• DocumentCode
    2843711
  • Title

    Analysis of malicious and benign android applications

  • Author

    Alazab, Mostafa ; Moonsamy, Veelasha ; Batten, Lynn ; Lantz, P. ; Ronghua Tian

  • Author_Institution
    Sch. of Inf. Technol., Deakin Univ., Melbourne, VIC, Australia
  • fYear
    2012
  • fDate
    18-21 June 2012
  • Firstpage
    608
  • Lastpage
    616
  • Abstract
    Since its establishment, the Android applications market has been infected by a proliferation of malicious applications. Recent studies show that rogue developers are injecting malware into legitimate market applications which are then installed on open source sites for consumer uptake. Often, applications are infected several times. In this paper, we investigate the behavior of malicious Android applications, we present a simple and effective way to safely execute and analyze them. As part of this analysis, we use the Android application sandbox Droidbox to generate behavioral graphs for each sample and these provide the basis of the development of patterns to aid in identifying it. As a result, we are able to determine if family names have been correctly assigned by current anti-virus vendors. Our results indicate that the traditional anti-virus mechanisms are not able to correctly identify malicious Android applications.
  • Keywords
    consumer behaviour; invasive software; operating systems (computers); public domain software; Android applications market; Droidbox; application sandbox; benign Android applications; consumer uptake; malicious Android applications; malware; open source sites; Androids; Humanoid robots; Malware; Mobile communication; Monitoring; Smart phones; Android; Behavior graph; Droidbox; Dynamic; Mobile malware; Treemap;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on
  • Conference_Location
    Macau
  • ISSN
    1545-0678
  • Print_ISBN
    978-1-4673-1423-7
  • Type

    conf

  • DOI
    10.1109/ICDCSW.2012.13
  • Filename
    6258212