Deakin University
Browse

File(s) under permanent embargo

Analysis of malicious and benign Android applications

conference contribution
posted on 2012-01-01, 00:00 authored by Moutaz Alazab, Veelasha Moonsamy, Lynn BattenLynn Batten, Ronghua Tian, P Lantz
Since its establishment, the Android applications market has been infected by a proliferation of malicious applications. Recent studies show that rogue developers are injecting malware into legitimate market applications which are then installed on open source sites for consumer uptake. Often, applications are infected several times. In this paper, we investigate the behavior of malicious Android applications, we present a simple and effective way to safely execute and analyze them. As part of this analysis, we use the Android application sandbox Droidbox to generate behavioral graphs for each sample and these provide the basis of the development of patterns to aid in identifying it. As a result, we are able to determine if family names have been correctly assigned by current anti-virus vendors. Our results indicate that the traditional anti-virus mechanisms are not able to correctly identify malicious Android applications.

History

Event

Distributed Computing Systems Workshops. Conference (32nd : 2012 : Macau, China)

Pagination

608 - 616

Publisher

IEEE

Location

Macau, China

Place of publication

Los Alamitos, Calif.

Start date

2012-06-18

End date

2012-06-21

ISSN

1545-0678

ISBN-13

9781467314237

Language

eng

Publication classification

E1 Full written paper - refereed

Copyright notice

2012, IEEE

Title of proceedings

ICDCSW 2012 : Proceedings of the 32nd International Conference on Distributed Computing Systems Workshops

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC