Smali+: An Operational Semantics for Low-Level Code Generated from Reverse Engineering Android Applications

Ziadia, Marwa; Fattahi, Jaouhar; Mejri, Mohamed; Pricop, Emil

doi:10.3390/info11030130

Cited by 7 publications

(2 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Reverse engineering menyediakan kode sumber aplikasi, pandangan wawasan terhadap arsitektur, dan ketergantungan pihak ketiga (Asher et al, 2021). Reverse engineering dalam perangkat lunak memungkinkan untuk mengubah file biner yang dapat dibaca oleh mesin menjadi file yang dapat dibaca oleh manusia, seperti yang terjadi pada file DEX (Ziadia et al, 2020). Melakukan reverse engineering pada aplikasi Android dan mengekstrak fitur serta melakukan analisis statis dari mereka tanpa harus menjalankannya (Singh, 2022).…”

Section: Pendahuluanunclassified

Implementasi Frida Framework untuk Manipulasi Alur Kerja pada Aplikasi Android

Ramadhan,

Fitriani,

Rosid

et al. 2024

pslse

View full text Add to dashboard Cite

Peningkatan keamanan pada perangkat Android telah menjadi tantangan bagi para peneliti keamanan. Bypass root adalah salah satu metode yang sering digunakan untuk menghindari deteksi oleh mekanisme keamanan. Dalam penelitian ini, menjelaskan penggunaan Frida, sebuah framework dynamic instrumentation, untuk melakukan bypass root pada perangkat Android. Dengan memanfaatkan kemampuan Frida untuk melakukan intersepsi dan modifikasi kode pada saat runtime, dapat mengubah perilaku aplikasi yang mencoba mendeteksi keberadaan root. Penulis melakukan serangkaian percobaan menggunakan Frida dan berhasil melewati mekanisme deteksi root yang umum digunakan. Hasil penelitian ini menunjukkan potensi Frida sebagai alat yang efektif dalam melakukan bypass root dan serangkaian pengujian keamanan pada perangkat Android. Penelitian ini memberikan pemahaman lebih lanjut tentang penggunaan Frida dalam konteks keamanan perangkat Android.

show abstract

Section: Pendahuluanunclassified

Implementasi Frida Framework untuk Manipulasi Alur Kerja pada Aplikasi Android

Ramadhan,

Fitriani,

Rosid

et al. 2024

pslse

View full text Add to dashboard Cite

show abstract

“…Furthermore, the classes in Java format can be restored from the .dex file by deploying Dex2jar tool [13]. This reverse engineering step might be necessary for some research works to implement deep feature extraction [14]- [16].…”

Section: Background and Literature Review A Android Application Packagementioning

confidence: 99%

An Automated Vision-Based Deep Learning Model for Efficient Detection of Android Malware Attacks

2022

View full text Add to dashboard Cite

Recently, cybersecurity experts and researchers have given special attention to developing cost-effective deep learning (DL)-based algorithms for Android malware detection (AMD) systems. However, the conventional AMD solutions necessitate extensive computations to achieve high accuracy in detecting Android malware apps. Consequently, there is a significant benefit in utilizing convolution neural networks (CNNs) in vision-based AMD applications to quickly and efficiently learn without prior stages of reverse engineering processes. Thus, this paper introduces an efficient and automated vision-based AMD model composed of 16 well-developed and fine-tuned CNN algorithms. This model precludes the need for a pre-designated features extraction process while generating accurate predictions of malware images with minimum cost and high detection speed. Such performance is achieved with colored or grayscale malware images, whether by using balanced or imbalanced datasets. Firstly, the bytecodes of the "classes.dex" files extracted from the Android benign and malware apps were converted to color and grayscale visual images before forwarding them to the developed CNN algorithms for classification. Then, the detection efficiency of the proposed AMD model was examined and evaluated using the imbalanced benchmark Leopard Android dataset that composes 14733 samples of malware apps and 2486 samples of benign apps. Finally, different experimental scenarios were conducted using balanced and imbalanced Android samples of color and grayscale images generated from the Leopard dataset; to extensively and sufficiently validate the detection and classification performance of the suggested model. A comprehensive assessment classification parameters in the evaluation experiments were applied to prove the high capability of the developed finetuned CNN algorithms in recognizing Android malware attacks with low computational overhead. As a result, the detection accuracy reached 99.40% for balanced samples and 98.05% for imbalanced samples. Furthermore, the proposed AMD model outperforms the existing approaches that utilize conventional vision-based algorithms and tested on the same benchmark Android dataset.

show abstract