Introduction to SinJAR (a New Tool for Reverse Engineering Java Applications) and Tracing its Malicious Actions using Hidden Markov Models

PDF

Authors
  1. Fattahi, J.
  2. Mejri, M.
  3. Ziadia, M.
  4. Pricop, E.
  5. Samoud, O.
Corporate Authors
Defence Research and Development Canada, Valcartier Research Centre, Quebec QC (CAN);Laval Univ, Ste-Foy Que (CAN) Department of Computer Science and Software Engineering
Abstract
In this paper, we are proposing a new tool for reversing Java applications called SinJAR. SinJAR is a lightweight software written in Java aiming at inspecting bytecode at compile time and producing the structure tree of a targeted application. Besides, it is able to detect vulnerabilities and security weaknesses inside the Java code. SinJAR can be used for two purposes. The first one is sane and consists in using it to verify whether or not an application is safe and compliant with its specification. The second one is malicious and consists in spying applications through their bytecode and exploiting vulnerabilities that they may enclose. In this paper, we will show how to detect SinJAR malicious actions after showing the capabilities of the tool through few ad hoc attack scenarios conducted in a real military context.
Keywords
Cyber threat;cyber attack;Java
Report Number
DRDC-RDDC-2017-P118 — External Literature
Date of publication
01 Dec 2017
Number of Pages
17
Reprinted from
Frontiers in Artificial Intelligence and Applications, Vol 297, p. 441 - 453
DSTKIM No
CA045501
CANDIS No
805916
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: