Abstract

<p>A lot of the recently reported malware is equipped with the anti-analysis techniques (e.g., anti-emulation, anti-debugging, etc.) for preventing from being the analyzed, which can delay detection and make malware alive for a longer period. Therefore, it is of the great importance of developing automated approaches to defeat such anti-analysis techniques so that we can handle and effectively mitigate numerous malware. In this paper, by analyzing 1,535 malicious applications, we found that 18.31% of them equipped with anti-analysis techniques. Next, we propose a novel, dynamic analyzer, named DOOLDA, for automatically invalidating anti-analysis techniques through dynamic instrumentation. DOOLDA monitors executions of Android applications’ entire code layers (i.e., bytecode and native code). Based on monitoring results, DOOLDA finds the code related to anti-analysis techniques and invalidates the anti-analysis techniques by instrumenting it. To demonstrate the effectiveness of DOOLDA, we show that it can invalidate all known anti-analysis techniques. Also, we compare DOOLDA with other dynamic analyzers.</p> <p> </p>

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
DWroidDump: Executable Code Extraction from Android Applications for Malware Analysis
Jaecheol Ryou ... Dongwoo Kim
International Journal of Distributed Sensor Networks | VOL. 11
Jaecheol Ryou, et. al.Jaecheol Ryou ... Dongwoo Kim
01 Sep 2015
Droid-AntiRM
Xiaolei Wang ... Sencun Zhu
-
Xiaolei Wang, et. al.Xiaolei Wang ... Sencun Zhu
04 Dec 2017
Evading android anti-malware by hiding malicious application inside images
Sunil K. Muttoo ... Shikha Badhani
International Journal of System Assurance Engineering and Management | VOL. 9
Sunil K. Muttoo, et. al.Sunil K. Muttoo ... Shikha Badhani
12 Dec 2017
Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy
Vitor Afonso ... Mario Polino
-
Vitor Afonso, et. al.Vitor Afonso ... Mario Polino
01 Jan 2015
View more papers

More From: 網際網路技術學刊

Paper Title
Journal
Date
Author
A Construction of Knowledge Graph for Semiconductor Industry Chain Based on Lattice-LSTM and PCNN Models
Charles Chen Charles Chen ... Sheng-Lung Peng Sai-Sai Shi
網際網路技術學刊 | VOL. 25
Charles Chen Charles Chen, et. al.Charles Chen Charles Chen ... Sheng-Lung Peng Sai-Sai Shi
01 Mar 2024
A User-friendly Cloud-based Multi-agent Information System for Smart Energy-saving
Yi-Jen Su Yi-Jen Su ... Sheng-Yuan Yang Yi-Jen Su
網際網路技術學刊 | VOL. 25
Yi-Jen Su Yi-Jen Su, et. al.Yi-Jen Su Yi-Jen Su ... Sheng-Yuan Yang Yi-Jen Su
01 Mar 2024
Scalable Authenticated Communication in Drone Swarm Environment
Kyusuk Han Kyusuk Han ... Chan Yeob Yeun Rafail Psiakis
網際網路技術學刊 | VOL. 25
Kyusuk Han Kyusuk Han, et. al.Kyusuk Han Kyusuk Han ... Chan Yeob Yeun Rafail Psiakis
01 Mar 2024
An Improved SSD Model for Small Size Work-pieces Recognition in Automatic Production Line
Xiaoning Bo Xiaoning Bo ... Yipeng Wang Zhiyuan Zhang
網際網路技術學刊 | VOL. 25
Xiaoning Bo Xiaoning Bo, et. al.Xiaoning Bo Xiaoning Bo ... Yipeng Wang Zhiyuan Zhang
01 Mar 2024
View more papers