Catch me if you can: Evaluating android anti-malware against transformation attacks

Vaibhav Rastogi, Yan Chen*, Xuxian Jiang

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

106 Scopus citations

Abstract

Mobile malware threats (e.g., on Android) have recently become a real concern. In this paper, we evaluate the state-of-the-art commercial mobile anti-malware products for Android and test how resistant they are against various common obfuscation techniques (even with known malware). Such an evaluation is important for not only measuring the available defense against mobile malware threats, but also proposing effective, next-generation solutions. We developed DroidChameleon, a systematic framework with various transformation techniques, and used it for our study. Our results on 10 popular commercial anti-malware applications for Android are worrisome: none of these tools is resistant against common malware transformation techniques. In addition, a majority of them can be trivially defeated by applying slight transformation over known malware with little effort for malware authors. Finally, in light of our results, we propose possible remedies for improving the current state of malware detection on mobile devices.

Original languageEnglish (US)
Article number6661334
Pages (from-to)99-108
Number of pages10
JournalIEEE Transactions on Information Forensics and Security
Volume9
Issue number1
DOIs
StatePublished - Jan 1 2014

Keywords

  • Android
  • Anti-malware
  • Malware
  • Mobile

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Catch me if you can: Evaluating android anti-malware against transformation attacks'. Together they form a unique fingerprint.

Cite this