Sweetening Android Lemon Markets: Measuring and Curbing Malware in Application Marketplaces

Vidas, Timothy; Christin, Nicolas

doi:10.21236/ada582390

Cited by 17 publications

(23 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Vidas and Christin has investigated applications from alternative markets and compared them to applications from the official market [22]. They have found that certain alternative markets almost exclusively distribute repackaged applications containing malware.…”

Section: B Dynamic Analysismentioning

confidence: 99%

A Forensic Analysis of Android Malware -- How is Malware Written and How it Could Be Detected?

Allix

Jérôme

Bissyandé

et al. 2014

2014 IEEE 38th Annual Computer Software and Applications Conference

View full text Add to dashboard Cite

Abstract-We consider in this paper the analysis of a large set of malware and benign applications from the Android ecosystem. Although a large body of research work has dealt with Android malware over the last years, none has addressed it from a forensic point of view.After collecting over 500 000 applications from user markets and research repositories, we perform an analysis that yields precious insights on the writing process of Android malware. This study also explores some strange artifacts in the datasets, and the divergent capabilities of state-of-the-art antivirus to recognize/define malware. We further highlight some major weak usage and misunderstanding of Android security by the criminal community and show some patterns in their operational flow. Finally, using insights from this analysis, we build a naive malware detection scheme that could complement existing anti virus software.

show abstract

Section: B Dynamic Analysismentioning

confidence: 99%

A Forensic Analysis of Android Malware -- How is Malware Written and How it Could Be Detected?

Allix

Jérôme

Bissyandé

et al. 2014

2014 IEEE 38th Annual Computer Software and Applications Conference

View full text Add to dashboard Cite

show abstract

“…End-users get victimized because the applications are desirable to execute. Most users do not check if the application that they want to install does not have a replica [13]. And many fail to check the installation link was emailed to them.…”

Section: ____________________________________________________________mentioning

confidence: 99%

“…The way to a secure App market is by performing a verification protocol that they proposed [13]. They called their method "AppIntegrity," which they claims a proof-of-concept implementation.…”

Section: ____________________________________________________________mentioning

confidence: 99%

Android Mobile Platform Security and Malware Survey

.¹

2013

IJRET

View full text Add to dashboard Cite

show abstract

“…In particular, as miscreants discover that mobile devices can be targeted and exploited for financial gain, new forms of malware are created to do so. Some mobile malware is designed to work in tandem with PC-oriented malware while other focuses on mobile devices exclusively [18,36,40].…”

Section: Introductionmentioning

confidence: 99%

Evading android runtime analysis via sandbox detection

Vidas

Christin

2014

Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security

Self Cite

181

View full text Add to dashboard Cite

The large amounts of malware, and its diversity, have made it necessary for the security community to use automated dynamic analysis systems. These systems often rely on virtualization or emulation, and have recently started to be available to process mobile malware. Conversely, malware authors seek to detect such systems and evade analysis. In this paper, we present techniques for detecting Android runtime analysis systems. Our techniques are classified into four broad classes showing the ability to detect systems based on differences in behavior, performance, hardware and software components, and those resulting from analysis system design choices. We also evaluate our techniques against current publicly accessible systems, all of which are easily identified and can therefore be hindered by a motivated adversary. Our results show some fundamental limitations in the viability of dynamic mobile malware analysis platforms purely based on virtualization.

show abstract

Sweetening Android Lemon Markets: Measuring and Curbing Malware in Application Marketplaces

Cited by 17 publications

References 9 publications

A Forensic Analysis of Android Malware -- How is Malware Written and How it Could Be Detected?

A Forensic Analysis of Android Malware -- How is Malware Written and How it Could Be Detected?

Android Mobile Platform Security and Malware Survey

Evading android runtime analysis via sandbox detection

Contact Info

Product

Resources

About