Title :
Evaluation of Android Anti-malware Techniques against Dalvik Bytecode Obfuscation
Author :
Faruki, Parvez ; Bharmal, Ammar ; Laxmi, V. ; Gaur, M.S. ; Conti, Marco ; Rajarajan, Muttukrishnan
Author_Institution :
Dept. of Comput. Eng., Malaviya Nat. Inst. of Technol., Jaipur, India
Abstract :
Popularity and growth of Android mobile devices has paved the way for exploiting popular apps using various Dalvik byte code transformation methods. Testing the antimalware techniques against obfuscation identifies the need of proposing effective detection methods. In this paper, we explore the resilience of anti-malware techniques against transformations for Android. The Proposed approach employs variable compression, native code wrapping and register renaming, in addition to already implemented transformations on Dalvik byte code. Evaluation results indicate low resilience of the antimalware detection engines against code obfuscation. Furthermore, we evaluate resilience of Androguard´s code similarity and AndroSimilar´s robust statistical feature signature against code obfuscated malware.
Keywords :
Android (operating system); invasive software; source code (software); statistical analysis; AndroSimilar robust statistical feature signature evaluation; Androguard code similarity resilience evaluation; Android antimalware technique evaluation; Android mobile devices; Dalvik bytecode obfuscation identifies; Dalvik bytecode transformation methods; antimalware technique resilience; antimalware technique testing; code obfuscated malware; code wrapping; register renaming; variable compression; Androids; Google; Humanoid robots; Layout; Malware; Prototypes; Resilience; Android Malware; Dalvik Bytecode obfuscation;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on
Conference_Location :
Beijing
DOI :
10.1109/TrustCom.2014.54
