Evaluation of Survivability of the Automatically Obfuscated Android Malware
Malware is a growing threat to all mobile platforms and hundreds of new malicious applications are being detected every day. At the same time, the development of automated software obfuscation techniques allows for the easy production of new malware variants even by attackers with entry-level progra...
| Main Authors: | , , , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-05-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/12/10/4969 |
| _version_ | 1797501836638289920 |
|---|---|
| author | Himanshu Patel Deep Patel Jaspreet Ahluwalia Vaishali Kapoor Karthik Narasimhan Harmanpreet Singh Harmanjot Kaur Gadi Harshitha Reddy Sai Sushma Peruboina Sergey Butakov |
| author_facet | Himanshu Patel Deep Patel Jaspreet Ahluwalia Vaishali Kapoor Karthik Narasimhan Harmanpreet Singh Harmanjot Kaur Gadi Harshitha Reddy Sai Sushma Peruboina Sergey Butakov |
| author_sort | Himanshu Patel |
| collection | DOAJ |
| description | Malware is a growing threat to all mobile platforms and hundreds of new malicious applications are being detected every day. At the same time, the development of automated software obfuscation techniques allows for the easy production of new malware variants even by attackers with entry-level programming skills. Such obfuscation techniques can evade the signature-based mechanism implemented in current antimalware technology. This paper presents the results of a study that examined how automated obfuscation techniques affect malicious and benign applications by two widely used malware detection approaches, namely static and dynamic analyses. The research explored 5000 samples of malware and benign programs and evaluated the impact of automated obfuscation on Android applications. The experimental results indicated that (1) up to 73% of the reviewed applications “survived” the automated obfuscation; (2) automated obfuscation reduced the detection ratio to 65–85% depending on the obfuscation method used. These findings call for a more active use of advanced malware detection methods in commonly used antivirus platforms. |
| first_indexed | 2024-03-10T03:24:20Z |
| format | Article |
| id | doaj.art-54f7a0af4af941d3b0390472f842ba77 |
| institution | Directory Open Access Journal |
| issn | 2076-3417 |
| language | English |
| last_indexed | 2024-03-10T03:24:20Z |
| publishDate | 2022-05-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Applied Sciences |
| spelling | doaj.art-54f7a0af4af941d3b0390472f842ba772023-11-23T09:55:49ZengMDPI AGApplied Sciences2076-34172022-05-011210496910.3390/app12104969Evaluation of Survivability of the Automatically Obfuscated Android MalwareHimanshu Patel0Deep Patel1Jaspreet Ahluwalia2Vaishali Kapoor3Karthik Narasimhan4Harmanpreet Singh5Harmanjot Kaur6Gadi Harshitha Reddy7Sai Sushma Peruboina8Sergey Butakov9Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaInformation Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaInformation Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaInformation Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaInformation Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaInformation Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaInformation Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaInformation Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaInformation Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaInformation Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, CanadaMalware is a growing threat to all mobile platforms and hundreds of new malicious applications are being detected every day. At the same time, the development of automated software obfuscation techniques allows for the easy production of new malware variants even by attackers with entry-level programming skills. Such obfuscation techniques can evade the signature-based mechanism implemented in current antimalware technology. This paper presents the results of a study that examined how automated obfuscation techniques affect malicious and benign applications by two widely used malware detection approaches, namely static and dynamic analyses. The research explored 5000 samples of malware and benign programs and evaluated the impact of automated obfuscation on Android applications. The experimental results indicated that (1) up to 73% of the reviewed applications “survived” the automated obfuscation; (2) automated obfuscation reduced the detection ratio to 65–85% depending on the obfuscation method used. These findings call for a more active use of advanced malware detection methods in commonly used antivirus platforms.https://www.mdpi.com/2076-3417/12/10/4969malwaresoftware obfuscationstatic analysisdynamic analysismalware detection |
| spellingShingle | Himanshu Patel Deep Patel Jaspreet Ahluwalia Vaishali Kapoor Karthik Narasimhan Harmanpreet Singh Harmanjot Kaur Gadi Harshitha Reddy Sai Sushma Peruboina Sergey Butakov Evaluation of Survivability of the Automatically Obfuscated Android Malware Applied Sciences malware software obfuscation static analysis dynamic analysis malware detection |
| title | Evaluation of Survivability of the Automatically Obfuscated Android Malware |
| title_full | Evaluation of Survivability of the Automatically Obfuscated Android Malware |
| title_fullStr | Evaluation of Survivability of the Automatically Obfuscated Android Malware |
| title_full_unstemmed | Evaluation of Survivability of the Automatically Obfuscated Android Malware |
| title_short | Evaluation of Survivability of the Automatically Obfuscated Android Malware |
| title_sort | evaluation of survivability of the automatically obfuscated android malware |
| topic | malware software obfuscation static analysis dynamic analysis malware detection |
| url | https://www.mdpi.com/2076-3417/12/10/4969 |
| work_keys_str_mv | AT himanshupatel evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware AT deeppatel evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware AT jaspreetahluwalia evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware AT vaishalikapoor evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware AT karthiknarasimhan evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware AT harmanpreetsingh evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware AT harmanjotkaur evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware AT gadiharshithareddy evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware AT saisushmaperuboina evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware AT sergeybutakov evaluationofsurvivabilityoftheautomaticallyobfuscatedandroidmalware |