4

Dissecting Android Cryptocurrency Miners

Cryptojacking applications pose a serious threat to mobile devices. Due to the extensive computations, they deplete the battery fast and can even damage the device. In this work we make a step towards combating this threat. We collected and manually …

Sorting the Garbage: Filtering Out DRDoS Amplification Traffic in ISP Networks

Distributed Reflected Denial of Service (DRDoS) attacks have been continuing to grow unprecedentedly in the recent years. Attackers abuse genuine services running some application protocols built over UDP to generate amplified traffic targeting …

Profiling DRDoS Attacks with Data Analytics Pipeline

A large amount of Distributed Reflective Denial-of-Service (DRDoS) attacks are launched every day, and our understanding of the modus operandi of their perpetrators is yet very limited as we are submerged with so Big Data to analyze and do not have …

Please Hold On: Unobtrusive User Authentication Using Smartphone's Built-in Sensors

Smartphones provide anytime-anywhere communications and are being increasingly used for a variety of purposes, e.g, sending email, performing online transactions, connecting with friends and acquaintances over social networks. As a result, a …

Visualization of Actionable Knowledge to Mitigate DRDoS Attacks

Distributed Reflective Denial of Service attacks (DRDoS) represent an ever growing security threat. These attacks are characterized by spoofed UDP traffic that is sent to genuine machines, called amplifiers, whose response to the spoofed IP, i.e. the …

Evaluation of Resource-based App Repackaging Detection in Android

Android app repackaging threatens the health of application markets, as repackaged apps, besides stealing revenue for honest developers, are also a source of malware distribution. Techniques that rely on visual similarity of Android apps recently …

Small Changes, Big Changes: An Updated View on the Android Permission System

Since the appearance of Android, its permission system was central to many studies of Android security. For a long time, the description of the architecture provided by Enck et al. was immutably used in various research papers. The introduction of …

Towards Black Box Testing of Android Apps

Many state-of-art mobile application testing frameworks (e.g., Dynodroid, EvoDroid) enjoy Emma or other code coverage libraries to measure the coverage achieved. The underlying assumption for these frameworks is availability of the app source code. …

StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications

Static analysis of Android applications can be hindered by the presence of the popular dynamic code update techniques: dynamic class loading and reflection. Recent Android malware samples do actually use these mechanisms to conceal their malicious …

FSquaDRA: Fast Detection of Repackaged Applications

The ease of Android applications repackaging and proliferation of application clones in Google Play and other markets call for new effective techniques to detect repackaged code and combat distribution of cloned applications. Today all existing …