Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks
作者: Vaibhav Rastogi , Yan Chen , Xuxian Jiang
DOI: 10.1109/TIFS.2013.2290431
关键词:
摘要: Mobile malware threats (e.g., on Android) have recently become a real concern. In this paper, we evaluate the state-of-the-art commercial mobile anti-malware products for Android and test how resistant they are against various common obfuscation techniques (even with known malware). Such an evaluation is important not only measuring available defense threats, but also proposing effective, next-generation solutions. We developed DroidChameleon, systematic framework transformation techniques, used it our study. Our results 10 popular applications worrisome: none of these tools techniques. addition, majority them can be trivially defeated by applying slight over little effort authors. Finally, in light results, propose possible remedies improving current state detection devices.
sci-hub.se 参考文章(26)
Min Zheng, Patrick P. C. Lee, John C. S. Lui, ADAM: an automatic and extensible platform to stress test android anti-virus systems international conference on detection of intrusions and malware and vulnerability assessment. pp. 82- 101 ,(2012) , 10.1007/978-3-642-37300-8_5
Christian Collberg, Douglas Low, C. Thomborson, A Taxonomy of Obfuscating Transformations Department of Computer Science, The University of Auckland, New Zealand. ,(1997)
Engin Kirda, Paolo Milani Comparetti, Christopher Kruegel, Clemens Kolbitsch, Xiaoyong Zhou, XiaoFeng Wang, Effective and efficient malware detection at the end host usenix security symposium. pp. 351- 366 ,(2009)
Mihai Christodorescu, Somesh Jha, Testing malware detectors international symposium on software testing and analysis. ,vol. 29, pp. 34- 44 ,(2004) , 10.1145/1007512.1007518
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619
Laune C. Harris, Barton P. Miller, Practical analysis of stripped binary code ACM SIGARCH Computer Architecture News. ,vol. 33, pp. 63- 68 ,(2005) , 10.1145/1127577.1127590
Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, Xuxian Jiang, RiskRanker Proceedings of the 10th international conference on Mobile systems, applications, and services - MobiSys '12. pp. 281- 294 ,(2012) , 10.1145/2307636.2307663
Ankit Agrawal, Xiaoqiu Huang, Pairwise statistical significance of local sequence alignment using multiple parameter sets and empirical justification of parameter set change penalty. BMC Bioinformatics. ,vol. 10, pp. 1- 9 ,(2009) , 10.1186/1471-2105-10-S3-S1
Hao Peng, Chris Gates, Bhaskar Sarma, Ninghui Li, Yuan Qi, Rahul Potharaju, Cristina Nita-Rotaru, Ian Molloy, Using probabilistic generative models for ranking risks of Android apps Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12. pp. 241- 252 ,(2012) , 10.1145/2382196.2382224
Prateek Saxena, R Sekar, Varun Puranik, Efficient fine-grained binary instrumentationwith applications to taint-tracking symposium on code generation and optimization. pp. 74- 83 ,(2008) , 10.1145/1356058.1356069