
| Publikationsjahr: | 2014 |
| Titel der Zeitschrift, Zeitung oder Schriftenreihe: | 2014 Network and Distributed System Security Symposium (NDSS) |
| Kurzbeschreibung (Abstract): | Today’s smartphone users face a security dilemma: many apps they install operate on privacy-sensitive data, although they might originate from developers whose trustworthiness is hard to judge. Researchers have addressed the problem with more and more sophisticated static and dynamic analysis tools as an aid to assess how apps use private user data. Those tools, however, rely on the manual configuration of lists of sources of sensitive data as well as sinks which might leak data to untrusted observers. Such lists are hard to come by. We thus propose SUSI, a novel machine-learning guided approach for identifying sources and sinks directly from the code of any Android API. Given a training set of hand-annotated sources and sinks, SUSI identifies other sources and sinks in the entire API. To provide more fine-grained information, SUSI further categorizes the sources (e.g., unique identifier, location information, etc.) and sinks (e.g., network, file, etc.). For Android 4.2, SUSI identifies hundreds of sources and sinks with over 92% accuracy, many of which are missed by current information-flow tracking tools. An evaluation of about 11,000 malware samples confirms that many of these sources and sinks are indeed used. We furthermore show that SUSI can reliably classify sources and sinks even in new, previously unseen Android versions and components like Google Glass or the Chromecast API. |
| Fachbereich(e)/-gebiet(e): | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt 20 Fachbereich Informatik > EC SPRIDE 20 Fachbereich Informatik > EC SPRIDE > Secure Software Engineering Zentrale Einrichtungen LOEWE 20 Fachbereich Informatik LOEWE > LOEWE-Zentren |
| Hinterlegungsdatum: | 24 Nov 2014 14:19 |
| Letzte Änderung: | 24 Nov 2014 14:19 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum