Browse > Article
http://dx.doi.org/10.13089/JKIISC.2016.26.4.895

Efficient Detection of Android Mutant Malwares Using the DEX file  

Park, Dong-Hyeok (Sejong University)
Myeong, Eui-Jung (Sejong University)
Yun, Joobeom (Sejong University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.26, no.4, 2016 , pp. 895-902 More about this Journal
Abstract
Smart phone distribution rate has been rising and it's security threat also has been rising. Especially Android smart phone reaches nearly 85% of domestic share. Since repackaging on android smart phone is relatively easy, the number of re-packaged malwares has shown steady increase. While many detection techniques have been proposed in order to prevent malwares, it is not easy to detect re-packaged malwares by static analysis and it is also difficult to operate dynamic analysis in android smart phone. Static analysis proposed in this paper features code reuse of repackaged malwares. We extracted DEX files from android applications and performed static analysis using class names and method names. This process doesn't not include reverse engineering, so it is possible to detect malwares efficiently.
Keywords
Android; Malware; Repackage; Static Analysis; Lightweight; DEX File;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Yonhap News, http://www.yonhapnews.co.kr/bulletin/2015/07/07/0200000000AKR20150707175600017.HTML
2 KISA Report, http://www.ebn.co.kr/news/view/784827
3 "Cisco 2015 Annual Security Report," http://www.cisco.com/web/offer/gist_ty2_asset/Cisco_2014_ASR.pdf
4 AhnLab Tech Report, http://www.ahnlab.com/kr/site/securityinfo/secunews/secuNewsView.do?seq=19269
5 http://blog.trendmicro.com/trendlabssecurity-intelligence/a-look-into-repackaged-apps-and-its-role-in-the-mobile-threat-landscape/
6 Yajin Zhou and Xuian Jiang, "Dissecting Android Malware: Characterization and Evolution," In security and Privacy(SP), 2012 IEEE Symposium on, pp. 95-109. IEEE, May, 2012.
7 Tae-guen Kim and Eul-gyu Im, "Analysis Method Reuse Code to Detect Variants of Malware," Journal of The Korea Institute of information Security & Cryptology, 24(1), pp. 32-38, Feb. 2014
8 Moon Hwa Shin, Bo-heung Chung, Yong Sung Jeon, Jung-nyu Kim. "A Survey of Mobile Malware Detection Techniques," 2013 Electronics and Telecommunications Trends, 28(3), pp. 39-46. ETRI, Jun, 2013.
9 Seung-wook Min, Hyung-jin Cho, Jin-seop Shin and Jae-Cheol Ryou, "Android Malware Analysis and Detection Using Machine Learning," Journal of KIISE : Computing Practices and Letters, 19(2), pp. 95-99, Feb. 2013
10 Woo-tak Jung, Seung-wook Min and Jae-Cheol Ryou, "System-Level Malware Detection Methods for Android," Proceedings of Symposium of the Korean Institute of communications and Information Sciences, pp. 745-746, Jun. 2013
11 Yun-sik Jeong, Seong-wook Kang, Seong-je Cho and In-sik Song, "A Kernel-based Monitoring Approach for Analyzing Malicious behavior on Android," Korea Computer Congress, pp. 127-129, Jun. 2013
12 Jung-tae Kim and Eul-gyu Im, "Malicious Family Detection Based on Andorid Using Similar Class Information," Jounal of Security Engineering, 10(4), pp. 441-454, Aug. 2013
13 You-joung Ham and Hyung-woo Lee, "Malicious Trojan Horse Application Discrimination Mechanism using Realtime Event Similarity on Android Mobile Device," Journal of Internet Computing and Services. 15(3), pp. 31-43, Jun. 2014   DOI
14 The Android Open Source Project,Dex-Dalvik Executable Format, http://source.android.com/tech/dalvik/dex-format.html
15 Keith Makan and Scott Alexander-Bown, Android Security Cookbook, Packt Publishing, Jul, 2013
16 Donald Knuth, James H. Morris, Jr, Vaughan Pratt, "Fast pattern matching in strings", SIAM Journal on Computing, Vol. 6, no. 2, pp. 323-350, 1977.   DOI
17 Hotak Hong, Jinlee Lee, Won Shin and Chunhyon Chang, "Extracting Candidates of Malicious Android Applications using Static Analysis based on Sink", Korea Computer Congress, pp. 1833-1835, Jun. 2014