Klein, Jacques[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
23-May-2022
19th International Conference on Mining Software Repositories, Data Showcase, (MSR 2022)
Yes
No
International
Luxembourg
Luxembourg
19th International Conference on Mining Software Repositories, Data Showcase, (MSR 2022)
From 23/05/2022 to 24/05/2022
Pittsburgh
USA
[en] Dataset ; Android Security ; Logic bomb
[en] Many Android apps analyzers rely, among other techniques, on dynamic analysis to monitor their runtime behavior and detect potential security threats. However, malicious developers use subtle, though efficient, techniques to bypass dynamic analyzers. Logic bombs are examples of popular techniques where the malicious code is triggered only under specific circumstances, challenging comprehensive dynamic analyses. The research community has proposed various approaches and tools to detect logic bombs. Unfortunately, rigorous assessment and fair comparison of state-of-the-art techniques are impossible due to the lack of ground truth. In this paper, we present TriggerZoo, a new dataset of 406 Android apps containing logic bombs and benign trigger-based behavior that we release only to the research community using authenticated API. These apps are real-world apps from Google Play that have been automatically infected by our tool AndroBomb. The injected pieces of code implementing the logic bombs cover a large pallet of realistic logic bomb types that we have manually characterized from a set of real logic bombs. Researchers can exploit this dataset as ground truth to assess their approaches and provide comparisons against other tools.
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Trustworthy Software Engineering (TruX)
[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
