A study of android malware detection technology evolution

According to the report of International Data Corporation (IDC), Android OS has dominated the worldwide smart phone Operating System (OS) Market with a 78% share at the first quarter of 2015; also, in the report of F-Secure, 99% of new smart phone threats emerged in the first quarter of 2014 are designed for Android. In recent years, many kinds of malware, such as Botnet, Backdoor, Rootkits, and Trojans, start to attack smart phones for conducting crimes such as fraud, service misuse, information stealing, and root access. In general, they have some shared characteristics, such as constantly scanning for Bluetooth to shorten the device's battery life, accessing the GPS to send the position information to Internet, and jamming the communication between device and the base station to paralyze the wireless network. According to these characteristics, there are a lot of detection method proposed, such as behavior checking, permission-based analysis, and Static Analysis, applied in malware detection software and anti-virus software. However, advanced hackers can utilize some techniques, such as emulator detection, packer, and code obfuscation, to prevent their attacks from being detected. This paper focuses on reviewing the malware evolution which makes malware detection more and more difficult, as well as the development of malware detection software which makes smart phones safer. Finally, our survey gives an insight into the malware evolution trend to increase the detecting rate of unknown malware for malware detection software.

[1]  William L. Scherlis,et al.  Computer emergency response , 1991 .

[2]  David A. Wagner,et al.  Analyzing inter-application communication in Android , 2011, MobiSys '11.

[3]  Wenke Lee,et al.  CHEX: statically vetting Android apps for component hijacking vulnerabilities , 2012, CCS.

[4]  J. Foster,et al.  SCanDroid: Automated Security Certification of Android , 2009 .

[5]  Vijay Laxmi,et al.  AndroSimilar: robust statistical feature signature for Android malware detection , 2013, SIN.

[6]  Hao Chen,et al.  Attack of the Clones: Detecting Cloned Applications on Android Markets , 2012, ESORICS.

[7]  Sencun Zhu,et al.  A Framework for Evaluating Mobile App Repackaging Detection Algorithms , 2013, TRUST.

[8]  Steve Hanna,et al.  Juxtapp: A Scalable System for Detecting Code Reuse among Android Applications , 2012, DIMVA.

[9]  Yajin Zhou,et al.  Detecting repackaged smartphone applications in third-party android marketplaces , 2012, CODASPY '12.

[10]  James Wong COMPUTER SCIENCE DEPARTMENT , 1971 .

[11]  Julian Schütte,et al.  On the Effectiveness of Malware Protection on Android An evaluation of Android antivirus , 2013 .

[12]  Juan E. Tapiador,et al.  Evolution, Detection and Analysis of Malware for Smart Devices , 2014, IEEE Communications Surveys & Tutorials.

[13]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[14]  Latin America 's Lab Trends for 2013 Astounding growth of mobile malware , .

[15]  Dennis J. Turner,et al.  Symantec Internet Security Threat Report Trends for July 04-December 04 , 2005 .

[16]  Luo Xu Min,et al.  Runtime-based Behavior Dynamic Analysis System for Android Malware Detection , 2012 .

[17]  Muttukrishnan Rajarajan,et al.  Evaluation of Android Anti-malware Techniques against Dalvik Bytecode Obfuscation , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[18]  Muttukrishnan Rajarajan,et al.  Android Security: A Survey of Issues, Malware Penetration, and Defenses , 2015, IEEE Communications Surveys & Tutorials.

[19]  Yajin Zhou,et al.  RiskRanker: scalable and accurate zero-day android malware detection , 2012, MobiSys '12.

[20]  villpasc Computer Science Department , 2016 .

[21]  Srikanth Ramu Mobile Malware Evolution , Detection and Defense , 2012 .

[22]  John C. S. Lui,et al.  DroidRay: a security evaluation system for customized android firmwares , 2014, AsiaCCS.

[23]  Sahin Albayrak,et al.  An Android Application Sandbox system for suspicious software detection , 2010, 2010 5th International Conference on Malicious and Unwanted Software.

[24]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[25]  Isil Dillig,et al.  Apposcopy: semantics-based detection of Android malware through static analysis , 2014, SIGSOFT FSE.

[26]  Kang G. Shin,et al.  Detecting energy-greedy anomalies and mobile malware variants , 2008, MobiSys '08.

[27]  John C. S. Lui,et al.  ADAM: An Automatic and Extensible Platform to Stress Test Android Anti-virus Systems , 2012, DIMVA.

[28]  William Enck,et al.  AppsPlayground: automatic security analysis of smartphone applications , 2013, CODASPY.

[29]  Гарнаева Мария Александровна,et al.  Kaspersky security Bulletin 2013 , 2014 .

[30]  Xuxian Jiang,et al.  DroidChameleon: evaluating Android anti-malware against transformation attacks , 2013, ASIA CCS '13.