With the explosive increase in mobile apps, more and more threats migrate from traditional PC client to mobile device. Compared with traditional Win+Intel alliance in PC, Android+ARM alliance dominates in Mobile Int...With the explosive increase in mobile apps, more and more threats migrate from traditional PC client to mobile device. Compared with traditional Win+Intel alliance in PC, Android+ARM alliance dominates in Mobile Internet, the apps replace the PC client software as the major target of malicious usage. In this paper, to improve the security status of current mobile apps, we propose a methodology to evaluate mobile apps based on cloud computing platform and data mining. We also present a prototype system named MobSafe to identify the mobile app's virulence or benignancy. Compared with traditional method, such as permission pattern based method, MobSafe combines the dynamic and static analysis methods to comprehensively evaluate an Android app. In the implementation, we adopt Android Security Evaluation Framework (ASEF) and Static Android Analysis Framework (SAAF), the two representative dynamic and static analysis methods, to evaluate the Android apps and estimate the total time needed to evaluate all the apps stored in one mobile app market. Based on the real trace from a commercial mobile app market called AppChina, we can collect the statistics of the number of active Android apps, the average number apps installed in one Android device, and the expanding ratio of mobile apps. As mobile app market serves as the main line of defence against mobile malwares, our evaluation results show that it is practical to use cloud computing platform and data mining to verify all stored apps routinely to filter out malware apps from mobile app markets. As the future work, MobSafe can extensively use machine learning to conduct automotive forensic analysis of mobile apps based on the generated multifaceted data in this stage.展开更多
Although using machine learning techniques to solve computer security challenges is not a new idea,the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer...Although using machine learning techniques to solve computer security challenges is not a new idea,the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer security community.This paper seeks to provide a dedicated review of the very recent research works on using Deep Learning techniques to solve computer security challenges.In particular,the review covers eight computer security problems being solved by applications of Deep Learning:security-oriented program analysis,defending return-oriented programming(ROP)attacks,achieving control-flow integrity(CFI),defending network attacks,malware classification,system-event-based anomaly detection,memory forensics,and fuzzing for software security.展开更多
Although using machine learning techniques to solve computer security challenges is not a new idea,the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer...Although using machine learning techniques to solve computer security challenges is not a new idea,the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer security community.This paper seeks to provide a dedicated review of the very recent research works on using Deep Learning techniques to solve computer security challenges.In particular,the review covers eight computer security problems being solved by applications of Deep Learning:security-oriented program analysis,defending return-oriented programming(ROP)attacks,achieving control-flow integrity(CFI),defending network attacks,malware classification,system-event-based anomaly detection,memory forensics,and fuzzing for software security.展开更多
基金the National Key Basic Research and Development (973) Program of China (Nos. 2012CB315801 and 2011CB302805)the National Natural Science Foundation of China (Nos. 61161140320 and 61233016)Intel Research Council with the title of Security Vulnerability Analysis based on Cloud Platform with Intel IA Architecture
文摘With the explosive increase in mobile apps, more and more threats migrate from traditional PC client to mobile device. Compared with traditional Win+Intel alliance in PC, Android+ARM alliance dominates in Mobile Internet, the apps replace the PC client software as the major target of malicious usage. In this paper, to improve the security status of current mobile apps, we propose a methodology to evaluate mobile apps based on cloud computing platform and data mining. We also present a prototype system named MobSafe to identify the mobile app's virulence or benignancy. Compared with traditional method, such as permission pattern based method, MobSafe combines the dynamic and static analysis methods to comprehensively evaluate an Android app. In the implementation, we adopt Android Security Evaluation Framework (ASEF) and Static Android Analysis Framework (SAAF), the two representative dynamic and static analysis methods, to evaluate the Android apps and estimate the total time needed to evaluate all the apps stored in one mobile app market. Based on the real trace from a commercial mobile app market called AppChina, we can collect the statistics of the number of active Android apps, the average number apps installed in one Android device, and the expanding ratio of mobile apps. As mobile app market serves as the main line of defence against mobile malwares, our evaluation results show that it is practical to use cloud computing platform and data mining to verify all stored apps routinely to filter out malware apps from mobile app markets. As the future work, MobSafe can extensively use machine learning to conduct automotive forensic analysis of mobile apps based on the generated multifaceted data in this stage.
基金This work was supported by ARO W911NF-13-1-0421(MURI),NSF CNS-1814679,and ARO W911NF-15-1-0576.
文摘Although using machine learning techniques to solve computer security challenges is not a new idea,the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer security community.This paper seeks to provide a dedicated review of the very recent research works on using Deep Learning techniques to solve computer security challenges.In particular,the review covers eight computer security problems being solved by applications of Deep Learning:security-oriented program analysis,defending return-oriented programming(ROP)attacks,achieving control-flow integrity(CFI),defending network attacks,malware classification,system-event-based anomaly detection,memory forensics,and fuzzing for software security.
基金supported by ARO W911NF-13-1-0421(MURI),NSF CNS-1814679,and ARO W911NF-15-1-0576.
文摘Although using machine learning techniques to solve computer security challenges is not a new idea,the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer security community.This paper seeks to provide a dedicated review of the very recent research works on using Deep Learning techniques to solve computer security challenges.In particular,the review covers eight computer security problems being solved by applications of Deep Learning:security-oriented program analysis,defending return-oriented programming(ROP)attacks,achieving control-flow integrity(CFI),defending network attacks,malware classification,system-event-based anomaly detection,memory forensics,and fuzzing for software security.
