Towards the methods of analysis malicious applications for Android operating system
https://doi.org/10.15514/ISPRAS-2018-30(1)-4
Abstract
It is considered to the problem of analysis of Android applications to study a malicious behaviour. The methods of analysis are presented, the general method, which combines different analysis techniques (static, dynamic, decompilation, debugging, logging) is proposed, and information of our software based on it is given.
About the Author
S. M. Staroletov
Polzunov Altai State Technical University
Russian Federation
Russian Federation
Lenin avenue 46, Barnaul, 656038, Russia
References
1. Emarketer.com: 2 Billion Consumers Worldwide to Get Smart(phones) by 2016. Available under the link: https://www.emarketer.com/Article/2-Billion-Consumers-Worldwide-Smartphones-by-2016/1011694. 03.03.2018.
2. Vedomosti.ru. Hackers have stolen from Android owners 349 million rubles for four quarters. Available under the link: https://www.vedomosti.ru/technology/articles/ 2016/10/13/660728-hakeri-ukrali-android. 03.03.2018 (in Russian)
3. Arp D. et al. DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket. NDSS, 2014, vol. 14, pp. 23-26
4. Enck W. et al. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS), 2014, vol. 32, №. 2, pp. 5.
5. VirusTotal – Free Online Virus, Malware and URL Scanner. Available under the link: https://www.virustotal.com. 03.03.2018
6. Debugging Dalvik programs with IDA. Hex-Rays. Available under the link: https://www.hex-rays.com/products/ida/support/tutorials/debugging_dalvik.pdf. 03.03.2018
7. pjlantz/droidbox: Dynamic analysis of Android apps. Available under the link: https://github.com/pjlantz/droidbox. 03.03.2018
8. dex2jar. Tools to work with android .dex and java .class files. Available under the link: https://sourceforge.net/projects/dex2jar. 03.03.2018
9. Fernflower is the first actually working analytical decompiler for Java. Available under the link: https://github.com/JetBrains/intellij-community/tree/master/plugins/java-decompiler/engine. 03.03.2018
10. CFR – another java decompiler. Available under the link: http://www.benf.org/other/cfr/. 03.03.2018
11. jadx – Dex to Java decompiler. Command line and GUI tools for produce Java source code from Android Dex and Apk files. Available under the link: https://github.com/skylot/jadx. 03.03.2018
12. Procyon/Java Decompiler. Available under the link: https://bitbucket.org/mstrobel/procyon/wiki/Java%20Decompiler. 03.03.2018
13. Abalmasov A.V., Staroletov S.M. Development of a malware analysis system for the Android platform. Bachelor's work. AltaiSTU, 2016. Available under the link: http://new.elib.altstu.ru/diploma/download_vkr/id/70003. 03.03.2018 (in Russian).
Review
For citations:
Staroletov S.M. Towards the methods of analysis malicious applications for Android operating system. Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2018;30(1):55-68. https://doi.org/10.15514/ISPRAS-2018-30(1)-4
Email this article 