Deakin home > Deakin University Library > Deakin Research Online > Analysis of malicious and benign Android applications

Analysis of malicious and benign Android applications

Alazab, Moutaz, Moonsamy, Veelasha, Batten, Lynn, Tian, Ronghua and Lantz, Patrik 2012, Analysis of malicious and benign Android applications, in ICDCSW 2012 : Proceedings of the 32nd International Conference on Distributed Computing Systems Workshops, IEEE, Los Alamitos, Calif., pp. 608-616.

Document type: Conference Paper
Collection: School of Information Technology
Attached Files (Some files may be inaccessible until you login with your Deakin Research Online credentials)
Name Description MIMEType Size Downloads

Title Analysis of malicious and benign Android applications
Author(s) Alazab, Moutaz
Moonsamy, Veelasha
Batten, Lynn
Tian, Ronghua
Lantz, Patrik
Conference name Distributed Computing Systems Workshops. Conference (32nd : 2012 : Macau, China)
Conference location Macau, China
Conference dates 18-21 Jun. 2012
Title of proceedings ICDCSW 2012 : Proceedings of the 32nd International Conference on Distributed Computing Systems Workshops
Editor(s) [Unknown]
Publication date 2012
Conference series Distributed Computing Systems Workshops. Conference
Start page 608
End page 616
Total pages 9
Publisher IEEE
Place of publication Los Alamitos, Calif.
Keyword(s) Android
dynamic
mobile malware
behavior graph
Treemap
Droidbox
Summary Since its establishment, the Android applications market has been infected by a proliferation of malicious applications. Recent studies show that rogue developers are injecting malware into legitimate market applications which are then installed on open source sites for consumer uptake. Often, applications are infected several times. In this paper, we investigate the behavior of malicious Android applications, we present a simple and effective way to safely execute and analyze them. As part of this analysis, we use the Android application sandbox Droidbox to generate behavioral graphs for each sample and these provide the basis of the development of patterns to aid in identifying it. As a result, we are able to determine if family names have been correctly assigned by current anti-virus vendors. Our results indicate that the traditional anti-virus mechanisms are not able to correctly identify malicious Android applications.
ISBN 9781467314237
ISSN 1545-0678
Language eng
Field of Research 080303 Computer System Security
Socio Economic Objective 970108 Expanding Knowledge in the Information and Computing Sciences
HERDC Research category E1 Full written paper - refereed
Copyright notice ©2012, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30049212
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in Deakin Research Online is owned by the author, with all rights reserved.

Versions
Version Filter Type
Access Statistics: 36 Abstract Views, 3 File Downloads  -  Detailed Statistics
Created: Thu, 01 Nov 2012, 13:10:49 EST