A study of run-time behavioral evolution of benign versus malicious apps in android

Cai, Haipeng; Fu, Xiaoqin; Hamou-Lhadj, Abdelwahab

doi:10.1016/j.infsof.2020.106291

Cited by 47 publications

(24 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We have developed a toolkit for systematic app characterization [19,20]. Using this toolkit, we sampled at least 1,000 benign apps and malware from each of eight past years, and characterized their behavioral evolution in terms of the proposed structure metrics on code layer interaction in the instance view [15]. Figure 2 depicts part of the results from this preliminary study, which revealed several interesting patterns of app evolution.…”

Section: Current Results and Next Stepsmentioning

confidence: 99%

Embracing mobile app evolution via continuous ecosystem mining and characterization

Cai

2020

Proceedings of the IEEE/ACM 7th International Conference on Mobile Software Engineering and Systems

Self Cite

View full text Add to dashboard Cite

While an indicator of its vibrancy, the rapid evolution of a mobile ecosystem also causes challenges to mobile software engineers in developing and maintaining quality products, and to users concerning the usability and security of resulting apps. In this context, it is crucially important to arm mobile software engineers with effective and practical tool support that is informed and enabled by a comprehensive understanding of the evolutionary dynamics of this ecosystem. Targeting Android, we envision to build an infrastructure that is capable of systematically and continuously mining a mobile software ecosystem. Using this infrastructure, we then perform large-scale longitudinal characterization studies of the ecosystem to understand its evolutionary dynamics with a focus on the behavioral evolution patterns of, and ecological interaction among, three ecosystem elements: the mobile platforms, user apps built on the platforms, and users associated with the apps (including end users and developers). Further, the characterization results enable proactive app quality and sustainable app security. We also report our current progress in this effort with initial results, and discuss risks and next steps. CCS CONCEPTS • Software and its engineering → Software evolution; Maintaining software;

show abstract

Section: Current Results and Next Stepsmentioning

confidence: 99%

Embracing mobile app evolution via continuous ecosystem mining and characterization

Cai

2020

Proceedings of the IEEE/ACM 7th International Conference on Mobile Software Engineering and Systems

Self Cite

View full text Add to dashboard Cite

show abstract

“…The source code of the smart contract is in unstructured form; thus, we need to learn the structure features of the smart contract code for better Ponzi scheme contract detection [ 48 , 49 , 50 ]. Therefore, instead of using the plain source code directly as the input of the model, we parse the source code into an Abstract Syntax Tree (AST) according to the ANTLR [ 51 ] syntax rules and then generate a Structure-Based Traversal (SBT) sequence from the AST using the SBT method [ 12 ].…”

Section: Smart Ponzi Scheme Detection Modelmentioning

confidence: 99%

Improving Ponzi Scheme Contract Detection Using Multi-Channel TextCNN and Transformer

Dai¹,

et al. 2021

Sensors

View full text Add to dashboard Cite

With the development of blockchain technologies, many Ponzi schemes disguise themselves under the veil of smart contracts. The Ponzi scheme contracts cause serious financial losses, which has a bad effect on the blockchain. Existing Ponzi scheme contract detection studies have mainly focused on extracting hand-crafted features and training a machine learning classifier to detect Ponzi scheme contracts. However, the hand-crafted features cannot capture the structural and semantic feature of the source code. Therefore, in this study, we propose a Ponzi scheme contract detection method called MTCformer (Multi-channel Text Convolutional Neural Networks and Transofrmer). In order to reserve the structural information of the source code, the MTCformer first converts the Abstract Syntax Tree (AST) of the smart contract code to the specially formatted code token sequence via the Structure-Based Traversal (SBT) method. Then, the MTCformer uses multi-channel TextCNN (Text Convolutional Neural Networks) to learn local structural and semantic features from the code token sequence. Next, the MTCformer employs the Transformer to capture the long-range dependencies of code tokens. Finally, a fully connected neural network with a cost-sensitive loss function in the MTCformer is used for classification. The experimental results show that the MTCformer is superior to the state-of-the-art methods and its variants in Ponzi scheme contract detection.

show abstract

“…MiM attacks rely on intercepting messages and transmitting information, sniffing private information in the process [19]. The attacker can provide a malicious app similar to the real one, as indicated in the literature for many other domains [20]. When users have this malicious app installed on their devices, they can properly use all the app functionalities, but this app would steal the authentication information to give attackers access to all kinds of private information.…”

Section: E Potential Attacks On Iot Smart Furniturementioning

confidence: 99%

Defenses Against Perception-Layer Attacks on IoT Smart Furniture for Impaired People

2020

View full text Add to dashboard Cite

Internet of Things (IoT) is becoming highly supportive in innovative technological solutions for assisting impaired people. Some of these IoT solutions are still in a prototyping phase ignoring possible attacks and the corresponding security defenses. This article proposes a learning-based approach for defending against perception-layer attacks performed on specific sensor types in smart furniture for impaired people. This approach is based on the analysis of time series by means of dynamic time warping algorithm for calculating similarity and a novel detector for identifying anomalies. This approach has been illustrated by defending against simulated perception-layer magnetic attacks on a smart cupboard with door magnetic sensors. The results show the performance of the proposed approach for properly identifying these attacks. In particular, these results advocate an accuracy about 95.5% per day.

show abstract

A study of run-time behavioral evolution of benign versus malicious apps in android

Cited by 47 publications

References 8 publications

Embracing mobile app evolution via continuous ecosystem mining and characterization

Embracing mobile app evolution via continuous ecosystem mining and characterization

Improving Ponzi Scheme Contract Detection Using Multi-Channel TextCNN and Transformer

Defenses Against Perception-Layer Attacks on IoT Smart Furniture for Impaired People

Contact Info

Product

Resources

About