상세정보
Export to Refworks부가기능
Detecting Malicious Behaviors in Mobile Applications
상세 프로파일
| 자료유형 | 학위논문 |
|---|---|
| 서명/저자사항 | Detecting Malicious Behaviors in Mobile Applications. |
| 개인저자 | Fu, Hao. |
| 단체저자명 | University of California, Davis. Computer Science. |
| 발행사항 | [S.l.]: University of California, Davis., 2019. |
| 발행사항 | Ann Arbor: ProQuest Dissertations & Theses, 2019. |
| 형태사항 | 100 p. |
| 기본자료 저록 | Dissertations Abstracts International 81-04B. Dissertation Abstract International |
| ISBN | 9781085796095 |
| 학위논문주기 | Thesis (Ph.D.)--University of California, Davis, 2019. |
| 일반주기 |
Source: Dissertations Abstracts International, Volume: 81-04, Section: B.
Advisor: Mohapatra, Prasant. |
| 이용제한사항 | This item must not be sold to any third party vendors. |
| 요약 | The development of mobile platforms provides users with seamless access to networked portable services, and therefore, profoundly changes the users' daily life. From the perspective of software, these platforms also revolutionize the paradigm of their applications. Unlike the traditional programs designed for static surroundings, mobile applications are more adaptive to dynamic contextual changes and can thereby provide various novel functionalities. These functionalities are implemented through the necessary accesses of protected resources in mobile devices. However, not all applications request sensitive data for good. Malicious applications abuse resources for unintended operations and unauthorized transactions. Given the increasingly diverse and heterogeneous cross-domain mobile applications, it is more and more difficult to manually recognize which part of sensitive behaviors of an application is indeed relevant. What's even worse is that malicious applications tend to behave stealthily to evade the detection strategies proposed for traditional threats. Thus, new strategies are desired to protect users from unintended resource accesses in mobile devices.The research reported in this dissertation covers the efforts to identify unintended behaviors inside mobile applications. The problem is twofold: how to automatically unveil sensitive behaviors in mobile applications, and given a suspicious behavior, how to automatically determine if it is designed to fulfill application functionality? The centerpiece of our work is to create an intention-aware framework that integrates available cross-layer evidence about suspicious behaviors, discovers relationships among them, and determines a set of relevant policies for regulations. To this end, LeakSemantic is proposed to unveil the abnormal sensitive transmissions inside the target applications by triggering the stealthy connections through the combination of static program analysis and dynamic program analysis. We further design FlowIntent, which is capable of automatically inferring the nature of each reported connection, based on the rich semantic information embedded in foreground contextual data. Last but not least, INSPIRED is introduced as a dynamic access control system to enforce on-device contextual integrity.Results from these research efforts confirm that intention-aware analysis can greatly improve effectiveness in defending against unintended application behaviors. As part of the future work, we plan to extend our technique to collect more cross-domain evidence of extended threats, so eventually, a general framework can be developed to regulate unintended behaviors in mobile applications. |
| 일반주제명 | Computer science. |
| 언어 | 영어 |
| 바로가기 | 
: 이 자료의 원문은 한국교육학술정보원에서 제공합니다. |
