Skip to main content
SpringerLink
Log in

CAVAEva: An Engineering Platform forĀ Evaluating Commercial Anti-malware Applications on Smartphones

  • Conference paper
  • First Online:
Information Security and Cryptology (Inscrypt 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12020))

Included in the following conference series:

Abstract

The pervasiveness of mobile devices, such as Android and iOS smartphones, and the type of data available and stored on these devices make them an attractive target for cyber-attackers. For example, mobile malware authors seek to compromise devices to collect sensitive information and data from the smartphones. To mitigate such a threat, a number of online scanning platforms exist to evaluate existing anti-malware applications. However, existing platforms have a number of limitations, such as configuration inflexibility. Also, in practice, the code protection and different structures complicate efforts to effectively evaluate different commercial anti-malware software in a configurable and unified platform. Hence in this work, we design CAVAEva, an engineering platform for commercial anti-malware application evaluation, in which users/researchers have the capability to configure the platform based on their needs and requirements. In particular, we show how to design such a platform and introduce its performance. Specifically, we present a comparative summary of seven commercial anti-malware software, and collect the feedback from a user study. Experimental results demonstrate the potential utility of our platform in evaluating commercial anti-malware software in a real-world smartphone deployment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.digitalcitizen.life/how-choose-great-security-product-thats-right-you.

References

  1. Anand, S.A., Saxena, N.: Speechless: analyzing the threat to speech privacy from smartphone motion sensors. In: Proceedings of the 2018 IEEE Symposium on Security and Privacy, pp. 1000ā€“1017 (2018)

    Google ScholarĀ 

  2. Andriesse, D., Bos, H.: Instruction-level steganography for covert trigger-based malware. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 41ā€“50. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08509-8_3

    ChapterĀ  Google ScholarĀ 

  3. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: Proceedings of NDSS (2014)

    Google ScholarĀ 

  4. Asonov, D., Agrawal, R.: Keyboard acoustic emanations. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 3ā€“11 (2004)

    Google ScholarĀ 

  5. Aviv, A.J., Gibson, K., Mossop, E., Blaze, M., Smith, J.M.: Smudge attacks on smartphone touch screens. In: Proceedings of the 4th USENIX Conference on Offensive Technologies (WOOT), pp. 1ā€“7 (2010)

    Google ScholarĀ 

  6. Backes, M., Nauman, M.: LUNA: quantifying and leveraging uncertainty in Android malware analysis through Bayesian machine learning. In: EuroS&P 2017, pp. 204ā€“217 (2017)

    Google ScholarĀ 

  7. Cai, L., Chen, H.: TouchLogger: inferring keystrokes on touch screen from smartphone motion. In: Proceedings of the 6th USENIX Conference on Hot Topics in Security (HotSec), pp. 1ā€“6 (2011)

    Google ScholarĀ 

  8. Chen, S., et al.: Automated poisoning attacks and defenses in malware detection systems: an adversarial machine learning approach. Comput. Secur. 73, 326ā€“344 (2018)

    ArticleĀ  Google ScholarĀ 

  9. Chen, X., et al.: Android HIV: a study of repackaging malware for evading machine-learning detection. IEEE Trans. Inf. Forensics Secur. 15, 987ā€“1001 (2019)

    ArticleĀ  Google ScholarĀ 

  10. Chen, Z., et al.: Machine learning based mobile malware detection using highly imbalanced network traffic. Inf. Sci. 433ā€“434, 346ā€“364 (2018)

    ArticleĀ  Google ScholarĀ 

  11. Do, Q., Martini, B., Choo, K.-K.R.: Exfiltrating data from Android devices. Comput. Secur. 48, 74ā€“91 (2015)

    ArticleĀ  Google ScholarĀ 

  12. Faruki, P., Bharmal, A., Laxmi, V., Gaur, M.S., Conti, M., Rajarajan, M.: Evaluation of Android anti-malware techniques against Dalvik bytecode obfuscation. In: Proceedings of TrustCom, pp. 414ā€“421 (2014)

    Google ScholarĀ 

  13. Faruki, P., et al.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 17(2), 998ā€“1022 (2015)

    ArticleĀ  Google ScholarĀ 

  14. Garuba, M., Liu, C., Washington, A.N.: A comparative analysis of anti-malware software, patch management, and host-based firewalls in preventing malware infections on client computers. In: Proceedings of ITNG, pp. 628ā€“632 (2008)

    Google ScholarĀ 

  15. Han, J., Owusu, E., Nguyen, L., Perrig, A., Zhang, J.: ACComplice: location inference using accelerometers on smartphones. In: Proceedings of the 4th International Conference on Communication Systems and Networks (COMSNETS), New York, NY, USA, pp. 1ā€“9 (2012)

    Google ScholarĀ 

  16. Hurier, M., Allix, K., BissyandĆ©, T.F., Klein, J., Le Traon, Y.: On the lack of consensus in anti-virus decisions: metrics and insights on building ground truths of Android malware. In: Caballero, J., Zurutuza, U., RodrĆ­guez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 142ā€“162. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40667-1_8

    ChapterĀ  Google ScholarĀ 

  17. Jiang, L., Meng, W., Wang, Y., Su, C., Li, J.: Exploring energy consumption of juice filming charging attack on smartphones: a pilot study. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds.) NSS 2017. LNCS, vol. 10394, pp. 199ā€“213. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-64701-2_15

    ChapterĀ  Google ScholarĀ 

  18. Kune, D.F., Kim, Y.: Timing attacks on PIN input devices. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS), pp. 678ā€“680. ACM, New York (2010)

    Google ScholarĀ 

  19. Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine-learning-based Android malware detection. IEEE Trans. Ind. Inform. 14(7), 3216ā€“3225 (2018)

    ArticleĀ  Google ScholarĀ 

  20. Lin, C.-C., Li, H., Zhou, X., Wang, X.: Screenmilker: how to milk your Android screen for secrets. In: Proceedings of Annual Network and Distributed System Security Symposium (NDSS), pp. 1ā€“10 (2014)

    Google ScholarĀ 

  21. Liu, J., Zhong, L., Wickramasuriya, J., Vasudevan, V.: uWave: accelerometer-based personalized gesture recognition and its applications. Pervasive Mob. Comput. 5(6), 657ā€“675 (2009)

    ArticleĀ  Google ScholarĀ 

  22. Lau, B., Jang, Y., Song, C.: Mactans: injecting malware into iOS devices via malicious chargers. Blackhat USA (2013)

    Google ScholarĀ 

  23. Marquardt, P., Verma, A., Carter, H., Traynor, P.: (sp)iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), pp. 551ā€“562. ACM, New York (2011)

    Google ScholarĀ 

  24. Matplotlib: Python plotting. https://matplotlib.org/

  25. MonkeyRunner: A monkeyrunner class that contains static utility methods. https://developer.android.com/studio/test/monkeyrunner/MonkeyRunner

  26. Morales, J.A., Sandhu, R.S., Xu, S.: Evaluating detection and treatment effectiveness of commercial anti-malware programs. In: Proceedings of MALWARE, pp. 31ā€“38 (2010)

    Google ScholarĀ 

  27. Mcafee: McAfee Mobile Threat Report Q1, 2018. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-mobile-threat-report-2018.pdf

  28. Meng, Y., Wong, D.S., Schlegel, R., Kwok, L.: Touch gestures based biometric authentication scheme for touchscreen mobile phones. In: Kutyłowski, M., Yung, M. (eds.) Inscrypt 2012. LNCS, vol. 7763, pp. 331ā€“350. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38519-3_21

    ChapterĀ  Google ScholarĀ 

  29. Meng, Y., Li, W., Kwok, L.-F.: Enhancing click-draw based graphical passwords using multi-touch on mobile phones. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 55ā€“68. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39218-4_5

    ChapterĀ  Google ScholarĀ 

  30. Meng, W., Li, W., Kwok, L.F.: EFM: enhancing the performance of signature-based network intrusion detection systems using enhanced filter mechanism. Comput. Secur. 43, 189ā€“204 (2014)

    ArticleĀ  Google ScholarĀ 

  31. Meng, W., Wong, D.S., Furnell, S., Zhou, J.: Surveying the development of biometric user authentication on mobile phones. IEEE Commun. Surv. Tutor. 17, 1268ā€“1293 (2015)

    ArticleĀ  Google ScholarĀ 

  32. Meng, W., Lee, W.H., Murali, S.R., Krishnan, S.P.T.: Charging me and I know your secrets! Towards juice filming attacks on smartphones. In: Proceedings of the Cyber-Physical System Security Workshop (CPSS), in conjunction with AsiaCCS 2015. ACM (2015)

    Google ScholarĀ 

  33. Meng, W., Lee, W.H., Murali, S.R., Krishnan, S.P.T.: JuiceCaster: towards automatic juice filming attacks on smartphones. J. Netw. Comput. Appl. 68, 201ā€“212 (2016)

    ArticleĀ  Google ScholarĀ 

  34. Meng, W., Fei, F., Li, W., Au, M.H.: Harvesting smartphone privacy through enhanced juice filming charging attacks. In: Nguyen, P., Zhou, J. (eds.) ISC 2017. Lecture Notes in Computer Science, vol. 10599, pp. 291ā€“308. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69659-1_16

    ChapterĀ  Google ScholarĀ 

  35. Meng, W., Lee, W.H., Liu, Z., Su, C., Li, Y.: Evaluating the impact of juice filming charging attack in practical environments. In: Kim, H., Kim, D.-C. (eds.) ICISC 2017. LNCS, vol. 10779, pp. 327ā€“338. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78556-1_18

    ChapterĀ  Google ScholarĀ 

  36. Meng, W., Jiang, L., Wang, Y., Li, J., Zhang, J., Xiang, Y.: JFCGuard: detecting juice filming charging attack via processor usage analysis on smartphones. Comput. Secur. 76, 252ā€“264 (2018)

    ArticleĀ  Google ScholarĀ 

  37. Milosevic, N., Dehghantanha, A., Choo, K.K.R.: Machine learning aided Android malware classification. Comput. Electr. Eng. 61, 266ā€“274 (2017)

    ArticleĀ  Google ScholarĀ 

  38. Min, B., Varadharajan, V.: Design, implementation and evaluation of a novel anti-virus parasitic malware. In: Proceedings of SAC 2015, pp. 2127ā€“2133 (2015)

    Google ScholarĀ 

  39. Miluzzo, E., Varshavsky, A., Balakrishnan, S., Choudhury, R.R.: TapPrints: your finger taps have fingerprints. In: Proceedings of MobiSys, New York, NY, USA, pp. 323ā€“336 (2012)

    Google ScholarĀ 

  40. Nguyen, G., Nguyen, B.M., Tran, D., Hluchy, L.: A heuristics approach to mine behavioural data logs in mobile malware detection system. Data Knowl. Eng. 115, 129ā€“151 (2018)

    ArticleĀ  Google ScholarĀ 

  41. Owusu, E., Han, J., Das, S., Perrig, A., Zhang, J.: ACCessory: password inference using accelerometers on smartphones. In: Proceedings of the 12th Workshop on Mobile Computing Systems & Applications (HotMobile), pp. 1ā€“6. ACM, New York (2012)

    Google ScholarĀ 

  42. Peng, S., Yu, S., Yang, A.: Smartphone malware and its propagation modeling: a survey. IEEE Commun. Surv. Tutor. 16(2), 925ā€“941 (2014)

    ArticleĀ  Google ScholarĀ 

  43. Raguram, R., White, A.M., Goswami, D., Monrose, F., Frahm, J.-M.: iSpy: automatic reconstruction of typed input from compromising reflections. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS), pp. 527ā€“536. ACM, New York (2011)

    Google ScholarĀ 

  44. Rastogi, V., Chen, Y., Jiang, X.: DroidChameleon: evaluating Android anti-malware against transformation attacks. In: Proceedings of AsiaCCS, pp. 329ā€“334 (2013)

    Google ScholarĀ 

  45. Rudd, E.M., Rozsa, A., Ganther, M., Boult, T.E.: A survey of stealth malware attacks, mitigation measures, and steps toward autonomous open world solutions. IEEE Commun. Surv. Tutor. 19(2), 1145ā€“1172 (2017)

    ArticleĀ  Google ScholarĀ 

  46. Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: a stealthy and context-aware sound trojan for smartphones. In: Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, pp. 17ā€“33 (2011)

