Researchers at Hanyang University in South Korea and Indiana University developed a method of detecting malicious apps that sneak through Apple's App Store screening process and onto some users’ phones.
The researchers created a tool called CHAMELEON-HUNTER that analyzes the coding of apps. The team tested the tool against more than 28,000 apps in Apple’s App Store over a six-month period, and discovered 142 malicious apps.
CHAMELEON-HUNTER uses two techniques for detection: one that utilizes an app’s multiple user interfaces to detect a Chameleon app; and the other analyzes semantics within the app's code, searching for unusual phrases.
Said Indiana University’s Xueqiang Wang, “Our approach is only useful when the hidden user interfaces are already embedded in the app. However, there are other approaches adversaries can utilize to introduce hidden user interfaces.”
From IEEE Spectrum
View Full Article
Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA