Abstract
Application collusion is an emerging threat to Android based devices. In app collusion, two or more apps collude in some manner to perform a malicious action that they are unable to do independently. Detection of colluding apps is a challenging task. Existing commercial malware detection systems analyse each app separately, hence fail to detect any joint malicious action performed by multiple apps through collusion. In this paper, we discuss the current state of research on app collusion and open challenges to the detection of colluding apps. We compare existing approaches and present an integrated approach to effectively detect app collusion.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Elish, K.O., Yao, D., Ryder, B.G.: On the need of precise inter-app: ICC classification for detecting android malware collusions. In: Proceedings of IEEE Mobile Security Technologies (2015)
Marforio, C., Ritzdorf, H., Francillon, A., Capkun, S: Analysis of the communication between colluding applications on modern smartphones. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 51–60 (2012)
Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th ACM Conference on Mobile Systems, Applications and Services, pp. 239–252 (2011)
Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R., Shastry, B.: Towards taming privilege-escalation attacks on android. In: NDSS (2012)
Idrees, F., Rajarajan, M.: Investigating the android intents and permissions for malware detection. In: Proceedings of IEEE Wireless and Mobile Computing, Networking and Communications, pp. 354–358 (2014)
Felt, A.P., Wang, H.J., Moshchuk, A., Hanna, S., Chin, E.: Attacks and defenses. In: USENIX Security Symposium (2011)
Idrees, F., Rajarajantitle, M., Conti, M., Chen, T.M., Yogachandran, R.: A novel Android malware detection system using ensemble learning methods. Comput. Secur. 68, 36–46 (2017). Elsevier
Bagheri, H., Sadeghi, A., Garcia, J., Malek, S.: Covert: compositional analysis of android inter-app permission leakage. IEEE Trans. Softw. Eng. 9, 866–886 (2015)
Gasior, W., Yang, L.: Network covert channels on the Android platform. In: Proceedings of the Seventh Annual ACM Workshop on Cyber Security and Information Intelligence Research, pp. 61–67 (2011)
Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 346–360. Springer, Heidelberg (2011). doi:10.1007/978-3-642-18178-8_30
Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.-R.: Xmandroid: a new android evolution to mitigate privilege escalation attacks. Technische Universität Darmstadt, Technical report (2011)
Memon, A.M., Anwar, A.: Colluding apps: tomorrow’s mobile malware threat. IEEE Secur. Priv. 6, 77–81 (2015)
Bhandari, S., Laxmi, V., Zemmari, A., Gaur, M.S: Gaur Intersection automata based model for Android application collusion. In: Advanced Information Networking and Applications, pp. 901–908 (2016)
Asavoaeca, I., Jorge, B., Chen, T., Kumara, H., Muttik, I., Nguyen, H.N., Roggenbach, M., Shaikh, S.: Towards automated android app collusion detection (2016). arXiv preprint arXiv:1603.02308
Tristan, R., Rogan, C.E., Aaron, T., Adam, F., Trevor, E., Ledah, C.: Statically detecting android app. collusion. In: Proceedings of the 4th Program Protection and Reverse Engineering Workshop, p. 4 (2014)
Gilbert, W.P., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (OSDI 2010), pp. 1–6 (2010)
Enck, W., Ongtang, M., McDaniel, P.: Understanding android security. IEEE Secur. Priv. 7, 50–57 (2009)
Kantola, D., Chin, E., He, W., Wagner, D.: Reducing attack surfaces for intra-application communication in Android. In: Proceedings of Second ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 69–80 (2012)
Maji, A., Arshad, F., Bagchi, S., Rellermeyer, J.: An empirical study of the robustness of inter-component communication in Android. In: International Conference on Dependable Systems and Networks, pp. 1–12 (2012)
Long, L., Li, Z., Zhenyu, W., Lee, W., Jiang, G.: Chex: statically vetting Android apps for component hijacking vulnerabilities. In: Proceedings of Conference on Computer and Communications Security, pp. 229–240 (2012)
Avancini, A., Ceccato, M.: Security testing of the communication among Android applications. In: Proceedings of 8th IEEE International Workshop on Automation of Software Test, pp. 57–63 (2013)
Gordon, M.I., Kim, D., Perkins, J.H., Gilham, L., Nguyen, N., Rinard, M.C.: Information flow analysis of android applications in DroidSafe. In: NDSS, pp. 1–16 (2015)
Gallingani, D., Gjomemo, R., Venkatakrishnan, V.N., Zanero, S.: Practical exploit generation for intent message vulnerabilities in Android. In: Proceedings of the 5th ACM Conference on Data and Application Security, pp. 155–157 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Abro, F.I., Rajarajan, M., Chen, T.M., Rahulamathavan, Y. (2017). Android Application Collusion Demystified. In: Doss, R., Piramuthu, S., Zhou, W. (eds) Future Network Systems and Security. FNSS 2017. Communications in Computer and Information Science, vol 759. Springer, Cham. https://doi.org/10.1007/978-3-319-65548-2_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-65548-2_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-65547-5
Online ISBN: 978-3-319-65548-2
eBook Packages: Computer ScienceComputer Science (R0)