ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Mobile Phones as Computing Devices: The Viruses are Coming!
IEEE Pervasive Computing
Semantics-Aware Malware Detection
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
SmartSiren: virus detection and alert for smartphones
Proceedings of the 5th international conference on Mobile systems, applications and services
Static analysis of executables to detect malicious patterns
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Behavioral detection of malware on mobile handsets
Proceedings of the 6th international conference on Mobile systems, applications, and services
CloudAV: N-version antivirus in the network cloud
SS'08 Proceedings of the 17th conference on Security symposium
Making sense of anti-malware comparative testing
Information Security Tech. Report
Designing System-Level Defenses against Cellphone Malware
SRDS '09 Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems
VirusMeter: Preventing Your Cellphone from Spies
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Static analysis of executables for collaborative malware detection on android
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Classification of malware using structured control flow
AusPDC '10 Proceedings of the Eighth Australasian Symposium on Parallel and Distributed Computing - Volume 107
Paranoid Android: versatile protection for smartphones
Proceedings of the 26th Annual Computer Security Applications Conference
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
A study of android application security
SEC'11 Proceedings of the 20th USENIX conference on Security
A survey of mobile malware in the wild
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Crowdroid: behavior-based malware detection system for Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Proceedings of the 18th ACM conference on Computer and communications security
"Andromaly": a behavioral malware detection framework for android devices
Journal of Intelligent Information Systems
MAST: triage for market-scale mobile malware analysis
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
AppInk: watermarking android apps for repackaging deterrence
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
DroidChameleon: evaluating Android anti-malware against transformation attacks
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
AndroTotal: a flexible, scalable toolbox and service for testing mobile malware detectors
Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices
AndroSimilar: robust statistical feature signature for Android malware detection
Proceedings of the 6th International Conference on Security of Information and Networks
DIVILAR: diversifying intermediate language for anti-repackaging on android platform
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
With the rising threat of smartphone malware, both academic community and commercial anti-virus companies proposed many methodologies and products to defend against smartphone malware. Thus, how to assess the effectiveness of these defense mechanisms against existing and unknown malware becomes important. We propose ADAM, an automated and extensible system that can evaluate, via large-scale stress tests, the effectiveness of anti-virus systems against a variety of malware samples for the Android platform. Specifically, ADAM can automatically transform an original malware sample to different variants via repackaging and obfuscation techniques in order to evaluate the robustness of different anti-virus systems against malware mutation. The transformation and evaluation processes of ADAM are fully automatic, generic, and extensible for different types of malware, anti-virus systems, and malware transformation techniques. We demonstrate the efficacy of ADAM using 222 Android malware samples that we collected in the wild. Using ADAM, we generate different variants based on our collected malware samples, and evaluate the detection of these variants against commercial anti-virus systems.