Mobile-sandbox: having a deeper look into android applications

Authors:
Michael Spreitzenbarth;Felix Freiling;Florian Echtler;Thomas Schreck;Johannes Hoffmann
Affiliations:
Friedrich-Alexander-University, Erlangen, Germany;Friedrich-Alexander-University, Erlangen, Germany;Siemens CERT, Munich, Germany;Siemens CERT, Munich, Germany;Ruhr-University Bochum, Bochum, Germany
Venue:
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Year:
2013

Citing 9
Cited 1

Toward Automated Dynamic Malware Analysis Using CWSandbox

IEEE Security and Privacy
pBMDS: a behavior-based malware detection system for cellphone devices

Proceedings of the third ACM conference on Wireless network security
Static analysis of executables for collaborative malware detection on android

ICC'09 Proceedings of the 2009 IEEE international conference on Communications
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
A survey of mobile malware in the wild

Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Crowdroid: behavior-based malware detection system for Android

Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Android permissions demystified

Proceedings of the 18th ACM conference on Computer and communications security
Dissecting Android Malware: Characterization and Evolution

SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Detecting system emulators

ISC'07 Proceedings of the 10th international conference on Information Security

The company you keep: mobile malware infection rates and inexpensive risk indicators

Proceedings of the 23rd international conference on World wide web

Quantified Score

Hi-index	0.00

Visualization

Abstract

Smartphones in general and Android in particular are increasingly shifting into the focus of cybercriminals. For understanding the threat to security and privacy it is important for security researchers to analyze malicious software written for these systems. The exploding number of Android malware calls for automation in the analysis. In this paper, we present Mobile-Sandbox, a system designed to automatically analyze Android applications in two novel ways: (1) it combines static and dynamic analysis, i.e., results of static analysis are used to guide dynamic analysis and extend coverage of executed code, and (2) it uses specific techniques to log calls to native (i.e., "non-Java") APIs. We evaluated the system on more than 36,000 applications from Asian third-party mobile markets and found that 24% of all applications actually use native calls in their code.