Our system give the signal of potential sensitive behaviors of mobile apps, but there are lots of function is essential in the practice usage of mobile apps, so we just give the ratio of capacity of apps’ brining out behaviors but saying the apps are malicious or not, we leave the intention of app for users’ judgment.
As the analysis result shows, the pattern with sequence is much more specific than only consider single function calls as the pattern, there are lots total matched result for the pattern with single function but sequences, this might give too much false positive match for behaviors.
However, on the other hand, since the patterns are generated by the apps developed by ourselves, the pattern might be over specific due to the coding style of developer, which will affect the contents of complied binary. But we strong believe that apps will have the function call sequences which are very similar with the pattern generated, for over 1,400 apps to 9 sensitive behaviors, there are over 12,000 matches with the ratio over 50 percent for the analysis with sequences, which means the apps are highly like to perform these sensitive behaviors.
This research proposed a new approach on analyzing mobile apps on iOS, the core analyzing part of our system is not OS-binding, so it can be performed to analyze the mobile apps on the other platform or operating system.
However, the biggest challenge of this work is the precision of the pattern of sensitive function. Since every single difference within the
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
39
source code will affect the content of the compiled binary, it will affect the generated pattern we used to recognize the behavior, so the architecture of building the behavior pattern is worth to study in the future works.
‧
[1] 55% of Social Networking Consumption Occurs on A Mobile Device.
(2013, February 27). MarketingCharts. Retrieved March 6, 2014, from http://www.marketingcharts.com/wp/interactive/55-of-social-networki ng-consumption-occurs-on-a-mobile-device-27327/.
[2] Android Market Terms of Service. (2012, February 16). Android Market Terms of Service. Retrieved March 6, 2014, from http://www.google.com/mobile/android/market-tos.html.
[3] Apache Hadoop. (n.d.). Apache Hadoop. Retrieved March 6, 2014, from http://hadoop.apache.org/
[4] Apple - Apple Customer Privacy Policy. (2013, August 1). Apple - Apple Customer Privacy Policy. Retrieved March 6, 2014, from http://www.apple.com/privacy/
[5] Apple App Store. (2013, October 22). Wikipedia. Retrieved March 6,
2014, from http://en.wikipedia.org/wiki/App_Store_(iOS)#cite_note-ios7-1.
[6] Apple Approves, Pulls Flashlight App with Hidden Tethering Mode.
(2010, July 21). Wired. Retrieved March 7, 2014, from http://www.wired.com/gadgetlab/2010/07/apple-approves-pulls-flashli ght%2dapp-with-hidden-tethering-mode/.
[7] Apple Developer. (n.d.). Xcode. Retrieved March 6, 2014, from http://developer.apple.com/xcode.
[8] Apple Store. (2010, March 1). Apple Store. Retrieved March 6, 2014, from http://store.apple.com/Catalog/US/Images/ADC_terms.html
‧
[9] Babić, D., Reynaud, D., & Song, D. (2011, January). Malware analysis with tree automata inference. In Computer Aided Verification (pp.
116-131). Springer Berlin Heidelberg.
[10] Cydia. (n.d.). Cydia. Retrieved March 6, 2014, from http://cydia.saurik.com/.
[11] Dean, J., & Ghemawat, S. (2008). MapReduce: simplified data processing on large clusters. Communications of the ACM, 51(1), 107-113.
[12] Egele, M., Kruegel, C., Kirda, E., & Vigna, G. (2011, February). PiOS:
Detecting Privacy Leaks in iOS Applications. In NDSS.
[13] Enck, W. H. (2011). Analysis techniques for mobile operating system security (Doctoral dissertation, The Pennsylvania State University).
[14] Enck, W. (2011). Defending users against smartphone apps:
Techniques and future directions. In Information Systems Security (pp.
49-70). Springer Berlin Heidelberg.
[15] Enck, W., Gilbert, P., Chun, B. G., Cox, L. P., Jung, J., McDaniel, P., &
Sheth, A. (2010, October). TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In OSDI (Vol. 10, pp. 1-6).
[16] Enck, W., Octeau, D., McDaniel, P., & Chaudhuri, S. (2011, August). A Study of Android Application Security. In USENIX Security Symposium.
[17] Felt, A. P., Finifter, M., Chin, E., Hanna, S., & Wagner, D. (2011, October). A survey of mobile malware in the wild. In Proceedings of
‧
the 1st ACM workshop on Security and privacy in smartphones and mobile devices (pp. 3-14). ACM.
[18] Gilbert, P., Chun, B. G., Cox, L. P., & Jung, J. (2011, June). Vision:
automated security validation of mobile apps at app markets. In Proceedings of the second international workshop on Mobile cloud computing and services (pp. 21-26). ACM.
[19] IDA. (n.d.). IDA. Retrieved March 6, 2014, from https://www.hex-rays.com/products/ida/support/tutorials/index.shtml.
[20] Jones, C. (2013, December 11). Apple's App Store About To Hit 1 Million Apps. Forbes. Retrieved March 6, 2014, from http://www.forbes.com/sites/chuckjones/2013/12/11/apples-app-store-a bout-to-hit-1-million-apps/.
