Automatic Generation of Mobile Malwares Using Genetic Programming

The number of mobile devices has increased dramatically in the past few years. These smart devices provide many useful functionalities accessible from anywhere at anytime, such as reading and writing e-mails, surfing on the Internet, showing facilities nearby, and the like. Hence, they become an inevitable part of our daily lives. However the popularity and adoption of mobile devices also attract virus writers in order to harm our devices. So, many security companies have already proposed new solutions in order to protect our mobile devices from such malicious attempts. However developing methodologies that detect unknown malwares is a research challenge, especially on devices with limited resources. This study presents a method that evolves automatically variants of malwares from the ones in the wild by using genetic programming (GP). We aim to evaluate the efficacy of current anti-virus products, using static analysis techniques, in the market. The experimental results show the weaknesses of the static analysis tools available in the market, and the need of new detection techniques suitable for mobile devices.

[1]  Muhammad Zubair Shafiq,et al.  Evolvable malware , 2009, GECCO.

[2]  Richard M. Friedberg,et al.  A Learning Machine: Part II , 1959, IBM J. Res. Dev..

[3]  Yajin Zhou,et al.  RiskRanker: scalable and accurate zero-day android malware detection , 2012, MobiSys '12.

[4]  Yang Xiang,et al.  Classification of malware using structured control flow , 2010 .

[5]  Somesh Jha,et al.  Testing malware detectors , 2004, ISSTA '04.

[6]  Juan E. Tapiador,et al.  Dendroid: A text mining approach to analyzing and classifying code structures in Android malware families , 2014, Expert Syst. Appl..

[7]  Malcolm I. Heywood,et al.  Can a good offense be a good defense? Vulnerability testing of anomaly detectors through an artificial arms race , 2011, Appl. Soft Comput..

[8]  Muhammad Zubair Shafiq,et al.  Using Formal Grammar and Genetic Operators to Evolve Malware , 2009, RAID.

[9]  Christopher Krügel,et al.  Limits of Static Analysis for Malware Detection , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[10]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[11]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[12]  Doubletree Hotel San Jose,et al.  The World's Most Popular Open Source Database , 2003 .

[13]  S. Katzenbeisser,et al.  Malware Normalization , 2005 .

[14]  Mihai Chiriac TALES FROM CLOUD NINE , 2009 .

[15]  John C. S. Lui,et al.  ADAM: An Automatic and Extensible Platform to Stress Test Android Anti-virus Systems , 2012, DIMVA.

[16]  Kangbin Yim,et al.  Malware Obfuscation Techniques: A Brief Survey , 2010, 2010 International Conference on Broadband, Wireless Computing, Communication and Applications.

[17]  John R. Koza,et al.  Genetic programming - on the programming of computers by means of natural selection , 1993, Complex adaptive systems.

[18]  Swarat Chaudhuri,et al.  A Study of Android Application Security , 2011, USENIX Security Symposium.

[19]  Patrick D. McDaniel,et al.  Understanding Android Security , 2009, IEEE Security & Privacy Magazine.

[20]  Malcolm I. Heywood,et al.  Generating mimicry attacks using genetic programming: A benchmarking study , 2009, 2009 IEEE Symposium on Computational Intelligence in Cyber Security.

[21]  Xuxian Jiang,et al.  A Static Assurance Analysis of Android Applications , 2013 .

[22]  Malcolm I. Heywood,et al.  Evolutionary computation as an artificial attacker: generating evasion attacks for detector vulnerability testing , 2011, Evol. Intell..

[23]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[24]  Aubrey-Derrick Schmidt,et al.  Detection of Smartphone Malware , 2011 .

[25]  Peter J. Clarke,et al.  Testing and evaluating virus detectors for handheld devices , 2006, Journal in Computer Virology.

[26]  Richard M. Friedberg,et al.  A Learning Machine: Part I , 1958, IBM J. Res. Dev..

[27]  Simon M. Poulding,et al.  A Rigorous Evaluation of Crossover and Mutation in Genetic Programming , 2009, EuroGP.

[28]  Levent Karacan,et al.  2-opt based artificial bee colony algorithm for solving traveling salesman problem , 2012 .

[29]  Malcolm I. Heywood,et al.  On evolving buffer overflow attacks using genetic programming , 2006, GECCO '06.

[30]  Peter Nordin,et al.  Genetic programming - An Introduction: On the Automatic Evolution of Computer Programs and Its Applications , 1998 .

[31]  Lihua Wu,et al.  Research of the Computer Virus Evolution Model Based on Immune Genetic Algorithm , 2011, 2011 10th IEEE/ACIS International Conference on Computer and Information Science.

[32]  Xuxian Jiang,et al.  DroidChameleon: evaluating Android anti-malware against transformation attacks , 2013, ASIA CCS '13.