eddLeak: Enhancing precision of detecting inter-app data leakage in Android applications

14:42 26/06/2018

In recent years, mobile malware has grown to be significant types of behaviors, including stealing personal information of users, hijacking and surveilling user devices. Every year, it caused financial loss for infected enterprises, also more and more concerned about seriously secure data problems. Hence, many solutions have been proposed in order to detect malware leading to sensitive data leakage by analyzing mobile applications. Static analysis is a widely used technique for analyzing software, particularly in the security context, such as malware detection. Unfortunately, the static analysis technique often produces false alarms, which require significant manual effort to improve, such as DidFail tool. In this paper, we show how to analyze Android applications with static analysis to detect and identify which apps can be used to leak out sensitive information of users. We improve DidFail's architecture by implementing more modules and focus on the principles of Inter-Component Communication (ICC) between components in one or cross applications, then combining Android permission rules model to propose eddLeak approach, which enhance DidFail's precision of detecting inter-app leakage on Android applications and evaluate on customized application datasets.

Penetration testing is one of the most common methods for assessing the security of a system, application, or network. Although there are different support tools with great efficiency in this field, penetration testing is done mostly manually and relies heavily on the experience of the ethical hackers who are doing...
Software-defined networking (SDN) is a potential approach for modern network architecture, which has received great attention recently. SDN-based networks also face security issues, and they can become targets of cyberattacks. Cyber threat hunting is one of the security solutions proposed for early attack detection in SDN. Developing machine learning-based IDS...