-
CS Colloquium: Heng Yin (Syracuse University) - A Semantics-Centric Approach to Fight Android Malware
Mon, Feb 08, 2016 @ 11:00 AM - 12:00 PM
Thomas Lord Department of Computer Science
Conferences, Lectures, & Seminars
Speaker: Heng Yin, Syracuse University
Talk Title: A Semantics-Centric Approach to Fight Android Malware
Series: CS Colloquium
Abstract: This lecture satisfies requirements for CSCI 591: Computer Science Research Colloquium
The number of new Android malware instances has grown exponentially in recent years. McAfee reports that 2.47 million new mobile malware samples were collected in 2013, which represents a 197% increase over 2012. Greater and greater amounts of manual effort are required to analyze the increasing number of new malware instances. This has led to a strong interest in developing methods to automate the malware analysis process. In this talk, I will present a series of semantics-centric techniques to fight Android malware. First of all, we need a powerful analysis framework to quickly understand the inner-working of a given malware sample. To this end, we developed a virtualization-based analysis framework called DroidScope, which can seamlessly reconstruct both OS and Java level semantic views to provide a holistic view of a malware attack. Moreover, we need to automatically classify malware samples by their functionalities and behaviors and discover zero-day malware. We proposed a new semantics-based technique for malware classification, by capturing the semantics-level behavior of an app in form of ``Weighted Contextual API Dependency Graphs". Then by computing the similarity between these graphs, we can accurately and reliably detect malware variants and zero-day malware. Furthermore, we believe that malware detection can be more effective by getting end users into the loop. In particular, we developed a new technique that can automatically generate human-readable descriptions of a given app, such that any unexpected descriptions will cause suspicions and flagged by end users. To encourage wide adoption and follow-up research, these research products are available in form of source code release and/or web services.
Biography: Heng Yin is an Associate Professor in the department of Electrical Engineering and Computer Science at Syracuse University. His research interests mainly lie in computer security. In particular, he is interested in applying program analysis techniques and virtualization techniques to improve software and system security and defeat malware attacks. He earned his PhD degree in Computer Science from the College of William and Mary in July 2009. He was a main contributor in BitBlaze team at UC Berkeley before joining Syracuse University. In 2011, he received NSF Career award.
Host: CS Department
Location: Olin Hall of Engineering (OHE) - 136
Audiences: Everyone Is Invited
Contact: Assistant to CS chair
