Visible to the public Droidrevealer: Automatically detecting Mysterious Codes in Android applications

TitleDroidrevealer: Automatically detecting Mysterious Codes in Android applications
Publication TypeConference Paper
Year of Publication2017
AuthorsZhang, X., Cao, Y., Yang, M., Wu, J., Luo, T., Liu, Y.
Conference Name2017 IEEE Conference on Dependable and Secure Computing
Date PublishedAug. 2017
ISBN Number978-1-5090-5569-2
Keywordsandroid, Android (operating system), android encryption, Android malware, Androids, Decode, Decrypt, Droidrevealer, Encryption, Human Behavior, human factors, Humanoid robots, invasive software, Libraries, malicious code snippets, Malware, malware detection, Metrics, Mysterious Codes, pubcrawl, resilience, Resiliency, Scalability, Sensitive Behavior, smart phones, undetectable codes

The state-of-the-art Android malware often encrypts or encodes malicious code snippets to evade malware detection. In this paper, such undetectable codes are called Mysterious Codes. To make such codes detectable, we design a system called Droidrevealer to automatically identify Mysterious Codes and then decode or decrypt them. The prototype of Droidrevealer is implemented and evaluated with 5,600 malwares. The results show that 257 samples contain the Mysterious Codes and 11,367 items are exposed. Furthermore, several sensitive behaviors hidden in the Mysterious Codes are disclosed by Droidrevealer.

Citation Keyzhang_droidrevealer:_2017