Detecting Kernel-Level Rootkits Through Binary Analysis
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Semantics-Aware Malware Detection
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Exploring Multiple Execution Paths for Malware Analysis
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
A Layered Architecture for Detecting Malicious Behaviors
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Privacy oracle: a system for finding application leaks with black box differential testing
Proceedings of the 15th ACM conference on Computer and communications security
Quantifying Information Leaks in Outbound Web Traffic
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Synthesizing Near-Optimal Malware Specifications from Suspicious Behaviors
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Identifying Dormant Functionality in Malware Programs
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Modeling and survivability analysis of service composition using Stochastic Petri Nets
The Journal of Supercomputing
Detecting self-mutating malware using control-flow graph matching
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Modeling and Analysis of Email Worm Propagation Based on Stochastic Game Nets
PDCAT '11 Proceedings of the 2011 12th International Conference on Parallel and Distributed Computing, Applications and Technologies
Detecting malicious code by model checking
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Stochastic game net and applications in security analysis for enterprise network
International Journal of Information Security
Analyzing application private information leaks with privacy Petri Net
ISCC '12 Proceedings of the 2012 IEEE Symposium on Computers and Communications (ISCC)
Hi-index | 0.00 |
Nowadays, lots of private information are collected and spread without proper protection. privacy leak behavior has been widely discovered in many malwares and suspicious applications. We refer to such software as privacy leak software (PLS). In this paper we present an abstract model called Privacy Petri Net (PPN) for privacy leaks analysis. We build PPN modules of different privacy leak behavior sub procedure and give four indicators: possibility, severity, crypticity and manipulability for quantitative analysis. We apply our approach on real-world PLS and the case study shows that we can not only identifies the tested software as PLS, just like which is reported by AVS as malicious, but also calculate the severity, crypticity and manipulability of it. We can also evaluate the suspicious behavior in the applications which the AVSs simply treat as benign.