Mining Sandboxes

Jamrozik, Konrad and Styp-Rekowsky, Philipp von and Zeller, Andreas
(2016) Mining Sandboxes.
In: Proceedings of the 38th International Conference on Software Engineering.
Conference: ICSE International Conference on Software Engineering

Full text not available from this repository.

Abstract

We present sandbox mining, a technique to confine an application to resources accessed during automatic testing. Sandbox mining first explores software behavior by means of automatic test generation, and extracts the set of resources accessed during these tests. This set is then used as a sandbox, blocking access to resources not used during testing. The mined sandbox thus protects against behavior changes such as the activation of latent malware, infections, targeted attacks, or malicious updates. The use of test generation makes sandbox mining a fully automatic process that can be run by vendors and end users alike. Our BOXMATE prototype requires less than one hour to extract a sandbox from an Android app, with few to no confirmations required for frequently used functionality.

Item Type: Conference or Workshop Item (A Paper) (Paper)
Additional Information: pub_id: 1029 Bibtex: Jamrozik:2016:MS:2884781.2884782 URL date: None
Uncontrolled Keywords: sandbox mining dynamic analysis
Divisions: Andreas Zeller (Software Engineering, ST)
Conference: ICSE International Conference on Software Engineering
Depositing User: Sebastian Weisgerber
Date Deposited: 26 Jul 2017 10:30
Last Modified: 18 Jul 2019 12:12
Primary Research Area: NRA5: Empirical & Behavioral Security
URI: https://publications.cispa.saarland/id/eprint/614

Actions

Actions (login required)

View Item View Item
CISPA is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.