Detecting money-stealing apps in alternative Android markets Conference Paper

abstract

• The prevalence of malware in Android marketplaces is a growing and significant problem. Among the most worrisome concerns are with regarding to malicious Android applications that attempt to steal money from unsuspecting users. These malicious applications get uploaded under the guise of benign applications, typically to third-party alternative market places that lack proper security vetting procedures, and are subsequently downloaded and executed by unsuspecting victims. In this work, we propose "Money-Guard", a systematic approach to detect stealthy moneystealing applications in popular Android markets. Our technique relies on detecting two key behavioral heuristics that seem to be common across many money-stealing Android malware: hardcoded exfiltration and notification suppression. In our preliminary analysis of 47 SMS-based money stealing applications, we confirm that 41 of these applications follow the above pattern, and describe a light weight detection approach that will identify this behavioral pattern.

name of conference

• Proceedings of the 2012 ACM conference on Computer and communications security

authors

• Gu, Guofei

published proceedings

• Proceedings of the 2012 ACM conference on Computer and communications security

author list (cited authors)

• Yang, C., Yegneswaran, V., Porras, P., & Gu, G.

citation count

• 10

complete list of authors

• Yang, Chao||Yegneswaran, Vinod||Porras, Phillip||Gu, Guofei

publication date

• January 2012

publisher

• Association for Computing Machinery (ACM)  Publisher

published in

• Proceedings of the ACM Conference on Computer and Communications Security  Journal

Digital Object Identifier (DOI)

• 10.1145/2382196.2382316

International Standard Book Number (ISBN) 13

• 9781450316507

start page

• 1034

end page

• 1036

URL

• http%3A%2F%2Fdx.doi.org%2F10.1145%2F2382196.2382316