Università degli Studi dell'Insubria Insubria Space
 

InsubriaSPACE - Thesis PhD Repository >
Insubria Thesis Repository >
01 - Tesi di dottorato >

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/10277/576

Autori: Taddeo, Marco
Tutor interno: TROMBETTA, ALBERTO
Titolo: A real-time framework for malicious behaviour discovery on android mobile devices.
Abstract: In few years Android has become the most widespread operating system among mobile devices. Its extreme popularity combined with the personal information contained on smartphones - as financial account, private photos and other acquaintances’ data – has captured the attention of many criminal organizations and hackers. The consequence is the massive presence on the market of malwares targeting the Android architecture. A great amount of research has focused on mechanisms to discovery such threads analyzing the application package before installing it, looking for common patterns and specific features while other approaches try to discover the infection during the attack but the required computation penalizes the device’s performance and battery autonomy. In this thesis we present a novel framework for real-time monitoring the Android device’s behavior without compromising the user experience. Our approach, thanks to a client-server architecture, permits to know in time many information related to the system and the applications running on it. By defining appropriate rules through an ad-hoc language we are able to control the device’s behavior and understand if it is the result of an infection. Further, with the contribution of the server which collects data from many users, we are able to compare data from different devices and understand if an application is different from the “safe” version. During our tests we were able to discover if an application has been infected with the introduction of a malicious code and to understand if the device behavior deviates in time in respect to the user standard profile which was built dynamically over time.
Parole chiave: Sicurezza, Android, malware, dispositivi mobili, virus, privacy.
MIUR : INF/01 INFORMATICA
Data: 2015
Lingua: eng
Corso di dottorato: Informatica
Ciclo di dottorato: 27
Università di conseguimento titolo: Università degli Studi dell'Insubria
Citazione: Taddeo, M.A real-time framework for malicious behaviour discovery on android mobile devices. (Doctoral Thesis, Università degli Studi dell'Insubria, 2015).

Full text:

File Descrizione DimensioniFormatoConsultabilità
PhD_Thesis_taddeomarco_completa.pdftesto completo tesi8,66 MBAdobe PDFVisualizza/apri

Questo documento è distribuito in accordo con Licenza Creative Commons
Creative Commons


Tutti i documenti archiviati in InsubriaSPACE sono protetti da copyright. Tutti i diritti riservati.


Segnala questo record su
Del.icio.us

Citeulike

Connotea

Facebook

Stumble it!

reddit


 

  ICT Support, development & maintenance are provided by the AePIC team @ CILEA. Powered on DSpace Software.  Feedback