Title:Mobile Malware Detection in Big-Data Era
Abstract:It is reported recently that legitimate libraries are repackaged for propagating malware. An in-depth analysis of such potentially-harmful libraries (PhaLibs), however, has never been done before, due to the challenges in identifying those libraries whose code can be unavailable online. In this talk, we show that through effective analysis of over a million Android apps, previously unknown PHAs can be detected within a few seconds, without resorting to conventional Anti-Virus means such as signatures and behavior patterns. Also, we made the first in-depth analysis on potentially-harmful libraries (PhaLibs) on mobile platforms, especially iOS platform, which has never been done before due to the challenges in identifying those libraries whose code can be unavailable online and no publicly available anti-virus (AV) systems for detecting iOS PHAs.
We also demonstrate how to capture PHAs on the communication service provider (CSP, including carriers and ISPs) level. A CSP-level scan faces an enormous challenge: hundreds of millions of apps are installed everyday; retaining their download traffic to construct their packages entails a huge burden on the CSP side. In this talk, we present an innovative “app baleen” (called Abaleen) framework to solve this problem, for an on-line security vetting of an extremely large number of app downloads..
Time: 10:00-12:00 am on September 29, 2017
Venue: Room 112, the Computer Building
Bio: Dr. Kai Chen is a professor in Institute of Information Engineering, Chinese Academy of Sciences. He received his Ph.D. in University of Chinese Academy of Sciences in 2010, and has since then joined Chinese Academy of Sciences as a faculty member. His work focuses on system and software security, and privacy. He has been publishing high-impact research across top security/SE venues like IEEE S&P, USENIX Security, ACM CCS, ICSE, ASE, RAID, DSN, MobiSys, TRE. His work frequently receives attention from media, including CNN, Threatpost, SCMagazine, etc.
