2013 32nd International Conference of the Chilean Computer Science Society (SCCC) (2013)
Temuco, Cautin, Chile
Nov. 11, 2013 to Nov. 15, 2013
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SCCC.2013.16
To date, there are more than 800.000 applications available on each of the two largest mobile application markets (Google Play and Apple App Store), each reporting around 40 billion downloads in total. At this scale, it is impossible to analyze each application for malware behavior before making them available for download. Vendors mostly rely on user feedback to remove malware from their marketplaces, so it can take a while for these applications to be removed. In practice, users must be very careful when picking which applications to install. Moreover, it can be hard to detect a malware application once it is installed, unless the application has noticeable side-effects. To improve this situation, we propose a framework for performing runtime monitoring of mobile applications against behavioral correctness properties. These properties specify forbidden and desired interactions between applications and the phone's resources as sequences of events. The user can then determine which applications to uninstall based on which properties they violate. We have implemented a prototype of this framework for the Android operating system. In this first version of the framework, the user must specify the properties to be monitored directly as automata.
Monitoring, Smart phones, Malware, Mobile communication, Operating systems, Automata, Runtime
S. Vasquez and J. Simmonds, "Mobile Application Monitoring," 2013 32nd International Conference of the Chilean Computer Science Society (SCCC), Temuco, Cautin, Chile, 2013, pp. 30-32.