| LDR | | 00000nam u2200205 4500 |
| 001 | | 000000433274 |
| 005 | | 20200225133119 |
| 008 | | 200131s2019 ||||||||||||||||| ||eng d |
| 020 | |
▼a 9781085796095 |
| 035 | |
▼a (MiAaPQ)AAI13881510 |
| 040 | |
▼a MiAaPQ
▼c MiAaPQ
▼d 247004 |
| 082 | 0 |
▼a 004 |
| 100 | 1 |
▼a Fu, Hao. |
| 245 | 10 |
▼a Detecting Malicious Behaviors in Mobile Applications. |
| 260 | |
▼a [S.l.]:
▼b University of California, Davis.,
▼c 2019. |
| 260 | 1 |
▼a Ann Arbor:
▼b ProQuest Dissertations & Theses,
▼c 2019. |
| 300 | |
▼a 100 p. |
| 500 | |
▼a Source: Dissertations Abstracts International, Volume: 81-04, Section: B. |
| 500 | |
▼a Advisor: Mohapatra, Prasant. |
| 502 | 1 |
▼a Thesis (Ph.D.)--University of California, Davis, 2019. |
| 506 | |
▼a This item must not be sold to any third party vendors. |
| 520 | |
▼a The development of mobile platforms provides users with seamless access to networked portable services, and therefore, profoundly changes the users' daily life. From the perspective of software, these platforms also revolutionize the paradigm of their applications. Unlike the traditional programs designed for static surroundings, mobile applications are more adaptive to dynamic contextual changes and can thereby provide various novel functionalities. These functionalities are implemented through the necessary accesses of protected resources in mobile devices. However, not all applications request sensitive data for good. Malicious applications abuse resources for unintended operations and unauthorized transactions. Given the increasingly diverse and heterogeneous cross-domain mobile applications, it is more and more difficult to manually recognize which part of sensitive behaviors of an application is indeed relevant. What's even worse is that malicious applications tend to behave stealthily to evade the detection strategies proposed for traditional threats. Thus, new strategies are desired to protect users from unintended resource accesses in mobile devices.The research reported in this dissertation covers the efforts to identify unintended behaviors inside mobile applications. The problem is twofold: how to automatically unveil sensitive behaviors in mobile applications, and given a suspicious behavior, how to automatically determine if it is designed to fulfill application functionality? The centerpiece of our work is to create an intention-aware framework that integrates available cross-layer evidence about suspicious behaviors, discovers relationships among them, and determines a set of relevant policies for regulations. To this end, LeakSemantic is proposed to unveil the abnormal sensitive transmissions inside the target applications by triggering the stealthy connections through the combination of static program analysis and dynamic program analysis. We further design FlowIntent, which is capable of automatically inferring the nature of each reported connection, based on the rich semantic information embedded in foreground contextual data. Last but not least, INSPIRED is introduced as a dynamic access control system to enforce on-device contextual integrity.Results from these research efforts confirm that intention-aware analysis can greatly improve effectiveness in defending against unintended application behaviors. As part of the future work, we plan to extend our technique to collect more cross-domain evidence of extended threats, so eventually, a general framework can be developed to regulate unintended behaviors in mobile applications. |
| 590 | |
▼a School code: 0029. |
| 650 | 4 |
▼a Computer science. |
| 690 | |
▼a 0984 |
| 710 | 20 |
▼a University of California, Davis.
▼b Computer Science. |
| 773 | 0 |
▼t Dissertations Abstracts International
▼g 81-04B. |
| 773 | |
▼t Dissertation Abstract International |
| 790 | |
▼a 0029 |
| 791 | |
▼a Ph.D. |
| 792 | |
▼a 2019 |
| 793 | |
▼a English |
| 856 | 40 |
▼u http://www.riss.kr/pdu/ddodLink.do?id=T15491191
▼n KERIS
▼z 이 자료의 원문은 한국교육학술정보원에서 제공합니다. |
| 980 | |
▼a 202002
▼f 2020 |
| 990 | |
▼a ***1816162 |
| 991 | |
▼a E-BOOK |