Targeted Dynamic Analysis for Android Malware
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The identification and analysis of Android malware involves either static or dynamic program analysis of the malware binary. While static analysis has good code coverage, it is not as precise due to the lack of run-time information. In contrast, because Android malware is often bundled with applications that have legitimate functionality, dynamic analysis can take a long time to find and analyze the small amount of code implementing the malicious functionality. We propose IntelliDroid, a tool that combines the advantages of both static and dynamic analyses to efficiently analyze suspicious behavior in Android applications. A lightweight static phase identifies possible malicious behavior and gathers information to generate inputs that can dynamically exercise that behavior. IntelliDroid overcomes several key challenges of analyzing Android malware and when evaluated on 30 instances of malicious behavior, IntelliDroid successfully identifies the behavior, extracts path constraints, and executes the malicious code in all but one case.
Description
Keywords
Citation
DOI
ISSN
Creative Commons
Creative Commons URI
Collections
Items in TSpace are protected by copyright, with all rights reserved, unless otherwise indicated.