Android

DART: Detecting Unseen Malware Variants using Adaptation Regularization Transfer Learning

Network traffic analysis has been widely used for detecting malware at a large-scale network. Nevertheless, the emerging malware variants and zero-day exploits keep posing significant challenges to malware detection systems. In this paper, we propose …

Lexical Mining of Malicious URLs for Classifying Android Malware

The prevalence of mobile malware has become a growing is-sue given the tight integration of mobile systems with our daily life. Mostmalware programs use URLs inside network traffic to forward commandsto launch malicious activities. Therefore, the …

DELTA: Data Extraction and Logging Tool for Android

In recent years, the use of smartphones has increased exponentially, and so have their capabilities. Together with an increase in processing power, smartphones are now equipped with a variety of sensors and provide an extensive set of API. These …

Mirage: Toward a Stealthier and Modular Malware Analysis Sandbox for Android

Nowadays, malware is affecting not only PCs but also mobile devices, which became pervasive in everyday life. Mobile devices can access and store personal information (e.g., location, photos, and messages) and thus are appealing to malware authors. …

Robust smartphone app identification via encrypted network traffic analysis

The apps installed on a smartphone can revealmuch information about a user, such as their medical conditions,sexual orientation, or religious beliefs. Additionally, the presenceor absence of particular apps on a smartphone can informan adversary who …

No Free Charge Theorem: A Covert Channel via USB Charging Cable on Mobile Devices

More and more people are regularly using mobile and batterypowered handsets, such as smartphones and tablets. At the same time, thanks to the technological innovation and to the high user demands, those devices are integrating extensive …

You are how you play: Authenticating mobile users via game playing

Nowadays, user authentication on mobile devices is principally based on a secret (e.g., password, PIN), while recently two-factors authentication methods have been proposed to make more secure such secret-based methods. Two-factors authentication …

Appscanner: Automatic fingerprinting of smartphone apps from encrypted network traffic

Automatic fingerprinting and identification of smartphone apps is becoming a very attractive data gathering technique for adversaries, network administrators, investigators and marketing agencies. In fact, the list of apps installed on a device can …

On the effectiveness of sensor-enhanced keystroke dynamics against statistical attacks

In recent years, simple password-based authentication systems have increasingly proven ineffective for many classes of real-world devices. As a result, many researchers have concentrated their efforts on the design of new biometric authentication …

Analyzing Android Encrypted Network Traffic to Identify User Actions

Mobile devices can be maliciously exploited to violate the privacy of people. In most attack scenarios, the adversary takes the local or remote control of the mobile device, by leveraging a vulnerability of the system, hence sending back the …