Detecting intelligent malware on dynamic Android analysis environments

In recent years, static and dynamic analysis of Smartphone applications has been popularized. This kind of analysis have assisted in detecting malware among other applications. In order to evade detection on emulator based dynamic analysis environments, number of malware rely on specific details of the emulator and user input, such as IMEI number, button press, phone call, accelerometer readings, etc. Once malware identifies an emulator, it can act benignly and pass the analysis undetected. To enhance the detection capability of dynamic analysis environments, we present a framework which enhances their capibility to detect intelligent mawares. The objective of the framework is twofold, to emulate artificial user behavior and help unravel malware´s true behavior. Our framework is divided into two major categories based on dynamic and static properties of a Smartphone. The framework is tested with an open-source sandbox environment and an existing emulator detection application.