Skip to main content
SpringerLink
Log in

A Large-Scale Investigation to Identify the Pattern of App Component in Obfuscated Android Malwares

  • Conference paper
  • First Online:
Machine Learning, Image Processing, Network Security and Data Sciences (MIND 2020)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1241))

Abstract

Number of smartphone users of android based devices is growing rapidly. Because of the popularity of the android market malware attackers are focusing in this area for their bad intentions. Therefore, android malware detection has become a demanding and rising area to research in information security. Researchers now can effortlessly detect the android malware whose patterns have formerly been recognized. At present, malware attackers commenced to use obfuscation techniques to make the malwares incomprehensible to malware detectors. For this motive, it is urgent to identify the pattern that is used by attackers to obfuscate the malwares. A large-scale investigation has been performed in this paper by developing python scripts to extract the pattern of app components from an obfuscated android malware dataset. Ultimately, the patterns in a matrix form has been established and stored in a Comma Separated Values (CSV) file which will conduct to the primary basis of detecting the obfuscated malwares.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Sen, S., Aysan, A.I., Clark, J.A.: SAFEDroid: using structural features for detecting android malwares. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICSSITE, vol. 239, pp. 255–270. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78816-6_18

    Chapter  Google Scholar 

  2. Mamoun, A., Roderic, B.: Spam and criminal activity. Trends and Issues in Crime and Criminal Justice (Australian Institute of Criminology) 52 (2016)

    Google Scholar 

  3. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.E.R.T.: DREBIN: effective and explainable detection of android malware in your pocket. In: NDSS, vol. 14, pp. 23–26 (2014)

    Google Scholar 

  4. Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: Madam: effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Depend. Secure Comput. 15, 83–97 (2016)

    Article  Google Scholar 

  5. Number of smartphones sold to end users worldwide from 2007 to 2020 (in million units). https://www.statista.com/statistics/263437/global-smartphone-sales-to-end-users-since-2007/. Accessed 25 Nov 2019

  6. Huda, S., Abawajy, J., Alazab, M., Abdollalihian, M., Islam, R., Yearwood, J.: Hybrids of support vector machine wrapper and filter based framework for malware detection. Fut. Gener. Comput. Syst. 55, 376–390 (2016)

    Article  Google Scholar 

  7. Reina, A., Fattori, A., Cavallaro, L.: A system call-centric analysis and stimulation technique to automatically reconstruct android malware behaviors. EuroSec, April (2013)

    Google Scholar 

  8. Alazab, M.: Profiling and classifying the behavior of malicious codes. J. Syst. Softw. 100, 91–102 (2015)

    Article  Google Scholar 

  9. Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard – enforcing user requirements on android apps. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013. LNCS, vol. 7795, pp. 543–548. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36742-7_39

    Chapter  Google Scholar 

  10. Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R., Shastry, B.: Towards taming privilege-escalation attacks on Android". In: NDSS, vol. 17, p. 19 (2012)

    Google Scholar 

  11. Vinayakumar, R., Alazab, M., Soman, K.P., Poornachandran, P., Al-Nemrat, A., Venkatraman, S.: Deep learning approach for intelligent intrusion detection system. IEEE Access 7, 41525–41550 (2019)

    Article  Google Scholar 

  12. Gibler, C., Crussell, J., Erickson, J., Chen, H.: AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291–307. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30921-2_17

    Chapter  Google Scholar 

  13. Viswanath, H., Mehtre, B.M.: U.S. Patent No. 9,959,406. Washington, DC: U.S. Patent and Trademark Office. (2018)

    Google Scholar 

  14. Zhong, X., Zeng, F., Cheng, Z., Xie, N., Qin, X., Guo, S.: Privilege escalation detecting in android applications. In: 2017 3rd International Conference on Big Data Computing and Communications (BIGCOM), pp. 39–44. IEEE (2017)

    Google Scholar 

  15. Aafer, Y., Du, W., Yin, H.: DroidAPIMiner: mining API-level features for robust malware detection in android. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 86–103. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-04283-1_6

    Chapter  Google Scholar 

  16. Demontis, A., et al.: Yes, machine learning can be more secure! a case study on Android malware detection. IEEE Trans. Depend. Secure Comput. (2017)

    Google Scholar 

  17. Egele, M., Scholte, T., Kirda, E., Kruegel, C.: A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. (CSUR) 44(2), 6 (2012)

    Article  Google Scholar 

  18. Papadopoulos, H., Georgiou, N., Eliades, C., Konstantinidis, A.: Android malware detection with unbiased confidence guarantees. Neurocomputing (2017)

