Enhancing Accuracy of Android Malware Detection using Intent Instrumentation

Shahrooz Pooryousef; Morteza Amini

doi:10.5220/0006195803800388

Enhancing Accuracy of Android Malware Detection using Intent Instrumentation

Shahrooz Pooryousef, Morteza Amini

2017

Abstract

Event-driven actions in Android malwares and complexity of extracted profiles of applications’ behaviors are two challenges in dynamic malware analysis tools to find malicious behaviors. Thanks to ability of event-driven actions in Android applications, malwares can trigger their malicious behaviors at specific conditions and evade from detection. In this paper, we propose a framework for instrumenting Intents in Android applications’ source code in a way that different parts of the application be triggered automatically at runtime. Our instrumented codes force the application to exhibit its behaviors and so we can have a more complete profile of the application’s behaviors. Our framework, which is implemented as a tool, first uses static analysis to extract an application’s structure and components and then, instruments Intents inside the application’s Smali codes. Experimental results show that applying our code instrumentation framework on applications help exhibiting more data leakage behaviors such as disclosing Android ID in 79 more applications in a data set containing 6,187 malwares in comparison to using traditional malware analysis tools.

Download

Paper Citation

in Harvard Style

Pooryousef S. and Amini M. (2017). Enhancing Accuracy of Android Malware Detection using Intent Instrumentation . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-209-7, pages 380-388. DOI: 10.5220/0006195803800388

in Bibtex Style

@conference{icissp17,
author={Shahrooz Pooryousef and Morteza Amini},
title={Enhancing Accuracy of Android Malware Detection using Intent Instrumentation},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2017},
pages={380-388},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006195803800388},
isbn={978-989-758-209-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Enhancing Accuracy of Android Malware Detection using Intent Instrumentation
SN - 978-989-758-209-7
AU - Pooryousef S.
AU - Amini M.
PY - 2017
SP - 380
EP - 388
DO - 10.5220/0006195803800388