Towards Formal Analysis of the Permission-Based Security Model for Android
ICWMC '09 Proceedings of the 2009 Fifth International Conference on Wireless and Mobile Communications
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Static analysis of executables for collaborative malware detection on android
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A Formal Model to Analyze the Permission Authorization and Enforcement in the Android Framework
SOCIALCOM '10 Proceedings of the 2010 IEEE Second International Conference on Social Computing
A Small But Non-negligible Flaw in the Android Permission Scheme
POLICY '10 Proceedings of the 2010 IEEE International Symposium on Policies for Distributed Systems and Networks
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Detection of malicious applications on Android OS
IWCF'10 Proceedings of the 4th international conference on Computational forensics
Analyzing inter-application communication in Android
MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications, and services
A study of android application security
SEC'11 Proceedings of the 20th USENIX conference on Security
A survey of mobile malware in the wild
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Crowdroid: behavior-based malware detection system for Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 18th ACM conference on Computer and communications security
| Hi-index | 0.00 |
Monetary theft attacks are one of the most popular attack forms towards Android system in recent years. In this paper, we present MeadDroid, a lightweight real-time detection system atop Android, to hold back this type of attacks. An FSM of monetary theft attacks is constructed, based on the analysis of real-world attacks. Employing an FSM-based detection approach, with the information obtained from dynamically monitoring the API calls and tracking the processing flow of UI (User Interface) inputs, MeadDroid can detect monetary theft attacks effectively and incurs only a small performance overhead. In addition, realized as an extension of Dalvik VM, MeadDroid is transparent to the user, and thus can provide a good user experience. Based on a prototype system, experiments are conducted with 195 popular Android applications. 11 applications with monetary theft attacks are found and the detection accuracy is almost 100% through comparing the results with the charge bill of the phone number used in the experiments. The performance overhead on a CPU-bound micro-benchmark is 8.97%. Experimental results demonstrate that MeadDroid has good performance in terms of effectiveness and efficiency.