Visible to the public The Android Malware Static Analysis: Techniques, Limitations, and Open Challenges

TitleThe Android Malware Static Analysis: Techniques, Limitations, and Open Challenges
Publication TypeConference Paper
Year of Publication2018
AuthorsBakour, K., Ünver, H. M., Ghanem, R.
Conference Name2018 3rd International Conference on Computer Science and Engineering (UBMK)
Date Publishedsep
ISBN Number978-1-5386-7893-0
Keywordsandroid, Android (operating system), android malware static analysis, application metadata-based features, code-based features, commercial antiviruses, composability, cryptography, feature extraction, Hardware, Human Behavior, invasive software, malicious applications, Malware, malware detection, manifest-based features, meta data, obfuscation, obfuscation techniques, program diagnostics, pubcrawl, Resiliency, semantic features, Semantics, static analysis, static analysis frameworks, static code analysis

This paper aims to explain static analysis techniques in detail, and to highlight the weaknesses and challenges which face it. To this end, more than 80 static analysis-based framework have been studied, and in their light, the process of detecting malicious applications has been divided into four phases that were explained in a schematic manner. Also, the features that is used in static analysis were discussed in detail by dividing it into four categories namely, Manifest-based features, code-based features, semantic features and app's metadata-based features. Also, the challenges facing methods based on static analysis were discussed in detail. Finally, a case study was conducted to test the strength of some known commercial antivirus and one of the stat-of-art academic static analysis frameworks against obfuscation techniques used by developers of malicious applications. The results showed a significant impact on the performance of the most tested antiviruses and frameworks, which is reflecting the urgent need for more accurately tools.

Citation Keybakour_android_2018