Evading android runtime analysis through detecting programmed interactions
Refereed conference paper presented and published in conference proceedings

Times Cited
Altmetrics Information

Other information
AbstractDynamic analysis technique has been widely used in Android malware detection. Previous works on evading dynamic analysis focus on discovering the fingerprints of emulators. However, such method has been challenged since the introduction of real devices in recent works. In this paper, we propose a new approach to evade automated runtime analysis through detecting programmed interactions. This approach, in essence, tries to tell the identity of the current app controller (human user or automated exploration tool), by finding intrinsic differences between human user and machine tester in interaction patterns. The effectiveness of our approach has been demonstrated through evaluation against 11 real-world online dynamic analysis services.
All Author(s) ListDiao W., Liu X., Li Z., Zhang K.
Name of Conference9th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2016
Start Date of Conference18/07/2016
End Date of Conference20/07/2016
Place of ConferenceDarmstadt
Country/Region of ConferenceGermany
Detailed descriptionorganized by ACM,
Pages159 - 164
LanguagesEnglish-United Kingdom
KeywordsAndroid malware, Dynamic analysis, Programmed interaction

Last updated on 2021-18-01 at 01:08