Sciweavers

CCS
2009
ACM

On lightweight mobile phone application certification

14 years 4 months ago
On lightweight mobile phone application certification
Users have begun downloading an increasingly large number of mobile phone applications in response to advancements in handsets and wireless networks. The increased number of applications results in a greater chance of installing Trojans and similar malware. In this paper, we propose the Kirin security service for Android, which performs lightweight certification of applications to mitigate malware at install time. Kirin certification uses security rules, which are templates designed to conservatively match undesirable properties in security configuration bundled with applications. We use a variant of security requirements engineering techniques to perform an in-depth security analysis of Android to produce a set of rules that match malware characteristics. In a sample of 311 of the most popular applications downloaded from the official Android Market, Kirin and our rules found 5 applications that implement dangerous functionality and therefore should be installed with extreme caution....
William Enck, Machigar Ongtang, Patrick Drew McDan
Added 12 Aug 2010
Updated 12 Aug 2010
Type Conference
Year 2009
Where CCS
Authors William Enck, Machigar Ongtang, Patrick Drew McDaniel
Comments (0)