Muutke küpsiste eelistusi

E-raamat: Android Application Security: A Semantics and Context-Aware Approach

,
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 55,56 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Android Application Security: A Semantics and Context-Aware ApproachSuurem pilt
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

This SpringerBrief explains the emerging cyber threats that undermine Android application security. It further explores the opportunity to leverage the cutting-edge semantics and context-aware techniques to defend against such threats, including zero-day Android malware, deep software vulnerabilities, privacy breach and insufficient security warnings in app descriptions. The authors begin by introducing the background of the field, explaining the general operating system, programming features, and security mechanisms. The authors capture the semantic-level behavior of mobile applications and use it to reliably detect malware variants and zero-day malware. Next, they propose an automatic patch generation technique to detect and block dangerous information flow. A bytecode rewriting technique is used to confine privacy leakage. User-awareness, a key factor of security risks, is addressed by automatically translating security-related program semantics into natural language descriptio

ns. Frequent behavior mining is used to discover and compress common semantics. As a result, the produced descriptions are security-sensitive, human-understandable and concise. By covering the background, current threats, and future work in this field, the brief is suitable for both professionals in industry and advanced-level students working in mobile security and applications. It is valuable for researchers, as well. 

Introduction.- Background.- Semantics-Aware Android Malware Classification.- Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks.- Efficient and Context-Aware Privacy Leakage Confinement.- Automatic Generation of Security-Centric Descriptions for Android Apps.- Limitation and Future Work.- Conclusion.
1 Introduction
1(6)
1.1 Security Threats in Android Applications
1(2)
1.1.1 Malware Attacks
1(1)
1.1.2 Software Vulnerabilities
2(1)
1.1.3 Information Leakage
2(1)
1.1.4 Insecure Descriptions
2(1)
1.2 A Semantics and Context Aware Approach to Android Application Security
3(4)
References
4(3)
2 Background
7(12)
2.1 Android Application
7(2)
2.1.1 Android Framework API
8(1)
2.1.2 Android Permission
8(1)
2.1.3 Android Component
8(1)
2.1.4 Android App Description
9(1)
2.2 Android Malware Detection
9(2)
2.2.1 Signature Detection and Malware Analysis
10(1)
2.2.2 Android Malware Classification
10(1)
2.3 Android Application Vulnerabilities
11(2)
2.3.1 Component Hijacking Vulnerabilities
11(1)
2.3.2 Automatic Patch and Signature Generation
12(1)
2.3.3 Bytecode Rewriting
12(1)
2.3.4 Instrumentation Code Optimization
13(1)
2.4 Privacy Leakage in Android Apps
13(1)
2.4.1 Privacy Leakage Detection
13(1)
2.4.2 Privacy Leak Mitigation
14(1)
2.4.3 Information Flow Control
14(1)
2.5 Text Analytics for Android Security
14(5)
2.5.1 Automated Generation of Software Description
15(1)
References
15(4)
3 Semantics-Aware Android Malware Classification
19(26)
3.1 Introduction
19(2)
3.2 Overview
21(2)
3.2.1 Problem Statement
21(1)
3.2.2 Architecture Overview
22(1)
3.3 Weighted Contextual API Dependency Graph
23(7)
3.3.1 Key Behavioral Aspects
23(1)
3.3.2 Formal Definition
24(1)
3.3.3 A Real Example
24(2)
3.3.4 Graph Generation
26(4)
3.4 Android Malware Classification
30(4)
3.4.1 Graph Matching Score
30(1)
3.4.2 Weight Assignment
31(1)
3.4.3 Implementation and Graph Database Query
32(1)
3.4.4 Malware Classification
33(1)
3.5 Evaluation
34(11)
3.5.1 Dataset and Experiment Setup
34(1)
3.5.2 Summary of Graph Generation
34(2)
3.5.3 Classification Results
36(4)
3.5.4 Runtime Performance
40(1)
3.5.5 Effectiveness of Weight Generation and Weighted Graph Matching
40(2)
References
42(3)
4 Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks
45(18)
4.1 Introduction
45(2)
4.2 Problem Statement and Approach Overview
47(4)
4.2.1 Running Example
47(2)
4.2.2 Problem Statement
49(1)
4.2.3 Approach Overview
50(1)
4.3 Taint Slice Computation
51(1)
4.3.1 Running Example
51(1)
4.4 Patch Statement Placement
52(1)
4.5 Patch Optimization
53(3)
4.5.1 Optimized Patch for Running Example
54(2)
4.6 Experimental Evaluation
56(7)
4.6.1 Experiment Setup
56(1)
4.6.2 Summarized Results
57(1)
4.6.3 Detailed Analysis
58(2)
References
60(3)
5 Efficient and Context-Aware Privacy Leakage Confinement
63(14)
5.1 Introduction
63(2)
5.2 Approach Overview
65(1)
5.2.1 Key Techniques
65(1)
5.3 Context-Aware Policy
66(3)
5.3.1 Taint Propagation Trace
67(1)
5.3.2 Source and Sink Call-Sites
67(1)
5.3.3 Parameterized Source and Sink Pairs
68(1)
5.3.4 Implementation
69(1)
5.4 Experimental Evaluation
69(8)
5.4.1 Summarized Analysis Results
70(1)
5.4.2 Detailed Analysis
71(3)
5.4.3 Runtime Performance
74(1)
References
75(2)
6 Automatic Generation of Security-Centric Descriptions for Android Apps
77(22)
6.1 Introduction
77(1)
6.2 Overview
78(4)
6.2.1 Problem Statement
78(2)
6.2.2 Architecture Overview
80(2)
6.3 Security Behavior Graph
82(4)
6.3.1 Formal Definition
82(1)
6.3.2 SBG of Motivating Example
82(1)
6.3.3 Graph Generation
83(3)
6.4 Behavior Mining and Graph Compression
86(1)
6.5 Description Generation
87(5)
6.5.1 Automatically Generated Descriptions
87(1)
6.5.2 Behavior Description Model
88(2)
6.5.3 Behavior Graph Translation
90(1)
6.5.4 Motivating Example
91(1)
6.6 Evaluation
92(7)
6.6.1 Correctness and Security-Awareness
92(3)
6.6.2 Readability and Effectiveness
95(2)
References
97(2)
7 Limitation and Future Work
99(6)
7.1 Android Malware Classification
99(1)
7.2 Automated Vulnerability Patching
100(1)
7.3 Context-Aware Privacy Protection
101(1)
7.4 Automated Generation of Security-Centric Descriptions
102(3)
References
103(2)
8 Conclusion
105
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97833194781282e.html
Märksõnad: