On the evaluation of android malware detectors against code-obfuscation techniques

Nawaz, Umair; Aleem, Muhammad; Lin, Jerry Chun‐Wei

doi:10.7717/peerj-cs.1002

Cited by 1 publication

(1 citation statement)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This investigation requires a deep analysis of the potentially dangerous applications 2 , therefore requiring a lightweight mechanism to cope with such a huge number of applications. Obfuscation of malware usually can be applied through several ways such as string encryption-based obfuscation, junk code insertion 3,4 , using fake try-catch statements 5 , repacking application 6,7 , call indirection 8 , code re-ordering 9 , package renaming 10 , native code obfuscation 11 , dynamic code loading 12 , code hiding 13 , reflection, etc. The variety and heterogeneous nature of the potential obfuscation techniques make them extremely difficult to identify.…”

Section: Evaluation and Classification Of Obfuscated Android Malware ...mentioning

confidence: 99%

Evaluation and classification of obfuscated Android malware through deep learning using ensemble voting mechanism

Aurangzeb

Aleem

2023

Sci Rep

Self Cite

View full text Add to dashboard Cite

With the rise in popularity and usage of Android operating systems, malicious applications are targeted by applying innovative ways and techniques. Today, malware becomes intelligent that uses several ways of obfuscation techniques to hide its functionality and evade anti-malware engines. For mainstream smartphone users, Android malware poses a severe security danger. An obfuscation approach, however, can produce malware versions that can evade current detection strategies and dramatically lower the detection accuracy. Attempting to identify Android malware obfuscation variations, this paper proposes an approach to address the challenges and issues related to the classification and detection of malicious obfuscated variants. The employed detection and classification scheme uses both static and dynamic analysis using an ensemble voting mechanism. Moreover, this study demonstrates that a small subset of features performs consistently well when they are derived from the basic malware (non-obfuscated), however, after applying a novel feature-based obfuscation approach, the study shows a drastic change indicating the relative importance of these features in obfuscating benign and malware applications. For this purpose, we present a fast, scalable, and accurate mechanism for obfuscated Android malware detection based on the Deep learning algorithm using real and emulator-based platforms. The experiments show that the proposed model detects malware effectively and accurately along with the identification of features that are usually obfuscated by malware attackers.

show abstract

Section: Evaluation and Classification Of Obfuscated Android Malware ...mentioning

confidence: 99%

Evaluation and classification of obfuscated Android malware through deep learning using ensemble voting mechanism

Aurangzeb

Aleem

2023

Sci Rep

Self Cite

View full text Add to dashboard Cite

show abstract

On the evaluation of android malware detectors against code-obfuscation techniques

Cited by 1 publication

References 20 publications

Evaluation and classification of obfuscated Android malware through deep learning using ensemble voting mechanism

Evaluation and classification of obfuscated Android malware through deep learning using ensemble voting mechanism

Contact Info

Product

Resources

About