Open Access Open Access  Restricted Access Subscription Access

A Review of Static Malware Detection for Android Apps Permission Based on Deep Learning


Affiliations
1 School of Information and Communication Engineering, University of Science and Technology Beijing, Beijing, China
2 School of Economics, Renmin University, Beijing, China
 

In recent years, Android has been the main mobile operating system. The proliferation of apps powered not only by Android magnetized app developers, but also by malware developers with criminal intent to design and distribute malicious apps that can influence the ordinary activity of Android phones and tablets, steal private information and credentials, or even worse, lock the phone and ask for ransom. This study was carried out with a view of bring out clearly the review of previous researches carried regarding static analysis and pinpoint out what to be done in future. A systematic literature review which involves studying 56 research papers published in regard to static analysis. This review elaborate permissions misuse, reverse engineering and concept of static analysis in general. The outcomes of the review revealed that static analysis is widely used since it is not performed at run-time hence malicious applications cannot access to the device during analysis unlike dynamic analysis. During the review no single work done to the satisfaction curbing the existing and future evolving malwares. This study will help academicians to gain insight concerning static analysis without extensively perusing several articles to understand static malware analysis based on deep learning.

Keywords

Static Analysis, Reverse Engineering, Permissions, Manifest File, APK File, Malicious Applications.
User
Notifications
Font Size

  • Z. Fang, W. Han, and Y. Li, “Permission based Android security: Issues and countermeasures,” Comput. Secur., vol. 43, no. 0, pp. 205–218, 2014.
  • F. Tchakounté, “Permission-based malware detection mechanisms on android: analysis and perspectives,” J. Comput. Sci., vol. 1, no. 2, pp. 63–77, 2014.
  • M. Egele, “A Survey on Automated Dynamic Malware Analysis Techniques and Tools Vienna University of Technology,” ACM Comput. Surv. 44.2, vol. V, pp. 1–49, 2012.
  • S. Karthick and S. Binu, “Static analysis tool for identification of permission misuse by android applications,” Int. J. Appl. Eng. Res., vol. 12, no. 24, pp. 15169–15178, 2017.
  • D. Geneiatakis, I. N. Fovino, I. Kounelis, and P. Stirparo, “A Permission verification approach for android mobile applications,” Comput. Secur., vol. 49, pp. 192–205, 2015.
  • A. Skovoroda and D. Gamayunov, “Securing mobile devices: Malware mitigation methods,” J. Wirel. Mob. Networks, Ubiquitous Comput. Dependable Appl., vol. 6, no. 2, pp. 78–97, 2015.
  • S. Karthick and S. Binu, “Android security issues and solutions,” IEEE Int. Conf. Innov. Mech. Ind. Appl. ICIMIA 2017 - Proc., no. February, pp. 686–689, 2017.
  • G. Suarez-Tangil, J. E. Tapiador, P. Peris-Lopez, and A. Ribagorda, “Evolution, detection and analysis of malware for smart devices,” IEEE Commun. Surv. Tutorials, vol. 16, no. 2, pp. 961–987, 2014.
  • M. La Polla, F. Martinelli, and D. Sgandurra, “A Survey on Security for Mobile Devices,” IEEE Commun. Surv. Tutorials, vol. 15, no. 1, pp. 446–471, 2013.
  • S. Mohite and P. R. Sonar, “A survey on mobile malware: war without end,” Int. J. Comput. Sci. Bus. Informatics, vol. 9, no. 1, pp. 23–35, 2014.
  • S. Peng, S. Yu, and A. Yang, “Smartphone Malware and Its Propagation Modeling: A Survey,” IEEE Commun. Surv. Tutorials, vol. 16, no. 2, pp. 925–941, 2014.
  • M. Odusami, O. Abayomi-Alli, S. Misra, O. Shobayo, R. Damasevicius, and R. Maskeliunas, “Android Malware Detection: A Survey,” Commun. Comput. Inf. Sci., vol. 942, no. 2, pp. 255–266, 2018.
  • N. DuPaul, “Static Analysis vs Dynamic Analysis | Veracode,” VERACODE, 2019. [Online]. Available: https://www.veracode.com/blog/2013/12/static-testing-vs-dynamic-testing. [Accessed: 25-Oct-2019].
  • A. Ghahrai, “Static Analysis vs Dynamic Analysis in Software Testing,” Testing Excellence, 2018. [Online]. Available: https://www.testingexcellence.com/static-analysis-vs-dynamic-analysis-software-testing/. [Accessed: 25-Oct-2019].
  • P. Anderson, “The use and limitations of hearing aids,” J. Def. Softw. Eng., no. 6, pp. 19–21, 2008.
  • M. Derks, “Fair Privacy : Improving Usability of the Android Permission System,” 2015.
  • J. Reardon et al., “50 Ways to Leak Your Data: An Exploration of Apps’ Circumvention of the Android Permissions System,” 28th USENIX Secur. Symp., pp. 603–620, 2019.
  • M. Sujithra and G. Padmavathi, “Enhanced Permission Based Malware Detection in Mobile Devices Using Optimized Random Forest Classifier with PSO-GA,” Res. J. Appl. Sci. Eng. Technol., vol. 12, no. 7, pp. 732–741, 2016.
  • F. E. Allen, “Control flow analysis,” Proc. a Symp. Compil. Optim., pp. 1–19, 1970.
  • K. D. Cooper and L. Torczon, “Chapter 9 - Data-Flow Analysis,” in Engineering Compiler, K. D. Cooper and L. B. T.-E. a C. (Second E. Torczon, Eds. Boston: Morgan Kaufmann, 2012, pp. 475–538.
  • L. Li et al., “Static analysis of android apps: A systematic literature review,” Inf. Softw. Technol., vol. 88, pp. 67–95, 2017.
  • S. R. Tiwari and R. U. Shukla, “An Android Malware Detection Technique Using Optimized Permission and API with PCA,” Proc. 2nd Int. Conf. Intell. Comput. Control Syst. ICICCS 2018, no. Icirca, pp. 134–139, 2019.
  • W. Xu, F. Zhang, and S. Zhu, “Permlyzer: Analyzing permission usage in Android applications,” 2013 IEEE 24th Int. Symp. Softw. Reliab. Eng. ISSRE 2013, pp. 400–410, 2013.
  • B. Sarma, N. Li, C. Gates, R. Potharaju, C. Nita-Rotaru, and I. Molloy, “Android permissions: A perspective combining risks and benefits,” Proc. ACM Symp. Access Control Model. Technol. SACMAT, Jun. 2012.
  • H. J. Zhu, Z. H. You, Z. X. Zhu, W. L. Shi, X. Chen, and L. Cheng, “DroidDet: Effective and robust detection of android malware using static analysis along with rotation forest model,” Neurocomputing, vol. 272, pp. 638–646, 2018.
  • A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner, “Android permissions demystified,” Proc. ACM Conf. Comput. Commun. Secur., pp. 627–636, 2011.
  • R. Stevens, J. Ganz, V. Filkov, P. Devanbu, and H. Chen, “Asking for (and about) permissions used by android apps,” IEEE Int. Work. Conf. Min. Softw. Repos., pp. 31–40, 2013.
  • N. Gruschka, L. Lo Iacono, and J. Tolsdorf, “Classification of android app permissions: Tell me what app you are and i tell you what you are allowed to do,” Eur. Conf. Inf. Warf. Secur. ECCWS, vol. 2018-June, no. June, pp. 181–189, 2018.
  • A. Kumar, K. S. Kuppusamy, and G. Aghila, “FAMOUS: Forensic Analysis of MObile devices Using Scoring of application permissions,” Futur. Gener. Comput. Syst., vol. 83, pp. 158–172, 2018.
  • S. Niu, R. Huang, W. Chen, and Y. Xue, “An Improved Permission Management Scheme of Android Application Based on Machine Learning,” Secur. Commun. Networks, vol. 2018, pp. 1–12, 2018.
  • K. A. Talha, D. I. Alper, and C. Aydin, “APK Auditor: Permission-based Android malware detection system,” Digit. Investig., vol. 13, pp. 1–14, 2015.
  • J. Jeon et al., “Dr. android and Mr. hide: Fine-grained permissions in android applications,” Proc. ACM Conf. Comput. Commun. Secur., pp. 3–14, 2012.
  • N. Munaiah et al., “Darwin: A static analysis dataset of malicious and benign android apps,” WAMA 2016 - Proc. Int. Work. App Mark. Anal. co-located with FSE 2016, pp. 26–29, 2016.
  • T. K. Chawla and A. Kajala, “Transfiguring of an Android App Using Reverse Engineering,” Int. J. Comput. Sci. Mob. Comput., vol. 3, no. 4, pp. 1204–1208, 2014.
  • S. Y. Yerima, S. Sezer, and G. McWilliams, “Analysis of Bayesian classification-based approaches for Android malware detection,” IET Inf. Secur., vol. 8, no. 1, pp. 25–36, 2014.
  • M. Zheng, M. Sun, and J. C. . Lui, DroidRay: A Security Evaluation System for Customized Android Firmwares. 2014.
  • Z. Aung and W. Zaw, “Permission-Based Android Malware Detection,” Int. J. Sci. Technol. Res., vol. 2, no. 3, pp. 228–234, 2013.
  • L. Apvrille, L. Apvrille, and A. S. Industries, “Pre-filtering Mobile Malware with Heuristic Techniques,” GreHack 2013, Grenoble, Fr., no. June 2013, pp. 43–59, 2013.
  • Y. Feng, S. Anand, I. Dillig, and A. Aiken, “Apposcopy: Semantics-based detection of android malware through static analysis,” Proc. ACM SIGSOFT Symp. Found. Softw. Eng., vol. 16-21-Nove, pp. 576–587, 2014.
  • M. Grace, Y. Zhou, Z. Wang, X. Jiang, and O. Drive, “Systematic Detection of Capability Leaks in Stock Android Smartphones,” Ndss, 2012.
  • Y. Aafer, W. Du, and H. Yin, “DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android BT - Security and Privacy in Communication Networks,” 2013, pp. 86–103.
  • J. Crussell, C. Gibler, and H. Chen, “Attack of the Clones: Detecting Cloned Applications on Android Markets BT - Computer Security – ESORICS 2012,” 2012, pp. 37–54.
  • V. Rastogi, Y. Chen, and X. Jiang, “Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks,” IEEE Trans. Inf. Forensics Secur., vol. 9, no. 1, pp. 99–108, 2014.
  • L. Lu, Z. Li, Z. Wu, W. Lee, and G. Jiang, “CHEX: Statically Vetting Android Apps for Component Hijacking Vulnerabilities,” in Proceedings of the 2012 ACM Conference on Computer and Communications Security, 2012, pp. 229–240.
  • P. Faruki, V. Ganmoor, V. Laxmi, M. S. Gaur, and A. Bharmal, “AndroSimilar: Robust Statistical Feature Signature for Android Malware Detection,” in Proceedings of the 6th International Conference on Security of Information and Networks, 2013, pp. 152–159.
  • H. M. J. Almohri, D. (Daphne) Yao, and D. Kafura, “DroidBarrier: Know What is Executing on Your Android,” in Proceedings of the 4th ACM Conference on Data and Application Security and Privacy, 2014, pp. 257–264.
  • E. J. Chikofsky and J. H. Cross, “Reverse Engineering and Design Recovery: A Taxonomy,” pp. 13–17, 1990.
  • S. R. Tiwari and R. U. Shukla, “An Android Malware Detection Technique Based on Optimized Permissions and API,” Proc. Int. Conf. Inven. Res. Comput. Appl. ICIRCA 2018, no. January, pp. 258–263, 2018.
  • H. A. Alatwi, “Android malware detection using category-based machine learning classifiers,” 2016.
  • M.-Y. Su and K.-T. Fung, “Detection of android malware by static analysis on permissions and sensitive functions,” in 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN), 2016, pp. 873–875.
  • X. Li, J. Liu, Y. Huo, R. Zhang, and Y. Yao, “An Android malware detection method based on AndroidManifest file,” in 2016 4th International Conference on Cloud Computing and Intelligence Systems (CCIS), 2016, pp. 239–243.
  • C. Liu, Z. Zhang, and S. Wang, “An Android Malware Detection Approach Using Bayesian Inference,” in 2016 IEEE International Conference on Computer and Information Technology (CIT), 2016, pp. 476–483.
  • K. Wang, T. Song, and A. Liang, “Mmda: Metadata Based Malware Detection on Android,” in 2016 12th International Conference on Computational Intelligence and Security (CIS), 2016, pp. 598–602.
  • S. Lachure, U. Pagrut, N. Jichkar, N. Khan, and J. Lachure, “Reverse Engineering APKS for Analysis,” pp. 268–272, 2018.
  • P. Singh, P. Tiwari, and S. Singh, “Analysis of Malicious Behavior of Android Apps,” Procedia Comput. Sci., vol. 79, pp. 215–220, 2016.
  • B. Bonné, S. T. Peddinti, I. Bilogrevic, N. Taft, S. Clara, and B. Bonné, “Exploring decision making with Android ’ s runtime permission dialogs using in-context surveys This paper is included in the Proceedings of the permission dialogs using in-context surveys,” no. Soups, 2017.

Abstract Views: 478

PDF Views: 1




  • A Review of Static Malware Detection for Android Apps Permission Based on Deep Learning

Abstract Views: 478  |  PDF Views: 1

Authors

Hamida Lubuva
School of Information and Communication Engineering, University of Science and Technology Beijing, Beijing, China
Qiming Huang
School of Information and Communication Engineering, University of Science and Technology Beijing, Beijing, China
Godfrey Charles Msonde
School of Economics, Renmin University, Beijing, China

Abstract


In recent years, Android has been the main mobile operating system. The proliferation of apps powered not only by Android magnetized app developers, but also by malware developers with criminal intent to design and distribute malicious apps that can influence the ordinary activity of Android phones and tablets, steal private information and credentials, or even worse, lock the phone and ask for ransom. This study was carried out with a view of bring out clearly the review of previous researches carried regarding static analysis and pinpoint out what to be done in future. A systematic literature review which involves studying 56 research papers published in regard to static analysis. This review elaborate permissions misuse, reverse engineering and concept of static analysis in general. The outcomes of the review revealed that static analysis is widely used since it is not performed at run-time hence malicious applications cannot access to the device during analysis unlike dynamic analysis. During the review no single work done to the satisfaction curbing the existing and future evolving malwares. This study will help academicians to gain insight concerning static analysis without extensively perusing several articles to understand static malware analysis based on deep learning.

Keywords


Static Analysis, Reverse Engineering, Permissions, Manifest File, APK File, Malicious Applications.

References





DOI: https://doi.org/10.22247/ijcna%2F2019%2F187292