篇名 |
Hybrid Dynamic Analysis for Android Malware Protected by Anti-Analysis Techniques with DOOLDA
|
---|---|
並列篇名 | Hybrid Dynamic Analysis for Android Malware Protected by Anti-Analysis Techniques with DOOLDA |
作者 | Sunjun Lee、Yonggu Shin、Minseong Choi、Haehyun Cho、Jeong Hyun Yi |
英文摘要 | A lot of the recently reported malware is equipped with the anti-analysis techniques (e.g., anti-emulation, anti-debugging, etc.) for preventing from being the analyzed, which can delay detection and make malware alive for a longer period. Therefore, it is of the great importance of developing automated approaches to defeat such anti-analysis techniques so that we can handle and effectively mitigate numerous malware. In this paper, by analyzing 1,535 malicious applications, we found that 18.31% of them equipped with anti-analysis techniques. Next, we propose a novel, dynamic analyzer, named DOOLDA, for automatically invalidating anti-analysis techniques through dynamic instrumentation. DOOLDA monitors executions of Android applications’ entire code layers (i.e., bytecode and native code). Based on monitoring results, DOOLDA finds the code related to anti-analysis techniques and invalidates the anti-analysis techniques by instrumenting it. To demonstrate the effectiveness of DOOLDA, we show that it can invalidate all known anti-analysis techniques. Also, we compare DOOLDA with other dynamic analyzers.
|
起訖頁 | 195-213 |
關鍵詞 | Malware analysis、Dynamic analysis、Mobile security |
刊名 | 網際網路技術學刊 |
期數 | 202403 (25:2期) |
出版單位 | 台灣學術網路管理委員會 |
DOI |
|
QR Code | |
該期刊 上一篇
| Navigating Online Learning Satisfaction in the Age of COVID-19: An Examination of Key Influencing Factors |
該期刊 下一篇
| An Improved SSD Model for Small Size Work-pieces Recognition in Automatic Production Line |