    Google Scholar 

  19. Shabtai, A., Moskovitch, R., Elovici, Y., Glezer, C.: Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey. Inf. Secur. Techn. Rep., 14(1), 16–29 (2009)

    Google Scholar 

  20. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)

    Google Scholar 

  21. App components. https://developer.android.com/guide/components/fundamentals. Accessed 25 Nov 2019

  22. Wang, X., Zhang, D., Xin, S., Li, W.: Mlifdect: android malware detection based on parallel machine learning and information fusion. Security and Communication Networks 2017 (2017)

    Google Scholar 

  23. Android - Application Components. https://www.tutorialspoint.com/android/android_application_components.htm. Accessed 25 Nov 2019

  24. Wu, D.-J., Mao, C.-H., Wei, T.-E., Lee, H.M., Wu, K.P.: Droidmat: android malware detection through manifest and API calls tracing. In: 2012 Seventh Asia Joint Conference on Information Security, pp. 62–69. IEEE (2012)

    Google Scholar 

  25. Kim, T.G., Kang, B., Rho, M., Sezer, S., Im, E.G.: A multimodal deep learning method for android malware detection using various features. IEEE Trans. Inf. Foren. Secur. 14(3), 773–788 (2018)

    Article  Google Scholar 

  26. Shen, T., Yibing, Z., Zhi, X., Bing, M., Huang, H.: Detect android malware variants using component based topology graph. In: 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 406–413. IEEE (2014)

    Google Scholar 

  27. Li, C., Mills, K., Niu, D., Zhu, R., Zhang, H., Kinawi, H.: Android malware detection based on factorization machine. IEEE Access 7, 184008–184019 (2019)

    Article  Google Scholar 

  28. Motiur Rahman, S.S.M., Saha, S.K.: StackDroid: evaluation of a multi-level approach for detecting the malware on android using stacked generalization. In: Santosh, K.C., Hegadi, R.S. (eds.) RTIP2R 2018. CCIS, vol. 1035, pp. 611–623. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-9181-1_53

    Chapter  Google Scholar 

  29. Maiorca, D., Ariu, D., Corona, I., Aresu, M., Giacinto, G.: Stealth attacks: an extended insight into the obfuscation effects on android malware. Comput. Secur. 51, 16–31 (2015)

    Article  Google Scholar 

  30. Rastogi, V., Chen, Y., Jiang, X.: Droidchameleon: evaluating android anti-malware against transformation attacks. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 329–334. ACM (2013)

    Google Scholar 

  31. Android PRAGuard Dataset. http://pralab.diee.unica.it/en/AndroidPRAGuardDataset. Accessed 25 Nov 2019

  32. MalGenome. http://www.malgenomeproject.org/. Accessed 25 Nov 2019

  33. Contagio. http://contagiominidump.blogspot.com/. Accessed 25 Nov 2019

  34. Androguard. https://github.com/androguard/androguard. Accessed 25 Nov 2019

Download references

Author information

Authors and Affiliations

  1. Department of Software Engineering, Daffodil International University, Dhaka, Bangladesh

    Md. Omar Faruque Khan Russel, Sheikh Shah Mohammad Motiur Rahman & Takia Islam

Authors
  1. Md. Omar Faruque Khan Russel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sheikh Shah Mohammad Motiur Rahman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Takia Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Sheikh Shah Mohammad Motiur Rahman or Takia Islam .

Editor information

Editors and Affiliations

  1. National Institute of Technology Silchar, Silchar, India

    Arup Bhattacharjee

  2. National Institute Of Technology Silchar, Silchar, India

    Samir Kr. Borgohain

  3. National Institute of Technology Silchar, Silchar, India

    Badal Soni

  4. National Institute of Technology Kurukshetra, Kurukshetra, India

    Gyanendra Verma

  5. University of Eastern Finland, Kuopio, Finland

    Xiao-Zhi Gao

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Russel, M.O.F.K., Rahman, S.S.M.M., Islam, T. (2020). A Large-Scale Investigation to Identify the Pattern of App Component in Obfuscated Android Malwares. In: Bhattacharjee, A., Borgohain, S., Soni, B., Verma, G., Gao, XZ. (eds) Machine Learning, Image Processing, Network Security and Data Sciences. MIND 2020. Communications in Computer and Information Science, vol 1241. Springer, Singapore. https://doi.org/10.1007/978-981-15-6318-8_42

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-6318-8_42

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-6317-1

  • Online ISBN: 978-981-15-6318-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation