Responsive image
博碩士論文 etd-0707113-101154 詳細資訊
Title page for etd-0707113-101154
Behavior Analysis of Mobile Malware Based on Information Leakage
Year, semester
Number of pages
Advisory Committee
Date of Exam
Date of Submission
Android, Behavior Analysis, Mobile Device, Sensitive Information, Malware
本論文已被瀏覽 5812 次,被下載 0
The thesis/dissertation has been browsed 5812 times, has been downloaded 0 times.
With the advance of science and technology, mobile devices have been more powerful and no less from personal computer. There are more people using mobile device working, surfing the internet or other forms of entertainment. The user information on the mobile device draw cracker’s attention, and malware made by cracker targets on it. When using malware, many users would suffer losses.
  By using behavior analysis and tracking mobile application on emulator can understand what behavior is there with sensitive information within execution period. We observe the behavior in three parts, file, network and SMS. We would check if file and network’s behavior delivers the sensitive data. Also, we check the unusual SMS. Experimental results show that the approach has higher true positive on detection rate and lower false positive rate as compared to those permission based methods.
目次 Table of Contents
論文審定書 i
誌 謝 ii
摘 要 iii
Abstract iv
目 錄 v
圖 次 vi
表 次 vii
第一章 緒論 1
第二章 文獻探討 7
 第一節 靜態分析 7
 第二節 動態分析 8
 第三節 以權限為基礎的分析 10
 第四節 敏感性資料外洩 11
 第五節 Android裝置 11
  Android 11
  Google Play™ 12
  第三方市場 12
  Android SDK 12
  Android Emulator 13
  Android Monkey 14
  Android Logcat 14
第三章 系統設計 15
 第一節 系統架構 15
 第二節 Execution Section 16
 第三節 Analysis Section 19
第四章 系統評估 25
 第一節 系統建置 25
 第二節 樣本 26
 第三節 評估 29
第五章 結論      35
參考文獻 36
參考文獻 References
[1] A. P. Felt, K. Greenwood, and D. Wagner,“The effectiveness of allication permissions”, In: WebApps'11 Proceedings of the 2nd USENIX conference on Web Application development,2011.
[2] A. Shabtai, Y. Elovici, “Applying Behavioral Detection on Android-Based Devices”, In: MOBILWARE 2010, 2010.
[3] T. Bläsing, L. Batyuk, and A. Schmidt, S. A. Camtepe, and S. Albayrak, “ An Android Application Sandbox system for suspiciopus software detection” In: Malware 2010 5th IEEE International Conference on Malicious and Unwanted Software. Nancy, Lorraine, 2010.
[4] D. Barrera, H. G. Kayacık, P.C. van Oorschot, and A. Somayaji, “A methodology for empirical analysis of permission-based security models and its Application to android”, In: CCS '10 Proceedings of the 17th ACM conference on Computer and communications security, 2010.
[5] F. D. Cerbo, A. Girardello, F. Michahelles, and S. Voronkova, “Detection of malicious Applications on Android OS”, In: IWCF'10 Proceedings of the 4th international conference on Computational forensics, 2011.
[6] IDC, “Android and iOS Combine for 91.1% of the Worldwide Smartphone OS Market in 4Q12 and 87.6% for the Year , According to IDC ", available at:, 2012.
[7] I. Burguera, U. Zurutuza, and N. T. Simin, ” Crowdroid: behavior-based malware detection system for Android”, In: SPSM '11 Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, 2011.
[8] McAfee, “McAfee Threats Report:First Quarter 2012”, 2012.
[9] M. Egele, C. Kruegel, E. Kirda, and G. Vigna , ”PiOS: Detecting Privacy Leaks in iOS Applications”, In: 18th Annual Network and Distributed System Security Symposium, (NDSS 2011), 2011.
[10] W. Enck, M. Ongtang, and P. McDaniel, ”On lightweight mobile phone Application certification, “ In: CCS '09 Proceedings of the 16th ACM conference on Computer and communications security, 2009.
[11] F-Security, “MobileThreatReport Q1 2013”, 2013.
[12] A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, ”A Survey of Mobile Malware in the Wild”, In:SPSM '11 Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, 2011.
[13] M. Chandramohan and H. B. K. Tan, “Detection of Mobile Malware in the Wild”, In: IEEE Computer 45(9), 2012.
[14] Wuntee, “androidAuditTools : Dynamic Android analysis tools”, available at:, 2011.
[15] Google, “UI/Application Exerciser Monkey”, available at:, 2013.
[16] Google, “Managing Virtual Devices | Android Developers”, available at:, 2013.
[17] Google, “Logcat”, available at:, 2013.
[18] Y. Zhou, X. Jiang, “Dissecting Android Malware: Characterization and Evolution”, In: Proceedings of the 33rd IEEE Symposium on Security and Privacy (Oakland 2012), San Francisco, CA, May 2012.
[19] Mila, “contagion mobile”, available at:, 2013
[20] Wikipedia, “Android”, available at:, 2013.
[21] Statista, “Number of available applications in the Google Play Store”, available at:, 2012.
[22] S. Mansfield-Devine ,”Android malware and mitigations”, available at: Network Security 2012, 2012.
[23] H.Lockheimer, “Android and Security”, available at:, 2012.
[24] M. Spreitzenbarth , “Current Android Malware”, available at:, 2013.
[25] AppSec Labs, “AppUse - Android Pentest Platform Unified Standalone Environment”, available at:, 2013.
[26] W. Enck, P. Gilbert, B. G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, “TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones”, In: OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation, 2010.
[27] C. Gibler, J. Crussell , J. Erickson , and H. Chen, ”AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale”, In: TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing, 2012.
[28] OWASP, “Information Leakage” , available at:, 2013.
電子全文 Fulltext
論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus:永不公開 not available
校外 Off-campus:永不公開 not available

您的 IP(校外) 位址是
論文開放下載的時間是 校外不公開

Your IP address is
This thesis will be available to you on Indicate off-campus access is not available.

紙本論文 Printed copies
開放時間 available 永不公開 not available

QR Code