IIT Home Page CNR Home Page

Impact of Code Obfuscation on Android Malware Detection based on Static and Dynamic Analysis

The huge diffusion of malware in mobile platform is plaguing users. New malware proliferates at a very fast pace: as a matter of fact, to evade the signature-based mechanism implemented in current antimalware, the application of trivial obfuscation techniques to existing malware is sufficient. In this paper, we show how the application of several morphing techniques affects the effectiveness of two widespread malware detection approaches based on Machine Learning coupled respectively with static and dynamic analysis. We demonstrate experimentally that dynamic analysis-based detection performs equally well in evaluating obfuscated and non-obfuscated malware. On the other hand, static analysis-based detection is more accurate on non-obfuscated samples but is greatly negatively affected by obfuscation: however, we also show that this effect can be mitigated by using obfuscated samples also in the learning phase.

4rd International Conference on Information Systems Security and Privacy (ICISSP 2018), Funchal, Portugal, 2018

Autori esterni: Alessandro Bacci (Dipartimento di Ingegneria e Architettura, Università degli Studi di Trieste), Alberto Bartoli (Dipartimento di Ingegneria e Architettura, Università degli Studi di Trieste), Eric Medvet (Dipartimento di Ingegneria e Architettura, Università degli Studi di Trieste), Corrado Aaron Visaggio (Dipartimento di Ingegneria, Università degli Studi del Sannio)
Autori IIT:

Tipo: Contributo in atti di convegno
Area di disciplina: Computer Science & Engineering

File: 2018_ICISSP_AndroidObfuscatedMalwareDetection (2).pdf

Attività: Sicurezza di dispositivi mobili