Jun
20
2017
By Paula Rodrigues
Title | T2Droid: A TrustZone-based Dynamic Analyser for Android Applications |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Yalew SDemesie, Maguire, Jr. GQ, Haridi S, Correia M |
Conference Name | Proceedings of the 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) |
Date Published | August |
Publisher | IEEE |
Conference Location | Sydney, Australia |
Abstract | Android has become the most widely used mobile operating system (OS) in recent years. There is much research on methods for detecting malicious Android applications. Dy- namic analysis methods detect such applications by evaluating their behaviour during execution. However, such mechanisms may be ineffective as malware is often able to disable anti- malware software. This paper presents the design of T2DROID, a dynamic analyser for Android that uses traces of Android API function calls and kernel syscalls, and that is protected from malware by leveraging the ARM TrustZone security extension. In our experimental evaluation T2DROID achieved accuracy and precision of 0.98 and 0.99, respectively, with a kNN classifier. |
URL | http://www.safecloud-project.eu/sites/safecloud-project.eu/files/uploads/docs/publications/TrustCom_2017.pdf |