Skip to main content

Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software

Part of the Lecture Notes in Computer Science book series (LNSC,volume 9148)


Battery technology seems unable to keep up with the rapid evolution of smartphones and their applications, which continuously demand more and more energy. Modern smartphones, with their plethora of application scenarios and usage habits, are setting new challenges and constraints for malware detection software. Among these challenges, preserving the battery life as much as possible is one of the most pressing. From the end users’ perspective, a security solution, such as an antivirus (AV), that significantly impacts the battery’s life is unacceptable. Thus, the quality and degree of adoption of malware-detection products is also influenced by their energy demands.

Motivated by the above rationale, we perform the first fine-grained measurement that analyzes, at a low level, the energy efficiency of modern, commercial, popular AVs. We explore the relations between various aspects of popular AVs, when handling malicious and benign applications, and the resulting energy consumption. Even though we focus on energy consumption, we also explore other dimensions such as the discrepancies between scanning modes, the impact of file size and scan duration. We then translate our findings into a set of design guidelines for reducing the energy footprint of modern AVs for mobile devices.


  • Energy Consumption
  • Mobile Device
  • High Detection Rate
  • Java File
  • Energy Consumption Behavior

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-20550-2_9
  • Chapter length: 20 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   54.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-20550-2
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   69.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.


  1. 1.

    Not to be confused with application whitelisting (e.g., [7]), where only known applications are allowed to be executed on the system.


  1. Android developers - monkeyrunner.

  2. Android malware genome project.

  3. Apktool.

  4. Contagio - mobile malware.

  5. Dex2jar.

  6. Java decompiler.

  7. Beechey, J.: Application whitelisting: Panacea or propaganda (2010).

  8. Bickford, J., Lagar-Cavilla, H.A., Varshavsky, A., Ganapathy, V., Iftode, L.: Security versus energy tradeoffs in host-based mobile malware detection. In: MobiSys (2011)

    Google Scholar 

  9. Carroll, A., Heiser, G.: An analysis of power consumption in a smartphone. In: USENIX ATC (2010)

    Google Scholar 

  10. Chen, X., Chen, Y., Ma, Z., Fernandes, F.C.A.: How is energy consumed in smartphone display applications? In: HotMobile (2013)

    Google Scholar 

  11. Friedman, R., Kogan, A., Krivolapov, Y.: On power and throughput tradeoffs of wifi and bluetooth in smartphones. In: INFOCOM (2011)

    Google Scholar 

  12. Harlalka, R.: How to stop your mobile app from being a serious battery drain (2013)

    Google Scholar 

  13. Hoffmann, J., Neumann, S., Holz, T.: Mobile malware detection based on energy fingerprints — a dead end? In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds.) RAID 2013. LNCS, vol. 8145, pp. 348–368. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  14. Kim, H., Smith, J., Shin, K.G.: Detecting energy-greedy anomalies and mobile malware variants. In: Proceedings of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys 2008 (2008)

    Google Scholar 

  15. Maggi, F., Valdi, A., Zanero, S.: Andrototal: a flexible, scalable toolbox and service for testing mobile malware detectors. In: CCS SPSM (2013)

    Google Scholar 

  16. Martin, T., Hsiao, M., Ha, D., Krishnaswami, J.: Denial-of-service attacks on battery-powered mobile computers. In: Proceedings of the Second IEEE International Conference on Pervasive Computing and Communications(PerCom 2004) (2004)

    Google Scholar 

  17. Merlo, A., Migliardi, M., Fontanelli, P.: On energy-based profiling of malware in android. In: HPCS (2014)

    Google Scholar 

  18. Mohaisen, A., Alrawi, O.: AV-meter: an evaluation of antivirus scans and labels. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 112–131. Springer, Heidelberg (2014)

    Google Scholar 

  19. Nacci, A.A., Trovò, F., Maggi, F., Ferroni, M., Cazzola, A., Sciuto, D., Santambrogio, M.D.: Adaptive and flexible smartphone power modeling. Mob. Netw. Appl. 18(5), 600–609 (2013)

    CrossRef  Google Scholar 

  20. Nash, D.C., Martin, T.L., Ha, D.S., Hsiao, M.S.: Towards an intrusion detection system for battery exhaustion attacks on mobile computing devices. In: PerCom Workshops. IEEE Computer Society (2005)

    Google Scholar 

  21. Pathak, A., Hu, Y.C., Zhang, M.: Where is the energy spent inside my app? Fine grained energy accounting on smartphones with eprof. In: EuroSys (2012)

    Google Scholar 

  22. Rastogi, V., Chen, Y., Jiang, X.: Droidchameleon: evaluating android anti-malware against transformation attacks. In: ASIA CCS (2013)

    Google Scholar 

  23. Rice, A.C., Hay, S.: Decomposing power measurements for mobile devices. In: PerCom (2010)

    Google Scholar 

  24. Symantec: Android Madware and Malware Trends (2013)

    Google Scholar 

  25. Thiagarajan, N., Aggarwal, G., Nicoara, A., Boneh, D., Singh, J.P.: Who killed my battery? Analyzing mobile browser energy consumption. In: WWW (2012)

    Google Scholar 

  26. Truong, H.T.T., Lagerspetz, E., Nurmi, P., Oliner, A.J., Tarkoma, S., Asokan, N., Bhattacharya, S.: The company you keep: mobile malware infection rates and inexpensive risk indicators. In: WWW (2014)

    Google Scholar 

  27. Wang, T., Lu, K., Lu, L., Chung, S., Lee, W.: Jekyll on iOS: when benign apps become evil. In: Proceedings of the 22Nd USENIX Conference on Security, SEC 2013 (2013)

    Google Scholar 

  28. Yoon, C., Kim, D., Jung, W., Kang, C., Cha, H.: Appscope: application energy metering framework for android smartphones using kernel activity monitoring. In: USENIX ATC (2012)

    Google Scholar 

  29. Zhang, L., Tiwana, B., Qian, Z., Wang, Z., Dick, R.P., Mao, Z.M., Yang, L.: Accurate online power estimation and automatic battery behavior based power model generation for smartphones. In: CODES/ISSS (2010)

    Google Scholar 

  30. Zheng, M., Lee, P.P.C., Lui, J.C.S.: ADAM: an automatic and extensible platform to stress test android anti-virus systems. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol. 7591, pp. 82–101. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

Download references


This work was supported in part by DARPA through Contract FA8750-10-2-0253, with additional support by Intel Corp. It was also supported by the FP7 project NECOMA, funded by the European Commission under Grant Agreement No. 608533, and the MIUR FACE Project No. RBFR13AJFT. Any opinions, findings, conclusions, or recommendations expressed herein are those of the authors, and do not necessarily reflect those of the US Government, DARPA, or Intel.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Federico Maggi .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Polakis, I., Diamantaris, M., Petsas, T., Maggi, F., Ioannidis, S. (2015). Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software. In: Almgren, M., Gulisano, V., Maggi, F. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2015. Lecture Notes in Computer Science(), vol 9148. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-20549-6

  • Online ISBN: 978-3-319-20550-2

  • eBook Packages: Computer ScienceComputer Science (R0)