Vorschau! Die Detailseite für diese Publikation wurde nicht aktiviert!
Lumus: Dynamically Uncovering Evasive Android Applications
Abstract
Dynamic analysis of Android malware suffers from techniques that identify the analysis environment and prevent the malicious behavior from being observed. While there are many analysis solutions that can thwart evasive malware on Windows, the application of similar techniques for Android has not been studied in-depth. In this paper, we present Lumus, a novel technique to uncover evasive malware on Android. Lumus compares the execution traces of malware on bare metal and emulated environments. We used Lumus to analyze 1,470 Android malware samples and were able to uncover 192 evasive samples. Comparing our approach with other solutions yields better results in terms of accuracy and false positives. We discuss which information are typically used by evasive malware for detecting emulated environments, and conclude on how analysis sandboxes can be strengthened in the future.Mehr zum Titel
| Titel | Lumus: Dynamically Uncovering Evasive Android Applications |
|---|---|
| Medien | ISC 2018: Information Security in Lecture Notes in Computer Science |
| Verlag | Springer, Cham |
| Band | 11060 |
| ISBN | 978-3-319-99135-1 |
| Verfasser | Vitor Afonso, Anatoli Kalysch, Prof. Dr. Tilo Müller, Daniela Oliveira, Andre Gregio, Paulo Geus |
| Seiten | S. 47-66 |
| Veröffentlichungsdatum | 15.08.2018 |
| Zitation | Afonso, Vitor; Kalysch, Anatoli; Müller, Tilo; Oliveira, Daniela; Gregio, Andre; Geus, Paulo (2018): Lumus: Dynamically Uncovering Evasive Android Applications. ISC 2018: Information Security in Lecture Notes in Computer Science 11060, S. 47-66. |