[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.7472/jksii.2018.19.3.1

Method to Analyze Information Leakage Malware using SSL Communication in Android Platform

Cho, Gilsu (Computer Science and Engineering, Chungnam National University)
Kim, Sangwho (Computer Science and Engineering, Chungnam National University)
Ryou, Jaecheol (Computer Science and Engineering, Chungnam National University)

Publication Information

Journal of Internet Computing and Services / v.19, no.3, 2018 , pp. 1-6 More about this Journal

Abstract

Widely used around the world, smartphones contain many features and can store content such as contacts, photos, and videos. Information that can be leaked in proportion to the information that the smartphone can store has also been increased. In recent years, accidents such as personal information leakage have occurred frequently. Personal information leakage is happening in the Android environment, which accounts for more than half of the smartphone operating system market share. Analyzing malicious apps that leak information can tell you how to prevent information leakage. Malicious apps that leak information will send importantinformation to the hacker's (C & C) server, which will use network communication. Malicious apps that are emerging nowadays encrypt and transmit important information through SSL communication. In this case, it is difficult to knowwhat kind of information is exposed to network. Therefore, we suggest a method to analyze malicious apps when leak important information through SSL communication. In this paper, we identify the way malicious apps leak information. And we propose a method for analyzing information leaked by SSL communication. Data before encryption was confirmed in the device through SSL hooking and SSL Strip method.

Keywords

Android; Information leakage; network packet monitoring; SSL; malware;

Citations & Related Records

Times Cited By KSCI : 4 (Citation Analysis)

Reference
Cited By KSCI

1	Wekipedia, Hooking, 2017, https://ko.wikipedia.org/wiki/hooking
2	Hijack, adbi -The Android Dynamic Binary Instrumentation Toolkit, 2015, https://github.com/crmulliner/adbi
3	Google, Security-Enhanced linux in Android, 2017, https://source.android.com/security/selinux
4	Shubair Abdulla and Altyeb Altaher, "Intelligent Approach for Android Malware Detection," KSII Transactions on Internet and Information System, vol. 9, no.8, pp. 2964-2983, 2015. https://doi.org/10.3837/tiis.2015.08.012 DOI
5	Yilin Ye, Lifa Wu, Zheng Hong and Kangyu Huang, "A Risk Classification Based Approach for Android Malware Detection," KSII Transactions on Internet and Information Systems, vol. 11, no.2 pp.958-981, 2017. https://doi.org/10.3837/tiis.2017.02.018 DOI
6	Xi Xiao, Zhenlog Wang, Qi Li, Qing Li and Yong Jiang, "ANNs on Co-occurrence Matrices for Mobile Malware Detection," KSII Transactions on Internet and Information Systems, vol. 9, no. 7, pp. 2736-2754, 2015. https://doi.org/10.3837/tiss.2015.07.023 DOI
7	Tae-kyung Ju, Weon Shin. "A New Filtering System against the Disclosure of Sensitive Internal Informaiton" Journal of the Korea Institute of Information and Communication Engineering, 19(5): 1137-1143, May, 2015. DOI
8	Iland D.; Pucher A.; Schauble T. Detecting Android Malware on Network Level. University of California, Santa Barbara, Dec. 2011.
9	Seven Shen, Android Malware Use SSL for Evasion, 2014, http://blog.trendmicro.com/trendlabs-security-intelligence/android-malware-use-ssl-for-evasion/