Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/105730
PIRA download icon_1.1View/Download Full Text
DC FieldValueLanguage
dc.contributorDepartment of Computingen_US
dc.creatorYu, Len_US
dc.creatorLuo, Xen_US
dc.creatorQian, Cen_US
dc.creatorWang, Sen_US
dc.date.accessioned2024-04-15T07:36:17Z-
dc.date.available2024-04-15T07:36:17Z-
dc.identifier.isbn978-1-5090-1855-0en_US
dc.identifier.urihttp://hdl.handle.net/10397/105730-
dc.language.isoenen_US
dc.publisherInstitute of Electrical and Electronics Engineersen_US
dc.rights©2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.en_US
dc.rightsThe following publication L. Yu, X. Luo, C. Qian and S. Wang, "Revisiting the Description-to-Behavior Fidelity in Android Applications," 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER), Osaka, Japan, 2016, pp. 415-426 is available at https://doi.org/10.1109/SANER.2016.67.en_US
dc.titleRevisiting the description-to-behavior fidelity in Android applicationsen_US
dc.typeConference Paperen_US
dc.identifier.spage415en_US
dc.identifier.epage426en_US
dc.identifier.volume1en_US
dc.identifier.doi10.1109/SANER.2016.67en_US
dcterms.abstractSince more than 96% of mobile malware targets on Android platform, various techniques based on static code analysis or dynamic behavior analysis have been proposed to detect malicious applications. As malware is becoming more complicated and stealthy, recent research proposed a promising detection approach that looks for the inconsistency between an application's permissions and its description. In this paper, we revisit this approach and find that using description and permission will lead to many false positives. Therefore, we propose employing app's privacy policy and its bytecode to enhance description and permission for malware detection. It is non-trivial to automatically analyze privacy policy and perform the cross-verification among these four kinds of software artifacts including, privacy policy, bytecode, description, and permissions. We propose a novel data flow model for analyzing privacy policy, and develop a novel system, named TAPVerifier, for carrying out investigation of individual software artifacts and conducting the cross-verification. The experimental results show that TAPVerifier can analyze privacy policy with a high accuracy and recall rate. More importantly, integrating privacy policy and code level information removes 8.1%-65.5% false positives of existing systems based on description and permission.en_US
dcterms.accessRightsopen accessen_US
dcterms.bibliographicCitation2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER), 14–18 March 2016, Osaka, Japan, v. 1, p. 415-426en_US
dcterms.issued2016-
dc.identifier.scopus2-s2.0-85007338718-
dc.relation.conferenceIEEE International Conference on Software Analysis, Evolution and Reengineering [SANER]en_US
dc.description.validate202402 bcchen_US
dc.description.oaAccepted Manuscripten_US
dc.identifier.FolderNumberCOMP-1650-
dc.description.fundingSourceRGCen_US
dc.description.fundingSourceOthersen_US
dc.description.fundingTextNational Natural Science Foundation of China; HKPolyU Research Grant; Hong Kong ITFen_US
dc.description.pubStatusPublisheden_US
dc.identifier.OPUS9617621-
dc.description.oaCategoryGreen (AAM)en_US
Appears in Collections:Conference Paper
Files in This Item:
File Description SizeFormat 
Luo_Revisiting_Description-To-Behavior_Fidelity.pdfPre-Published version818.46 kBAdobe PDFView/Open
Open Access Information
Status open access
File Version Final Accepted Manuscript
Access
View full-text via PolyU eLinks SFX Query
Show simple item record

Page views

42
Citations as of May 12, 2024

Downloads

29
Citations as of May 12, 2024

SCOPUSTM   
Citations

25
Citations as of May 17, 2024

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.