ABSTRACT
The threat of malware attacks on Android mobile devices is an ever-growing one, as usage and sophistication increases. As the Android OS is fairly new in the overall set of operating systems, there is much need and room for research in the area of Android malware detection. In this paper, several current Android malware detection methods are categorized in terms of static, dynamic, and family signature analysis. In addition, the methods identified are analyzed for their relative levels of effectiveness.
- European Union Agency for Network and Information Security (ENISA). (2019). ENISA threat landscape report 2018: 15 top cyber-threats and trends. Heraklion: ENISA. https://doi.org/10.2824/622757Google Scholar
- Chebyshev, V. (2019, March 5). Mobile malware evolution 2018. Retrieved from https://securelist.com/mobile-malware-evolution-2018/89689/Google Scholar
- IDC, & Gartner. (2019, February 21). Share of Android OS of global smartphone shipments from 1st quarter 2011 to 2nd quarter 2018. Statista. Retrieved from https://www.statista.com/statistics/236027/global-smartphone-os-market-share-of-android/Google Scholar
- Meng, H., Thing, V. L. L., Cheng, Y., Dai, Z., & Zhang, L. (2018). A survey of Android exploits in the wild. Computers & Security, 76, 71--91. https://doi.org/10.1016/j.cose.2018.02.019Google ScholarCross Ref
- Bhat, P., & Dutta, K. (2019). A survey on various threats and current state of security in Android platform. ACM Computing Surveys, 52(1), 1--35. https://doi.org/10.1145/3301285Google ScholarDigital Library
- Tam, K., Feizollah, A., Anuar, N., Salleh, R., & Cavallaro, L. (2017). The evolution of Android malware and Android analysis techniques. ACM Computing Surveys, 49(4), 1--41. https://doi.org/10.1145/3017427Google ScholarDigital Library
- Yan, P., & Yan, Z. (2018). A survey on dynamic mobile malware detection. Software Quality Journal, 26(3), 891--919. https://doi.org/10.1007/s11219-017-9368-4Google ScholarDigital Library
- Sen, S., Aydogan, E., & Aysan, A. I. (2018). Coevolution of mobile malware and anti-malware. Information Forensics and Security, IEEE Transactions on, 13(10), 2563--2574. https://doi.org/10.1109/TIFS.2018.2824250Google Scholar
- Wang, W., Gao, Z., Zhao, M., Li, Y., Liu, J., & Zhang, X. (2018). DroidEnsemble: Detecting Android malicious applications with ensemble of string and structural static features. IEEE Access, 6, 31798--31807. https://doi.org/10.1109/ACCESS.2018.2835654Google ScholarCross Ref
- Gao, T., Peng, W., Sisodia, D., Saha, T. K., Li, F., & Hasan, M. A. (2018). Android malware detection via graphlet sampling. IEEE Transactions on Mobile Computing, PP(99), 1--15. https://doi.org/10.1109/TMC.2018.2880731Google Scholar
- Onwuzurike, L., Mariconti, E., Andriotis, P., Cristofaro, E., Ross, G., & Stringhini, G. (2019). MaMaDroid: Detecting Android malware by building Markov chains of behavioral models (extended version). ACM Transactions on Privacy and Security (TOPS), 22(2), 1--34. https://doi.org/10.1145/3313391Google ScholarDigital Library
- Zhang, H., Luo, S., Zhang, Y., & Pan, L. (2019). An efficient Android malware detection system based on method-level behavioral semantic analysis. IEEE Access, 7, 69246--69256. https://doi.org/10.1109/ACCESS.2019.2919796Google ScholarCross Ref
- Zhang, J., Qin, Z., Zhang, K., Yin, H., & Zou, J. (2018). Dalvik opcode graph based Android malware variants detection using global topology features. IEEE Access, 6, 51964--51974. https://doi.org/10.1109/ACCESS.2018.2870534Google ScholarCross Ref
- Li, B., Zhang, Y., Li, J., Yang, W., & Gu, D. (2018). AppSpear: Automating the hidden-code extraction and reassembling of packed android malware. The Journal of Systems & Software, 140, 3--16. https://doi.org/10.1016/j.jss.2018.02.040Google ScholarCross Ref
- Vidal, J. M., Monge, M. A. S., & Villalba, L. J. G. (2018). A novel pattern recognition system for detecting Android malware by analyzing suspicious boot sequences. Knowledge-Based Systems, 150, 198--217. https://doi.org/10.1016/j.knosys.2018.03.018Google ScholarDigital Library
- Ahmad, M., Costamagna, V., Crispo, B., Bergadano, F., & Zhauniarovich, Y. (2019). StaDART: Addressing the problem of dynamic code updates in the security analysis of Android applications. The Journal of Systems & Software, 1--14. https://doi.org/10.1016/j.jss.2019.07.088Google ScholarDigital Library
- Jing, C., Chiheng, W., Ziming, Z., Kai, C., Ruiying, D., & Gail-Joon, A. (2018). Uncovering the face of Android ransomware: Characterization and real-time detection. Information Forensics and Security, IEEE Transactions on, 13(5), 1286--1300. https://doi.org/10.1109/TIFS.2017.2787905Google Scholar
- Haipeng, C., Na, M., Ryder, B., & Yao, D. (2019). DroidCat: Effective Android malware detection and categorization via app-level profiling. IEEE Transactions on Information Forensics and Security, 14(6), 1455--1470. https://doi.org/10.1109/TIFS.2018.2879302Google ScholarCross Ref
- Canfora, G., Martinelli, F., Mercaldo, F., Nardone, V., Santone, A., & Visaggio, C. A. (2018). LEILA: formaL tool for idEntifying mobIle maLicious behAviour. IEEE Transactions on Software Engineering, PP(99), 1--23. https://doi.org/10.1109/TSE.2018.2834344Google Scholar
- Atzeni, A., Diaz, F., Marcelli, A., Sanchez, A., Squillero, G., & Tonda, A. (2018). Countering Android malware: A scalable semi-supervised approach for family-signature generation. IEEE Access, 6, 59540--59556. https://doi.org/10.1109/ACCESS.2018.2874502Google ScholarCross Ref
- Garcia, J., Hammad, M., & Malek, S. (2018). Lightweight, obfuscation-resilient detection and family identification of Android malware. ACM Transactions on Software Engineering and Methodology (TOSEM), 26(3), 1--29. https://doi.org/10.1145/3162625Google ScholarDigital Library
- Zhang, L., Thing, V. L. L., & Cheng, Y. (2019). A scalable and extensible framework for android malware detection and family attribution. Computers & Security, 80, 120--133. https://doi.org/10.1016/j.cose.2018.10.001Google ScholarCross Ref
- Sun, M., Li, X., Lui, J. C. S., Ma, R. T. B., & Liang, Z. (2017). Monet: a user-oriented behavior-based malware variants detection system for Android. IEEE Transactions on Information Forensics and Security, 12(5), 1103--1112. https://doi.org/10.1109/TIFS.2016.2646641Google ScholarDigital Library
Index Terms
- On Malware Detection in the Android Operating System
Recommendations
Android Malware Detection Combined with Static and Dynamic Analysis
ICCNS '19: Proceedings of the 2019 9th International Conference on Communication and Network SecurityAndroid System has attracted not only constantly increasing number of smart device users, but also the serious attacks from explosive malicious apps. Consequently, the need to effectively detect Android malware is becoming more and more urgent. In the ...
The Evolution of Android Malware and Android Analysis Techniques
With the integration of mobile devices into daily life, smartphones are privy to increasing amounts of sensitive information. Sophisticated mobile malware, particularly Android malware, acquire or utilize such data without user consent. It is therefore ...
A Novel Hybrid Mobile Malware Detection System Integrating Anomaly Detection With Misuse Detection
MCS '15: Proceedings of the 6th International Workshop on Mobile Cloud Computing and ServicesAs the dominator of the Smartphone operating system market, Android has attracted the attention of malware authors and researchers alike. The number of Android malware is increasing rapidly regardless of the considerable number of proposed malware ...
Comments