36th International Conference on Software Engineering (ICSE 2014), May 31 – June 7, 2014, Hyderabad, India

Desktop Layout

Apps and Verification
Technical Research
MR.G.1-3, Chair: Luciano Baresi
AsDroid: Detecting Stealthy Behaviors in Android Applications by User Interface and Program Behavior Contradiction
Jianjun Huang, Xiangyu Zhang, Lin Tan, Peng Wang, and Bin Liang
(Purdue University, USA; University of Waterloo, Canada; Renmin University of China, China)
Publisher's Version
Preprint
Abstract: Android smartphones are becoming increasingly popular. The open nature of Android allows users to install miscellaneous applications, including the malicious ones, from third-party marketplaces without rigorous sanity checks. A large portion of existing malwares perform stealthy operations such as sending short messages, making phone calls and HTTP connections, and installing additional malicious components. In this paper, we propose a novel technique to detect such stealthy behavior. We model stealthy behavior as the program behavior that mismatches with user interface, which denotes the user's expectation of program behavior. We use static program analysis to attribute a top level function that is usually a user interaction function with the behavior it performs. Then we analyze the text extracted from the user interface component associated with the top level function. Semantic mismatch of the two indicates stealthy behavior. To evaluate AsDroid, we download a pool of 182 apps that are potentially problematic by looking at their permissions. Among the 182 apps, AsDroid reports stealthy behaviors in 113 apps, with 28 false positives and 11 false negatives.

Authors:


Time stamp: 2019-08-18T12:58:40+02:00