Advanced search options

Advanced Search Options 🞨

Browse by author name (“Author name starts with…”).

Find ETDs with:

in
/  
in
/  
in
/  
in

Written in Published in Earliest date Latest date

Sorted by

Results per page:

You searched for id:"oai:scholarworks.uno.edu:td-3400". One record found.

Search Limiters

Last 2 Years | English Only

No search limiters apply to these results.

▼ Search Limiters


University of New Orleans

1. Ali-Gombe, Aisha Ibrahim. Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications.

Degree: PhD, Computer Science, 2017, University of New Orleans

The rapid increase in mobile malware and deployment of over-privileged applications over the years has been of great concern to the security community. Encroaching on user’s privacy, mobile applications (apps) increasingly exploit various sensitive data on mobile devices. The information gathered by these applications is sufficient to uniquely and accurately profile users and can cause tremendous personal and financial damage. On Android specifically, the security and privacy holes in the operating system and framework code has created a whole new dynamic for malware and privacy exploitation. This research work seeks to develop novel analysis techniques that monitor Android applications for possible unwanted behaviors and then suggest various ways to deal with the privacy leaks associated with them. Current state-of-the-art static malware analysis techniques on Android-focused mainly on detecting known variants without factoring any kind of software obfuscation. The dynamic analysis systems, on the other hand, are heavily dependent on extending the Android OS and/or runtime virtual machine. These methodologies often tied the system to a single Android version and/or kernel making it very difficult to port to a new device. In privacy, accesses to the database system’s objects are not controlled by any security check beyond overly-broad read/write permissions. This flawed model exposes the database contents to abuse by privacy-agnostic apps and malware. This research addresses the problems above in three ways. First, we developed a novel static analysis technique that fingerprints known malware based on three-level similarity matching. It scores similarity as a function of normalized opcode sequences found in sensitive functional modules and application permission requests. Our system has an improved detection ratio over current research tools and top COTS anti-virus products while maintaining a high level of resiliency to both simple and complex obfuscation. Next, we augment the signature-related weaknesses of our static classifier with a hybrid analysis system which incorporates bytecode instrumentation and dynamic runtime monitoring to examine unknown malware samples. Using the concept of Aspect-oriented programming, this technique involves recompiling security checking code into an unknown binary for data flow analysis, resource abuse tracing, and analytics of other suspicious behaviors. Our system logs all the intercepted activities dynamically at runtime without the need for building custom kernels. Finally, we designed a user-level privacy policy enforcement system that gives users more control over their personal data saved in the SQLite database. Using bytecode weaving for query re-writing and enforcing access control, our system forces new policies at the schema, column, and entity levels of databases without rooting or voiding device warranty. Advisors/Committee Members: Dr. Richard III, Golden G., Dr. Ahmed, Irfan, Dr. Roussev, Vassil, Dr. Bourgeois, Edit J..

Subjects/Keywords: Android, Malware Analysis, Fingerprinting; Hybrid Analysis; Instrumentation; AspectJ; Similarity Matching; Privacy; Security; Information Security

Record DetailsSimilar RecordsGoogle PlusoneFacebookTwitterCiteULikeMendeleyreddit

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6th Edition):

Ali-Gombe, A. I. (2017). Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications. (Doctoral Dissertation). University of New Orleans. Retrieved from http://scholarworks.uno.edu/td/2290

Chicago Manual of Style (16th Edition):

Ali-Gombe, Aisha Ibrahim. “Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications.” 2017. Doctoral Dissertation, University of New Orleans. Accessed August 23, 2017. http://scholarworks.uno.edu/td/2290.

MLA Handbook (7th Edition):

Ali-Gombe, Aisha Ibrahim. “Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications.” 2017. Web. 23 Aug 2017.

Vancouver:

Ali-Gombe AI. Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications. [Internet] [Doctoral dissertation]. University of New Orleans; 2017. [cited 2017 Aug 23]. Available from: http://scholarworks.uno.edu/td/2290.

Council of Science Editors:

Ali-Gombe AI. Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications. [Doctoral Dissertation]. University of New Orleans; 2017. Available from: http://scholarworks.uno.edu/td/2290

.