Dissecting Android Malware: Characterization and Evolution
The popularity and adoption of smart phones has greatly stimulated the spread of mobile malware, especially on the popular platforms such as Android. In light of their rapid growth, there is a pressing need to develop effective solutions. However, our defense capability is largely constrained by the...
Saved in:
| Published in: | 2012 IEEE Symposium on Security and Privacy pp. 95 - 109 |
|---|---|
| Main Authors: | , |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
IEEE
01.05.2012
|
| Subjects: | |
| ISBN: | 9781467312448, 1467312444 |
| ISSN: | 1081-6011 |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Abstract | The popularity and adoption of smart phones has greatly stimulated the spread of mobile malware, especially on the popular platforms such as Android. In light of their rapid growth, there is a pressing need to develop effective solutions. However, our defense capability is largely constrained by the limited understanding of these emerging mobile malware and the lack of timely access to related samples. In this paper, we focus on the Android platform and aim to systematize or characterize existing Android malware. Particularly, with more than one year effort, we have managed to collect more than 1,200 malware samples that cover the majority of existing Android malware families, ranging from their debut in August 2010 to recent ones in October 2011. In addition, we systematically characterize them from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads. The characterization and a subsequent evolution-based study of representative families reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software. Based on the evaluation with four representative mobile security software, our experiments show that the best case detects 79.6% of them while the worst case detects only 20.2% in our dataset. These results clearly call for the need to better develop next-generation anti-mobile-malware solutions. |
|---|---|
| AbstractList | The popularity and adoption of smart phones has greatly stimulated the spread of mobile malware, especially on the popular platforms such as Android. In light of their rapid growth, there is a pressing need to develop effective solutions. However, our defense capability is largely constrained by the limited understanding of these emerging mobile malware and the lack of timely access to related samples. In this paper, we focus on the Android platform and aim to systematize or characterize existing Android malware. Particularly, with more than one year effort, we have managed to collect more than 1,200 malware samples that cover the majority of existing Android malware families, ranging from their debut in August 2010 to recent ones in October 2011. In addition, we systematically characterize them from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads. The characterization and a subsequent evolution-based study of representative families reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software. Based on the evaluation with four representative mobile security software, our experiments show that the best case detects 79.6% of them while the worst case detects only 20.2% in our dataset. These results clearly call for the need to better develop next-generation anti-mobile-malware solutions. |
| Author | Jiang, Xuxian Zhou, Yajin |
| Author_xml | – sequence: 1 givenname: Yajin surname: Zhou fullname: Zhou, Yajin email: yajin_zhou@ncsu.edu – sequence: 2 givenname: Xuxian surname: Jiang fullname: Jiang, Xuxian email: jiang@cs.ncsu.edu |
| BookMark | eNotjctOwzAURI0oEqVkw5ZNfiDB13aune6qUB5SEUjAurrYDhgFBzkBBF9PeMzmzNnMHLBZ7KNn7Ah4CcDrk9ubUnAQJeAOy2ptuMa6UmiA7_46KNQShFJmxubADRTIAfZZNgzPfIrWFfBqzpanYRi8HUN8zFfRpT64_Iq6D0p-mTdPlMiOPoUvGkMfc4ouX7_33duPHbK9lrrBZ_9csPuz9V1zUWyuzy-b1aYIQsE4_UprlXBoCESNVmr0Rltnpmo9yEqjJNBoWmdaDcKRrB4koLDcSNFauWDHf7vBe799TeGF0ucWhVSKa_kNgmFKRA |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1109/SP.2012.16 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9780769546810 0769546811 |
| EndPage | 109 |
| ExternalDocumentID | 6234407 |
| Genre | orig-research |
| GroupedDBID | 23M 29O 6IE 6IF 6IH 6IL 6IN AAJGR AAWTH ABLEC ACGFS ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IJVOP M43 OCL RIE RIL RIO RNS |
| ID | FETCH-LOGICAL-i241t-603cc42d68a1296c376e87cd86c3ce135763a1768fd8f712da35b3162c0832fc3 |
| IEDL.DBID | RIE |
| ISBN | 9781467312448 1467312444 |
| ISICitedReferencesCount | 1225 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000309219900007&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 1081-6011 |
| IngestDate | Wed Aug 27 01:58:25 EDT 2025 |
| IsDoiOpenAccess | false |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i241t-603cc42d68a1296c376e87cd86c3ce135763a1768fd8f712da35b3162c0832fc3 |
| PageCount | 15 |
| ParticipantIDs | ieee_primary_6234407 |
| PublicationCentury | 2000 |
| PublicationDate | 2012-05 |
| PublicationDateYYYYMMDD | 2012-05-01 |
| PublicationDate_xml | – month: 05 year: 2012 text: 2012-05 |
| PublicationDecade | 2010 |
| PublicationTitle | 2012 IEEE Symposium on Security and Privacy |
| PublicationTitleAbbrev | sp |
| PublicationYear | 2012 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0000775105 ssib015833018 ssj0020394 |
| Score | 2.4827504 |
| Snippet | The popularity and adoption of smart phones has greatly stimulated the spread of mobile malware, especially on the popular platforms such as Android. In light... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 95 |
| SubjectTerms | Android malware Malware Mobile communication Operating systems Payloads Security Smart phones smartphone security |
| Title | Dissecting Android Malware: Characterization and Evolution |
| URI | https://ieeexplore.ieee.org/document/6234407 |
| WOSCitedRecordID | wos000309219900007&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV07T8MwELZKxcBUoEW85YGRtHHsxknX0ooBqkqA1K1y_JAqoRSVtPx97hw3MLCw2Z6Ss33f3fm-O0LuTKILwDERFU6kkUgx0JSIYWQLpQvHuWLKE4Wf5GyWLRb5vEXuGy6MtdYnn9k-Dv1bvlnrLYbKBgDVQiB1_EDKtOZq7c8OQ_ZQHPSs18JSou3QOF8x900RGUBgBE4I8ySvVHLEN7Gv_RTmWahjyuJ88DLH_K-kjw3Rf_Vf8fAz7fzvw49J74fHR-cNQp2Qli1PSWffyIGGe90lowd8ldeYAU0xw3G9MvRZvX-pjR3RcVPSuWZsUlUaOtmFI9sjb9PJ6_gxCk0VohWAdQX_zrUWiUkzBVCfalAwNpPaZDDUlnHwP2CDwAlxJnOSJUbxYcFZmmgw1hKn-Rlpl-vSnhNqQMgFGHAsl0ZgPFHGVsWqcCp3YGeKC9JFUSw_6roZyyCFy7-Xr8gRCrpOJrwm7WqztTfkUO-q1efm1m_2Ny1DoMo |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwIxEG4ImugJFYxve_DowvbBdpcrQjACIRETbqTbdhMSAwYB_74z3WX14MVb29PutJ1vZjrfDCEPlpsUcEwGaSajQEYYaOKyHbhUmzQTQjPticJDNR7Hs1kyqZDHkgvjnPPJZ66JQ_-Wb1dmi6GyFkC1lEgdP2hLycOcrbU_PQz5Q2Ghab0eVgqth9L9CoVvi8gABANwQ5ineUVKIMLJffWnYh4XlUxZmLReJ5gBxpvYEv1XBxYPQP3a_z79hDR-mHx0UmLUKam45Rmp7Vs50OJm10nnCd_lDeZAU8xxXC0sHen3L712HdotizrnnE2ql5b2dsWhbZC3fm_aHQRFW4VgAXC9gX8Xxkhuo1gD2EcGVIyLlbExDI1jAjwQ2CJwQzIbZ4pxq0U7FSziBsw1nhlxTqrL1dJdEGpByCmYcCxRVmJEUYVOhzrNdJKBpSkvSR1FMf_IK2fMCylc_b18T44G09FwPnwev1yTYxR6nlp4Q6qb9dbdkkOz2yw-13d-478BxUykEQ |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2012+IEEE+Symposium+on+Security+and+Privacy&rft.atitle=Dissecting+Android+Malware%3A+Characterization+and+Evolution&rft.au=Zhou%2C+Yajin&rft.au=Jiang%2C+Xuxian&rft.date=2012-05-01&rft.pub=IEEE&rft.isbn=9781467312448&rft.issn=1081-6011&rft.spage=95&rft.epage=109&rft_id=info:doi/10.1109%2FSP.2012.16&rft.externalDocID=6234407 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1081-6011&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1081-6011&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1081-6011&client=summon |