Next Article in Journal
Attention-Based SeriesNet: An Attention-Based Hybrid Neural Network Model for Conditional Time Series Forecasting
Next Article in Special Issue
AndroDFA: Android Malware Classification Based on Resource Consumption
Previous Article in Journal
Dew Computing and Asymmetric Security Framework for Big Data File Sharing
Open AccessArticle

Android Collusion: Detecting Malicious Applications Inter-Communication through SharedPreferences

1
Department of Biosciences and Territory, University of Molise, 86090 Pesche (IS), Italy
2
Institute for Informatics and Telematics, National Research Council of Italy, 56121 Pisa, Italy
3
Department of Medicine and Health Sciences “Vincenzo Tiberio”, University of Molise, 86100 Campobasso, Italy
*
Authors to whom correspondence should be addressed.
This paper is an extended version of our paper published in the 34th International Conference on Advanced Information Networking and Applications, AINA Workshops 2020.
All authors contributed equally to this work.
Information 2020, 11(6), 304; https://doi.org/10.3390/info11060304
Received: 29 April 2020 / Revised: 30 May 2020 / Accepted: 31 May 2020 / Published: 5 June 2020
(This article belongs to the Special Issue New Frontiers in Android Malware Analysis and Detection)
The Android platform is currently targeted by malicious writers, continuously focused on the development of new types of attacks to extract sensitive and private information from our mobile devices. In this landscape, one recent trend is represented by the collusion attack. In a nutshell this attack requires that two or more applications are installed to perpetrate the malicious behaviour that is split in more than one single application: for this reason anti-malware are not able to detect this attack, considering that they analyze just one application at a time and that the single colluding application does not exhibit any malicious action. In this paper an approach exploiting model checking is proposed to automatically detect whether two applications exhibit the ability to perform a collusion through the SharedPreferences communication mechanism. We formulate a series of temporal logic formulae to detect the collusion attack from a model obtained by automatically selecting the classes candidate for the collusion, obtained by two heuristics we propose. Experimental results demonstrate that the proposed approach is promising in collusion application detection: as a matter of fact an accuracy equal to 0.99 is obtained by evaluating 993 Android applications. View Full-Text
Keywords: colluding; malware; model checking; formal methods; security; Android; mobile colluding; malware; model checking; formal methods; security; Android; mobile
Show Figures

Figure 1

MDPI and ACS Style

Casolare, R.; Martinelli, F.; Mercaldo, F.; Santone, A. Android Collusion: Detecting Malicious Applications Inter-Communication through SharedPreferences. Information 2020, 11, 304.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop