Annual Computer Security Applications Conference 2011 Technical Track Papers

Full Program »

Automated Remote Repair for Mobile Malware

Mobile application markets currently serve as the main line of defense
against malicious applications. While marketplace revocations have
successfully removed the few overtly malicious
applications installed on mobile devices, the anticipated coming flood of mobile
malware mandates the need for mechanisms that can respond faster than
manual intervention. In this paper, we propose an infrastructure that automatically
identifies and responds to malicious mobile applications based
on their network behavior. We design and implement a prototype, Airmid, that uses cooperation
between in-network sensors and smart devices to identify the provenance
of malicious traffic. We then develop sample malicious mobile applications
exceeding the capabilities of malware recently discovered in the
wild, demonstrate the ease with which they can evade current detection
techniques, and then use Airmid to show a range of automated recovery responses ranging
from on-device firewalling to application removal.

Author(s):

Yacin Nadji    
Georgia Institute of Technology
United States

Jonathan Giffin    
Georgia Institute of Technology
United States

Patrick Traynor    
Georgia Institute of Technology
United States

 

Powered by OpenConf®
Copyright©2002-2014 Zakon Group LLC