File(s) under permanent embargo
Analysis of malicious and benign Android applications
conference contribution
posted on 2012-01-01, 00:00 authored by Moutaz Alazab, Veelasha Moonsamy, Lynn BattenLynn Batten, Ronghua Tian, P LantzSince its establishment, the Android applications market has been infected by a proliferation of malicious applications. Recent studies show that rogue developers are injecting malware into legitimate market applications which are then installed on open source sites for consumer uptake. Often, applications are infected several times. In this paper, we investigate the behavior of malicious Android applications, we present a simple and effective way to safely execute and analyze them. As part of this analysis, we use the Android application sandbox Droidbox to generate behavioral graphs for each sample and these provide the basis of the development of patterns to aid in identifying it. As a result, we are able to determine if family names have been correctly assigned by current anti-virus vendors. Our results indicate that the traditional anti-virus mechanisms are not able to correctly identify malicious Android applications.
History
Event
Distributed Computing Systems Workshops. Conference (32nd : 2012 : Macau, China)Pagination
608 - 616Publisher
IEEELocation
Macau, ChinaPlace of publication
Los Alamitos, Calif.Publisher DOI
Start date
2012-06-18End date
2012-06-21ISSN
1545-0678ISBN-13
9781467314237Language
engPublication classification
E1 Full written paper - refereedCopyright notice
2012, IEEETitle of proceedings
ICDCSW 2012 : Proceedings of the 32nd International Conference on Distributed Computing Systems WorkshopsUsage metrics
Categories
No categories selectedLicence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC