Analysis and Detection of Malicious Behaviors in Repackaged Android Applications
نویسندگان
چکیده
Context Over the past decades malware authorship grew to become a profession. Nowadays, there exists a plethora of malware instances that span various targets, structures, motivations, and objectives [1]. Despite the different objectives they pursue, the majority of malware authors strive to prolong the period of time their instances remain operational within the infected system. In this context, malware instances are designed to evade the detection mechanisms employed by antiviral software. It is, therefore, not uncommon for modern malware to obfuscate its internal structure, alter its runtime behavior, trigger its malicious intents upon the realization of preset conditions or mimic the behavior of a benign application to evade detection [4].
منابع مشابه
Identifying android malicious repackaged applications by thread-grained system call sequences
Android security has become highly desirable since adversaries can easily repackage malicious codes into various benign applications and spread these malicious repackaged applications (MRAs). Most MRA detection mechanisms on Android focus on detecting a specific family of MRAs or requiring the original benign application to compare with the malicious ones. This work proposes a new mechanism, SC...
متن کاملKullback-Leibler Divergence Based Detection of Repackaged Android Malware
Android applications are widely used by millions of users to perform many activities. Unfortunately, legitimate and popular applications are targeted by malware authors and they repackage the existing applications by injecting additional code intended to perform malicious activities without the knowledge of end users. Thus, it is important to validate applications for possible repackaging befor...
متن کاملExploitation and Detection of a Malicious Mobile Application
Mobile devices are increasingly being embraced by both organizations and individuals in today’s society. Specifically, Android devices have been the prominent mobile device OS for several years. This continued amalgamation creates an environment that is an attractive attack target. The heightened integration of these devices prompts an investigation into the viability of maintaining non-comprom...
متن کاملFSquaDRA: Fast Detection of Repackaged Applications
The ease of Android applications repackaging and proliferation of application clones in Google Play and other markets call for new effective techniques to detect repackaged code and combat distribution of cloned applications. Today all existing techniques for repackaging detection are based on code similarity or feature (e.g., permission set) similarity evaluation. We propose a new approach to ...
متن کاملEight Years of Rider Measurement in the Android Malware Ecosystem: Evolution and Lessons Learned
Despite the growing threat posed by Android malware, the research community is still lacking a comprehensive view of common behaviors and trends exposed by malware families active on the platform. Without such view, the researchers incur the risk of developing systems that only detect outdated threats, missing the most recent ones. In this paper, we conduct the largest measurement of Android ma...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017