Download Malware? No, Thanks. How Formal Methods Can Block Update Attacks | Zendy

Francesco  Mercaldo | Zendy; Vittoria  Nardone | Zendy; Antonella  Santone | Zendy; Corrado Aaron Visaggio | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Download Malware? No, Thanks. How Formal Methods Can Block Update Attacks

Author(s) -

Francesco Mercaldo,

Vittoria Nardone,

Antonella Santone,

Corrado Aaron Visaggio

Publication year - 2016

Publication title -

2016 ieee/acm 4th fme workshop on formal methods in software engineering (formalise)

Language(s) - English

DOI - 10.1109/formalise.2016.012

In mobile malware landscape there are many techniques to inject malicious payload in a trusted application: one of the most common is represented by the so-called update attack. After an apparently innocuous application is installed on the victim’s device, the user is asked to update the application, and a malicious behavior is added to the application. In this paper we propose a static method based on model checking able to identify this kind of attack. In addiction, our method is able to localize the malicious payload at methodlevel. We obtain an accuracy very close to 1 in identifying families implementing update attack using a real Android dataset composed by 2,581 samples.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research