Abstract
In the past few years, Android security is enhanced and state-of-the-art anti-malware tools have been introduced to counter Android malware. These tools use both static and dynamic analysis techniques to detect malicious applications. Despite these, the attack surface against Android phones has risen exponentially and malware detection tools are failed to counter sophisticated threats. Therefore, it is a need to audit and evaluate Anti Malware Solutions (AMTs). In our research, we have analyzed various Android malware evasion techniques, along with their pros and cons. Moreover, we conducted a detailed comparison of existing anti-malware tools and measured their efficacy against the discussed evasion techniques. Finally, a more sophisticated anti-malware evasion technique is proposed that uses exhaustive obfuscation and remote code execution to audit static and dynamic detection capabilities of AMTs. The proposed technique is practically validated and results prove that it evades all known anti-malware solutions. This technique can be utilized by anti-malware solution providers for making their products more resilient and powerful.
Original language | English |
---|---|
Pages | 125-130 |
DOIs | |
Publication status | Published - 24 Jan 2022 |
Externally published | Yes |
Event | 2021 IEEE 30th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE) - Bayonne, France Duration: 27 Oct 2021 → 29 Oct 2021 Conference number: 30 https://ieeexplore.ieee.org/xpl/conhome/9680464/proceeding |
Conference
Conference | 2021 IEEE 30th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE) |
---|---|
Abbreviated title | WETICE |
Country/Territory | France |
City | Bayonne |
Period | 27/10/21 → 29/10/21 |
Internet address |
Keywords
- Antivirus Evasion
- Android Security
- Malware Analysis
- Code Obfuscation
- Anti-malware Tools (AMTs)