Analyzing application private information leaks with privacy Petri Net

Fan, Lejun; Wang, Yuanzhuo; Cheng, Xueqi; Li, Jinming

doi:10.1109/iscc.2012.6249324

Cited by 4 publications

(5 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this paper, we updated PPN from our previous work to overcome the new challenge of the multi‐process malware. We build PPN modules of different privacy theft subprocedure for analyzing the detail of privacy theft behavior.…”

Section: Resultsmentioning

confidence: 99%

“…For modeling the aforementioned behavior of multi‐process privacy theft malware, this paper is based on an abstract model called Privacy Petri Net (PPN) we presented before in to characterize the whole privacy theft procedure by a more high‐level description and make our analysis result more applicable to various malware and more understandable to users. PPN is a kind of high‐level Petri Net that focuses on privacy theft and has three main features: Firstly, PPN provides formal mathematical definitions of syntax and semantics for privacy attributes and functions calculation.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Privacy theft malware multi-process collaboration analysis

Fan

Wang

Cheng

et al. 2013

Security Comm. Networks

Self Cite

View full text Add to dashboard Cite

Privacy theft malware has become a serious and challenging problem to cyber security. Previous methods are of different categories: one focuses on the outbound network traffic and the other one dives into the inside information flow of the program. We incorporate dynamic behavior analysis with network traffic analysis and present an abstract model called Privacy Petri Net (PPN), which is more applicable to various kinds of malware and more understandable to users. In consideration of the multi‐process technique adopted by new malware, we also model the collaborative behaviors between different malicious functionality modules with PPN. We apply our approach to real‐world malware, and the experiment result shows that our approach can effectively find categories, content, source, and destination of the privacy theft behavior of the malware sample. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Privacy theft malware multi-process collaboration analysis

Fan

Wang

Cheng

et al. 2013

Security Comm. Networks

Self Cite

View full text Add to dashboard Cite

show abstract

“…Privacy Petri Net (PPN) is a high-level Petri net dedicated to privacy leak behavior analysis [10], which has three main features. Firstly, PPN has formal mathematical definitions of syntax and semantics, which provide a precise specification on the target software behavior, so as to essentially define various behavior properties.…”

Section: Modelmentioning

confidence: 99%

“…To overcome these two problems, we propose, for the first time, a set of desired quantitative metrics based on an abstract model called Privacy Petri Net (PPN) presented in [10], which characterizes the entire privacy leak procedure with more highlevel description. Specifically, we propose and define four quantitative metrics, i.e., possibility, severity, crypticity, and manipulability, to characterize different aspects of privacy leak behavior and make the analysis more understandable.…”

Section: Introductionmentioning

confidence: 99%

Comprehensive Quantitative Analysis on Privacy Leak Behavior

et al. 2013

Self Cite

View full text Add to dashboard Cite

Privacy information is prone to be leaked by illegal software providers with various motivations. Privacy leak behavior has thus become an important research issue of cyber security. However, existing approaches can only qualitatively analyze privacy leak behavior of software applications. No quantitative approach, to the best of our knowledge, has been developed in the open literature. To fill this gap, in this paper we propose for the first time four quantitative metrics, namely, possibility, severity, crypticity, and manipulability, for privacy leak behavior analysis based on Privacy Petri Net (PPN). In order to compare the privacy leak behavior among different software, we further propose a comprehensive metric, namely, overall leak degree, based on these four metrics. Finally, we validate the effectiveness of the proposed approach using real-world software applications. The experimental results demonstrate that our approach can quantitatively analyze the privacy leak behaviors of various software types and reveal their characteristics from different aspects.

show abstract

“…But there is still a lack of models which focus on privacy leak problem. This paper is based on an abstract model called Privacy Petri Net (PPN) we presented in [20] to characterize the whole leaking procedure of PLS by more high-level description and let our analysis result be more applicable to different software and be more meaningful to users. PPN is a kind of high-level Petri net which focuses on PLS analyzing and has three main features: Firstly, PPN has formal mathematical definition of syntax and semantics for privacy attribution and functions calculation.…”

Section: Introductionmentioning

confidence: 99%

Quantitative analysis for privacy leak software with privacy Petri net

Fan

Wang

Cheng

et al. 2012

Proceedings of the ACM SIGKDD Workshop on Intelligence and Security Informatics

Self Cite

View full text Add to dashboard Cite

Nowadays, lots of private information are collected and spread without proper protection. privacy leak behavior has been widely discovered in many malwares and suspicious applications. We refer to such software as privacy leak software (PLS). In this paper we present an abstract model called Privacy Petri Net (PPN) for privacy leaks analysis. We build PPN modules of different privacy leak behavior sub procedure and give four indicators: possibility, severity, crypticity and manipulability for quantitative analysis. We apply our approach on real-world PLS and the case study shows that we can not only identifies the tested software as PLS, just like which is reported by AVS as malicious, but also calculate the severity, crypticity and manipulability of it. We can also evaluate the suspicious behavior in the applications which the AVSs simply treat as benign.

show abstract

Analyzing application private information leaks with privacy Petri Net

Cited by 4 publications

References 7 publications

Privacy theft malware multi-process collaboration analysis

Privacy theft malware multi-process collaboration analysis

Comprehensive Quantitative Analysis on Privacy Leak Behavior

Quantitative analysis for privacy leak software with privacy Petri net

Contact Info

Product

Resources

About