AndroSimilar: Robust statistical feature signature for android malware detection

SIN 2013 - Proceedings of the 6th International Conference on Security of Information and Networks

Volumn , Issue , 2013, Pages 152-159

  Faruki, Parvez ^a   Ganmoor, Vijay ^a   Laxmi, Vijay ^a   Gaur, M S ^a   Bharmal, Ammar ^a  

^a MALAVIYA NATIONAL INSTITUTE OF TECHNOLOGY   (India)

Author keywords

Android malware; Code obfuscation; Improbable features; Similarity digest; Statistical features

Indexed keywords

ANDROID MALWARE; CODE OBFUSCATION; IMPROBABLE FEATURES; SIMILARITY DIGEST; STATISTICAL FEATURES;

FREQUENCY HOPPING; ROBOTS; SECURITY OF DATA; SIGNAL ENCODING; SMARTPHONES; SYNTACTICS;

COMPUTER CRIME;

EID: 84893307989     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2523514.2523539     Document Type: Conference Paper

References (30)

1. Amazon Inc. Amazon Appstore for Android. http://www.amazon.com/mobile- apps/b?ie=UTF8&node=2350149011, Online; Accessed June 27 2013.
2. G. Andre and P. Ramos. BOXER SMS trojan. Technical report, ESET Latin American Lab, 2013.
3. APKTool. Reverse Engineering with apktool. https://code.google.com/ android/apk-tool, Online; Accessed March 20 2013.
4. BakSmali. Reverse Engineering with smali/baksmali. https://code.google. com/smali, Online; Accessed March 20 2013.
5. D. Barrera, H. G. Kayacik, P. C. van Oorschot, and A. Somayaji. A methodology for Empirical analysis of Permission-Based Security models and its application to Android. In Proceedings of the 17th ACM conference on Computer and communications security, CCS'10, pages 73-84, New York, NY, USA, 2010. ACM.
6. BlackHat. Reverse Engineering with androguard. https://code.google.com/ androguard, Online; Accessed March 29 2013.
7. C. A. Castillo. Android Malware Past, Present, and Future. Technical report, MSWC, 2012.
8. Contagiodump. Contagio Malware Dump. http://contagiodump.blogspot.in/, Online; Accessed March 1 2013.
9. Dex2Jar. Adroid Decompiling with Dex2jar. http://code.google.com/p/ dex2jar/, Online; Accessed May 15 2013.
10. W. Enck, D. Octeau, P. McDaniel, and S. Chaudhuri. A study of Android application Security. In Proceedings of the 20th USENIX conference on Security, SEC'11, pages 21-21, Berkeley, CA, USA, 2011. USENIX Association.
11. A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android Permissions Demystified. In Proceedings of the 18th ACM conference on Computer and communications security, CCS'11, pages 627-638, New York, NY, USA, 2011. ACM.
12. M. Grace, Y. Zhou, Z. Wang, and X. Jiang. Systematic Detection of Capability Leaks in Stock Android Smartphones. In Proceedings of the 19th Network and Distributed System Security Symposium (NDSS), Feb. 2012.
13. M. Grace, Y. Zhou, Q. Zhang, S. Zou, and X. Jiang. RiskRanker: Scalable Accurate zero-day Android Malware detection. In 10th international conference on Mobile systems, applications, and services, MobiSys, pages 281-294, NY, USA, 2012. ACM.
14. A. Inc. Class to Dex Conversion with Dx. http://developer.android.com/ tools/help/index.html, Online; Accessed March 5 2013.
15. G. Inc. Android Smartphone Sales Report, 2013. http://www.gartner.com/ newsroom/id/2482816, Online; Accessed June 17.
16. JD-GUI. Android Decompiling with JD-GUI. http://java.decompiler.free.fr/? q=jdgui, Online; Accessed May 15 2013.
17. Jon Oberhide. Dissecting The Android Bouncer. http://jon.oberheide.org/ blog/2012/06/21/âǎo, Online; Accessed June 1 2012.
18. J. Kornblum. Identifying Identical files using Context Triggered Piecewise Hashing. Digital Investigation., 3: 91-97, Sept. 2006.
19. G. Play. Official Android Market, google play. https://market.android. com/., Online; Accessed June 17 2013.
20. V. Roussev. Classprints: Class-aware similarity hashes. Advances in Digital Forensics., 2008.
21. V. Roussev. An evaluation of forensic similarity hashes. Digital Investigations, 8: S34-S41, Aug. 2011.
22. V. Roussev. Data fingerprinting with similarity hashes. Advances in Digital Forensics., 2011.
23. L. Vijay, G. Manoj Singh, F. Parvez, and N. Smita. PEAL-Packed Executable AnaLysis. In Proceedings of International Conference on Advanced Computing Networking and Security, ADCONS'11. SPRINGER, 2011.
24. E. William, O. Damien, M. Patrick, and C. Swarat. A study of android application security. In USENIX Security'11, San Francisco, ca, 2011. USENIX.
25. E. William, G. Peter, C. Byunggon, and C. Landon. TaintDroid: An information flow tracking system for realtime privacy monitoring on smartphones. In USENIX Symposium on Operating Systems Design and Implementation. USENIX, 2011.
26. Z. Yajin and J. Xuxian. Dissecting Android Malware: Characterization and Evolution. In Proceedings of the 33rd IEEE Symposium on Security and Privacy, Oakland 2012. IEEE, 2012.
27. M. Zheng, P. P. C. Lee, and J. C. S. Lui. ADAM: An Automatic and Extensible Platform to Stress Test Android Anti-virus Systems. In DIMVA, pages 82-101, 2012.
28. M. Zheng, M. Sun, and J. C. S. Lui. DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware. CoRR, 2013.
29. W. Zhou, Y. Zhou, and X. Jiang. Hey, you get off my market: Detecting malicious apps in official and third party android markets. In Annual Network and Distributed Security Symposium, New York, NY, USA, 2012. NDSS.
30. W. Zhou, Y. Zhou, X. Jiang, and P. Ning. Detecting Repackaged Smartphone Applications in Third-party Android Marketplaces. In Proceedings of Second ACM conference on Data Application Security and Privacy, CODASPY'12, pages 317-326, New York, USA, 2012.