Full metadata record
DC FieldValueLanguage
dc.contributorDepartment of Computingen_US
dc.contributor.advisorLuo, Xiapu (COMP)en_US
dc.creatorZhou, Hao-
dc.identifier.urihttps://theses.lib.polyu.edu.hk/handle/200/12119-
dc.languageEnglishen_US
dc.publisherHong Kong Polytechnic Universityen_US
dc.rightsAll rights reserveden_US
dc.titleDefending against stealthy mobile unwanted appsen_US
dcterms.abstractAndroid has become the most popular mobile operating system, and billions of Android apps have been downloaded from either the official or third-party markets. Unfortunately, not all apps are benign, and defending against stealthy unwanted apps is essential for keeping the app ecosystem healthy.en_US
dcterms.abstractAlthough numerous work has been proposed to defend against unwanted apps, which negatively impact mobile devices and users in terms of user privacy, user experience, and device performance, the research community still lacks of comprehensive studies on (1) analyzing behaviors of unwanted apps; (2) investigating access control mechanism of Android system, which facilitates the detection of permission misuse in unwanted apps; and (3) evaluating security testing solutions against unwanted apps.en_US
dcterms.abstractTo disclose stealthy and potential harmful behaviors of unwanted apps, we propose two approaches to demystify diehard behaviors of unwanted apps, which prolong liveness of unwanted apps on mobile devices to drain the device battery, and analyze packing behaviors of unwanted apps, which prevent malicious bytecode of unwanted apps to be analyzed to evade detection. Specially, we take a first step to systematically investigate diehard apps and diehard methods. In particular, we conduct a semi-automated analysis to illustrate insights why existing methods to kill app processes could be evaded, and then systematically present 12 diehard methods. After that, we develop a tool named DiehardDetector to detect diehard apps in a large scale. In addition, we propose a novel hardware-assisted approach and implement a tool named Happer to identify packing behaviors and unpack packed apps. Specifically, Happer first monitors the packing behaviors and then selects the proper approach to unpack the packed apps. We also design a domain-specific language for the ease of extending Happer to support the identification of new packing behaviors.en_US
dcterms.abstractTo facilitate the detection of permission misuse in unwanted apps, we design two new methods to build permission specification for Android NDK and uncover the inconsistent access control enforcement across the Java context and native context of Android. Specifically, we conduct the first permission specification analysis for Android NDK. In particular, to automatically generate the permission specification for Android NDK, we design and develop PSGen, a new tool that statically analyzes the implementation of Android framework and Android kernel to correlate native framework APIs with their required permissions. Moreover, we conduct the first systematic investigation on the cross-context inconsistent access control enforcement in Android. Precisely, to automatically discover cross-context inconsistencies, we design and implement IAceFinder, a new tool that extracts and contrasts the access control enforced in the Java context and native context of Android.en_US
dcterms.abstractComplementing to evaluating security testing solutions against unwanted apps, we take a first step to systematically investigate UI obfuscation for Android apps and its effects on automated UI analysis. In particular, we point out the weaknesses in existing automated UI analysis methods and design 9 UI obfuscation approaches. We implement these approaches in a new tool named UIObfuscator after tackling several technical challenges. Moreover, we feed 3 kinds of tools that rely on automated UI analysis with the apps protected by UIObfuscator, and find that their performances severely drop. This work reveals limitations of automated UI analysis and sheds light on app protection techniques.en_US
dcterms.extentxxi, 229 pages : color illustrationsen_US
dcterms.isPartOfPolyU Electronic Thesesen_US
dcterms.issued2022en_US
dcterms.educationalLevelPh.D.en_US
dcterms.educationalLevelAll Doctorateen_US
dcterms.LCSHAndroid (Electronic resource)en_US
dcterms.LCSHSmartphonesApplication softwareen_US
dcterms.LCSHHong Kong Polytechnic University -- Dissertationsen_US
dcterms.accessRightsopen accessen_US

Files in This Item:
File Description SizeFormat 
6583.pdfFor All Users7.74 MBAdobe PDFView/Open


Copyright Undertaking

As a bona fide Library user, I declare that:

  1. I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
  2. I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
  3. I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.

By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.

Show simple item record

Please use this identifier to cite or link to this item: https://theses.lib.polyu.edu.hk/handle/200/12119