The Android Malware Static Analysis: Techniques, Limitations, and Open Challenges

This paper aims to explain static analysis techniques in detail, and to highlight the weaknesses and challenges which face it. To this end, more than 80 static analysis-based framework have been studied, and in their light, the process of detecting malicious applications has been divided into four p...

Full description

Saved in:
Bibliographic Details
Published in2018 3rd International Conference on Computer Science and Engineering (UBMK) pp. 586 - 593
Main Authors Bakour, Khaled, Unver, H. Murat, Ghanem, Razan
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.09.2018
Subjects
Android
Cryptography
Feature extraction
Hardware
Malware
malware detection
obfuscation
Semantics
Static analysis
Online AccessGet full text

Cover

More Information
Summary:This paper aims to explain static analysis techniques in detail, and to highlight the weaknesses and challenges which face it. To this end, more than 80 static analysis-based framework have been studied, and in their light, the process of detecting malicious applications has been divided into four phases that were explained in a schematic manner. Also, the features that is used in static analysis were discussed in detail by dividing it into four categories namely, Manifest-based features, code-based features, semantic features and app's metadata-based features. Also, the challenges facing methods based on static analysis were discussed in detail. Finally, a case study was conducted to test the strength of some known commercial antivirus and one of the stat-of-art academic static analysis frameworks against obfuscation techniques used by developers of malicious applications. The results showed a significant impact on the performance of the most tested antiviruses and frameworks, which is reflecting the urgent need for more accurately tools.
DOI:10.1109/UBMK.2018.8566573