Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 55937 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Amini, Morteza
- Abstract:
- Attacks on Android devices often take the form of repackaging. Attackers change a well-known app that has been downloaded from the app store, reverse engineer it, add some malicious payloads, and then upload the modified app to the app store. Because it is difficult for users to distinguish between the changed app and the original app, users can be easily duped. The malicious code inside the modified apps can launch attacks after they are installed, typically in the background. There are so many repackage detection method proposed during last years of researches in this area. developing an approach to detect android repackaged application should contains two main goal, speed and accuracy of method. if an approach have a good execution detection time but detect in less accurate, there is still some pair that doesn't detect. on the other hand, accurate methods with less speed are useless because we can not use it in a real time system. two categories of techniques are currently used to combat the repackaging of Android applications. some of methods are based on repackaged detection before the attacker's modification. On the other hand, some methods proposed to prevent repackaging attack by watermarking or application obfuscation methods. Repackaged detection method divided in to two main category, static and dynamic analysis. Static method, extract the application feature that are resistant against obfuscation methods then, after third-parties removed, comparison between application done by features compassion. the method's speed and accuracy depends of features that extracted in the feature extracting state. in addition, proposed method should keep threshold between speed and accuracy. in this paper we proposed a two step detection method, to protect android application against repackaging attack. proposed method reduce pairwise comparison space by developing an approach based on k-nearest neighbor classifier. in addition, pairwise comparison done by set of code based features extracted from each application like API calls, method calls and etc. to detect the repackaged application of on app, k-nearest neighbor extracted and similarity between them computed by fuzzy hashing techniques. By evaluating the proposed method on 1181 application and 1196 pairs, we enhanced the state of art method, regarding speed and accuracy. for more detail, speed in repackaged android application increased 6 time against previous work with same recall but 1 percent less precision.
- Keywords:
- Software Security ; Android Security ; Android Operating System ; Performanced Improvement ; Repackaged Detection ; Android Application Repackaging
Digital Object List
محتواي کتاب
Bookmark