    Google ScholarĀ 

  47. Sen, S., Aydogan, E., Aysan, A.I.: Coevolution of mobile malware and anti-malware. IEEE Trans. Inf. Forensics Secur. 13(10), 2563ā€“2574 (2018)

    ArticleĀ  Google ScholarĀ 

  48. Spolaor, R., Abudahi, L., Moonsamy, V., Conti, M., Poovendran, R.: No free charge theorem: a covert channel viaĀ USB charging cable on mobile devices. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 83ā€“102. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61204-1_5

    ChapterĀ  Google ScholarĀ 

  49. SQLite. https://www.sqlite.org/

  50. Talal, M., et al.: Comprehensive review and analysis of anti-malware apps for smartphones. Telecommun. Syst. 72(2), 285ā€“337 (2019)

    ArticleĀ  Google ScholarĀ 

  51. Vuagnoux, M., Pasini, S.: Compromising electromagnetic emanations of wired and wireless keyboards. In: Proceedings of the 18th Conference on USENIX Security Symposium, pp. 1ā€“16 (2009)

    Google ScholarĀ 

  52. VirusTotal: Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community. https://www.virustotal.com/#/home/upload

  53. Wressnegger, C., Freeman, K., Yamaguchi, F., Rieck, K.: Automatically inferring malware signatures for anti-virus assisted attacks. In: Proceedings of AsiaCCS, pp. 587ā€“598 (2017)

    Google ScholarĀ 

  54. Xing, L., Pan, X., Wang, R., Yuan, K., Wang, X.: Upgrading your Android, elevating my malware: privilege escalation through mobile OS updating. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, pp. 393ā€“408 (2014)

    Google ScholarĀ 

  55. Xu, N., Zhang, F., Luo, Y., Jia, W., Xuan, D., Teng, J.: Stealthy video capturer: a new video-based spyware in 3G smartphones. In: Proceedings of the 2nd ACM Conference on Wireless Network Security (WiSec), pp. 69ā€“78 (2009)

    Google ScholarĀ 

  56. Ye, Y., Li, T., Adjeroh, D.A., Iyengar, S.S.: A survey on malware detection using data mining techniques. ACM Comput. Surv. 50(3), 41:1ā€“41:40 (2017)

    ArticleĀ  Google ScholarĀ 

  57. Zhuang, L., Zhou, F., Tygar, J.D.: Keyboard acoustic emanations revisited. ACM Trans. Inf. Syst. Secur. 13(1), 1ā€“26 (2009)

    ArticleĀ  Google ScholarĀ 

Download references

Acknowledgments

Weizhi Meng was partially supported by H2020-SU-ICT-03-2018: CyberSec4Europe with No. 830929, and National Natural Science Foundation of China (No. 61802077). Chunhua Su is supported by JSPS Kiban(B) 18H03240 and JSPS Kiban(C) 18K11298.

Author information

Authors and Affiliations

  1. CyberTech, Hong Kong, China

    Hao Jiang

  2. Department of Applied Mathematics and Computer Science, Technical University of Denmark, Kongens Lyngby, Denmark

    Hao JiangĀ &Ā Weizhi Meng

  3. Department of Computer Science, Guangzhou University, Guangzhou, China

    Weizhi Meng

  4. The University of Aizu, Aizuwakamatsu, Japan

    Chunhua Su

  5. The University of Texas at San Antonio, San Antonio, USA

    Kim-Kwang Raymond Choo

Authors
  1. Hao Jiang
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  2. Weizhi Meng
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  3. Chunhua Su
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  4. Kim-Kwang Raymond Choo
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

Corresponding author

Correspondence to Weizhi Meng .

Editor information

Editors and Affiliations

  1. College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Zhe Liu

  2. Computer Science Department, Columbia University, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

Ā© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Jiang, H., Meng, W., Su, C., Choo, KK.R. (2020). CAVAEva: An Engineering Platform forĀ Evaluating Commercial Anti-malware Applications on Smartphones. In: Liu, Z., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2019. Lecture Notes in Computer Science(), vol 12020. Springer, Cham. https://doi.org/10.1007/978-3-030-42921-8_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42921-8_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42920-1

  • Online ISBN: 978-3-030-42921-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation