Identifying Mobile Repackaged Applications through Formal Methods

Fabio Martinelli; Francesco Mercaldo; Vittoria Nardone; Antonella Santone; Corrado Aaron Visaggio

doi:10.5220/0006287906730682

Identifying Mobile Repackaged Applications through Formal Methods

Fabio Martinelli, Francesco Mercaldo, Vittoria Nardone, Antonella Santone, Corrado Aaron Visaggio

2017

Abstract

Smartphones and tablets are rapidly become indispensable in every day activities. Android has become the most popular operating system for mobile environments in the world. These devices, owing to the open nature of Android, are continuously exposed to attacks, mostly to data exfiltration and monetary fraud. There are many techniques to embed the bad code, i.e. the instructions able to perform a malicious behaviour, into a legitimate application: the most diffused one is the so-called repackaged, that consists of reverse engineer the application in order to embed the malicious code and then (re)distribute them in the official and/or third party markets. In this paper we propose a technique to localize malicious payload of GinMaster family, one of the most representative repackaged trojan in Android environment. We obtain encouraging results, achieving an accuracy equal to 0.9.

Download

Paper Citation

in Harvard Style

Martinelli F., Mercaldo F., Nardone V., Santone A. and Visaggio C. (2017). Identifying Mobile Repackaged Applications through Formal Methods . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ForSE, (ICISSP 2017) ISBN 978-989-758-209-7, pages 673-682. DOI: 10.5220/0006287906730682

in Bibtex Style

@conference{forse17,
author={Fabio Martinelli and Francesco Mercaldo and Vittoria Nardone and Antonella Santone and Corrado Aaron Visaggio},
title={Identifying Mobile Repackaged Applications through Formal Methods},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ForSE, (ICISSP 2017)},
year={2017},
pages={673-682},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006287906730682},
isbn={978-989-758-209-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ForSE, (ICISSP 2017)
TI - Identifying Mobile Repackaged Applications through Formal Methods
SN - 978-989-758-209-7
AU - Martinelli F.
AU - Mercaldo F.
AU - Nardone V.
AU - Santone A.
AU - Visaggio C.
PY - 2017
SP - 673
EP - 682
DO - 10.5220/0006287906730682