Abstract
Attackers have been searching for security vulnerabilities in Android applications to exploit. One of these security vulnerabilities is that Android applications could load codes at runtime. This helps attackers to avoid being detected by static analysis tools. In this study, we have done a rigorous analysis to see how attackers employ updating techniques in order to exploit this vulnerability, and to assess the security risks of applications using these techniques in the markets. A comprehensive analysis is carried out on nearly 30,000 applications collected from three different Android markets and two malware datasets. Both static and dynamic analysis techniques are employed to monitor malicious activities in such applications. As a result, we found 70 new malicious applications from Google Play. Our work is the first study which monitors updating behaviours of applications during their execution. This analysis allows us to analyse suspicious applications deeply and to develop better security solutions.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
