PREC: A Tool To Prevent Malware On Android OS - NCSU Research
In this e-world, everyone wants to secure their electronic devices such as smartphones or tablets and want to remain uninfected by viruses and malware. For this purpose we have mobile security applications to prevent our smartphones from getting infected by viruses and malwares. But these applications are not efficient and make user-experience of the smartphone dull (by consuming more RAM). To tackle this issue, researchers from North Carolina State University have developed a new tool named “Practical Root Exploit Containment†to detect and prevent malware in downloaded applications, which tries to root exploit in Android devices.
Root exploits take control of system administration functions of the operating system (Android, in this case). If a hacker successfully root exploits an Android smartphone then, it gives hacker an unrestricted control of user’s smartphone. The PREC tool is developed for the sole purpose of preventing root exploits done by malware. This tool improves the existing technique called 'anomaly detection' which is used to compare the behavior of particular smartphone's application. This technique will check whether the application is behaving properly (as expected) or not. If there is any change in the normal behavior of application, the anomaly detection technique reports the unexpected behavior. With this new tool called 'PREC', the researchers have been able to analyze the problem and check whether the unexpected behavior is malicious or harmless ’false positives’.
PREC targets the code written in C language, which is usually used by hackers to create malware. According to the co-author of this research paper Dr. Will Enck, anomaly detection technique is old and reports lots of false positives. Enck says they are focusing solely on C-code which helps to write this Android root exploits. Other co-author of this research paper Dr. Helen Gu believes, this approach will drive down the number of false positives reported, reduce the disturbances faced by user and make anomaly detection efficient.
Many application vendors upload their product for malicious purposes. Malware programmers have developed techniques that hide malware until the application is installed on the smartphone. Researchers want to take advantage of vendor’s screening efforts to create database of application’s normal behavior, by introducing PREC software into their application’s assessment. The research team also assures that PREC software will not affect the screening process by creating external database for storing application's normal behavior.
What do you think about the new tool? Share with us in comments.
Source: #-Link-Snipped-#
Root exploits take control of system administration functions of the operating system (Android, in this case). If a hacker successfully root exploits an Android smartphone then, it gives hacker an unrestricted control of user’s smartphone. The PREC tool is developed for the sole purpose of preventing root exploits done by malware. This tool improves the existing technique called 'anomaly detection' which is used to compare the behavior of particular smartphone's application. This technique will check whether the application is behaving properly (as expected) or not. If there is any change in the normal behavior of application, the anomaly detection technique reports the unexpected behavior. With this new tool called 'PREC', the researchers have been able to analyze the problem and check whether the unexpected behavior is malicious or harmless ’false positives’.
PREC targets the code written in C language, which is usually used by hackers to create malware. According to the co-author of this research paper Dr. Will Enck, anomaly detection technique is old and reports lots of false positives. Enck says they are focusing solely on C-code which helps to write this Android root exploits. Other co-author of this research paper Dr. Helen Gu believes, this approach will drive down the number of false positives reported, reduce the disturbances faced by user and make anomaly detection efficient.
Many application vendors upload their product for malicious purposes. Malware programmers have developed techniques that hide malware until the application is installed on the smartphone. Researchers want to take advantage of vendor’s screening efforts to create database of application’s normal behavior, by introducing PREC software into their application’s assessment. The research team also assures that PREC software will not affect the screening process by creating external database for storing application's normal behavior.
What do you think about the new tool? Share with us in comments.
Source: #-Link-Snipped-#
Replies
-
Chirayu SamarthWe'll have to wait and see if this tool can handle all kinds of malware attacks...
You are reading an archived discussion.
Related Posts
Sony has today launched its mid-budget Android smartphone called the 'Sony Xperia E1' along with its dual-sim variant - 'Sony Xperia E1 Dual' in India. Both the phones have the...
I just had a call with a friend enquiring where he was for a long time. What he said was shocking and I really didn't know how to react or...
Roku, the maker of popular set-top boxes, has officially launched an updated version of its Streaming Stick clearly aiming to take on its potential rival Google's Chromecast. It is a...
Abhijit Dey submitted a new project:
LyfeLog - Social Network for Android (Coming soon to iOS) - Log your life. Connect with friends. Follow your passion... Like never before...
LyfeLog...
Piaggio, the Italian automobile brand, has launched a brand new two-wheeler in India with 'Vespa S'. We believe that the S in name stands for its sporty styling. Oh well,...