论文信息 - Testing and Evaluation of Virus Detectors for Handheld Devices

Testing and Evaluation of Virus Detectors for Handheld Devices

The widespread use of personal digital assistants and smartphones should make securing these devices a high priority. Yet little attention has been placed on protecting handheld devices against viruses. Currently available antivirus software for handhelds is few in number. At this stage, the opportunity exists for the evaluation and improvement of current solutions. By pinpointing weaknesses in the current antivirus software, improvements can be made to properly protect these devices from a future tidal wave of viruses. This research evaluates four currently available antivirus solutions for handheld devices. A formal model of virus transformation that provides transformation traceability is presented. Ten tests were administered; nine involved the modification of source code of a known virus for handheld devices. The testing techniques used are well established in PC testing; thus the focus of this research is solely on handheld devices. The test results produced high false negative rates for the antivirus software and an overall false negative rate of 42.5%. This high rate shows that current solutions poorly identify modified versions of a virus. The virus is left undetected and capable of spreading, infecting and causing damage.

Yi Deng | Jose Andre Morales | Peter J. Clarke

[1] Simon N. Foley,et al. Are handheld viruses a significant threat? , 2001, CACM.

[2] Somesh Jha,et al. Testing malware detectors , 2004, ISSTA '04.

[3] Glenford J. Myers,et al. Art of Software Testing , 1979 .

[4] Hong Zhu,et al. Software unit test coverage and adequacy , 1997, ACM Comput. Surv..

[5] Arun Lakhotia,et al. Analysis and detection of computer viruses and worms: an annotated bibliography , 2002, SIGP.

[6] A. Conry-Murray. Product focus: Behavior-blocking stops unknown malicious code , 2002 .

[7] Frank Vahid,et al. Embedded system design - a unified hardware / software introduction , 2001 .

[8] Steven R. Gordon,et al. Real world anti-virus product reviews and evaluations -- the current state of affairs , 1996 .

[9] Guillermo A. Francia. Embedded systems programming , 2001 .

[10] Richard Ford. The Wrong Stuff? , 2004, IEEE Secur. Priv..

[11] Simeon C. Ntafos,et al. On random and partition testing , 1998, ISSTA.

[12] Fred B. Schneider,et al. Enforceable security policies , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[13] Carey Nachenberg,et al. Computer virus-antivirus coevolution , 1997, Commun. ACM.