poster

Effectiveness of Android Obfuscation on Evading Anti-malware

Authors:

Melissa Chua,

Vivek BalachandranAuthors Info & Claims

CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

Pages 143 - 145

https://doi.org/10.1145/3176258.3176942

Published: 13 March 2018 Publication History

Get Access

Abstract

Obfuscation techniques have been conventionally used for legitimate applications, including preventing application reverse engineering, tampering and protecting intellectual property. A malware author could also leverage these benign techniques to hide their malicious intents and evade anti-malware detection. As variants of known malware have been regularly found on the Google Play Store, transformed malware attacks are a real problem that security solutions today need to address. It has been proven that mainstream security tools installed on smartphones are mainly signature-based; our work focuses on evaluating the efficiency of a composite of obfuscation techniques in evading anti-malware detection. We further verified the trend of transformed malware in evading detection, with a larger and more updated database of known malware. This is also the first work to-date that presents the instability of some anti-malware tools (AMTs) against obfuscated malware. This work also proved that current mainstream AMTs do not build up resilience against obfuscation methods, but instead try to update the signature database on created variants.

References

[1]

Inc. IDC Research. Smartphone os market share, August 2016.

Google Scholar

[2]

G. Hatchimonji. Is mobile anti-virus even necessary?, September 2013.

Google Scholar

[3]

Y. Xue et al. Auditing anti-malware tools by evolving android malware and dynamic loading technique. IEEE Transactions on Information Forensics and Security, 12(7):1529--1544, July 2017.

Digital Library

Google Scholar

[4]

TrendMicro. Ransomware recap: Slocker copycats wannacry, July 2017.

Google Scholar

[5]

V. Rastogi et al. Droidchameleon: Evaluating android anti-malware against transformation attacks. Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pages 329--334, 2013.

Digital Library

Google Scholar

[6]

A. Cani et al. Towards automated malware creation: Code generation and code integration. Proceedings of the 29th Annual ACM Symposium on Applied Computing, pages 329--334, 2014.

Digital Library

Google Scholar

[7]

A. Daniel et al. Drebin: Effective and explainable detection of android malware in your pocket. Symposium on Network and Distributed System Security, Feb 2014.

Google Scholar

[8]

M. Parkour. Contagio mobile: Mobile malware minidump, July 2017.

Google Scholar

[9]

M. Spreitzenbarth. The evil inside a droid - android malware: Past, present and future. In Proceedings of the BALTIC CONFERENCE Network Security and Forensics, 2012.

Google Scholar

[10]

M. Spreitzenbarth et al. Mobile-sandbox: having a deeper look into android applications. In Proceedings of the 28th Annual ACM Symposium on Applied Computing, pages 1808--1815, Mar 2013.

Digital Library

Google Scholar

[11]

VirusTotal. Virustotal public api v2.0, September 2012.

Google Scholar

[12]

V. Balachandran et al. Function level control flow obfuscation for software security. Proceedings of the IEEE 8th International Conference on Intelligent and Software Intensive Systems, pages 133--140, Oct 2014.

Digital Library

Google Scholar

[13]

V. Balachandran et al. Control flow obfuscation for android applications. IEEE International Conference on Systems, Man and Cybernetics, pages 463--469, Dec 2014.

Google Scholar

[14]

V. Balachandran et al. Control flow obfuscation for android applications. Computer and Security, 61 Issue C:72--93, Aug 2016. Reception

Digital Library

Google Scholar

Cited By

View all

Bean JTorri S(2024)Survey of Malware Detection through Use of Neural Network Models2024 International Conference on Cyber-Physical Social Intelligence (ICCSI)10.1109/ICCSI62669.2024.10799495(1-7)Online publication date: 8-Nov-2024
https://doi.org/10.1109/ICCSI62669.2024.10799495
Almomani IAlmashat TEl-Shafai W(2024)Maloid-DS: Labeled Dataset for Android Malware ForensicsIEEE Access10.1109/ACCESS.2024.340021112(73481-73546)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3400211
Liguori AZuppelli MGallo DGuarascio MCaviglione L(2024)Erasing the Shadow: Sanitization of Images with Malicious Payloads Using Deep AutoencodersFoundations of Intelligent Systems10.1007/978-3-031-62700-2_11(115-125)Online publication date: 17-Jun-2024
https://doi.org/10.1007/978-3-031-62700-2_11
Show More Cited By

Index Terms

Effectiveness of Android Obfuscation on Evading Anti-malware
1. Security and privacy
  1. Software and application security
  2. Systems security
    1. Operating systems security
      1. Mobile platform security

Recommendations

Smart malware detection on Android

Nowadays, because of its increased popularity, Android is target to a growing number of attacks and malicious applications, with the purpose of stealing private information and consuming credit by subscribing to premium services. Most of the current ...
Inferring the Detection Logic and Evaluating the Effectiveness of Android Anti-Virus Apps
CODASPY '16: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy

Malware on Android has been reported to be on the rise. There are many anti-virus (AV) apps available on Android. However, most AVs are presented as black-boxes without details given about their workings. In this paper, we propose to determine the key ...
Hartley's test ranked opcodes for Android malware analysis
SIN '15: Proceedings of the 8th International Conference on Security of Information and Networks

The popularity and openness of Android platform encourage malware authors to penetrate various market places with malicious applications. As a result, malware detection has become a critical topic in security. Currently signature-based system is able to ...

Comments

Information & Contributors

Information

Published In

CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

March 2018

401 pages

ISBN:9781450356329

DOI:10.1145/3176258

General Chairs:
Ziming Zhao
Arizona State University, USA
,
Gail-Joon Ahn
Arizona State University, USA & Samsung Research, Korea
,
Program Chairs:
Ram Krishnan
University of Texas at San Antonio, USA
,
Gabriel Ghinita
University of Massachusetts Boston, USA

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 March 2018

Check for updates

Author Tags

Qualifiers

Poster

Conference

CODASPY '18

Sponsor:

SIGSAC

CODASPY '18: Eighth ACM Conference on Data and Application Security and Privacy

March 19 - 21, 2018

AZ, Tempe, USA

Acceptance Rates

CODASPY '18 Paper Acceptance Rate 23 of 110 submissions, 21%;

Overall Acceptance Rate 149 of 789 submissions, 19%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

20
Total Citations
View Citations
552
Total Downloads

Downloads (Last 12 months)41
Downloads (Last 6 weeks)1

Reflects downloads up to 25 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Bean JTorri S(2024)Survey of Malware Detection through Use of Neural Network Models2024 International Conference on Cyber-Physical Social Intelligence (ICCSI)10.1109/ICCSI62669.2024.10799495(1-7)Online publication date: 8-Nov-2024
https://doi.org/10.1109/ICCSI62669.2024.10799495
Almomani IAlmashat TEl-Shafai W(2024)Maloid-DS: Labeled Dataset for Android Malware ForensicsIEEE Access10.1109/ACCESS.2024.340021112(73481-73546)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3400211
Liguori AZuppelli MGallo DGuarascio MCaviglione L(2024)Erasing the Shadow: Sanitization of Images with Malicious Payloads Using Deep AutoencodersFoundations of Intelligent Systems10.1007/978-3-031-62700-2_11(115-125)Online publication date: 17-Jun-2024
https://doi.org/10.1007/978-3-031-62700-2_11
Zhu JJang-Jaccard JSingh AWatters PCamtepe S(2023)Task-Aware Meta Learning-Based Siamese Neural Network for Classifying Control Flow Obfuscated MalwareFuture Internet10.3390/fi1506021415:6(214)Online publication date: 14-Jun-2023
https://doi.org/10.3390/fi15060214
Maniriho PMahmood AChowdhury M(2023)A Survey of Recent Advances in Deep Learning Models for Detecting Malware in Desktop and Mobile PlatformsACM Computing Surveys10.1145/363824056:6(1-41)Online publication date: 20-Dec-2023
https://dl.acm.org/doi/10.1145/3638240
Shu LDong SSu HHuang J(2023)Android Malware Detection Methods Based on Convolutional Neural Network: A SurveyIEEE Transactions on Emerging Topics in Computational Intelligence10.1109/TETCI.2023.32818337:5(1330-1350)Online publication date: Oct-2023
https://doi.org/10.1109/TETCI.2023.3281833
Aswal KPathak HSingh NGupta N(2023)Strength and Limitations of Publicly Available Anti-Malware Tools Against Obfuscated Malware2023 5th International Conference on Inventive Research in Computing Applications (ICIRCA)10.1109/ICIRCA57980.2023.10220600(1261-1266)Online publication date: 3-Aug-2023
https://doi.org/10.1109/ICIRCA57980.2023.10220600
Cabrera-Arteaga JMonperrus MToady TBaudry B(2023)WebAssembly diversification for malware evasionComputers and Security10.1016/j.cose.2023.103296131:COnline publication date: 1-Aug-2023
https://dl.acm.org/doi/10.1016/j.cose.2023.103296
Khalid SHussain FGohar M(2022)Towards Obfuscation Resilient Feature Design for Android Malware Detection-KTSODroidElectronics10.3390/electronics1124407911:24(4079)Online publication date: 8-Dec-2022
https://doi.org/10.3390/electronics11244079
Tay KChua SChua MBalachandran VJoshi AFernandez MVerma R(2022)Towards Robust Detection of PDF-based MalwareProceedings of the Twelfth ACM Conference on Data and Application Security and Privacy10.1145/3508398.3519365(370-372)Online publication date: 14-Apr-2022
https://dl.acm.org/doi/10.1145/3508398.3519365
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Smart malware detection on Android

Inferring the Detection Logic and Evaluating the Effectiveness of Android Anti-Virus Apps

Hartley's test ranked opcodes for Android malware analysis

Comments

Information

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations