loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Paul Irolla and Eric Filiol

Affiliation: École d’Ingénieurs du Monde Numérique (ESIEA), France

Keyword(s): Dynamic Analysis, Android, Malware Detection, Automatic Testing.

Abstract: Android is the most widely used smartphone OS with 82.8% market share in 2015 (IDC, 2015). It is therefore the most widely targeted system by malware authors. Researchers rely on dynamic analysis to extract malware behaviors and often use emulators to do so. However, using emulators lead to new issues. Malware may detect emulation and as a result it does not execute the payload to prevent the analysis. Dealing with virtual device evasion is a never-ending war and comes with a non-negligible computation cost (Lindorfer et al., 2014). To overcome this state of affairs, we propose a system that does not use virtual devices for analysing malware behavior. Glassbox is a functional prototype for the dynamic analysis of malware applications. It executes applications on real devices in a monitored and controlled environment. It is a fully automated system that installs, tests and extracts features from the application for further analysis. We present the architecture of the platform and we c ompare it with existing Android dynamic analysis platforms. Lastly, we evaluate the capacity of Glassbox to trigger application behaviors by measuring the average coverage of basic blocks on the AndroCoverage dataset (AndroCoverage, 2016). We show that it executes on average 13.52% more basic blocks than the Monkey program. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.237.178.126

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Irolla, P. and Filiol, E. (2017). Glassbox: Dynamic Analysis Platform for Malware Android Applications on Real Devices. In Proceedings of the 3rd International Conference on Information Systems Security and Privacy (ICISSP 2017) - ForSE; ISBN 978-989-758-209-7; ISSN 2184-4356, SciTePress, pages 610-621. DOI: 10.5220/0006094006100621

@conference{forse17,
author={Paul Irolla. and Eric Filiol.},
title={Glassbox: Dynamic Analysis Platform for Malware Android Applications on Real Devices},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy (ICISSP 2017) - ForSE},
year={2017},
pages={610-621},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006094006100621},
isbn={978-989-758-209-7},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy (ICISSP 2017) - ForSE
TI - Glassbox: Dynamic Analysis Platform for Malware Android Applications on Real Devices
SN - 978-989-758-209-7
IS - 2184-4356
AU - Irolla, P.
AU - Filiol, E.
PY - 2017
SP - 610
EP - 621
DO - 10.5220/0006094006100621
PB - SciTePress