A Malware Evasion Technique for Auditing Android Anti-Malware Solutions

Samrah Mirza, Haider Abbas, Waleed Bin Shahid, Narmeen Shafqat, Mariagrazia Fugini, Zafar Iqbal, Zia Muhammad

Research output: Contribution to conferencePaperpeer-review

Abstract

In the past few years, Android security is enhanced and state-of-the-art anti-malware tools have been introduced to counter Android malware. These tools use both static and dynamic analysis techniques to detect malicious applications. Despite these, the attack surface against Android phones has risen exponentially and malware detection tools are failed to counter sophisticated threats. Therefore, it is a need to audit and evaluate Anti Malware Solutions (AMTs). In our research, we have analyzed various Android malware evasion techniques, along with their pros and cons. Moreover, we conducted a detailed comparison of existing anti-malware tools and measured their efficacy against the discussed evasion techniques. Finally, a more sophisticated anti-malware evasion technique is proposed that uses exhaustive obfuscation and remote code execution to audit static and dynamic detection capabilities of AMTs. The proposed technique is practically validated and results prove that it evades all known anti-malware solutions. This technique can be utilized by anti-malware solution providers for making their products more resilient and powerful.
Original languageEnglish
Pages125-130
DOIs
Publication statusPublished - 24 Jan 2022
Externally publishedYes
Event2021 IEEE 30th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE) - Bayonne, France
Duration: 27 Oct 202129 Oct 2021
Conference number: 30
https://ieeexplore.ieee.org/xpl/conhome/9680464/proceeding

Conference

Conference2021 IEEE 30th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)
Abbreviated titleWETICE
Country/TerritoryFrance
CityBayonne
Period27/10/2129/10/21
Internet address

Keywords

  • Antivirus Evasion
  • Android Security
  • Malware Analysis
  • Code Obfuscation
  • Anti-malware Tools (AMTs)

Cite this