Detection of Android malware: Combined with static analysis and dynamic analysis

This study combines static and dynamic types of analysis to design a malware detection system for Android. This system enables a user to apply static analysis to check an application on their mobile phone before setup; if there is problem, it will be uploaded to the server for dynamic analysis. The...

Full description

Saved in:
Bibliographic Details
Published in2016 International Conference on High Performance Computing & Simulation (HPCS) pp. 1013 - 1018
Main Authors Ming-Yang Su, Kek-Tung Fung, Yu-Hao Huang, Ming-Zhi Kang, Yen-Heng Chung
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.07.2016
Subjects
Android
Android emulator
Decision support systems
Dynamic Analysis
Sandbox
Static Analysis
Online AccessGet full text

Cover

More Information
Summary:This study combines static and dynamic types of analysis to design a malware detection system for Android. This system enables a user to apply static analysis to check an application on their mobile phone before setup; if there is problem, it will be uploaded to the server for dynamic analysis. The dynamic analysis runs the application in a sandbox simulator, and then uses the tool designed in this study to analyze the simulator record file, so as to determine whether there is suspicious action, and then inform the user of the result. In terms of dynamic analysis, this study aims to modify twelve important functions of the Android simulator, so that their related activities can be recorded in more detailed when these functions are activated, in order to help further determination. The static analysis proposed in this study can be executed on a mobile phone, while the dynamic analysis will be uploaded to the server, as it requires significant hardware resources.
DOI:10.1109/HPCSim.2016.7568448