Abstract
The presence of mobile malware on Android devices is indisputable. For static analysis of mobile malware, the nature of the source code is of particular interest as it determines the amount of resources required for an in-depth analysis. On the one hand, the more obfuscation is used in the code, the more time is needed for static analysis. On the other hand, correct identification of various benign third party libraries can considerably speed up static analysis as these libraries can be omitted. In this paper we focus on very fast identification of Identifier renaming, Reflection, Encryption, and mobile Advertising (IREA) in mobile malware. We propose heuristics for detecting IREA in mobile malware and provide a chronological quantitative analysis of IREA in mobile malware gathered between October 2009 and July 2014. The chronological quantitative analysis reveals general facts about the evolution of mobile malware, e.g. that identifier renaming is still on the rise, reflection hit its peak in 2012 and that more than 10% of mobile malware employ third party libraries for mobile advertising and encryption purposes.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
