Dynalog: an automated dynamic analysis framework for characterizing android applications


Autoria(s): Alzaylaee, Mohammed K.; Yerima, Suleiman Y.; Sezer, Sakir
Data(s)

11/07/2016

Resumo

Android is becoming ubiquitous and currently has the largest share of the mobile OS market with billions of application downloads from the official app market. It has also become the platform most targeted by mobile malware that are becoming more sophisticated to evade state-of-the-art detection approaches. Many Android malware families employ obfuscation techniques in order to avoid detection and this may defeat static analysis based approaches. Dynamic analysis on the other hand may be used to overcome this limitation. Hence in this paper we propose DynaLog, a dynamic analysis based framework for characterizing Android applications. The framework provides the capability to analyse the behaviour of applications based on an extensive number of dynamic features. It provides an automated platform for mass analysis and characterization of apps that is useful for quickly identifying and isolating malicious applications. The DynaLog framework leverages existing open source tools to extract and log high level behaviours, API calls, and critical events that can be used to explore the characteristics of an application, thus providing an extensible dynamic analysis platform for detecting Android malware. DynaLog is evaluated using real malware samples and clean applications demonstrating its capabilities for effective analysis and detection of malicious applications.

Formato

application/pdf

Identificador

http://pure.qub.ac.uk/portal/en/publications/dynalog-an-automated-dynamic-analysis-framework-for-characterizing-android-applications(8f27fa6a-d5f2-4720-b8b8-6367013a8cca).html

http://dx.doi.org/10.1109/CyberSecPODS.2016.7502337

http://pure.qub.ac.uk/ws/files/93998809/DynaLog_2016.pdf

Idioma(s)

eng

Publicador

IEEE

Direitos

info:eu-repo/semantics/openAccess

Fonte

Alzaylaee , M K , Yerima , S Y & Sezer , S 2016 , Dynalog: an automated dynamic analysis framework for characterizing android applications . in Proceedings of the 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) . IEEE , 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) , London , United Kingdom , 13-14 June . DOI: 10.1109/CyberSecPODS.2016.7502337

Palavras-Chave #malware detection #dynamic analysis #Android #application security #malware analysis
Tipo

contributionToPeriodical