VAnDroid: A framework for vulnerability analysis of Android applications using a model‐driven reverse engineering technique

Nirumand, Atefeh; Zamani, Bahman; Ladani, Behrouz Tork

doi:10.1002/spe.2643

Cited by 25 publications

(32 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Sua desvantagem é a possibilidade dos aplicativos maliciosos esconderem a sua real atividade no arquivo executável através de técnicas de ofuscação, como códigos cifrados, geração de código em tempo de execução, etc. Esse tipo de comportamento só pode ser detectado na análise dinâmica em tempo de execução [Nirumand et al 2018].…”

Section: Análise Estáticaunclassified

Utilizando Metadados de Aplicações e Comunicação entre Processos para Identificar Ameaças no Android

Lemos¹,

Heinrich²,

Maziero³

2021

Anais Do XXI Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2021)

View full text Add to dashboard Cite

A predominância do Android no mercado de dispositivos móveis e o aumento significativo na quantidade e na sofisticação dos ataques cibernéticos, destaca a necessidade do estudo de técnicas de identificação de ameaças no meio de dispositivos móveis. Uma estratégia popular para a identificação de ameças é a utilização de um sistema de detecção de intrusão, que pode explorar diferentes estratégias para realizar a identificação das ameaças. Este estudo apresenta uma estratégia para a identificação de ameaças utilizando uma base de dados híbrida, explorando dados extraídos de aplicações e da comunicação entre processos para treinar modelos de aprendizado de máquina para efetuar a identificação de ameças. Os resultados demonstram que um modelo híbrido traz benefícios para a identificação de ameaças em dispositivos móveis, com uma taxa de identificação em torno de 87%.

show abstract

Section: Análise Estáticaunclassified

Utilizando Metadados de Aplicações e Comunicação entre Processos para Identificar Ameaças no Android

Lemos¹,

Heinrich²,

Maziero³

2021

Anais Do XXI Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2021)

View full text Add to dashboard Cite

show abstract

“…J. Qiu [16] proposed a light-weight solution to automatically identify the Android malicious samples with high security and privacy impact. Nirumand [17] presented a framework based on Model Driven Reverse Engineering. In the proposed framework, some security-related information included in an Android app is automatically extracted and represented as a domain-specific model.…”

Section: Related Workmentioning

confidence: 99%

Reversely Discovering and Modifying Properties Based on Active Deep Q-Learning

Huo

2020

IEEE Access

View full text Add to dashboard Cite

Many researchers studied DQN (Deep Q-Networks) to train a game AI to beat human players, while we trained an improved AI to reversely modify properties of 3D video games. Our ultimate objective is to improve automatic debug for software and cloud services. However, the problem that reversely discovers properties in online 3D Video Games in an automatic way has not been studied yet. Therefore, related special difficulties are first discussed in the paper. RMDQN (a Reverse Method based on our active Deep Q-Networks) is proposed to deal with the problem, and an active DQN is invented to make the reverse procedure automatic and intelligent. The action engine of RMDQN is able to control any operational game object like a player is playing, which makes automatic debug possible. A video demonstration is provided to show the result of reversely modifying game properties by our method. It was proved that our method can improve debug technology in 3D video games, and it will be applied in cloud services with few modifications.

show abstract

“…It can also distinguish high-level malware and identify high-risk malware. In contrast, regarding dynamic investigations, fundamental discovery and analysis are performed at runtime (Li et al, 2018;Navarro, Navarro, Grégio, Rocha, & Dahab, 2018;Nirumand, Zamani, & Tork 1 depicts the scenario for problem identification where a user unintentionally gives additional permissions to the android application, which makes the device vulnerable to security attacks.…”

Section: Permission Groupsmentioning

confidence: 99%

“…It can also distinguish high‐level malware and identify high‐risk malware. In contrast, regarding dynamic investigations, fundamental discovery and analysis are performed at runtime (Li et al, 2018; Navarro, Navarro, Grégio, Rocha, & Dahab, 2018; Nirumand, Zamani, & Tork Ladani, 2019; Sharma & Gupta, 2019; Tam, Feizollah, Anuar, Salleh, & Cavallaro, 2017).…”

Section: Introductionmentioning

confidence: 99%

Android application behavioural analysis for data leakage

Shrivastava

Kumar

2019

Expert Systems

View full text Add to dashboard Cite

An android application requires specific permissions from the user to access the system resources and perform required functionalities. Recently, the android market has experienced exponential growth, which leads to malware applications. These applications are purposefully developed by hackers to access private data of the users and adversely affect the application usability. A suitable tool to detect malware is urgently needed, as malware may harm the user. As both malware and clean applications require similar types of permissions, so it becomes a very challenging task to differentiate between them. A novel algorithm is proposed to identify the malware-based applications by probing the permission patterns. The proposed method uses the k-means algorithm to quarantine the malware application by obtaining permission clusters. An efficiency of 90% (approx.) is attained for malicious behaviour, which validates this work. This work substantiates the use of application permissions for potential applications in android malware detection.

show abstract

VAnDroid: A framework for vulnerability analysis of Android applications using a model‐driven reverse engineering technique

Cited by 25 publications

References 31 publications

Utilizando Metadados de Aplicações e Comunicação entre Processos para Identificar Ameaças no Android

Utilizando Metadados de Aplicações e Comunicação entre Processos para Identificar Ameaças no Android

Reversely Discovering and Modifying Properties Based on Active Deep Q-Learning

Android application behavioural analysis for data leakage

Contact Info

Product

Resources

About