Volume 11 - Issue 3
D-BRIDEMAID: A Distributed Framework for Collaborative and Dynamic Analysis of Android Malware
- Antonio La Marra
Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche
Antonio.lamarra@iit.cnr.it
- Fabio Martinelli
Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche
fabio.martinelli@iit.cnr.it
- Francesco Mercaldo
Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche
francesco.mercaldo@iit.cnr.it
- Andrea Saracino
Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche
andrea.saracino@iit.cnr.it
- Mina Sheikhalishahi
Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche
mina.sheikhalishahi@iit.cnr.it
Keywords: mobile security, collaborative analysis, dynamic analysis, Android
Abstract
Android malware are currently the only practical vector to bring security attacks to smartphone and
tablets. Malware detection and prevention of zero day attacks requires a prompt analysis, which
would benefit in terms of timeliness and accuracy, from being collaborative. This paper presents
D-BRIDEMAID a reputation-based framework able to analyse Android applications, with the aim to
exploit an hybrid static/dynamic framework for malware analysis to initiate a distributed app evaluation,
involving real users willing to test the security features of an app on their device. This work
focuses on the definition of the collaborative protocol, the reputation based incentive system and the
models to compute revenue for users and security of apps. Simulative and real world experiments
are presented to validate the model.