Enck Wins Best Paper Award at WiSec '13
Congratulations to Dr. Will Enck, assistant professor of computer science in the NC State Department of Computer Science, for winning the Best Paper Award at the 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec ’13) held in Budapest, Hungary on April 17-19, 2013.
The winning paper, titled “MAST: Triage for Market-scale Mobile Malware Analysis,” was co-authored by Saurabh Chakardeo, and Brad Reaves, computer science doctoral students at Georgia Tech, and Patrick Traynor, assistant professor of computer science at Georgia Tech. The abstract follows:
Malware is a pressing concern for mobile application market operators. While current mitigation techniques are keeping pace with the relatively infrequent presence of malicious code, the rapidly increasing rate of application development makes manual and resource-intensive automated analysis costly at market-scale. To address this resource imbalance, we present the Mobile Application Security Triage (MAST) architecture, a tool that helps to direct scarce malware analysis resources towards the applications with the greatest potential to exhibit malicious behavior. MAST analyzes attributes extracted from just the application package using Multiple Correspondence Analysis (MCA), a statistical method that measures the correlation between multiple categorical (i.e., qualitative) data. We train MAST using over 15,000 applications from Google Play and a dataset of 732 known-malicious applications. We then use MAST to perform triage on three third-party markets of different size and malware composition—36,710 applications in total.
Our experiments show that MAST is both effective and performant. Using MAST ordered ranking, malware-analysis tools can find 95% of malware at the cost of analyzing 13% of the non-malicious applications on average across multiple markets, and MAST triage processes markets in less than a quarter of the time required to perform signature detection. More importantly, we show that successful triage can dramatically reduce the costs of removing malicious applications from markets.
To read the award-winning paper, click here.
About WiSec: WiSec has been broadening its scope and seeks to present high quality research papers exploring security and privacy aspects of wireless communications, mobile networks, and their applications. Beyond the traditional Wisec staples of physical, link, and network layer security, we also welcome papers focusing on the security and privacy of mobile software platforms and the increasingly diverse range of mobile or wireless applications. The conference welcomes both theoretical as well as systems contributions.
Return To News Homepage