Skip to Main content Skip to Navigation

Caractérisation et détection de malware Android basées sur les flux d'information.

Radoniaina Andriatsimandefitra Ratsisahanana 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : : Information flows are information exchanges between objects in a given environment. At system level, information flows involving data belonging to a given application describe how this application disseminates its data in the system and can be considered as behaviour based profile of the application. Because of the increasing number of Android malware, there is an urgent need to explore new approaches to analyse and detect Android malware. In this thesis, we thus propose an approach to characterize and detect Android malware based on information flows they cause in the system. This approach leverages two other contributions of the thesis which are AndroBlare, the Android version of an information flow monitor named Blare, and the system flow graph, a data structure to represent in a compact and human readable way the information flows observed by AndroBlare. We successfully evaluated our approach by building the profile of 4 different malware and showed that these profiles permitted to detect the execution of applications infected by malware for which we have computed a profile.
Complete list of metadatas
Contributor : Abes Star :  Contact
Submitted on : Saturday, March 7, 2015 - 2:33:27 AM
Last modification on : Monday, May 11, 2020 - 12:33:52 PM
Document(s) archivé(s) le : Monday, June 8, 2015 - 2:36:48 PM


Version validated by the jury (STAR)


  • HAL Id : tel-01127434, version 1


Radoniaina Andriatsimandefitra Ratsisahanana. Caractérisation et détection de malware Android basées sur les flux d'information.. Autre. Supélec, 2014. Français. ⟨NNT : 2014SUPL0025⟩. ⟨tel-01127434⟩



Record views


Files downloads