Towards Automated Android App Collusion Detection

Android OS supports multiple communication methods between apps. This opens the possibility to carry out threats in a collaborative fashion, c.f. the Soundcomber example from 2011. In this paper we provide a concise definition of collusion and report on a number of automated detection approaches, developed in co-operation with Intel Security.

[1]  Ninghui Li,et al.  Android permissions: a perspective combining risks and benefits , 2012, SACMAT '12.

[2]  S. E. Ahmed,et al.  Handbook of Statistical Distributions with Applications , 2007, Technometrics.

[3]  Ahmad-Reza Sadeghi,et al.  Practical and lightweight domain isolation on Android , 2011, SPSM '11.

[4]  Alireza Sadeghi,et al.  Analysis of Android Inter-App Security Vulnerabilities Using COVERT , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[5]  Helen J. Wang,et al.  Permission Re-Delegation: Attacks and Defenses , 2011, USENIX Security Symposium.

[6]  Grigore Rosu,et al.  From Rewriting Logic, to Programming Language Semantics, to Program Verification , 2015, Logic, Rewriting, and Concurrency.

[7]  R Core Team,et al.  R: A language and environment for statistical computing. , 2014 .

[8]  Jacques Klein,et al.  FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.

[9]  Ninghui Li,et al.  Using probabilistic generative models for ranking risks of Android apps , 2012, CCS.

[10]  Karim O. Elish,et al.  On the Need of Precise Inter-App ICC Classification for Detecting Android , 2015 .

[11]  Jacques Klein,et al.  ApkCombiner: Combining Multiple Android Apps to Support Inter-App Analysis , 2015, SEC.

[12]  William Snavely,et al.  Making DidFail Succeed: Enhancing the CERT Static Taint Analyzer for Android App Sets , 2015 .

[13]  Norman Hardy,et al.  The Confused Deputy: (or why capabilities might have been invented) , 1988, OPSR.

[14]  Apu Kapadia,et al.  Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones , 2011, NDSS.

[15]  Ahmad-Reza Sadeghi,et al.  XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks , 2011 .

[16]  David A. Wagner,et al.  Analyzing inter-application communication in Android , 2011, MobiSys '11.

[17]  Ahmad-Reza Sadeghi,et al.  Privilege Escalation Attacks on Android , 2010, ISC.

[18]  Juan E. Tapiador,et al.  Compartmentation Policies for Android Apps: A Combinatorial Optimization Approach , 2015, NSS.

[19]  Srdjan Capkun,et al.  Application Collusion Attack on the Permission-Based Security Model and its Implications for Modern Smartphone Systems , 2010 .

[20]  Xiaojiang Du,et al.  An effective access control scheme for preventing permission leak in Android , 2015, 2015 International Conference on Computing, Networking and Communications (ICNC).

[21]  Juan E. Tapiador,et al.  Evolution, Detection and Analysis of Malware for Smart Devices , 2014, IEEE Communications Surveys & Tutorials.