Formal Methods for Android Banking Malware Analysis and Detection

The Android operating system has been dominating the smart devices market in recent years. Smart home devices are populating our houses and smartphones are indispensable companions in daily life activities. In such a technological environment, the amount of data and user information shared across these devices is enormous and attractive for every malicious user. Consequently, developing good malware detection techniques is a crucial open problem to keep using these devices safely. This paper proposes the application of a formal methods based approach to detect banking malware in the Android environment. The experimental results are really promising, as demonstrated by the evaluation on real-world Android applications, where we reached precision and recall equal to 1.

[1]  Tayssir Touili,et al.  Model-Checking for Android Malware Detection , 2014, APLAS.

[2]  Li Zhang,et al.  A survey of Android exploits in the wild , 2018, Comput. Secur..

[3]  Antonella Santone,et al.  Identification of Android Malware Families with Model Checking , 2016, ICISSP.

[4]  Rance Cleaveland,et al.  The NCSU Concurrency Workbench , 1996, CAV.

[5]  Colin Stirling,et al.  An Introduction to Modal and Temporal Logics for CCS , 1991, Concurrency: Theory, Language, And Architecture.

[6]  Gianluca Stringhini,et al.  MaMaDroid , 2019, ACM Trans. Priv. Secur..

[7]  Qinghua Zheng,et al.  Frequent Subgraph Based Familial Classification of Android Malware , 2016, 2016 IEEE 27th International Symposium on Software Reliability Engineering (ISSRE).

[8]  K. Yi,et al.  Static Analyzer for Detecting Privacy Leaks in Android Applications , 2012 .

[9]  Robertas Damaševičius,et al.  Android Malware Detection: A Survey , 2018, ICAI.

[10]  Bin Ma,et al.  Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[11]  Victor Chang,et al.  Mobile malware attacks: Review, taxonomy & future directions , 2019, Future Gener. Comput. Syst..

[12]  Shahid Alam,et al.  DroidNative: Automating and optimizing detection of Android native code malware variants , 2017, Comput. Secur..

[13]  Muttukrishnan Rajarajan,et al.  Evaluation of Android Anti-malware Techniques against Dalvik Bytecode Obfuscation , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[14]  Ping Yan,et al.  A survey on dynamic mobile malware detection , 2017, Software Quality Journal.

[15]  Gianluca Stringhini,et al.  AndrEnsemble: Leveraging API Ensembles to Characterize Android Malware Families , 2019, AsiaCCS.

[16]  Sankardas Roy,et al.  Deep Ground Truth Analysis of Current Android Malware , 2017, DIMVA.

[17]  Aniello Cimitile,et al.  Talos: no more ransomware victims with formal methods , 2018, International Journal of Information Security.

[18]  Xuxian Jiang,et al.  DroidChameleon: evaluating Android anti-malware against transformation attacks , 2013, ASIA CCS '13.

[19]  Ahmad Y. Javaid,et al.  Open Source Android Vulnerability Detection Tools: A Survey , 2018, ArXiv.

[20]  Qian Han,et al.  $\sf {DBank}$DBank: Predictive Behavioral Analysis of Recent Android Banking Troj , 2021, IEEE Transactions on Dependable and Secure Computing.

[21]  Witawas Srisa-an,et al.  DroidClassifier: Efficient Adaptive Mining of Application-Layer Header for Classifying Android Malware , 2016, SecureComm.

[22]  Sherali Zeadally,et al.  Mobile Banking: Evolution and Threats: Malware Threats and Security Solutions , 2019, IEEE Consumer Electronics Magazine.

[23]  Sung Wook Baik,et al.  Machine learning-assisted signature and heuristic-based detection of malwares in Android devices , 2017, Comput. Electr. Eng..

[24]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[25]  Zhenkai Liang,et al.  Monet: A User-Oriented Behavior-Based Malware Variants Detection System for Android , 2016, IEEE Transactions on Information Forensics and Security.

[26]  Mu Zhang,et al.  Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs , 2014, CCS.

[27]  Dawn Xiaodong Song,et al.  Malware Analysis with Tree Automata Inference , 2011, CAV.

[28]  Gerardo Canfora,et al.  LEILA: Formal Tool for Identifying Mobile Malicious Behaviour , 2019, IEEE Transactions on Software Engineering.

[29]  Kamlesh Dutta,et al.  A Survey on Various Threats and Current State of Security in Android Platform , 2019, ACM Comput. Surv..

[30]  Dexter Kozen,et al.  RESULTS ON THE PROPOSITIONAL’p-CALCULUS , 2001 .