Behavioral detection of malware on mobile handsets
Proceedings of the 6th international conference on Mobile systems, applications, and services
Detecting energy-greedy anomalies and mobile malware variants
Proceedings of the 6th international conference on Mobile systems, applications, and services
Static analysis of executables for collaborative malware detection on android
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Hi-index | 0.00 |
The prevalence of malware in Android marketplaces is a growing and significant problem. Among the most worrisome concerns are with regarding to malicious Android applications that attempt to steal money from unsuspecting users. These malicious applications get uploaded under the guise of benign applications, typically to third-party alternative market places that lack proper security vetting procedures, and are subsequently downloaded and executed by unsuspecting victims. In this work, we propose "Money-Guard", a systematic approach to detect stealthy moneystealing applications in popular Android markets. Our technique relies on detecting two key behavioral heuristics that seem to be common across many money-stealing Android malware: hardcoded exfiltration and notification suppression. In our preliminary analysis of 47 SMS-based money stealing applications, we confirm that 41 of these applications follow the above pattern, and describe a light weight detection approach that will identify this behavioral pattern.