Dr. Sencun Zhu
Department of Computer Science and Engineering, The Pennsylvania State University
New and Effective Approaches for Android Malware Detection and Analysis
Abstract: The fast growth of smartphone markets in the past decade was also accompanied with a vast number of security attacks by mobile malware. To defeat malware attacks, over the years the research community and the anti-virus industry have developed many sophisticated algorithms and tools, especially for Android malware detection and analysis. Yet, in the arms race, malware developers have advanced their techniques to evade detection and analysis (e.g., via obfuscation and logic bombs). In our research, we aim to answer two research questions. First, is it possible to detect new malware even before it spreads in the real world (referred to as negative-day malware), and if so, how? Second, given a malware app, how do we uncover its hidden malicious behaviors? In this talk, I will introduce our approaches for tackling the above problems. Specifically, observing that malware developers often use a public malware scanning platform like VirusTotal to test the stealthiness of their malware samples, we will take a large-scale study of malware samples in the scanning platform, and design an effective approach to detecting negative-day malware. In addition, when analyzing the behavior of malware samples, we will augment fuzzing with forced execution techniques to trigger many more hidden behavior of malware samples than previous approaches can.
Biography: Sencun Zhu is an associate professor of Department of Computer Science and Engineering (CSE) and College of Information Sciences and Technology at The Pennsylvania State University (PSU). He received the B.S. degree in precision instruments from Tsinghua University, Beijing, China, the M.S. degree in signal processing from the University of Science and Technology of China, Graduate School at Beijing, China, and the Ph.D. degree in information technology from George Mason University, VA, USA, in 1996, 1999, and 2004, respectively. His research interests include wireless and mobile security, software and network security, fraud detection, and user online safety and privacy. His research has been funded by National Science Foundation, National Security Agency, and Army Research Office/Lab. He received NSF Career Award in 2007 and a Google Faculty Research Award in 2013. More details of his research can be found in http://www.cse.psu.edu/~sxz16/.