A Novel Approach to Detect Tampered Wireless Network Applications

Author

Clincy, Victor ; Shahriar, Hossain

Author_Institution

Coll. of Comput. & Software Eng., Kennesaw State Univ., Kennesaw, GA, USA

fYear

2015

fDate

13-15 April 2015

Firstpage

197

Lastpage

199

Abstract

The end users rely on wireless networks in obtaining legitimate updated applications to install on their wireless devices. If the application that is being updated and distributed is not encrypted, or encrypted with weak algorithms, the attacker can possibly intercept the application and inject malicious code into the application. This paper presents a novel detection approach to identify application updates that have been tampered with while being distributed via a wireless network. The approach makes use of the Kull back-Leibler Divergence (KLD) metric. Our approach builds the population distribution of a legitimate and tampered with application based on a set of opcodes. A larger KLD value indicates that an application is dissimilar compared to its original application, hence likely got tampered with.

Keywords

cryptography; radio networks; telecommunication security; Kull back-Leibler divergence metric; malicious code; tampered wireless network application detection; wireless network security; Communication system security; Security; Smart phones; Sociology; Statistics; Wireless networks; Android Malware; Application Security; Information theory; Kullback-Leibler divergence; Malware; Network Security Threats; Wireless Network Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology - New Generations (ITNG), 2015 12th International Conference on

Conference_Location

Las Vegas, NV

Print_ISBN

978-1-4799-8827-3

Type

conf

DOI

10.1109/ITNG.2015.37

Filename

7113472