On lightweight mobile phone application certification. Enck, W., Ongtang, M., & McDaniel, P. In Proceedings of the ACM conference on Computer and Communications Security (CCS), of CCS '09, pages 235-245, 11, 2009. ACM.
On lightweight mobile phone application certification [link]Website  abstract   bibtex   
Users have begun downloading an increasingly large number of mobile phone applications in response to advancements in handsets and wireless networks. The increased number of applications results in a greater chance of installing Trojans and similar malware. In this paper, we propose the Kirin security service for Android, which performs lightweight certification of applications to mitigate malware at install time. Kirin certification uses security rules, which are templates designed to conservatively match undesirable properties in security configuration bundled with applications. We use a variant of security requirements engineering techniques to perform an in-depth security analysis of Android to produce a set of rules that match malware characteristics. In a sample of 311 of the most popular applications downloaded from the official Android Market, Kirin and our rules found 5 applications that implement dangerous functionality and therefore should be installed with extreme caution. Upon close inspection, another five applications asserted dangerous rights, but were within the scope of reasonable functional needs. These results indicate that security configuration bundled with Android applications provides practical means of detecting malware.
@inProceedings{
 title = {On lightweight mobile phone application certification},
 type = {inProceedings},
 year = {2009},
 identifiers = {[object Object]},
 keywords = {mobile,security,threats},
 pages = {235-245},
 websites = {http://dx.doi.org/10.1145/1653662.1653691},
 month = {11},
 publisher = {ACM},
 city = {New York, NY, USA},
 series = {CCS '09},
 id = {5b7b4b86-3f6a-3de2-a774-c3af5b323198},
 created = {2018-07-12T21:31:15.972Z},
 file_attached = {false},
 profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},
 group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},
 last_modified = {2018-07-12T21:31:15.972Z},
 read = {false},
 starred = {false},
 authored = {false},
 confirmed = {true},
 hidden = {false},
 citation_key = {enck:kirin},
 source_type = {inproceedings},
 private_publication = {false},
 abstract = {Users have begun downloading an increasingly large number of mobile phone applications in response to advancements in handsets and wireless networks. The increased number of applications results in a greater chance of installing Trojans and similar malware. In this paper, we propose the Kirin security service for Android, which performs lightweight certification of applications to mitigate malware at install time. Kirin certification uses security rules, which are templates designed to conservatively match undesirable properties in security configuration bundled with applications. We use a variant of security requirements engineering techniques to perform an in-depth security analysis of Android to produce a set of rules that match malware characteristics. In a sample of 311 of the most popular applications downloaded from the official Android Market, Kirin and our rules found 5 applications that implement dangerous functionality and therefore should be installed with extreme caution. Upon close inspection, another five applications asserted dangerous rights, but were within the scope of reasonable functional needs. These results indicate that security configuration bundled with Android applications provides practical means of detecting malware.},
 bibtype = {inProceedings},
 author = {Enck, William and Ongtang, Machigar and McDaniel, Patrick},
 booktitle = {Proceedings of the ACM conference on Computer and Communications Security (CCS)}
}
Downloads: 0
About
Documentation
Keywords
Search
Users
Terms and Conditions of Use
Privacy Policy
Sitemap
© BibBase.org 2021