[21] List of countries by number of mobile phones in use. (2014, May 3).
Wikipedia. Retrieved March 6, 2014, from http://en.wikipedia.org/wiki/List_of_countries_by_number_of_mobile
_phones_in_use
[22] Mac Developer Library. (2013, April 25). Mac Developer Library.
Retrieved March 6, 2014, from http://developer.apple.com/library/mac/#documentation/Cocoa/Concep
tual/ProgrammingWithObjectiveC/Introduction/Introduction.html.
[23] Mann, C., & Starostin, A. (2012, March). A framework for static detection of privacy leaks in android applications. In Proceedings of the 27th Annual ACM Symposium on Applied Computing (pp.
1457-1462). ACM.
‧
[24] Media Consumption Estimates: Mobile > PC; Digital > TV. (2013, August 5). MarketingCharts. Retrieved March 6, 2014, from http://www.marketingcharts.com/wp/television/media-consumption-est imates-mobile-pc-digital-tv-35626/
[25] More Smartphones Were Shipped in Q1 2013 Than Feature Phones, An Industry First According to IDC - prUS24085413. (2013, April 25).
More Smartphones Were Shipped in Q1 2013 Than Feature Phones, An Industry First According to IDC - prUS24085413. Retrieved March 6,
2014, from http://www.idc.com/getdoc.jsp?containerId=prUS24085413.
[26] NEWSBYTES.PH | Philippine smartphone adoption rate at 15%. (2013, September 18). Infotek News InterAksyoncom. Retrieved March 6,
2014, from http://www.interaksyon.com/infotech/newsbytes-ph-philippine-smartp
hone-adoption-rate-at-15.
[27] Newsroom. (2013, August 14). Gartner Says Smartphone Sales Grew 46.5 Percent in Second Quarter of 2013 and Exceeded Feature Phone Sales for First Time. Retrieved March 6, 2014, from http://www.gartner.com/newsroom/id/2573415.
[28] Newswire . (2013, December 16). Consumer Electronics Ownership Blasts Off in 201. Retrieved March 6, 2014, from http://www.nielsen.com/us/en/newswire/2013/consumer-electronics-o wnership-blasts-off-in-2013.html.
[29] Newswire . (2013, June 6). Mobile Majority: U.S. Smartphone Ownership Tops 60%. Retrieved March 6, 2014, from
‧
[30] Objective-C. (2014, May 3). Wikipedia. Retrieved March 6, 2014, from https://en.wikipedia.org/wiki/Objective-C.
[31] PC Users Increasingly Turning to Smart Devices for Web Browsing, Facebook Access. (2013, February 11). MarketingCharts. Retrieved
March 6, 2014, from http://www.marketingcharts.com/wp/interactive/pc-users-increasingly-t
urning-to-smart-devices-for-web-browsing-facebook-access-26881/.
[32] Realtime Privacy Monitoring on Smartphones. (n.d.). TaintDroid:.
Retrieved March 6, 2014, from http://appanalysis.org/
[33] Szydlowski, M., Egele, M., Kruegel, C., & Vigna, G. (2012).
Challenges for dynamic analysis of iOS applications. In Open Problems in Network Security (pp. 65-77). Springer Berlin Heidelberg.
[34] Tablet Shipments Forecast to Top Total PC Shipments in the Fourth Quarter of 2013 and Annually by 2015, According to IDC - prUS24314413. (2013, September 11). Tablet Shipments Forecast to Top Total PC Shipments in the Fourth Quarter of 2013 and Annually by 2015, According to IDC - prUS24314413. Retrieved March 6, 2014, from http://www.idc.com/getdoc.jsp?containerId=prUS24314413.
[35] TERMS AND CONDITIONS. (2011, October 12). iTUNES STORE -.
Retrieved March 6, 2014, from http://www.apple.com/legal/itunes/us/terms.html#APPS.
[36] The Four-Year Anniversary of the Apple App Store. (2013, April 17).
DISTIMO. Retrieved March 7, 2014, from
‧
國立 政 治 大 學
‧
N a tio na
l C h engchi U ni ve rs it y
45
http://www.distimo.com/publications/archive/Distimo%20Publication
%20-%20July%202012.pdf.
[37] The NPD Group. (2013, February 7). 37 Percent of PC Users Migrate Activities to Mobile Devices. Retrieved March 6, 2014, from https://www.npd.com/wps/portal/npd/us/news/press-releases/37-percen t-of-pc-users-migrate-activities-to-mobile-devices-according-to-the-np d-group/.
[38] Wetherall, D., Choffnes, D., Greenstein, B., Han, S., Hornyack, P., Jung, J., ... & Wang, X. (2011, May). Privacy revelations for web and mobile apps. In Proceedings of the 13th USENIX conference on Hot topics in operating systems (pp. 21-21). USENIX Association.
[39] Zhou, Y., Wang, Z., Zhou, W., & Jiang, X. (2012, February). Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (pp. 5-8).