1. Shodhganga@INFLIBNET
  2. Vellore Institute of Technology, Vellore
  3. School of Computing Science and Engineering VIT-Chennai
Please use this identifier to cite or link to this item: http://hdl.handle.net/10603/589823
Title: Effective Android Malware Mitigation Framework using Ownership based Protection and Machine Learning Techniques
Researcher: Pradeep Kumar, D S
Guide(s): Geetha, S
Keywords: Computer Science
Computer Science Interdisciplinary Applications
Engineering and Technology
University: Vellore Institute of Technology, Vellore
Completed Date: 2024
Abstract: Android provides a highly flexible development environment with various forms of collaboration mechanisms between applications. Recent advancements in context-aware technologies demand apps to use PendingIntent (PI), which allows an app, a.k.a., the sender, to delegate a task, e.g., making a phone call, to a third-party app, a.k.a., the receiver, such that the receiver can execute the task with the same Android permissions held by the sender at some future time. While convenient, this feature may potentially lead to serious attacks in case the receiver app happens to be malicious, e.g., denial-of-service or disruption. Between 2020 and 2022, approximately 91 CVEs on PI vulnerabilities were reported, with 4 recent attacks just reported in late 2022. newlineTo address these issues, our research introduces StickyMutent, a security-enhanced authorization framework aimed to detect and protect against emerging PI-based attacks. StickyMutent implements a novel approach to dynamically verify not only that both sender and receiver are free from exploit codes, but also that the receiver app holds a superset of the permissions held by the sender app at runtime, thereby avoiding excess privileges that can lead to the occurrence of the aforementioned attacks. newlineWe performed an exploratory analysis using 23922 apps, and found out that 6355 apps create vulnerable PI (i.e. PI with empty base Intent), 260 apps leak the vulnerable PI implicitly. 715 apps use protected broadcast to communicate with other apps, and 3454 apps use implicit Intent for communication with other apps. We have evaluated StickyMutent on 83 benchmark apps, and our results show that StickyMutent can effectively (F1-score: 90% for intra-application analysis, and 95% for inter-application analysis) prevent PI-based attacks with negligible performance overhead (and#8764;0.005%). newlineAdditionally, we extend our proposed framework with a novel clustering technique that uses Mahalanobis distance metrics rather than Euclidean metrics to classify the apps based on their vulnerabilities
Pagination: i-viii, 131
URI: http://hdl.handle.net/10603/589823
Appears in Departments:School of Computing Science and Engineering VIT-Chennai

Files in This Item:
File Description SizeFormat 
01_title.pdfAttached File108.5 kBAdobe PDFView/Open
02_prelim pages.pdf183.06 kBAdobe PDFView/Open
03_content.pdf49.21 kBAdobe PDFView/Open
04_abstract.pdf74.53 kBAdobe PDFView/Open
05_chapter 1.pdf622.16 kBAdobe PDFView/Open
06_chapter 2.pdf440.3 kBAdobe PDFView/Open
07_chapter 3.pdf409.9 kBAdobe PDFView/Open
08_chapter 4.pdf1.68 MBAdobe PDFView/Open
09_chapter 5.pdf1.35 MBAdobe PDFView/Open
10_chapter 6.pdf1.77 MBAdobe PDFView/Open
11_chapter 7.pdf278.11 kBAdobe PDFView/Open
12_annexure.pdf122.39 kBAdobe PDFView/Open
80_recommendation.pdf384.73 kBAdobe PDFView/Open
Show full item record


Items in Shodhganga are licensed under Creative Commons Licence Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0).

Altmetric Badge: