Scalable Detection of Unknown Malware from Millions of Apps

  目:Scalable Detection of Unknown Malware from Millions of Apps

  要:

An app market’s vetting process is expected to be scalable and effective. However, today’s vetting mechanisms are slow and less capable of catching new threats. In our research, we found that a more powerful solution can be found by exploiting the way Android malware is constructed and disseminated, which is typically through repackaging legitimate apps with similar malicious components. As a result, such attack payloads often stand out from those of the same repackaging origin and also show up in the apps not supposed to relate to each other. Based upon this observation, we developed a new technique, called MassVet, for vetting apps at a massive scale, without knowing what malware looks like and how it behaves. We implemented MassVet over a stream processing engine and evaluated it over 1.2 million apps from 33 app markets around the world, the scale of Google Play. Our study shows that the technique can vet an app within 10 seconds at a low false detection rate.

地点:信息楼429

时间:2016-04-19  10:00—11:30

报告人:陈凯  研究员

简历:

研究员,博士生导师,中国科学院信息工程研究所。中国保密协会隐私保护专业委员会委员,中国科学院青年创新促进会会员。2010年于中国科学院研究生院获博士学位,美国宾州大学博士后。主要研究领域包括软件安全、智能终端安全、安全测评和隐私保护。在诸多国际顶级会议如USENIX安全大会(USENIX Security), ACM计算机与通讯安全大会(CCS)、国际软件工程大会(ICSE)、IEEE/ACM自动化软件工程大会(ASE)、IEEE Transactions on Reliability等发表论文近50篇,多次在国际学术会议上做大会报告;获得与申请专利12项;曾主持和参加国家自然科学基金、863计划、中科院战略性先导科技专项、国家发改委信息安全专项等国家部委课题20余项;《IEEE Transactions on Dependable and Secure Computing》、《Computers & Security》等SCI期刊评审专家;AsiaCCS、SecureComm等多个国际会议委员会成员;国家博士后基金评审专家。主页:http://www.kaichen.org

Tags